summaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
authorRoland Hedberg <roland.hedberg@adm.umu.se>2012-05-23 18:56:51 +0200
committerRoland Hedberg <roland.hedberg@adm.umu.se>2012-05-23 18:56:51 +0200
commit1d7b2964d16b5c4443a3e7037d1bffe281726fc6 (patch)
treef191828115e6f89419cb8c2b34652546bab37889 /tests
downloadpysaml2-1d7b2964d16b5c4443a3e7037d1bffe281726fc6.tar.gz
Initial add0.4.2
Diffstat (limited to 'tests')
-rw-r--r--tests/InCommon-metadata.xml32814
-rw-r--r--tests/aa_conf.py50
-rw-r--r--tests/attribute.map7
-rw-r--r--tests/attribute_statement_data.py175
-rw-r--r--tests/attributemaps/basic.py326
-rw-r--r--tests/attributemaps/saml_uri.py199
-rw-r--r--tests/attributemaps/shibboleth_uri.py190
-rw-r--r--tests/conftest.py30
-rw-r--r--tests/ds_data.py357
-rw-r--r--tests/ecp_soap.xml28
-rw-r--r--tests/edugain.pem15
-rw-r--r--tests/encrypted_attribute_statement.xml147
-rw-r--r--tests/extended.xml163
-rw-r--r--tests/idp.xml52
-rw-r--r--tests/idp_2.xml98
-rw-r--r--tests/idp_aa.xml32
-rw-r--r--tests/idp_conf.py61
-rw-r--r--tests/idp_slo_redirect.xml17
-rw-r--r--tests/idp_slo_redirect_conf.py56
-rw-r--r--tests/idp_soap.xml17
-rw-r--r--tests/idp_soap_conf.py59
-rw-r--r--tests/idp_sp_conf.py73
-rw-r--r--tests/idp_uiinfo.xml17
-rw-r--r--tests/kalmar2.pem18
-rw-r--r--tests/md_data.py1371
-rw-r--r--tests/metadata.aaitest.xml5152
-rw-r--r--tests/metadata.xml34
-rw-r--r--tests/metadata_example.xml50
-rw-r--r--tests/metasp.xml38
-rw-r--r--tests/pdp_meta.xml52
-rw-r--r--tests/private_key.pem15
-rw-r--r--tests/restrictive_idp_conf.py47
-rw-r--r--tests/saml2_data.py227
-rw-r--r--tests/saml2_response.xml104
-rw-r--r--tests/saml_false_signed.xml81
-rw-r--r--tests/saml_signed.xml81
-rw-r--r--tests/saml_unsigned.xml43
-rw-r--r--tests/samlp_data.py454
-rw-r--r--tests/server2_conf.py50
-rw-r--r--tests/server3_conf.py49
-rw-r--r--tests/server_conf.py58
-rw-r--r--tests/server_conf_syslog.py59
-rw-r--r--tests/simplesamlphp_authnresponse.xml104
-rw-r--r--tests/sp_0.metadata17
-rw-r--r--tests/sp_1_conf.py50
-rw-r--r--tests/sp_2_conf.py51
-rw-r--r--tests/sp_slo_redirect.xml17
-rw-r--r--tests/sp_slo_redirect_conf.py57
-rw-r--r--tests/swamid-1.0.xml12695
-rw-r--r--tests/test.key15
-rw-r--r--tests/test.pem17
-rw-r--r--tests/test_00_xmldsig.py661
-rw-r--r--tests/test_01_xmlenc.py209
-rw-r--r--tests/test_02_saml.py1225
-rw-r--r--tests/test_03_saml2.py524
-rw-r--r--tests/test_04_samlp.py538
-rw-r--r--tests/test_05_md.py1161
-rw-r--r--tests/test_10_time_util.py124
-rw-r--r--tests/test_12_s_utils.py453
-rw-r--r--tests/test_13_validate.py107
-rw-r--r--tests/test_20_assertion.py608
-rw-r--r--tests/test_21_attribute_converter.py160
-rw-r--r--tests/test_30_metadata.py470
-rw-r--r--tests/test_31_config.py334
-rw-r--r--tests/test_32_cache.py118
-rw-r--r--tests/test_33_identifier.py146
-rw-r--r--tests/test_34_population.py165
-rw-r--r--tests/test_36_mdbcache.py91
-rw-r--r--tests/test_40_sigver.py292
-rw-r--r--tests/test_41_response.py117
-rwxr-xr-xtests/test_43_soap.py66
-rw-r--r--tests/test_44_authnresp.py116
-rw-r--r--tests/test_50_server.py473
-rw-r--r--tests/test_51_client.py592
-rw-r--r--tests/test_60_sp.py63
-rw-r--r--tests/test_61_makemeta.py303
-rw-r--r--tests/test_62_vo.py79
-rw-r--r--tests/test_63_ecp.py68
-rw-r--r--tests/urn-mace-swami.se-swamid-test-1.0-metadata.xml1771
-rw-r--r--tests/vo_metadata.xml18
80 files changed, 67041 insertions, 0 deletions
diff --git a/tests/InCommon-metadata.xml b/tests/InCommon-metadata.xml
new file mode 100644
index 00000000..6b90b03c
--- /dev/null
+++ b/tests/InCommon-metadata.xml
@@ -0,0 +1,32814 @@
+<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="urn:mace:incommon" validUntil="2010-03-23T23:00:00Z" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata sstc-saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:SignedInfo>
+<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></ds:CanonicalizationMethod>
+<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
+<ds:Reference URI="">
+<ds:Transforms>
+<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></ds:Transform>
+</ds:Transforms>
+<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
+<ds:DigestValue>LtsaqwmLPrZVFO2RYEGH3y2Zxl8=</ds:DigestValue>
+</ds:Reference>
+</ds:SignedInfo>
+<ds:SignatureValue>
+WVWaEMwNfEJrI3N+Wdme8FsnPxtMpbhjhR5aSNYEe/SY/zYxDGzkuzebZY74c3km+QuYRb34p3xr
+p1asAqz4UFWL5wvEHH0pzBIzyS+lgWah6Xkqu7t90OycK5OFFjEpcyYpOstc4il+tFhI8uu6N6uY
+mo0t1+eFwgl1aObynVm3Ex0gaUoZHCxQ3njqetMm/tWL43HGQHCZ314dVYBerqyGMXzPkOqYdJ7t
+6sqY3K36fTprjwqTTuM3hRmmz069b1fvwwE2dX36lXRQ7STmTWofdQeR+k88NeDVs2LNTIUem5E8
+vaWNuIrss71MPupalfrdXZd/KDxw4PyUkV19Xg==
+</ds:SignatureValue>
+<ds:KeyInfo>
+<ds:X509Data>
+<ds:X509Certificate>
+MIIFqTCCBJGgAwIBAgICAWYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoT
+E0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5MB4XDTA4MDYyMDE0MTcxN1oXDTEwMDYyMTE0MTcxN1owJzElMCMGA1UEAxMcZmVkb3Au
+aW5jb21tb25mZWRlcmF0aW9uLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANAo
+XZK5/nRuWY+S91CMPsXloDc5vGo8O/xcqkUNUow+C34NlgnZX4zq2BjZ1WTAk3yLaF00qYOK18R0
+LMpHjYmEbtvtNrjEvtaZwalo83TyRNKHfqvBG3bxOkoYpo8jZ9MkHxskCgjXWLnPu+TCB7GiDgBL
+Q2VEk/UneKHlNc0Y1drBr1HfiRR73lAIUXNG/iRGXyBLqvyyFPasZv/oBWmsJZqI2T8jlmdSZbMG
+66yWGMp9dKoJyb44fYGVlyo5j8arxyiXAEz4QIdoFhmm1k1wSQnJDHtYaxwpf72wywps9P6GLqGk
+g8z+sxPWEgP8QqZWhwNJqAtVbNh+TDkBpXsCAwEAAaOCAq4wggKqMA4GA1UdDwEB/wQEAwIFoDAM
+BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU5ij9
+YLU5zQ6K75kPgVpyQ2N/lPswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZo
+dHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJwYD
+VR0RBCAwHoIcZmVkb3AuaW5jb21tb25mZWRlcmF0aW9uLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEA
+sU4ImEEd2xJniwlx/yO4O6ZsfmPGiM/DBXuiW9hc2X3p34eQfJapvC2EoASU1kbqRp9UvYvHuIc8
+n30EFPUeOAFOUMSKAXLqSJYa4bS8aZ0f4sZlzjHll6ke6sS0bSx+rWhzPQGPtv28KdnbyPgCdEzp
+3xN9qJQp/OMF1ApiA9/GerSToH7yE+iG/aG/rwzK6rtqQZCJNaXDmbiEPDuXcn36fgAkoHk6VNgX
+7wS5NbNEHMQbiXvj5EUHDEB3SLwG5i5q9n5MSqxdZgYrhmCHgs4wRAOcCOwlzNic2LdOHrtvhsYu
+4kfcmIZTJ93D6CsRJ0kIgnwVTtLUPpAfjDUKZw==
+</ds:X509Certificate>
+<ds:X509Certificate>
+MIIFmjCCBIKgAwIBAgIBADANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT
+SW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHkwHhcNMDQwMzMwMjAzNDAwWhcNMTQwMzI5MjAzNDAwWjBWMQswCQYDVQQGEwJVUzEcMBoG
+A1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRGjKsUM2QAupLAaWx
+82/CWPalKjKFY8UPmz0T3gf7tJPztTy1Zq8pD0WFRLcQeSBKZGCu8upe8X966b6TZ5yuoUDA754I
+f0DWismuHNoMgRR/l0UvZmPWDGRWd3NBTB8/soLA4EbqFf5Xq8MOJKhPtzcDR33gtaAb3oilZ+ZT
+pnhTFFrn/qXrAKcSDBpuW2JRpi3xaF/hTPI097oUShOzD1Zj21UYLA6iSFVN+1wlfwilf2KFNK/+
+zbkCge6wgipZyXxaOAam6ncqmkxy+hy/OiJMmdB+6xkO0xXSBUUcqxJrOcUQhA1vntgb3q5zOJIS
+XhC4RAReA0HyBp/wd0iDAgMBAAGjggJxMIICbTAOBgNVHQ8BAf8EBAMCAQYwDwYDVR0TAQH/BAUw
+AwEB/zAdBgNVHQ4EFgQUky3IYRitY+ObZbOd3Y2TuufKY0UwfgYDVR0jBHcwdYAUky3IYRitY+Ob
+ZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6
+aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjANBgkqhkiG9w0BAQUFAAOCAQEAZfgKUPA+Ky+Ou/vclMlF
+TMlUGspfbNSdG/fmIq+E/Lv1d2c73Am1zGhOpxgdkM8SE+BPnXW2rl71/N8gaqwgBBxkpwn410si
+umxlDTwV3HoVFvCGWylNy9o8OE1LyTCqfo8PRwrMzhwcagDgD813BIyjuJg/JQz1LnHMocIW/Jli
+gloSIzF1O435/+ckfWXQsmBIhvV5TmA3ZrcycrI1cHGEZqrCXL0FMZLSr+Vady/tFbVojqI8pSub
+SMxNkZectePTBjVj1Qeb4hmG8jRv/fwy1Iw6OFH8RKny8nQaO5mOe/fF/swEsMVU9TDpvLIgbhTw
+nP7Nhfotgaxf5wG8WA==
+</ds:X509Certificate>
+</ds:X509Data>
+</ds:KeyInfo></ds:Signature>
+
+<!-- The Ohio State University -->
+<EntityDescriptor entityID="urn:mace:incommon:osu.edu">
+ <IDPSSODescriptor errorURL="https://webauth.service.ohio-state.edu/support.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">osu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 322, expires on Thu May 20 15:24:05 2010 GMT -->
+ <ds:X509Certificate>
+MIIFtTCCBJ2gAwIBAgICAUIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUxOTE1MjQwNVoXDTEwMDUy
+MDE1MjQwNVowKTEnMCUGA1UEAxMed2ViYXV0aC5zZXJ2aWNlLm9oaW8tc3RhdGUu
+ZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUUm25GQ1FD5TYol
+gF+VvsypXudx8IfPvNasV3Z4jRk9CIRoQmZj8/GiNEqYMywz6gzxAd9KiPFvBE14
+46I2TLj3OAn7TRgxICotT7axbDQrw68IFVL36s48iATcR2XDAWOV68uOxdl9EOrD
+TUkQ/pNWdvguBw9H8YtJtLn/4oXFg0uAmNacIJD4f/P2xb4FIsIgw+yzqEFbUsdM
+iUznHWHHhgiEKc8zFMLDMoect5UKtd5bW+Xtx4DvlllQ3XJC6G1LAOcNz3nMO6y3
+0uGp6JYN568eNhzUEzDvZxFePdAmSQFKPfrswVmYu2JyElvFGIIm/LtjaCHywJmv
+UnQX0wIDAQABo4ICuDCCArQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBT0ke+3aXir
+xGq/a4CfPCxl3El0aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6
+BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCkGA1Ud
+EQQiMCCCHndlYmF1dGguc2VydmljZS5vaGlvLXN0YXRlLmVkdTANBgkqhkiG9w0B
+AQUFAAOCAQEACb/lHdUqKlo2PJIPBdmTR9fat0mQDNL1zofMt+LND+Yc7Emdw1Ix
+KdB5GtcQdXIzY57MsPo0w7PCxn5px1G5xKtV38XUJr6Q5Uj1QxncU0EGzoM01xil
+g9Y7aqu41pv5wbJH5RsGT6MEalkz2AS7Ft1XBoHA5FINJWziLMEWIJzse9N2RENE
+grlOlf6obsIfcoLf5YwO8T/9FJ3lVkN03JqravG4nSGkhm5KTYxMT8iT5aRjPDaD
+91In7opPeWlX+zBxujpIM0y0ZMhzeF65EMY79d+1ppIlsM4ZTPSCRCxc2/ZAGgew
+6qA+TUVvyJew0YDIbOhjCd6mhTWJisEOnA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12375483969372239368, expires on Mon Feb 4 20:07:37 2030 GMT -->
+ <ds:X509Certificate>
+MIIDITCCAgmgAwIBAgIJAKu+jRod+TYIMA0GCSqGSIb3DQEBBQUAMCkxJzAlBgNV
+BAMTHndlYmF1dGguc2VydmljZS5vaGlvLXN0YXRlLmVkdTAeFw0xMDAyMDkyMDA3
+MzdaFw0zMDAyMDQyMDA3MzdaMCkxJzAlBgNVBAMTHndlYmF1dGguc2VydmljZS5v
+aGlvLXN0YXRlLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpZ
+P+xV7kNCuuUtg4X8MTxTnS2TSU/tompvYjI0af4q7N5od7uzEqHBD9FMvh9bZ7GS
+CACX5yYjBYZCb59i0tstfpCsDBho2Wi497EjmaTw81EQ1AjM6EhRb/we0MLj0er8
+8q+vnVC7Jb7DoStoNIEFoOTv8LvKldrrXVX3yHZR3bEVtvblZbGMSYtPdH/TYMDQ
+cmqkpzldfz9rQFDLSM8mqBqf56zmB8uzkZKhujTXOzb4STvaq7hhAnDwT3z9c00O
+XbDBWxd1CplgHwZvrbWxYxf5gTCaPvHuLY5WeA8Ky5SUZifO/szEDvEm8K0rHStK
+H/blQiX5fUQ6t3SfxbsCAwEAAaNMMEowKQYDVR0RBCIwIIIed2ViYXV0aC5zZXJ2
+aWNlLm9oaW8tc3RhdGUuZWR1MB0GA1UdDgQWBBR70C49vjOa/Ikk86hkX998wqQt
+UDANBgkqhkiG9w0BAQUFAAOCAQEAlgMMaTIwrly4U896lUa92iif3bLGADPjc0Is
+6a6k6RytjJm/r0lbtjCWW6zs1T6L7458Ow+57fyF0Oh/iXvj65m+dvCBWXnag7hN
+1yMBJQMRpSjH7dLko7y0EJ/ZrKEYQwYnBGmCILvJB/MIj2eEkq2Z47uWpvrehJfb
+zsEeAbjNqw1V/AJN7E4paw8aYg8TXEXAdOvNL5h7KRQw8Ui0kCw2DeTTIXExSxZd
+bqw6ldfQD2fVYnLxDGTFqITCi1a9TidA4xCXD95F7uQaEao3O8ArZcyag62uiMtv
+i24RvCRvD/vsnUhI82pV/DK+2icz6UDtiiKrFNAmIiR14TanfA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.service.ohio-state.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://webauth.service.ohio-state.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">osu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 322, expires on Thu May 20 15:24:05 2010 GMT -->
+ <ds:X509Certificate>
+MIIFtTCCBJ2gAwIBAgICAUIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUxOTE1MjQwNVoXDTEwMDUy
+MDE1MjQwNVowKTEnMCUGA1UEAxMed2ViYXV0aC5zZXJ2aWNlLm9oaW8tc3RhdGUu
+ZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlUUm25GQ1FD5TYol
+gF+VvsypXudx8IfPvNasV3Z4jRk9CIRoQmZj8/GiNEqYMywz6gzxAd9KiPFvBE14
+46I2TLj3OAn7TRgxICotT7axbDQrw68IFVL36s48iATcR2XDAWOV68uOxdl9EOrD
+TUkQ/pNWdvguBw9H8YtJtLn/4oXFg0uAmNacIJD4f/P2xb4FIsIgw+yzqEFbUsdM
+iUznHWHHhgiEKc8zFMLDMoect5UKtd5bW+Xtx4DvlllQ3XJC6G1LAOcNz3nMO6y3
+0uGp6JYN568eNhzUEzDvZxFePdAmSQFKPfrswVmYu2JyElvFGIIm/LtjaCHywJmv
+UnQX0wIDAQABo4ICuDCCArQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBT0ke+3aXir
+xGq/a4CfPCxl3El0aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6
+BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCkGA1Ud
+EQQiMCCCHndlYmF1dGguc2VydmljZS5vaGlvLXN0YXRlLmVkdTANBgkqhkiG9w0B
+AQUFAAOCAQEACb/lHdUqKlo2PJIPBdmTR9fat0mQDNL1zofMt+LND+Yc7Emdw1Ix
+KdB5GtcQdXIzY57MsPo0w7PCxn5px1G5xKtV38XUJr6Q5Uj1QxncU0EGzoM01xil
+g9Y7aqu41pv5wbJH5RsGT6MEalkz2AS7Ft1XBoHA5FINJWziLMEWIJzse9N2RENE
+grlOlf6obsIfcoLf5YwO8T/9FJ3lVkN03JqravG4nSGkhm5KTYxMT8iT5aRjPDaD
+91In7opPeWlX+zBxujpIM0y0ZMhzeF65EMY79d+1ppIlsM4ZTPSCRCxc2/ZAGgew
+6qA+TUVvyJew0YDIbOhjCd6mhTWJisEOnA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12375483969372239368, expires on Mon Feb 4 20:07:37 2030 GMT -->
+ <ds:X509Certificate>
+MIIDITCCAgmgAwIBAgIJAKu+jRod+TYIMA0GCSqGSIb3DQEBBQUAMCkxJzAlBgNV
+BAMTHndlYmF1dGguc2VydmljZS5vaGlvLXN0YXRlLmVkdTAeFw0xMDAyMDkyMDA3
+MzdaFw0zMDAyMDQyMDA3MzdaMCkxJzAlBgNVBAMTHndlYmF1dGguc2VydmljZS5v
+aGlvLXN0YXRlLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMpZ
+P+xV7kNCuuUtg4X8MTxTnS2TSU/tompvYjI0af4q7N5od7uzEqHBD9FMvh9bZ7GS
+CACX5yYjBYZCb59i0tstfpCsDBho2Wi497EjmaTw81EQ1AjM6EhRb/we0MLj0er8
+8q+vnVC7Jb7DoStoNIEFoOTv8LvKldrrXVX3yHZR3bEVtvblZbGMSYtPdH/TYMDQ
+cmqkpzldfz9rQFDLSM8mqBqf56zmB8uzkZKhujTXOzb4STvaq7hhAnDwT3z9c00O
+XbDBWxd1CplgHwZvrbWxYxf5gTCaPvHuLY5WeA8Ky5SUZifO/szEDvEm8K0rHStK
+H/blQiX5fUQ6t3SfxbsCAwEAAaNMMEowKQYDVR0RBCIwIIIed2ViYXV0aC5zZXJ2
+aWNlLm9oaW8tc3RhdGUuZWR1MB0GA1UdDgQWBBR70C49vjOa/Ikk86hkX998wqQt
+UDANBgkqhkiG9w0BAQUFAAOCAQEAlgMMaTIwrly4U896lUa92iif3bLGADPjc0Is
+6a6k6RytjJm/r0lbtjCWW6zs1T6L7458Ow+57fyF0Oh/iXvj65m+dvCBWXnag7hN
+1yMBJQMRpSjH7dLko7y0EJ/ZrKEYQwYnBGmCILvJB/MIj2eEkq2Z47uWpvrehJfb
+zsEeAbjNqw1V/AJN7E4paw8aYg8TXEXAdOvNL5h7KRQw8Ui0kCw2DeTTIXExSxZd
+bqw6ldfQD2fVYnLxDGTFqITCi1a9TidA4xCXD95F7uQaEao3O8ArZcyag62uiMtv
+i24RvCRvD/vsnUhI82pV/DK+2icz6UDtiiKrFNAmIiR14TanfA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.service.ohio-state.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Ohio State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Ohio State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.osu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Scott Cantor</GivenName>
+ <EmailAddress>cantor.2@osu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Authentication Support</GivenName>
+ <EmailAddress>webauth-admin@lists.acs.ohio-state.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Technology Support Center</GivenName>
+ <EmailAddress>8help@osu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://carmenwiki.osu.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://carmenwiki.osu.edu/Shibboleth.sso/Login" index="1"></DiscoveryResponse>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://carmenwiki.it.ohio-state.edu/Shibboleth.sso/Login" index="2"></DiscoveryResponse>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://carmenwiki.osu.edu/Shibboleth.sso/Clear" index="3"></DiscoveryResponse>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://carmenwiki.it.ohio-state.edu/Shibboleth.sso/Clear" index="4"></DiscoveryResponse>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ltwiki01.ad.service.osu.edu/Shibboleth.sso/Login" index="5"></DiscoveryResponse>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ltwiki01.ad.service.osu.edu/Shibboleth.sso/Clear" index="6"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 392, expires on Thu Jul 29 18:10:28 2010 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAYgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcyODE4MTAyOFoXDTEwMDcy
+OTE4MTAyOFowHTEbMBkGA1UEAxMSY2FybWVud2lraS5vc3UuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Xoc/aCE362tPXWTfzBoq0bgs5VtF9k5
+CFq1XCgQgoHGrZqjUyUb8fEYHPmjbGgu1h04yxyYtPL7duiS4YPOu3dURNfCrAEf
+OUHeu3M8ecu2QRyvwGiEHVldtl/uvXoaUpUM8y92wI+P98iH6Hi4byXClJkZ5bXN
+4Yb9ghFNc9qeKUG5hhoMkyoUCyoxk//dE6dgITcvk+AzgKmuUlqbl6Dk6S3yICL3
+vVISpxudZeIcGwVFiJxpJtwq3sgOm7YtjKsBV4g85l7GfhSgjKYzYGaCc/z7ejh5
+7wZjAFw7vqfjP4v0e8CXt3wKNmbj4+SvsT4pYHcB0IcgF9uEEC/hfQIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBStll0GFrZjSSF5tw7cR90hKnXe
+MzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJjYXJtZW53aWtpLm9z
+dS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAGgjrFBrxDygCxMGP8V6/yFuwwlSwhjD
+jSZ63LzGIzRX1keIHrlGT2jWLVA6y6oL1qaV45MO4P14AwIJemqqeSU4lGbfVnS+
+9Tje5HkHnsZnrDtwIYwXCrXzOKgCWNGoute9i7bAnvEWJ7fJv66vyWUQRB0rP/TH
+siNxoU6YFa1BA6PYblUohUmpW2rNSd8CXnUE+doDoAY2WIn+eEMf5xwUlZRd16sJ
+yfeHDGnI+28mr9yKtvTOMcJAB4yEfTNddRatzKcTctcaeWWxxYlBVkZU7+sE5VkE
+vn6SFfiifTB93LB1SUiNePrHbsF4agD6JqwnAmIzv6BBuPJ0WbR4W/Q=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://carmenwiki.osu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://carmenwiki.osu.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://carmenwiki.it.ohio-state.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://carmenwiki.it.ohio-state.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ltwiki01.ad.service.osu.edu/Shibboleth.sso/SAML/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ltwiki01.ad.service.osu.edu/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Ohio State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Ohio State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.osu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Scott Cantor</GivenName>
+ <EmailAddress>cantor.2@osu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Travis Ritter</GivenName>
+ <EmailAddress>ritter.18@osu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OIT Help Desk</GivenName>
+ <EmailAddress>8help@osu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Cornell University -->
+<EntityDescriptor entityID="https://shibidp.cit.cornell.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">cornell.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1315837868438779038659806298608780803577283839491, expires on Fri Nov 23 18:52:44 2029 GMT -->
+ <ds:X509Certificate>
+MIIDSDCCAjCgAwIBAgIVAOZ8NfBem6sHcI7F39sYmD/JG4YDMA0GCSqGSIb3DQEB
+BQUAMCIxIDAeBgNVBAMTF3NoaWJpZHAuY2l0LmNvcm5lbGwuZWR1MB4XDTA5MTEy
+MzE4NTI0NFoXDTI5MTEyMzE4NTI0NFowIjEgMB4GA1UEAxMXc2hpYmlkcC5jaXQu
+Y29ybmVsbC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTURo9
+90uuODo/5ju3GZThcT67K3RXW69jwlBwfn3png75Dhyw9Xa50RFv0EbdfrojH1P1
+9LyfCjubfsm9Z7FYkVWSVdPSvQ0BXx7zQxdTpE9137qj740tMJr7Wi+iWdkyBQS/
+bCNhuLHeNQor6NXZoBgX8HvLy4sCUb/4v7vbp90HkmP3FzJRDevzgr6PVNqWwNqp
+tZ0vQHSF5D3iBNbxq3csfRGQQyVi729XuWMSqEjPhhkf1UjVcJ3/cG8tWbRKw+W+
+OIm71k+99kOgg7IvygndzzaGDVhDFMyiGZ4njMzEJT67sEq0pMuuwLMlLE/86mSv
+uGwO2Qacb1ckzjodAgMBAAGjdTBzMFIGA1UdEQRLMEmCF3NoaWJpZHAuY2l0LmNv
+cm5lbGwuZWR1hi5odHRwczovL3NoaWJpZHAuY2l0LmNvcm5lbGwuZWR1L2lkcC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBSQgitoP2/rJMDepS1sFgM35xw19zANBgkqhkiG
+9w0BAQUFAAOCAQEAaFrLOGqMsbX1YlseO+SM3JKfgfjBBL5TP86qqiCuq9a1J6B7
+Yv+XYLmZBy04EfV0L7HjYX5aGIWLDtz9YAis4g3xTPWe1/bjdltUq5seRuksJjyb
+prGI2oAv/ShPBOyrkadectHzvu5K6CL7AxNTWCSXswtfdsuxcKo65tO5TRO1hWlr
+7Pq2F+Oj2hOvcwC0vOOjlYNe9yRE9DjJAzv4rrZUg71R3IEKNjfOF80LYPAFD2Sp
+p36uB6TmSYl1nBmS5LgWF4EpEuODPSmy4sIV6jl1otuyI/An2dOcNqcgu7tYEXLX
+C8N6DXggDWPtPRdpk96UW45huvXudpZenrcd7A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibidp.cit.cornell.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.cit.cornell.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibidp.cit.cornell.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibidp.cit.cornell.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">cornell.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1315837868438779038659806298608780803577283839491, expires on Fri Nov 23 18:52:44 2029 GMT -->
+ <ds:X509Certificate>
+MIIDSDCCAjCgAwIBAgIVAOZ8NfBem6sHcI7F39sYmD/JG4YDMA0GCSqGSIb3DQEB
+BQUAMCIxIDAeBgNVBAMTF3NoaWJpZHAuY2l0LmNvcm5lbGwuZWR1MB4XDTA5MTEy
+MzE4NTI0NFoXDTI5MTEyMzE4NTI0NFowIjEgMB4GA1UEAxMXc2hpYmlkcC5jaXQu
+Y29ybmVsbC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCTURo9
+90uuODo/5ju3GZThcT67K3RXW69jwlBwfn3png75Dhyw9Xa50RFv0EbdfrojH1P1
+9LyfCjubfsm9Z7FYkVWSVdPSvQ0BXx7zQxdTpE9137qj740tMJr7Wi+iWdkyBQS/
+bCNhuLHeNQor6NXZoBgX8HvLy4sCUb/4v7vbp90HkmP3FzJRDevzgr6PVNqWwNqp
+tZ0vQHSF5D3iBNbxq3csfRGQQyVi729XuWMSqEjPhhkf1UjVcJ3/cG8tWbRKw+W+
+OIm71k+99kOgg7IvygndzzaGDVhDFMyiGZ4njMzEJT67sEq0pMuuwLMlLE/86mSv
+uGwO2Qacb1ckzjodAgMBAAGjdTBzMFIGA1UdEQRLMEmCF3NoaWJpZHAuY2l0LmNv
+cm5lbGwuZWR1hi5odHRwczovL3NoaWJpZHAuY2l0LmNvcm5lbGwuZWR1L2lkcC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBSQgitoP2/rJMDepS1sFgM35xw19zANBgkqhkiG
+9w0BAQUFAAOCAQEAaFrLOGqMsbX1YlseO+SM3JKfgfjBBL5TP86qqiCuq9a1J6B7
+Yv+XYLmZBy04EfV0L7HjYX5aGIWLDtz9YAis4g3xTPWe1/bjdltUq5seRuksJjyb
+prGI2oAv/ShPBOyrkadectHzvu5K6CL7AxNTWCSXswtfdsuxcKo65tO5TRO1hWlr
+7Pq2F+Oj2hOvcwC0vOOjlYNe9yRE9DjJAzv4rrZUg71R3IEKNjfOF80LYPAFD2Sp
+p36uB6TmSYl1nBmS5LgWF4EpEuODPSmy4sIV6jl1otuyI/An2dOcNqcgu7tYEXLX
+C8N6DXggDWPtPRdpk96UW45huvXudpZenrcd7A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.cit.cornell.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibidp.cit.cornell.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Cornell University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Cornell University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cornell.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Andrea Beesing</GivenName>
+ <EmailAddress>amb3@cornell.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Steve Edgar</GivenName>
+ <EmailAddress>se10@cornell.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Joy Veronneau</GivenName>
+ <EmailAddress>jv11@cornell.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Online Computer Library Center Inc. -->
+<EntityDescriptor entityID="https://illqashib01.illiad.oclc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://illqashib01.illiad.oclc.org/Shibboleth.sso/Login" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 15956163468046689442, expires on Fri Nov 30 16:28:45 2012 GMT -->
+ <ds:X509Certificate>
+MIIDWDCCAkCgAwIBAgIJAN1vriKC/OSiMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
+BAMTG2lsbHFhc2hpYjAxLmlsbGlhZC5vY2xjLm9yZzAeFw0wOTEyMDExNjI4NDVa
+Fw0xMjExMzAxNjI4NDVaMCYxJDAiBgNVBAMTG2lsbHFhc2hpYjAxLmlsbGlhZC5v
+Y2xjLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANtoOR3FbO/M
+I9ekR4GBqi9Vw5RQwEeZGACtgFfwB3ccPiF8HWE1EMvNRev7kVn2zUio/pP4aJXW
+jkaxVQajlPiiADbQ5kO/bEXtifz60G0LU2TA3lk9oM2yxbLRfSsRxgLKEMvJAbPX
+oclIwFmhyWkM5LMUvFfqyKW4xnlIKbAaWZDER/xKvqqKSUi6d9wLvHXF5ThEJLOH
+vNJ/2zISt0gn64KwMXwIYcvdhba4/y5sS+MhUNwazOOmp9K3QAleUrNgcEBtdRU3
+dtItQXh6jk4V9ttOotxXn1W+X0at5IX/rDOLnkpKpdKP1yNqWbMaoKLJDDVkDAqy
+hD7NXxrjbn8CAwEAAaOBiDCBhTAdBgNVHQ4EFgQU5eua51pcS4QJyOdun5AivemQ
+PeIwVgYDVR0jBE8wTYAU5eua51pcS4QJyOdun5AivemQPeKhKqQoMCYxJDAiBgNV
+BAMTG2lsbHFhc2hpYjAxLmlsbGlhZC5vY2xjLm9yZ4IJAN1vriKC/OSiMAwGA1Ud
+EwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAFShkKrxuy0PuUt5ZkuRwZfLiUp5
+HnjOX/ZL8/ALG2ppwW4GULYnAXbA0f783vAGCThzreTGNRjWbYzDAbYrQxG1+/fx
+Mp+/Dcg1XYuCXFcMQKHMexqgI1leIG0hexCX9s9Zk9FivudIj+6jgpf+Upge+zD9
+s5NpgP8eRQQF24ignuGIsY0t90bOcBHTmxtbr8v4NTckRApzQmYcZGBYFflFJNCF
+++Gt0YaCplUw9WlqcpE1x8Uw5xrASJy6bxQFAEj8C9cLd+o0uPqBPgB0UcM8NBn8
+yjdI5ctFodlc0HKsl3PHEGv1dfIPheLJsYB0QK3yiTy4rSxX1yR0DGwp8ag=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://illqashib01.illiad.oclc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://illqashib01.illiad.oclc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Online Computer Library Center Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Online Computer Library Center Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.oclc.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Don Hamparian</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jason Zavar</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://mit.illiad.oclc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mit.illiad.oclc.org/Shibboleth.sso/Login" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 586, expires on Mon Jul 11 17:56:55 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlzCCBH+gAwIBAgICAkowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxMDE3NTY1NVoXDTExMDcx
+MTE3NTY1NVowHjEcMBoGA1UEAxMTbWl0LmlsbGlhZC5vY2xjLm9yZzCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKZpjLsATe5x4RwEumuP19CtPe81CAkl
+2lCYch1Rx1NNAuKPB45/JhxkbXmudQOvxTJWJv7hnDQ43z3A4BJdBYDj9c0BjvqF
+tSIezx8jyhBjK+OezQ0bD5J7Inf+H8OFum2nHyP2FBYylKsD5BB+psO1wPHUl6PJ
+vBugaxSVAPn4CKUlfu/VijUZlhFO7240CABPtFwS+iGq/d6XjlI7XWDDh4ni9bti
+Q28B21jknHqiqDNcI/iPyrxXT8IUiV56L6eBOk75gqmUsfPI+Wfmw477T/0XD9vP
+Dos88j1dCL0L1wLKVtv0LrxepJgm79k6dhqPWxu6WK3eMJxlhE17KQ0CAwEAAaOC
+AqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUC+iLw1Wzf8hV1fWuWtHVSlg9
+f7QwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEE
+gaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUH
+MAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYITbWl0LmlsbGlhZC5v
+Y2xjLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAdr2I3445DjzIumlYKrRwpvXlEgK6
+JUMR36Wqtj6abLGRHgkNidfyozJhjI2wk5NIyrOjWsVNoruyJX0o7fIsOXDtV/tk
+Q++lFcd9lkTzKtQmy3TwF5OUpV5n+qNaC0g2d4/aWK8KPUsjMtVwUHSG9i4K1/dE
+xriPkTC2JJI1FVcyFVcnACjZkGsvo3QEq5hkYuFLjTDe9vU67PGYTgnmhpJ2UYES
+1p5TvdAmi54SdpBdBOYPv2T7qvdMrNNCC0TPzZvls6jcu1kKFRst64xwg+d+ltJm
+Y1DS1xGgPhEi1jdZUjiJoxAVhUK2fX+sOboc6ZU4prpZ/bF14Dy1ztAsqw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mit.illiad.oclc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mit.illiad.oclc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Online Computer Library Center Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Online Computer Library Center Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.oclc.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Don Hamparian</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jason Zavar</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://northwestern.illiad.oclc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://northwestern.illiad.oclc.org/Shibboleth.sso/Login" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 15002267067417149665, expires on Fri Nov 9 22:20:03 2012 GMT -->
+ <ds:X509Certificate>
+MIIDWzCCAkOgAwIBAgIJANAywmmS8MDhMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHG5vcnRod2VzdGVybi5pbGxpYWQub2NsYy5vcmcwHhcNMDkxMTEwMjIyMDAz
+WhcNMTIxMTA5MjIyMDAzWjAnMSUwIwYDVQQDExxub3J0aHdlc3Rlcm4uaWxsaWFk
+Lm9jbGMub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxlZPI7A
+BMf+FYL6aP7fSH+CQdgDCtvkkE4gCZRP3yyDagIj2dbWZa3QXgpspB+T9FBOrF0G
+jjMvUHO+EscXlZcGZaDdqk6mvNkdJCyR5XoU6Cz08ci777L6VA3qDGJMp/dcrfzt
+OXqNHwEJs9JauC/u/oQCn77YuJISHUEt7zeR4+CRGoedLNbuOMs60VQ+eKbRs5Vm
+MIjlEQvW/EKdDK0m7H1REi1oC+uAsP3YPKfptYEJl7RwOh3t4y8Mf/zouSTuKeeD
+Up0NFuIXVRAJEuQ5XGkBOQvA19oQlH0cRtRvMMleF2BlXBUYMZwv82ZNFJ0rlYw2
+EzTVi0D5ad/8qwIDAQABo4GJMIGGMB0GA1UdDgQWBBTYydoes4kkBTqtOsiSCt/x
+fdysfTBXBgNVHSMEUDBOgBTYydoes4kkBTqtOsiSCt/xfdysfaErpCkwJzElMCMG
+A1UEAxMcbm9ydGh3ZXN0ZXJuLmlsbGlhZC5vY2xjLm9yZ4IJANAywmmS8MDhMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAGDMlLiLUHrhoEVzXZjAHi6e
+hA8ekZ4aT5kpQxfMuRb72Tqh2AAE08+2+ty/G8cEvNgWPgrzqZZodWPn8OffcNxd
+34sMZV2EFP5T2EYwyfgsO1YkPfe4faI0IppjlCiBag9XWFDWPyWupmbNV+OpchLb
+SNwHmktDfB0pl/W/NO6do8K41p74hKA96VVRMWFlHZ1BG1MZjZQ+RsW9khkMPaac
+/kmEt9G4WAyFuYOIJ1EwMq5kMHHB7pOEiQodkFeWUZVVHuyriKKVaEEBB4Y4YmjG
+j22kl0ntodYDQdLTXJKucg8VgJpsGFZq8JcEe4aGCds54tjbgJ7W2/XKiRdXKes=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://northwestern.illiad.oclc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://northwestern.illiad.oclc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Online Computer Library Center Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Online Computer Library Center Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.oclc.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Don Hamparian</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jason Zavar</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shib.oclc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 589, expires on Thu Jul 14 18:07:46 2011 GMT -->
+ <ds:X509Certificate>
+MIIFBzCCA++gAwIBAgICAk0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxMzE4MDc0NloXDTExMDcx
+NDE4MDc0NlowGDEWMBQGA1UEAxMNc2hpYi5vY2xjLm9yZzCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA04N/em9hLCT1eJZx58eN5lhM/e/1ESzJkhV2joii/nRo
+shEjbWJ2zaGZ3L9UYrY1ejJdQMOqvoXWdWj2mTx1w3kpC97M7CWJ0ajK6wvh1QEl
+SFlnv358r3qfP6dS2jGZPQ74qzIGPQX/O1u28Z4K+rLM6tRXA2ja7ramq+AHJG0C
+AwEAAaOCAp8wggKbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQULraEsLYD/IkSHi2P
+iFVWTQdELdQwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc2hpYi5v
+Y2xjLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAPAxoERmVBZruhuwJIcQVVw5I1EE5
+pnUbiG17+x4Q+KDqiqKfjvAGcPidUWGT5I/TplyB/I/962hqySO9fb7hNizLhRpl
+3zuF9Y7b9FV1J0PAFNkn9PIPhi4A5CeneTLTtXYb/iSgRkIh8bhxDfgCtshFWRLC
+Cp1NNKSFjBWwdeEO6fFcEv99a8gtteemo68AWGqFH+fsjcZeZLjWYyZm0DaWS58m
+9Z7kCTrZW9Cds+ZU59tXdGA9G3QbtPih5NLYLmOuAG9l5CP1Z55EDGbhsEM3DYB0
+YzpNVIOgqVgG0EzIMgZO4xs1qOeR8EU/F8IMtAHnjIGuXYiMyYIaz0sbfg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.oclc.org:2443/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.oclc.org:2443/Shibboleth.shire" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://shib.oclc.org:2080/Shibboleth.shire" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://shib.oclc.org:2080/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Online Computer Library Center Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Online Computer Library Center Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.oclc.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Richard Scranton</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Sharon Ramsay</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Andy Dale</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jason Zavar</GivenName>
+ <EmailAddress>shibboleth@oclc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California - Office of the President -->
+<EntityDescriptor entityID="urn:mace:incommon:ucop.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucop.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 281, expires on Sun Mar 14 20:11:41 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICARkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMxMzIwMTE0MVoXDTEwMDMx
+NDIwMTE0MVowGzEZMBcGA1UEAxMQc2hpYmlkcC51Y29wLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAoqHzLNFnLXR3mE461WO5nvsKqP4wHu8lMpXVZPNU
+AAyhF2DISX7C4v8ypAKLOm3FiVZfcHNjcCsOS0Y8j9v3CEEMRiQuH8in8m8s56YC
+yAdgTiToPFhAGesXPvUdbk+XEW7eGSiyzT/Qif/9jNo06aHtPEuFv8Yrx+OodGJY
+neMCAwEAAaOCAqowggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUY69aLgM0ExrS
+MQBPUTQORjby2hswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREE
+FDASghBzaGliaWRwLnVjb3AuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQC/6mAjVI1B
+7CAcIaCwi77XaDkB/2cOgD/IYfOhVdRZQGOOtdGoqFwbyd/BwZnnoEOnUvtW/7pj
+kn+1dlan61PpQ6VYk+Vo0wRMef1by4XCkZfBiBwVeRZpZgLmKulkaiTBfnWq+1LI
+8XXXkAxWadhPdvU8NApfRmBuA1VC2+1+LXzbX7HIr8Tiu8acSbxm1icXPltpboQt
+3PN/vauhxbpcVk4GQ+AUJVyIRGFnOYG3g7WwhNbKprsCp8QWaG9S2iJBaq+Uf1tk
+V4BvcztYov8m2yRcvrbN1OJQXikUGbr7xTmtrTH91fk34+VG09lzh5kqrJmuaaJi
+B7L9WxthC0C6
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.ucop.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibidp.ucop.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucop.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 281, expires on Sun Mar 14 20:11:41 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICARkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMxMzIwMTE0MVoXDTEwMDMx
+NDIwMTE0MVowGzEZMBcGA1UEAxMQc2hpYmlkcC51Y29wLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAoqHzLNFnLXR3mE461WO5nvsKqP4wHu8lMpXVZPNU
+AAyhF2DISX7C4v8ypAKLOm3FiVZfcHNjcCsOS0Y8j9v3CEEMRiQuH8in8m8s56YC
+yAdgTiToPFhAGesXPvUdbk+XEW7eGSiyzT/Qif/9jNo06aHtPEuFv8Yrx+OodGJY
+neMCAwEAAaOCAqowggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUY69aLgM0ExrS
+MQBPUTQORjby2hswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREE
+FDASghBzaGliaWRwLnVjb3AuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQC/6mAjVI1B
+7CAcIaCwi77XaDkB/2cOgD/IYfOhVdRZQGOOtdGoqFwbyd/BwZnnoEOnUvtW/7pj
+kn+1dlan61PpQ6VYk+Vo0wRMef1by4XCkZfBiBwVeRZpZgLmKulkaiTBfnWq+1LI
+8XXXkAxWadhPdvU8NApfRmBuA1VC2+1+LXzbX7HIr8Tiu8acSbxm1icXPltpboQt
+3PN/vauhxbpcVk4GQ+AUJVyIRGFnOYG3g7WwhNbKprsCp8QWaG9S2iJBaq+Uf1tk
+V4BvcztYov8m2yRcvrbN1OJQXikUGbr7xTmtrTH91fk34+VG09lzh5kqrJmuaaJi
+B7L9WxthC0C6
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.ucop.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>UCOP DataCenter HelpDesk</GivenName>
+ <EmailAddress>ucopdatacenter.helpdesk@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Munish Malik</GivenName>
+ <EmailAddress>aig@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Paul Weiss</GivenName>
+ <EmailAddress>Paul.Weiss@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="http://p-pio-project01.ucop.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 373, expires on Sun Jul 4 18:14:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAXUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMzE4MTQyM1oXDTEwMDcw
+NDE4MTQyM1owIzEhMB8GA1UEAxMYcC1waW8tcHJvamVjdDAxLnVjb3AuZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGeD+uQIDGwJf6ea+vz1YNMcRzDf2
+g/nsSZKyrwmcyUyBlocfnsb2clmVPnU5mJd/8D0fEmj6wappthMbZCj9hOpjHuek
+HEhtwdDFEGZNsfthNpDGsTPa5J5yjOhyRO6KA9P9y1NygayBIM+RSvez7CkkwEVx
+pL8uDysWPHG15QIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRU
+9prVMJ2D9tE8rF/A/v7C41aHbzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhwLXBpby1wcm9qZWN0MDEudWNvcC5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AI3eosABhS3zZ6leyRUQ6woMxW66N9WlxAfAKTwOBgvK3qvUTUtl9IE3cpHGubHF
+vyQtYKexrroKtI4CqGyQDOKkr+zjCOzjhw+evSFQB2+y5B9NToTh3Iz7em6jKO1q
+oKff+fTeh2gZYend3fOHx0NTAo45jutXnMNgh2y7zHIFAw/xJh5vSxR2I1oQdhLY
+TDpwKQDboGhUqNaDi1t9u8ed2Mlb/OxrJg+aXMa2AKkstr3GebOSKEAGYYld3DtW
+495qWcwA0UKNXO1qxFq6a/7kqFaWNp63l3Do2/5/CtSsdotoVbyjHt2uEhBMPj1I
+264Ea1cXN683jfsTpp9jPik=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://p-pio-project01.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Carla Raffetto</GivenName>
+ <EmailAddress>Carla.Raffetto@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jon Bertsch</GivenName>
+ <EmailAddress>Jon.Bertsch@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jim Kassenbrock</GivenName>
+ <EmailAddress>Jim.Kassenbrock@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://atyourserviceonline.ucop.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 245, expires on Thu Jan 7 22:14:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAPUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEwNzIyMTQwNloXDTEwMDEw
+NzIyMTQwNlowHjEcMBoGA1UEAxMTc2hpYmJvbGV0aC51Y29wLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAvIag1Pw+uwVNL3fZ+5p+QbcvpNWdsbgNh93u
+XA7jRUW1SSLMjpWTcnOJy9zNKiAPDRzRc5PaaQKDb5rYHiRSiMR4Tr6du+CjKHY4
+BD3wJ8jTpNwrQLBfehuCVzXXN5D7HOYuszn99ICPCe745SgVm08rgzyN0Rq1Ltvb
+Bb7kDBUCAwEAAaOCAq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmo/z2FIX
+mRtxdqns/O28HZTIVE8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+ugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNV
+HREEFzAVghNzaGliYm9sZXRoLnVjb3AuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCI
+bc5nSVbe3KYzYau9xNgZY4Nm89qYkjOPOpqSHy0FJdaQ/U1B4+UfCeGQ7X2LEQpZ
+ifr/Sspi/ZX52XfLDhF/xNdqdXX2sxMJP9pE87ylASA/kv7wrP6wa41sK3nzZFui
+7q1ATDnBa6KK36jrDUQ5kNgpJWkI2ciLgp2OrY8qvf+2Kzyduu9cf17EKHz8+B8J
+3tHGwOL0ibFcysNr6St86ew2dBhuTjfTEbPAgDhS+zN6W+3bFAoFSN7g4ZxQ+26x
+bxdeFplDCHDM23rn8WvW7fOxk8c0y2ZVefVnkXgJALOSQnUxKgd4B2GajbyWZkgk
+I7H2JGwCMNhsubHXB1Yl
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 0, expires on Sun Jan 13 22:07:10 2013 GMT -->
+ <ds:X509Certificate>
+MIIEhTCCA22gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBjTELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWtsYW5kMQ0wCwYDVQQKEwRVQ09QMQww
+CgYDVQQLEwNBSUcxHjAcBgNVBAMTFXNoaWJib2xldGhzcC51Y29wLmVkdTEiMCAG
+CSqGSIb3DQEJARYTYWlnLWFsZXJ0c0B1Y29wLmVkdTAeFw0xMDAxMTQyMjA3MTBa
+Fw0xMzAxMTMyMjA3MTBaMIGNMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEDAO
+BgNVBAcTB09ha2xhbmQxDTALBgNVBAoTBFVDT1AxDDAKBgNVBAsTA0FJRzEeMBwG
+A1UEAxMVc2hpYmJvbGV0aHNwLnVjb3AuZWR1MSIwIAYJKoZIhvcNAQkBFhNhaWct
+YWxlcnRzQHVjb3AuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+o58S+32K6mpCCp/R4r40TwX8z4nqEge6mroIWRDJrFuZ3ZdS4Sw2BJQpcoxakYTF
+4jDynvM3S2zk7yom8ghrlT/IEWdojMkFfZykx/XQq1KKLTOc73LqYMKxFRrLd9/d
+pk5LEcRysTDkOIlcRUrjnvG/jnsjKydG2VNLrySQ3/PHcjoB2P2NHGPRQMlInjZV
+1XNUC2mC3aCk3PC+jUaR/PE0LzMQ59qHGy5bTQIqGsGifVgCwrjyGqTGmmm4K8qc
+ufZLAI+K27oLGUsh8Q6cewnqz8mRd2FJWsk/QVx6Qerp/CacFjxa7U7JKnnE3O1B
+ZdmU+YqCRdTJ0QANH5Xi1QIDAQABo4HtMIHqMB0GA1UdDgQWBBRQFY4qfAX8jUwX
+T16LN/HzGBEjgTCBugYDVR0jBIGyMIGvgBRQFY4qfAX8jUwXT16LN/HzGBEjgaGB
+k6SBkDCBjTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWts
+YW5kMQ0wCwYDVQQKEwRVQ09QMQwwCgYDVQQLEwNBSUcxHjAcBgNVBAMTFXNoaWJi
+b2xldGhzcC51Y29wLmVkdTEiMCAGCSqGSIb3DQEJARYTYWlnLWFsZXJ0c0B1Y29w
+LmVkdYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4IBAQAfDDpq+pVi
+3+nN2BLuqz2kASyaose7hZrEyf2qSEMOrYtPA99gILvVSSHuOR4PMj1VPqs1NY2+
+Aa40Ova/RNW7Psj9qlskvGnbPVRBvEvIVPlYqKT7eVOwCsyeC7Ae3bnA9+UBVBaV
+lTaHIVTjTgmlpMPkg+kHPTr8JoPm6hEhgHxoqGAAQue4g/0rwLOGxlRqKjH4Q+EU
+wJMWZUo071UC5nuzKL/3IEufjcbzogBwW0OMpcwl6rxkbw36tSqZls4TPvR67FUj
+Rgsfv6fwNijCs+jTHt0a3tEucCC2ILtwAT5C0sHXruw0+sWVVs+HoOuBEneXa9Br
+yV8pCTW41z4K
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://atyourserviceonline.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Munish Malik</GivenName>
+ <EmailAddress>Munish.Malik@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Donna Yamasaki</GivenName>
+ <EmailAddress>Donna.Yamasaki@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ermsp.ucop.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 578, expires on Sun Jul 10 17:53:06 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAkIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwOTE3NTMwNloXDTExMDcx
+MDE3NTMwNlowGTEXMBUGA1UEAxMOZXJtc3AudWNvcC5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCjGpzm87UkMYvJpxROmZCKarMjSZ92mEr2rKPj
+zmCkpbN0NOSXvl+UqLEtjqOh5Qp+VD7qivEsPqlxX/J8LlPufTTu7kd+BP9JyIWM
+podMlK3oMj0mgP9Rn8Y61xOrvOWoOmFzaQ97oZBWxSAjdomY6FXMurzsmWgV1WST
+ER53fVG8fODnesgT72V58tDXZgMpGtlIqzLs1B07UVsLFYcR34hXT+vMNgCR18R1
+alNpmZ7Dgi4jhIXvZHCgJBopI23LMCcukb8xVCZq56Cp5ZNq7iFk1mpSAUeSRvZ9
+9HL0NmT8J8ClYK5Gd+ydS53/oeWSN/axot5JjDRLfBWRpRKpAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFCNtln1I9VzLyySEk/OLcIoW+dZ8MH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmVybXNwLnVjb3AuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQC12m1jcBOZFsvdLBugegkv5S+J/YmngTqaKSpxeoUB
+avJPhsiVF7GjLi6SkgDvrIs7MZ2MYtSUdiT288AuW8JO3lLDwbDqa0SeSRqvk+kl
+ZMXMTJcnZUqd8bUUb9+goqHWj59ewfV161Eg4QVJHGlneKQIyOk2qFjd+k+nwqew
+RUr3vLLwLCPkP8OLlxyrO80p3RRqgqAJrbaxha8B31vbcvSXUVVwPGNQqH93dcTU
+gWBHogWzAJcC5TBArAavxPIYXrDEw9MM7P3RORAjcZ5vlo1KmE7TrIfj6OpV5Y/z
+vSaCWJz9/7IK9Qb5KypuQ0fRKgltMmljw3wnD0Fxl5En
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ermsp.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Munish Malik</GivenName>
+ <EmailAddress>aig@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>UCOP DataCenter HelpDesk</GivenName>
+ <EmailAddress>ucopdatacenter.helpdesk@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ersqa.ucop.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 229, expires on Wed Nov 19 21:08:30 2008 GMT -->
+ <ds:X509Certificate>
+MIIFLTCCBBWgAwIBAgICAOUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTEyMDIxMDgzMFoXDTA4MTEx
+OTIxMDgzMFowNTELMAkGA1UEBhMCVVMxDTALBgNVBAoTBFVDT1AxFzAVBgNVBAMT
+DnNzZXFhLnVjb3AuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXVevc
+N7IYhaIDSe8MHjf7vNHH9TPIiekRnLwbMU3psFIKeMb4uA3ifFXfh9/qfvtCcwn5
+NDC61neFVvLkU6uvbmsTvCyEfBkoabAxrQ54e0Z6QaL8ugXz+3Pw9k70+8Y8zp9S
+4+3SvfaUPGiVsTw3dcl8Ch9iPa8Tpdxp47AfBwIDAQABo4ICqDCCAqQwDgYDVR0P
+AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMB0GA1UdDgQWBBTrVmTQ0pYfMqTet0mKgYZEUk+J4TB+BgNVHSMEdzB1
+gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNV
+BAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYB
+BQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnNzZXFhLnVjb3AuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQCFhqkFmF5EXpuZ7d9vQHVTB7HO6EXIYFcbYUespDRS
+H/6YV2K+Hr86NdPcScaVDHPYXvSEP5bFuG3mWMJYrOErMdFdXTZirAQA4mPB6aBq
+JaPKhu9Csjvo+ivmURG/UhIpFfh4fn8C7E6EyZ8XlBOftjhQs8cQqHYpfHAbVLUZ
+sqD0SCkaZG9ro0IFmnldTDG5xzddSn/vlYjAoxpyb5rbbbq6QNzjyfJeFa3mp8+n
+tqsM7pxVvId8Dh5hRkTzzmdHw1o1HpiVmrNCiJq2tY1bGqeeqC8FFJyvDMZuOaTu
+psG/l8Pu3seGi4HTZzh2dAgguq27VZnzzYVkTuhlsC14
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 0, expires on Sun Jan 13 22:09:46 2013 GMT -->
+ <ds:X509Certificate>
+MIIEcDCCA1igAwIBAgIBADANBgkqhkiG9w0BAQQFADCBhjELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWtsYW5kMQ0wCwYDVQQKEwRVQ09QMQww
+CgYDVQQLEwNBSUcxFzAVBgNVBAMTDnNzZXFhLnVjb3AuZWR1MSIwIAYJKoZIhvcN
+AQkBFhNhaWctYWxlcnRzQHVjb3AuZWR1MB4XDTEwMDExNDIyMDk0NloXDTEzMDEx
+MzIyMDk0NlowgYYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEQMA4GA1UEBxMH
+T2FrbGFuZDENMAsGA1UEChMEVUNPUDEMMAoGA1UECxMDQUlHMRcwFQYDVQQDEw5z
+c2VxYS51Y29wLmVkdTEiMCAGCSqGSIb3DQEJARYTYWlnLWFsZXJ0c0B1Y29wLmVk
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4q6rQcWAqOaaqZLoHa
+YeYt6eVpqc0aTb1FZ8mluN8q9INqooWQxPHKI9i6fKXTK8sPVWO3nZjgYznBJSpm
+cFx0O9vqGQCkLXS4cVN8zF2ZuOzfrdY+61sA96SBpzSfs/tHus/k5yNPOmllB+G7
+sMWbWbP7AOiOY9D0iMDaI4rWRdbSzdYbZZhc61TybrqtBHuIIBq8f+eKFyyRDXK+
+IQJXs99XPEMpDMmppL0fpq2GkDBLiakpk01iC1t4dyNkxid2GhAIyB2xokjVBFqS
+x7JIZHDs7bbs4Wwjgm0zJEnmu/6GE75FV4nbuC1um2xlYbABmjrpPatrtGW4TbTb
+H0cCAwEAAaOB5jCB4zAdBgNVHQ4EFgQUxbHQBqdzRwSksCrxoKFi9p7ZhZgwgbMG
+A1UdIwSBqzCBqIAUxbHQBqdzRwSksCrxoKFi9p7ZhZihgYykgYkwgYYxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIEwJDQTEQMA4GA1UEBxMHT2FrbGFuZDENMAsGA1UEChME
+VUNPUDEMMAoGA1UECxMDQUlHMRcwFQYDVQQDEw5zc2VxYS51Y29wLmVkdTEiMCAG
+CSqGSIb3DQEJARYTYWlnLWFsZXJ0c0B1Y29wLmVkdYIBADAMBgNVHRMEBTADAQH/
+MA0GCSqGSIb3DQEBBAUAA4IBAQCDkbV4YlQ3vrT/atrbjk2Z2sM7ABJPu345XjyN
+VW8eXFfW8t7eYSYTGxRsP+Dwo8RWKjYEUswWFFCwnx/vnk5lgpHBelpDNWYk2Qqt
+iEtLEIYeKfyS4ncELxekz2qlnD7UJDNsTMpVjONFukBIFh8boDx0BRVoIyUgJWuG
+NnHh+PkeAO9TxNIB5GXEQ7ggDq1iOTpHtcrV3BR3tVgrxNCimn0e5LPxb7Iwu0A+
+y7RzieOFWV2Jo5A+ElGWZZ22eaEMZop3CpxVCdRDEo/LExaU4Gm73mKDNIeI3ckZ
+pfUY3oZwRhuthcox7DhLs7ji+e/SSWMxKXypQcvbVLwW68cw
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ersqa.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Steven Hunter</GivenName>
+ <EmailAddress>Steven.Hunter@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Munish Malik</GivenName>
+ <EmailAddress>Munish.Malik@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Barbara Vanden Borre</GivenName>
+ <EmailAddress>Barbara.VandenBorre@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ers.ucop.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 245, expires on Thu Jan 7 22:14:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAPUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEwNzIyMTQwNloXDTEwMDEw
+NzIyMTQwNlowHjEcMBoGA1UEAxMTc2hpYmJvbGV0aC51Y29wLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAvIag1Pw+uwVNL3fZ+5p+QbcvpNWdsbgNh93u
+XA7jRUW1SSLMjpWTcnOJy9zNKiAPDRzRc5PaaQKDb5rYHiRSiMR4Tr6du+CjKHY4
+BD3wJ8jTpNwrQLBfehuCVzXXN5D7HOYuszn99ICPCe745SgVm08rgzyN0Rq1Ltvb
+Bb7kDBUCAwEAAaOCAq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmo/z2FIX
+mRtxdqns/O28HZTIVE8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+ugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNV
+HREEFzAVghNzaGliYm9sZXRoLnVjb3AuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCI
+bc5nSVbe3KYzYau9xNgZY4Nm89qYkjOPOpqSHy0FJdaQ/U1B4+UfCeGQ7X2LEQpZ
+ifr/Sspi/ZX52XfLDhF/xNdqdXX2sxMJP9pE87ylASA/kv7wrP6wa41sK3nzZFui
+7q1ATDnBa6KK36jrDUQ5kNgpJWkI2ciLgp2OrY8qvf+2Kzyduu9cf17EKHz8+B8J
+3tHGwOL0ibFcysNr6St86ew2dBhuTjfTEbPAgDhS+zN6W+3bFAoFSN7g4ZxQ+26x
+bxdeFplDCHDM23rn8WvW7fOxk8c0y2ZVefVnkXgJALOSQnUxKgd4B2GajbyWZkgk
+I7H2JGwCMNhsubHXB1Yl
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 0, expires on Sun Jan 13 22:07:10 2013 GMT -->
+ <ds:X509Certificate>
+MIIEhTCCA22gAwIBAgIBADANBgkqhkiG9w0BAQQFADCBjTELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWtsYW5kMQ0wCwYDVQQKEwRVQ09QMQww
+CgYDVQQLEwNBSUcxHjAcBgNVBAMTFXNoaWJib2xldGhzcC51Y29wLmVkdTEiMCAG
+CSqGSIb3DQEJARYTYWlnLWFsZXJ0c0B1Y29wLmVkdTAeFw0xMDAxMTQyMjA3MTBa
+Fw0xMzAxMTMyMjA3MTBaMIGNMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEDAO
+BgNVBAcTB09ha2xhbmQxDTALBgNVBAoTBFVDT1AxDDAKBgNVBAsTA0FJRzEeMBwG
+A1UEAxMVc2hpYmJvbGV0aHNwLnVjb3AuZWR1MSIwIAYJKoZIhvcNAQkBFhNhaWct
+YWxlcnRzQHVjb3AuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+o58S+32K6mpCCp/R4r40TwX8z4nqEge6mroIWRDJrFuZ3ZdS4Sw2BJQpcoxakYTF
+4jDynvM3S2zk7yom8ghrlT/IEWdojMkFfZykx/XQq1KKLTOc73LqYMKxFRrLd9/d
+pk5LEcRysTDkOIlcRUrjnvG/jnsjKydG2VNLrySQ3/PHcjoB2P2NHGPRQMlInjZV
+1XNUC2mC3aCk3PC+jUaR/PE0LzMQ59qHGy5bTQIqGsGifVgCwrjyGqTGmmm4K8qc
+ufZLAI+K27oLGUsh8Q6cewnqz8mRd2FJWsk/QVx6Qerp/CacFjxa7U7JKnnE3O1B
+ZdmU+YqCRdTJ0QANH5Xi1QIDAQABo4HtMIHqMB0GA1UdDgQWBBRQFY4qfAX8jUwX
+T16LN/HzGBEjgTCBugYDVR0jBIGyMIGvgBRQFY4qfAX8jUwXT16LN/HzGBEjgaGB
+k6SBkDCBjTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWts
+YW5kMQ0wCwYDVQQKEwRVQ09QMQwwCgYDVQQLEwNBSUcxHjAcBgNVBAMTFXNoaWJi
+b2xldGhzcC51Y29wLmVkdTEiMCAGCSqGSIb3DQEJARYTYWlnLWFsZXJ0c0B1Y29w
+LmVkdYIBADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4IBAQAfDDpq+pVi
+3+nN2BLuqz2kASyaose7hZrEyf2qSEMOrYtPA99gILvVSSHuOR4PMj1VPqs1NY2+
+Aa40Ova/RNW7Psj9qlskvGnbPVRBvEvIVPlYqKT7eVOwCsyeC7Ae3bnA9+UBVBaV
+lTaHIVTjTgmlpMPkg+kHPTr8JoPm6hEhgHxoqGAAQue4g/0rwLOGxlRqKjH4Q+EU
+wJMWZUo071UC5nuzKL/3IEufjcbzogBwW0OMpcwl6rxkbw36tSqZls4TPvR67FUj
+Rgsfv6fwNijCs+jTHt0a3tEucCC2ILtwAT5C0sHXruw0+sWVVs+HoOuBEneXa9Br
+yV8pCTW41z4K
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ers.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Steven Hunter</GivenName>
+ <EmailAddress>Steven.Hunter@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Munish Malik</GivenName>
+ <EmailAddress>Munish.Malik@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Barbara Vanden Borre</GivenName>
+ <EmailAddress>Barbara.VandenBorre@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://p-pio-project01.ucop.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 373, expires on Sun Jul 4 18:14:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAXUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMzE4MTQyM1oXDTEwMDcw
+NDE4MTQyM1owIzEhMB8GA1UEAxMYcC1waW8tcHJvamVjdDAxLnVjb3AuZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNGeD+uQIDGwJf6ea+vz1YNMcRzDf2
+g/nsSZKyrwmcyUyBlocfnsb2clmVPnU5mJd/8D0fEmj6wappthMbZCj9hOpjHuek
+HEhtwdDFEGZNsfthNpDGsTPa5J5yjOhyRO6KA9P9y1NygayBIM+RSvez7CkkwEVx
+pL8uDysWPHG15QIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRU
+9prVMJ2D9tE8rF/A/v7C41aHbzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhwLXBpby1wcm9qZWN0MDEudWNvcC5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AI3eosABhS3zZ6leyRUQ6woMxW66N9WlxAfAKTwOBgvK3qvUTUtl9IE3cpHGubHF
+vyQtYKexrroKtI4CqGyQDOKkr+zjCOzjhw+evSFQB2+y5B9NToTh3Iz7em6jKO1q
+oKff+fTeh2gZYend3fOHx0NTAo45jutXnMNgh2y7zHIFAw/xJh5vSxR2I1oQdhLY
+TDpwKQDboGhUqNaDi1t9u8ed2Mlb/OxrJg+aXMa2AKkstr3GebOSKEAGYYld3DtW
+495qWcwA0UKNXO1qxFq6a/7kqFaWNp63l3Do2/5/CtSsdotoVbyjHt2uEhBMPj1I
+264Ea1cXN683jfsTpp9jPik=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://p-pio-project01.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Carla Raffetto</GivenName>
+ <EmailAddress>Carla.Raffetto@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jon Bertsch</GivenName>
+ <EmailAddress>Jon.Bertsch@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jim Kassenbrock</GivenName>
+ <EmailAddress>Jim.Kassenbrock@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://sseqa.ucop.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 229, expires on Wed Nov 19 21:08:30 2008 GMT -->
+ <ds:X509Certificate>
+MIIFLTCCBBWgAwIBAgICAOUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTEyMDIxMDgzMFoXDTA4MTEx
+OTIxMDgzMFowNTELMAkGA1UEBhMCVVMxDTALBgNVBAoTBFVDT1AxFzAVBgNVBAMT
+DnNzZXFhLnVjb3AuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXVevc
+N7IYhaIDSe8MHjf7vNHH9TPIiekRnLwbMU3psFIKeMb4uA3ifFXfh9/qfvtCcwn5
+NDC61neFVvLkU6uvbmsTvCyEfBkoabAxrQ54e0Z6QaL8ugXz+3Pw9k70+8Y8zp9S
+4+3SvfaUPGiVsTw3dcl8Ch9iPa8Tpdxp47AfBwIDAQABo4ICqDCCAqQwDgYDVR0P
+AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMB0GA1UdDgQWBBTrVmTQ0pYfMqTet0mKgYZEUk+J4TB+BgNVHSMEdzB1
+gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNV
+BAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYB
+BQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnNzZXFhLnVjb3AuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQCFhqkFmF5EXpuZ7d9vQHVTB7HO6EXIYFcbYUespDRS
+H/6YV2K+Hr86NdPcScaVDHPYXvSEP5bFuG3mWMJYrOErMdFdXTZirAQA4mPB6aBq
+JaPKhu9Csjvo+ivmURG/UhIpFfh4fn8C7E6EyZ8XlBOftjhQs8cQqHYpfHAbVLUZ
+sqD0SCkaZG9ro0IFmnldTDG5xzddSn/vlYjAoxpyb5rbbbq6QNzjyfJeFa3mp8+n
+tqsM7pxVvId8Dh5hRkTzzmdHw1o1HpiVmrNCiJq2tY1bGqeeqC8FFJyvDMZuOaTu
+psG/l8Pu3seGi4HTZzh2dAgguq27VZnzzYVkTuhlsC14
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 0, expires on Sun Jan 13 22:09:46 2013 GMT -->
+ <ds:X509Certificate>
+MIIEcDCCA1igAwIBAgIBADANBgkqhkiG9w0BAQQFADCBhjELMAkGA1UEBhMCVVMx
+CzAJBgNVBAgTAkNBMRAwDgYDVQQHEwdPYWtsYW5kMQ0wCwYDVQQKEwRVQ09QMQww
+CgYDVQQLEwNBSUcxFzAVBgNVBAMTDnNzZXFhLnVjb3AuZWR1MSIwIAYJKoZIhvcN
+AQkBFhNhaWctYWxlcnRzQHVjb3AuZWR1MB4XDTEwMDExNDIyMDk0NloXDTEzMDEx
+MzIyMDk0NlowgYYxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTEQMA4GA1UEBxMH
+T2FrbGFuZDENMAsGA1UEChMEVUNPUDEMMAoGA1UECxMDQUlHMRcwFQYDVQQDEw5z
+c2VxYS51Y29wLmVkdTEiMCAGCSqGSIb3DQEJARYTYWlnLWFsZXJ0c0B1Y29wLmVk
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4q6rQcWAqOaaqZLoHa
+YeYt6eVpqc0aTb1FZ8mluN8q9INqooWQxPHKI9i6fKXTK8sPVWO3nZjgYznBJSpm
+cFx0O9vqGQCkLXS4cVN8zF2ZuOzfrdY+61sA96SBpzSfs/tHus/k5yNPOmllB+G7
+sMWbWbP7AOiOY9D0iMDaI4rWRdbSzdYbZZhc61TybrqtBHuIIBq8f+eKFyyRDXK+
+IQJXs99XPEMpDMmppL0fpq2GkDBLiakpk01iC1t4dyNkxid2GhAIyB2xokjVBFqS
+x7JIZHDs7bbs4Wwjgm0zJEnmu/6GE75FV4nbuC1um2xlYbABmjrpPatrtGW4TbTb
+H0cCAwEAAaOB5jCB4zAdBgNVHQ4EFgQUxbHQBqdzRwSksCrxoKFi9p7ZhZgwgbMG
+A1UdIwSBqzCBqIAUxbHQBqdzRwSksCrxoKFi9p7ZhZihgYykgYkwgYYxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIEwJDQTEQMA4GA1UEBxMHT2FrbGFuZDENMAsGA1UEChME
+VUNPUDEMMAoGA1UECxMDQUlHMRcwFQYDVQQDEw5zc2VxYS51Y29wLmVkdTEiMCAG
+CSqGSIb3DQEJARYTYWlnLWFsZXJ0c0B1Y29wLmVkdYIBADAMBgNVHRMEBTADAQH/
+MA0GCSqGSIb3DQEBBAUAA4IBAQCDkbV4YlQ3vrT/atrbjk2Z2sM7ABJPu345XjyN
+VW8eXFfW8t7eYSYTGxRsP+Dwo8RWKjYEUswWFFCwnx/vnk5lgpHBelpDNWYk2Qqt
+iEtLEIYeKfyS4ncELxekz2qlnD7UJDNsTMpVjONFukBIFh8boDx0BRVoIyUgJWuG
+NnHh+PkeAO9TxNIB5GXEQ7ggDq1iOTpHtcrV3BR3tVgrxNCimn0e5LPxb7Iwu0A+
+y7RzieOFWV2Jo5A+ElGWZZ22eaEMZop3CpxVCdRDEo/LExaU4Gm73mKDNIeI3ckZ
+pfUY3oZwRhuthcox7DhLs7ji+e/SSWMxKXypQcvbVLwW68cw
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sseqa.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Donna Yamasaki</GivenName>
+ <EmailAddress>Donna.Yamasaki@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Munish Malik</GivenName>
+ <EmailAddress>Munish.Malik@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://sseweb3q.ucop.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 229, expires on Wed Nov 19 21:08:30 2008 GMT -->
+ <ds:X509Certificate>
+MIIFLTCCBBWgAwIBAgICAOUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTEyMDIxMDgzMFoXDTA4MTEx
+OTIxMDgzMFowNTELMAkGA1UEBhMCVVMxDTALBgNVBAoTBFVDT1AxFzAVBgNVBAMT
+DnNzZXFhLnVjb3AuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCXVevc
+N7IYhaIDSe8MHjf7vNHH9TPIiekRnLwbMU3psFIKeMb4uA3ifFXfh9/qfvtCcwn5
+NDC61neFVvLkU6uvbmsTvCyEfBkoabAxrQ54e0Z6QaL8ugXz+3Pw9k70+8Y8zp9S
+4+3SvfaUPGiVsTw3dcl8Ch9iPa8Tpdxp47AfBwIDAQABo4ICqDCCAqQwDgYDVR0P
+AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMB0GA1UdDgQWBBTrVmTQ0pYfMqTet0mKgYZEUk+J4TB+BgNVHSMEdzB1
+gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNV
+BAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYB
+BQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnNzZXFhLnVjb3AuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQCFhqkFmF5EXpuZ7d9vQHVTB7HO6EXIYFcbYUespDRS
+H/6YV2K+Hr86NdPcScaVDHPYXvSEP5bFuG3mWMJYrOErMdFdXTZirAQA4mPB6aBq
+JaPKhu9Csjvo+ivmURG/UhIpFfh4fn8C7E6EyZ8XlBOftjhQs8cQqHYpfHAbVLUZ
+sqD0SCkaZG9ro0IFmnldTDG5xzddSn/vlYjAoxpyb5rbbbq6QNzjyfJeFa3mp8+n
+tqsM7pxVvId8Dh5hRkTzzmdHw1o1HpiVmrNCiJq2tY1bGqeeqC8FFJyvDMZuOaTu
+psG/l8Pu3seGi4HTZzh2dAgguq27VZnzzYVkTuhlsC14
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sseweb3q.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Munish Malik</GivenName>
+ <EmailAddress>Munish.Malik@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>AIG</GivenName>
+ <EmailAddress>aig@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="http://webdev.ucop.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 190, expires on Sat Jul 26 18:35:29 2008 GMT -->
+ <ds:X509Certificate>
+MIIFQzCCBCugAwIBAgICAL4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDcyNzE4MzUyOVoXDTA4MDcy
+NjE4MzUyOVowSjELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFVuaXZlcnNpdHkgb2Yg
+Q2FsaWZvcm5pYTEYMBYGA1UEAxMPd2ViZGV2LnVjb3AuZWR1MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDJjHlkOn4zkVQdr5ss1wxLToYVlt/yckW62i170loD
+2/p0jIxDOHeAwlp5faabmYirN8O5WwX/RcVaX+jDYbfeVeu2xA2g4ptsfVtb1zR4
+d1uttVfaz3G+k9zHXfnjYaefcrPd1/8N7aTB4aYNr8rgkVJDR/OjHxoVBvJCTwvU
+1QIDAQABo4ICqTCCAqUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS1KLFuzPOWwR81
+TMQ48E9MjGPxmTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6Bggr
+BgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+CgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBoGA1UdEQQT
+MBGCD3dlYmRldi51Y29wLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAfo7eq4zjZp6S
++4sfdRt+jhLuLRLoTVTmb7eO3ZAUruG76KAFFjZ06ELE40gQQofgYvjmE+nRHi8I
+TDrAMW9ghYTSig7WAsx6LVWkULbNforaVr768BEVKgmvUTaVk2RrVeW4+3MAj1Ap
+r7XLITtsjaF82Pc0mNHHHcKn8JHxhrRpNKYaOEdT+GSq8YB4CUoXA5JkQ85GUEzs
+EilcNu2sx/N7MBt5TUoHbFXykT5FM1uNvq9jWS6IsYYh0YC6lu76+YJCVQXF+aRE
+/cfw6dDGy2Xi+SykXHNgDf/eyp/DvjeMIMoaBjzKoDpZjjIkA15wZcBSxv34Upoj
+zmtusaYTmA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://webdev.ucop.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California - Office of the President</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California - Office of the President</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucop.edu/welcome.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ashley Gould</GivenName>
+ <EmailAddress>Ashley.Gould@ucop.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jon Bertsch</GivenName>
+ <EmailAddress>Jon.Bertsch@ucop.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California-Irvine -->
+<EntityDescriptor entityID="urn:mace:incommon:uci.edu">
+ <IDPSSODescriptor errorURL="http://shib.nacs.uci.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uci.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 409, expires on Thu Aug 19 18:20:31 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAZkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxODE4MjAzMVoXDTEwMDgx
+OTE4MjAzMVowHDEaMBgGA1UEAxMRc2hpYi5uYWNzLnVjaS5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAM3aTDMZEOxxCdqIFSyYNNMnLXa/ga0rFGFm+mi8
+P8Q2eCAIsHU4BzcHE+K81FibygijyYz/v9KiOXw8M41hzmm8xbr5X28ZU7K0F4zn
+uhG6vU+6Laxt0gxhixP/DvDh0uZVxrjL8emJPDgVjixAYbjJGO3FOiIW+cUbcFhX
+sSwxAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBczFfDCfZYv
+TQGAdyuDIQ3Yf2feMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXNo
+aWIubmFjcy51Y2kuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBfECXwdqYkc+0wlj78
+Go7cA9z0ONqyjRLByqRGOVr9EfDcZfxdIyCIoB3iO/3Cu++QDCX5uE6ia8J9b112
+y5em+lt86mdvzL+IU8CVFKmLemnKCEs2fS5jxgicUMsFw7jBGJW2oI/lmKIUcc+0
+IckRIM/9kfQ56CPQvs+3WEfaMWhUzfI3aKQuLKyFbB+cd/+WPrOs+wa8hLChMXvs
+M99kqriQfptOWDH6G7M+74vP748jQ7fvQvOwXJWMomUTTDvh46OOC2+0peWbp7vw
+T9nDZwcuxh7Zt4DYlWYyv/fUxU6HAGuGjW+vFBTdseOwwQdjz0MOSacxAs4m8lP2
+mfmc
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 205, expires on Tue Aug 19 21:29:49 2008 GMT -->
+ <ds:X509Certificate>
+MIIFTzCCBDegAwIBAgICAM0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDgyMDIxMjk0OVoXDTA4MDgx
+OTIxMjk0OVowVDELMAkGA1UEBhMCQ0ExKTAnBgNVBAoTIFVuaXZlcnNpdHkgb2Yg
+Q2FsaWZvcm5pYSwgSXJ2aW5lMRowGAYDVQQDExFzaGliLm5hY3MudWNpLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnQoG26tJ1DobPTi5DnRAkGXQe3x8
+irw/yCR3T2QqHIkyYBRrDkKHwnFZ89D23OCex3pFRWGXSzZoEUpgSX3f+1oHc7lc
+dvehDEEnfytH3did4/S1VeVH6V42NdKvo9Oc8TgjaNpBb/5evTXLQR/dXNZjBeTI
+dBD2M0sCQbIZpF0CAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+EIfW3ZGcblB6RVzLj9MwjP529UowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAcBgNVHREEFTATghFzaGliLm5hY3MudWNpLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEANLYFFyJoThPIxzvWutgMx6wt9nAIV8Q1KWGMpuWxBbHG/VUxs5KNNbvYzTNA
+Hrk2ibbS1Zh+qLyLbEa4U6vsCHFZTp/nHp/erSfDQY5gRN6YCF+IsU0rai9wpvl/
+KnE2E3zXKFk31cUNNzerDEtLG8WqQq0+sn83V6Mnba02q+FTbAdRInonXWwHEu/V
+oHWUqdbiJRR26BMd6mzIOhhTCWylXjE8ta+t6P/oqx0OxEDeYwVNREm+zShRUaIK
+kH2xvURRwy7yuutFgKctj14GZS1kEdLelxuAMXVwTTWGOFX3g8oRoayUtdYzXPFB
+QWD2CJoHgwnjrDNYZ9LA6+s2/Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.nacs.uci.edu/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.nacs.uci.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uci.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 409, expires on Thu Aug 19 18:20:31 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAZkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxODE4MjAzMVoXDTEwMDgx
+OTE4MjAzMVowHDEaMBgGA1UEAxMRc2hpYi5uYWNzLnVjaS5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAM3aTDMZEOxxCdqIFSyYNNMnLXa/ga0rFGFm+mi8
+P8Q2eCAIsHU4BzcHE+K81FibygijyYz/v9KiOXw8M41hzmm8xbr5X28ZU7K0F4zn
+uhG6vU+6Laxt0gxhixP/DvDh0uZVxrjL8emJPDgVjixAYbjJGO3FOiIW+cUbcFhX
+sSwxAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBczFfDCfZYv
+TQGAdyuDIQ3Yf2feMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXNo
+aWIubmFjcy51Y2kuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBfECXwdqYkc+0wlj78
+Go7cA9z0ONqyjRLByqRGOVr9EfDcZfxdIyCIoB3iO/3Cu++QDCX5uE6ia8J9b112
+y5em+lt86mdvzL+IU8CVFKmLemnKCEs2fS5jxgicUMsFw7jBGJW2oI/lmKIUcc+0
+IckRIM/9kfQ56CPQvs+3WEfaMWhUzfI3aKQuLKyFbB+cd/+WPrOs+wa8hLChMXvs
+M99kqriQfptOWDH6G7M+74vP748jQ7fvQvOwXJWMomUTTDvh46OOC2+0peWbp7vw
+T9nDZwcuxh7Zt4DYlWYyv/fUxU6HAGuGjW+vFBTdseOwwQdjz0MOSacxAs4m8lP2
+mfmc
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 205, expires on Tue Aug 19 21:29:49 2008 GMT -->
+ <ds:X509Certificate>
+MIIFTzCCBDegAwIBAgICAM0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDgyMDIxMjk0OVoXDTA4MDgx
+OTIxMjk0OVowVDELMAkGA1UEBhMCQ0ExKTAnBgNVBAoTIFVuaXZlcnNpdHkgb2Yg
+Q2FsaWZvcm5pYSwgSXJ2aW5lMRowGAYDVQQDExFzaGliLm5hY3MudWNpLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnQoG26tJ1DobPTi5DnRAkGXQe3x8
+irw/yCR3T2QqHIkyYBRrDkKHwnFZ89D23OCex3pFRWGXSzZoEUpgSX3f+1oHc7lc
+dvehDEEnfytH3did4/S1VeVH6V42NdKvo9Oc8TgjaNpBb/5evTXLQR/dXNZjBeTI
+dBD2M0sCQbIZpF0CAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+EIfW3ZGcblB6RVzLj9MwjP529UowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAcBgNVHREEFTATghFzaGliLm5hY3MudWNpLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEANLYFFyJoThPIxzvWutgMx6wt9nAIV8Q1KWGMpuWxBbHG/VUxs5KNNbvYzTNA
+Hrk2ibbS1Zh+qLyLbEa4U6vsCHFZTp/nHp/erSfDQY5gRN6YCF+IsU0rai9wpvl/
+KnE2E3zXKFk31cUNNzerDEtLG8WqQq0+sn83V6Mnba02q+FTbAdRInonXWwHEu/V
+oHWUqdbiJRR26BMd6mzIOhhTCWylXjE8ta+t6P/oqx0OxEDeYwVNREm+zShRUaIK
+kH2xvURRwy7yuutFgKctj14GZS1kEdLelxuAMXVwTTWGOFX3g8oRoayUtdYzXPFB
+QWD2CJoHgwnjrDNYZ9LA6+s2/Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.nacs.uci.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Irvine</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Irvine</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brian Roode</GivenName>
+ <EmailAddress>bgroode@uci.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>NACS Response Center</GivenName>
+ <EmailAddress>nacs@uci.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris Peters</GivenName>
+ <EmailAddress>cjpeters@uci.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://apdev.nacs.uci.edu:47917/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 556, expires on Sun Jun 12 17:52:49 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAiwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxMTE3NTI0OVoXDTExMDYx
+MjE3NTI0OVowHTEbMBkGA1UEAxMSYXBkZXYubmFjcy51Y2kuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDA1A+LMuacPAuOYLnOd/rSoN4g06H+8SJJAcqd
+XHg+LJWvKRT87R8MiKD1UxG/mmmize4jUEXswtiIW9m7q6CM+dEprIjCNOP1WSZ1
+gAmhH2nbTdBYFTTeW6OqYnmlSnM5jOoQewu8DP2gkyquwjUe00xG/SBslm5KRR5Q
+JBcWVQIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSi1ZRy5gRM
+IznfD12UJGWx474Y5TB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJh
+cGRldi5uYWNzLnVjaS5lZHUwDQYJKoZIhvcNAQEFBQADggEBABMVyxMArFywa2zm
+K9GeVlURz3CLjhzCFfUaAExJngC95qXNij6grDAQSFXmUq+AkwrrN/ReQ8KIZm33
+MZObtpKCWoaX5iE9NipRmBsL6b+IXD7wjK93iggu0+7z7Q5yMTyM8agPvqys+I37
+vpj7r12hEbMC6zn6S7ZcUaNcsHW/d7aS0EI9g5yulwRJGp2jgExHxlNqMJQx2Q1j
+MA3EIkrKyAEbyvHK60ra/Kxlt0GhDQnAUI/bi9UUxfcChUzWwA8ol3Y5TVCPEFr6
+JFe6Wu6Mt2abguBYfR5HQHB9stzdRqCR8AI1j0oK6qVkcc0aPgrK/3paVJmuq/jo
+KPQ9WOM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://apdev.nacs.uci.edu:47917/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://apdev.nacs.uci.edu:47917/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://apdev.nacs.uci.edu:47917/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://apdev.nacs.uci.edu:47917/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://apdev.nacs.uci.edu:47917/Shibboleth.sso/SAML/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://apdev.nacs.uci.edu:47917/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Irvine</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Irvine</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Max Garrick</GivenName>
+ <EmailAddress>mgarrick@uci.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://aptestbed.wt.nac.uci.edu:47917/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 605, expires on Sun Jul 31 18:34:34 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAl0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDczMDE4MzQzNFoXDTExMDcz
+MTE4MzQzNFowIzEhMB8GA1UEAxMYYXB0ZXN0YmVkLnd0Lm5hYy51Y2kuZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwrnxELLotF/55PWX1hFvYKN+fpoFY
+Gy9ceh3aEYFLXxit6eNXLzZrdokSx2WqX7p0UgfB0IA5DauN0koTe/llfamx5D08
+MUI9I86I5nFvsZBDuxGUDJ99dILDSEpZ1DJ13+BFb9w0Rn80fpq+yrKDlZyGnfUH
+2M4eyePGkkZxQQIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTq
+BKL4GILHyKzHId2XtQQ+CehfWjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhhcHRlc3RiZWQud3QubmFjLnVjaS5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AA4fsZdww4MbqfDXx62WbQNG3pY3IUw0GgB93gtAxvU13oVMvYet73Yan+XQFc3+
+4sARfK2/IT0HJNJyRDuCBMJQkgfzpRb2I9gid52WSU9EGpb/mL/ow4ys7Ms2yhk7
+RpGFeApiKWfxT2YyvHjGFgRZ6g9HgKSQpaJoWZA/8E0+FIDOhUj5+2cZpA6Wf9nJ
+n2lOJiWwZjBJoZywlkp4MgQJdhYpKptY4oeF2BGlCf3gXWAbIyLGvPAOiZ3+w7o6
+0VmoUnL70P7CL8597DJCoNozO/qgMoNvco3eq/wgsCm8dzod2ELYWcQ5u2kTPS8v
+D0jTI6/uKk4akdF8ZRAkNak=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aptestbed.wt.nac.uci.edu:47917/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aptestbed.wt.nac.uci.edu:47917/Shibboleth.sso/SAML2/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aptestbed.wt.nac.uci.edu:47917/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://aptestbed.wt.nac.uci.edu:47917/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Irvine</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Irvine</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Max Garrick</GivenName>
+ <EmailAddress>mgarrick@uci.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://kualidev.adcom.uci.edu/kuali-dev">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 144, expires on Wed Apr 9 21:14:39 2008 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAJAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDQxMDIxMTQzOVoXDTA4MDQw
+OTIxMTQzOVowWTELMAkGA1UEBhMCVVMxKTAnBgNVBAoTIFVuaXZlcnNpdHkgb2Yg
+Q2FsaWZvcm5pYSwgSXJ2aW5lMR8wHQYDVQQDExZrdWFsaWRldi5hZGNvbS51Y2ku
+ZWR1MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAJogywpxEdm1F1F/NLsIxs4chuE3
+hrzT9JgM2p07GOVoqfSVC5/5KomuMtVAj8UvwWbn6R95xyP+/L96K2fVG30CAwEA
+AaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUO2f+3r7GAnn7RSNRhxms
+mUauqYYwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUH
+AQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNB
+IElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAhBgNVHREEGjAYghZr
+dWFsaWRldi5hZGNvbS51Y2kuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAbGfxubvyU
+onnn37LGJcCfpjo8pllj0+JZEJiMECsdUeu/2NLP/QQEh+RQ3EaqUprNS+2NZ+sE
+IJwARYw5jFJYCI0F2LYQE2dzs9KdirLqvkTkdeL4hymCFGOuxAl+mIyrJM3YB6yC
+55wxnI8jHf7d6lE78/08L4JXYln9gDjFlS9KCaAOBhMT1Nfo6RM+mxfYkLwAdcf3
+u8r+VWzCOn2nDJAq0NGCMaEQwQVPKB20eijTvFAfSrWgT8e9hJfc2FnErJHvpihg
+y5/+eF4BxITHeNAR3Hjl49BeF2aLD/z/g4h0XEn+JvEXZNT8y8yrYQyquYyo29QR
+rFS9mMMhUj99
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kualidev.adcom.uci.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kualidev.adcom.uci.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Irvine</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Irvine</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Josh Drummond</GivenName>
+ <EmailAddress>jdrummon@uci.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Josh Drummond</GivenName>
+ <EmailAddress>jdrummon@uci.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shib.nacs.uci.edu/cgi-bin/printenv">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 205, expires on Tue Aug 19 21:29:49 2008 GMT -->
+ <ds:X509Certificate>
+MIIFTzCCBDegAwIBAgICAM0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDgyMDIxMjk0OVoXDTA4MDgx
+OTIxMjk0OVowVDELMAkGA1UEBhMCQ0ExKTAnBgNVBAoTIFVuaXZlcnNpdHkgb2Yg
+Q2FsaWZvcm5pYSwgSXJ2aW5lMRowGAYDVQQDExFzaGliLm5hY3MudWNpLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnQoG26tJ1DobPTi5DnRAkGXQe3x8
+irw/yCR3T2QqHIkyYBRrDkKHwnFZ89D23OCex3pFRWGXSzZoEUpgSX3f+1oHc7lc
+dvehDEEnfytH3did4/S1VeVH6V42NdKvo9Oc8TgjaNpBb/5evTXLQR/dXNZjBeTI
+dBD2M0sCQbIZpF0CAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+EIfW3ZGcblB6RVzLj9MwjP529UowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAcBgNVHREEFTATghFzaGliLm5hY3MudWNpLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEANLYFFyJoThPIxzvWutgMx6wt9nAIV8Q1KWGMpuWxBbHG/VUxs5KNNbvYzTNA
+Hrk2ibbS1Zh+qLyLbEa4U6vsCHFZTp/nHp/erSfDQY5gRN6YCF+IsU0rai9wpvl/
+KnE2E3zXKFk31cUNNzerDEtLG8WqQq0+sn83V6Mnba02q+FTbAdRInonXWwHEu/V
+oHWUqdbiJRR26BMd6mzIOhhTCWylXjE8ta+t6P/oqx0OxEDeYwVNREm+zShRUaIK
+kH2xvURRwy7yuutFgKctj14GZS1kEdLelxuAMXVwTTWGOFX3g8oRoayUtdYzXPFB
+QWD2CJoHgwnjrDNYZ9LA6+s2/Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.nacs.uci.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shib.nacs.uci.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Irvine</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Irvine</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brian Roode</GivenName>
+ <EmailAddress>bgroode@uci.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris Peters</GivenName>
+ <EmailAddress>cjpeters@uci.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Washington -->
+<EntityDescriptor entityID="urn:mace:incommon:washington.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">washington.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 515, expires on Thu Apr 21 18:10:54 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAgMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQyMDE4MTA1NFoXDTExMDQy
+MTE4MTA1NFowHzEdMBsGA1UEAxMUaWRwLnUud2FzaGluZ3Rvbi5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBALx6hscwfdAll42e4ywbwn8PLd4IfFLQKDuv
+BqCTLZDJ7ehz+byuWXHY8ueyhTLBq7iCUG4qhtEJQ77ij6OzNY62osa+5rnw/+Rw
+J0ZLUPQtXW0nuGtohTinBKVgc6fsXZBpr+ESAEceAeoVzhLdsnH1TXgvkwjxEpcf
+cj69UY2vAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFPZxopLZ
+aTe2/D89QLbLqqQPjhFYMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FGlkcC51Lndhc2hpbmd0b24uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAHNQ5m3ZGn
+zmce7+6at8MjDItDxUSMn3aRUwDdRktOUChR4gSkOkFEDZdsqe4ethNf88m4s4Ba
+CuqMom600Tlh4hcS+aNAcMSre8arxt7n8qWJh/qjlpwjNXse/esAjLQ4yfpJu09f
+fsQOC1XQ1xQ51IKPvPeNZcJr7PZz8OjgD4VuLupWJ3NWuql8MCmXyrRBHbW0DqYZ
+L8RhJ7qpXdDiko8zTcI6BOTp2lQxCcZCfLRaOrPk9udR8X9PgD86F7cFucvfSVhy
+z463hlC8vbYIar7FFxD4ABelc4hdGsCPdyPDrGqDKarG2F1A4bfom6Q04KkUeCTY
+eFE1vV5FFWvh
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.u.washington.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.u.washington.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.u.washington.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">washington.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 515, expires on Thu Apr 21 18:10:54 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAgMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQyMDE4MTA1NFoXDTExMDQy
+MTE4MTA1NFowHzEdMBsGA1UEAxMUaWRwLnUud2FzaGluZ3Rvbi5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBALx6hscwfdAll42e4ywbwn8PLd4IfFLQKDuv
+BqCTLZDJ7ehz+byuWXHY8ueyhTLBq7iCUG4qhtEJQ77ij6OzNY62osa+5rnw/+Rw
+J0ZLUPQtXW0nuGtohTinBKVgc6fsXZBpr+ESAEceAeoVzhLdsnH1TXgvkwjxEpcf
+cj69UY2vAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFPZxopLZ
+aTe2/D89QLbLqqQPjhFYMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FGlkcC51Lndhc2hpbmd0b24uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAHNQ5m3ZGn
+zmce7+6at8MjDItDxUSMn3aRUwDdRktOUChR4gSkOkFEDZdsqe4ethNf88m4s4Ba
+CuqMom600Tlh4hcS+aNAcMSre8arxt7n8qWJh/qjlpwjNXse/esAjLQ4yfpJu09f
+fsQOC1XQ1xQ51IKPvPeNZcJr7PZz8OjgD4VuLupWJ3NWuql8MCmXyrRBHbW0DqYZ
+L8RhJ7qpXdDiko8zTcI6BOTp2lQxCcZCfLRaOrPk9udR8X9PgD86F7cFucvfSVhy
+z463hlC8vbYIar7FFxD4ABelc4hdGsCPdyPDrGqDKarG2F1A4bfom6Q04KkUeCTY
+eFE1vV5FFWvh
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.u.washington.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.u.washington.edu:8443/idp/profile/SAML2/soap/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jim Fox</GivenName>
+ <EmailAddress>pubcookie@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Nathan Dors</GivenName>
+ <EmailAddress>pubcookie@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://arrow.eplt.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 372, expires on Sun Jul 4 18:14:17 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAXQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMzE4MTQxN1oXDTEwMDcw
+NDE4MTQxN1owJDEiMCAGA1UEAxMZYXJyb3cuZXBsdC53YXNoaW5ndG9uLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1MhtGNKGF9uco24xjz+fzBpjGNyR
+dGzt3mNolS9K5TG9VqFd9TL4nCXluY8sj3bAcSfuxvDwekE40l2BFwIaUAdznrQt
+aGFTQpak1v/N2TyZrIW88FvEd2w/ZXrKeIHgHSZuiSWC6TWEs6ei4m3L0yuqSIW+
+F4/Ctbr6ebVaIP0CAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+Q4rGv0FLXo1n933KothfD5tdaRowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZYXJyb3cuZXBsdC53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEABJzhVLfXPPIRRfQwhL7t2Ty34h7KWktHPDj9eOg3M/KDWhNzPkLvkf6torXW
+2NphdTvB+Q+4qgBpMtisc+nES0ZqU+GVsOs8HT7G1s2wPsK1FYrl0BA+Pdciub3P
+o0cF3sFRlWz03nOjuUcIlKykuPAh83rkc9EP0vVjdIh0d++4x5P47bCuKlNXpZY3
+cjZLKQm7ITrbkUfXgzyNQb95JN0wQ4Cs5btOWjgD8GJMHJE5ZwkoP8/PP4IhHbXp
+FJTsc9WGOf+XpnGmPV6sqwuk3sSvzZ413j8PqHo1d517CtbH3npfpkfuK3urnEzu
+FpjnVtYPtUwdjB/UgDYZUgLsuw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 426, expires on Sun Sep 5 18:09:22 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAaowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkwNDE4MDkyMloXDTEwMDkw
+NTE4MDkyMlowJDEiMCAGA1UEAxMZYXJyb3cuZXBsdC53YXNoaW5ndG9uLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtFwx9MOSwlpxaF1lWspait9mT5sR
+MD4dcwFbEMofDZZ8Fj9arnMa8eFapPO6fa7ICznqQAdgjaypycgSuTSqceP9ZrES
+H5uMAGO0cSaAdhhhBZEubQM5l7Pw8Xmu4hTvgcv0h5ZApsRqbEA3bP0haXMU7/Lp
+Q8LMVxlnE0OhEs8CAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+nWOYs0MGGF4JqJtnvtmdRMmoDhowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZYXJyb3cuZXBsdC53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEAVV2P/ajTR8oEPEzSENS1+x+ZbViNAFPwGN8BEsisX99dth4M6ITeFQXupRu4
+YFYnLl3CuOE2K8M9nZyiNFUvh8YCY0TUUI/DOAm7TqjAWN0/FraUlmvyvqdoEgij
+NaNye34RTnBLlA4TnBdWn/8uRK71YAyhluuMAS+ZfNUZzPngn+jxVdvx/PtwLeMd
+Y4tAhnWtyWSF6rHEdMZj+xo12GMaaJlxEKyzJVqN5Pa72AyJ3J9IW+eVWP+1HFFJ
+snhe41Tno23asic35OugEk4B3CNPyvuqCgw17JGYIsfaoBr2OvqmHzVemo8h0oZc
+M5+FANsbJ/Geeok1qzCV+l11HQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://arrow.eplt.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Patrick Michaud</GivenName>
+ <EmailAddress>pmichaud@washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://catalysttools.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 214, expires on Thu Oct 2 20:13:37 2008 GMT -->
+ <ds:X509Certificate>
+MIIFXTCCBEWgAwIBAgICANYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAwMzIwMTMzN1oXDTA4MTAw
+MjIwMTMzN1owVzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFVuaXZlcnNpdHkgb2Yg
+V2FzaGluZ3RvbjElMCMGA1UEAxMcY2F0YWx5c3R0b29scy53YXNoaW5ndG9uLmVk
+dTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA/KoX6P9iYVRXocrnx+jRZZVE
+mnsSvFM5Ek7S2o4vY8sC30V7Cx89kWPTW8uhxr5j7m3hscOl778Hw1c7Hs1eK2HQ
+vCAqGsEWDFDpxIKKwUClDFayY2DsbUNIWt6JnTkG2Dp/WNcl6sRz4ZactzRi67XZ
+JL56UfwgD9Cw6D7W/HkCAwEAAaOCArYwggKyMA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQUHOHIYmBaSMIFH9+s0p4fXz9I13IwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9u
+Y2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0
+dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2Vz
+LnBkZjAnBgNVHREEIDAeghxjYXRhbHlzdHRvb2xzLndhc2hpbmd0b24uZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQAdJKREb2+5OxI7rMrVixzNZX9V8eYKkG7v1GnxB6cm
+bW2tnsLpENaNGd7spCR9yOr6CnWGD5wRu5bhFv4nEDnTE9MwnNIgCNEzD+rdFa1X
+tGZCRoMzbKVTrRK9n67GVIraSgQwSgQiIpxy2adzxvDVmnVZorTvltpAtfwKcjat
+218Hh8oULkLktlGhlHmVv8cahZxHYL7WPYMyZGbyuSYKMFHo9bc/asZ+xYe3WCD6
+qETWMhMqZRdurptoYpAt/XV7EACSl+C48IRQAn3uNbZiVYH8lJIXS6NVXG662aH6
+7MVAveHLn1Rrn6gdCX5XQJiWIjkPCdEyxgq4JG9peUeB
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 441, expires on Fri Oct 1 18:16:41 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAbkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkzMDE4MTY0MVoXDTEwMTAw
+MTE4MTY0MVowJzElMCMGA1UEAxMcY2F0YWx5c3R0b29scy53YXNoaW5ndG9uLmVk
+dTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA/KoX6P9iYVRXocrnx+jRZZVE
+mnsSvFM5Ek7S2o4vY8sC30V7Cx89kWPTW8uhxr5j7m3hscOl778Hw1c7Hs1eK2HQ
+vCAqGsEWDFDpxIKKwUClDFayY2DsbUNIWt6JnTkG2Dp/WNcl6sRz4ZactzRi67XZ
+JL56UfwgD9Cw6D7W/HkCAwEAAaOCAq4wggKqMA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQUHOHIYmBaSMIFH9+s0p4fXz9I13IwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9p
+bmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9j
+YS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJwYD
+VR0RBCAwHoIcY2F0YWx5c3R0b29scy53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0B
+AQUFAAOCAQEAZaAH/tpIpPpLw1JbVgklMMXiLF1phq4IOYtSO4xnLpyMqDhMmoTf
+arRqY2JBS+mZ/z1fI+0biWuTsyLqN3lZ0Qvvk4vYUm1y6RZ3JCOE9YTY4Dl0/+22
+3T6BWDf/Jp1/1PUtnHLkMVDEb2H9CYelKkuWPE+dNDBiEk8Cp6pb8Pfk3bs7lnjH
+7n9Yv2BVcTaeSAg7XRiFEb3urMT4OLNAV56PTS3Q2HmoDU6xYuoJuAEd3Ic9KfYC
+6hoOwbUE+2Iy5pEyXfTQ714r5sqjHDMjbk31AoWFFyhtBNiPOaBYb7uyeLN1RW5D
+w+ePLJ4lxHtjc/n+RMp+bQzONh2VfXYNMw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://catalysttools.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Collaborative Platforms</GivenName>
+ <EmailAddress>teg-cp@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Catalyst IT</GivenName>
+ <EmailAddress>catalyst-it@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cat-dev-tools1.cac.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 212, expires on Thu Oct 2 20:12:47 2008 GMT -->
+ <ds:X509Certificate>
+MIIFZzCCBE+gAwIBAgICANQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAwMzIwMTI0N1oXDTA4MTAw
+MjIwMTI0N1owXDELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFVuaXZlcnNpdHkgb2Yg
+V2FzaGluZ3RvbjEqMCgGA1UEAxMhY2F0LWRldi10b29sczEuY2FjLndhc2hpbmd0
+b24uZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDO+vtGqzI0lnbe3pT1
+0XLUrgTl1GyKGizzhpidQUWiyqYfASy03yvV16u6Ju/f/iTDn6UDjp3PJEHJ7uP1
+VN3WCHciXdI45TuJzbjahzJ5LHDCMkaPddywAnwrJmVnaGHEzsdhJRSQzfurWeHA
+zXNXUw0eO/ah3UjeB53QxGW+DwIDAQABo4ICuzCCArcwDgYDVR0PAQH/BAQDAgWg
+MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0G
+A1UdDgQWBBSDLrWk4Y3NaB7BIpz3II4THzcpXTB+BgNVHSMEdzB1gBSTLchhGK1j
+45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29t
+bW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpo
+dHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5j
+b21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcC
+ARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFj
+dGljZXMucGRmMCwGA1UdEQQlMCOCIWNhdC1kZXYtdG9vbHMxLmNhYy53YXNoaW5n
+dG9uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAaYGrG14HkS+CI9S/BjOI7vOWHtDJ
+3tDqiSFHTQpgmHljdz5jSG71JbCef9F6ncai2HsqPeX0DLm7wa1Sgs9+/HOhAHPk
+4X6D/x9V7F5PWAD3dTlSkh3Jm13HfTyTr/hnWWUsna8eyn2XEHnJ6jIijMUBWlzf
+eAXHEJdMFwY3YcvpinFW9+c+o6YP/CKWIv+BstFWsXK8p5O3s3EVsW6v/EE7oZK9
+LLhEAXbA0QCDrC8BdE38/84KJI/j1LzcbfiU5ZcCvnZ976+eaDwGXreaHQiyEJ0s
+eXbpvSsBsm8nsxVNc1gseWcUZQJ5LAMFWDycUnGb6rWjpXRasP/mPQ7jsg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 439, expires on Fri Oct 1 18:16:32 2010 GMT -->
+ <ds:X509Certificate>
+MIIFLzCCBBegAwIBAgICAbcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkzMDE4MTYzMloXDTEwMTAw
+MTE4MTYzMlowLDEqMCgGA1UEAxMhY2F0LWRldi10b29sczEuY2FjLndhc2hpbmd0
+b24uZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDO+vtGqzI0lnbe3pT1
+0XLUrgTl1GyKGizzhpidQUWiyqYfASy03yvV16u6Ju/f/iTDn6UDjp3PJEHJ7uP1
+VN3WCHciXdI45TuJzbjahzJ5LHDCMkaPddywAnwrJmVnaGHEzsdhJRSQzfurWeHA
+zXNXUw0eO/ah3UjeB53QxGW+DwIDAQABo4ICszCCAq8wDgYDVR0PAQH/BAQDAgWg
+MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0G
+A1UdDgQWBBSDLrWk4Y3NaB7BIpz3II4THzcpXTB+BgNVHSMEdzB1gBSTLchhGK1j
+45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29t
+bW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0
+cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAsBgNVHREEJTAjgiFjYXQtZGV2LXRvb2xzMS5jYWMud2FzaGluZ3Rvbi5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBAKvT5w8gHmzCzCzw8esCMof+VkMTSe4sB7bRjdwt
+oil1yrEXpCWAqAoPVry03RNVohMVdLvazIsNtpeMVJMVFKD/cRwY0oAHRUGkNifL
+WKFp3LfZs1YLezWoeIje49UK/DUDGXP7Yal+Raa9d+mqtsff3hQJQ/alQRMG1pp+
+bkCY5ZvDjZ3BECOPHE8mh6WrzJlBDYY2MWL38IWTYZIe9MSfYwzvZq4pZRmtGrWB
+MXZSREIZB1czPE+BD3j/1spikznjKI4mE8Fwz1/XmWLDt5geYUd8b6gRzewFsJpX
+HFSaH1aXboaCuGV99InYktUl5gMk5tXwuYbuBzKUNIdCld0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cat-dev-tools1.cac.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Collaborative Platforms</GivenName>
+ <EmailAddress>teg-cp@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Catalyst IT</GivenName>
+ <EmailAddress>catalyst-it@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cat-dev-tools2.cac.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 242, expires on Sun Jan 3 21:58:39 2010 GMT -->
+ <ds:X509Certificate>
+MIIFNzCCBB+gAwIBAgICAPIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEwMzIxNTgzOVoXDTEwMDEw
+MzIxNTgzOVowLDEqMCgGA1UEAxMhY2F0LWRldi10b29sczIuY2FjLndhc2hpbmd0
+b24uZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCSRn2WQzWQ5gMVdbHt
+fiTdQcbSjgAtliyM3OtpF/BwVDIXQGD3kJRWSPjx5rYuVMz+olFWe8+IVvOMDgKq
+9pUn/1jq52xj0STv3tkIw9MYn04CJ3DmXWmY+XdIUx0/XS4d3aFKuz2XduR5Ayjm
+3NT/tM7P4RkZXWPgxlAETpU2TwIDAQABo4ICuzCCArcwDgYDVR0PAQH/BAQDAgWg
+MAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0G
+A1UdDgQWBBQIdzylzv6O+OrM5FiSuqA7L7kjQTB+BgNVHSMEdzB1gBSTLchhGK1j
+45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29t
+bW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24g
+QXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpo
+dHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5j
+b21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcC
+ARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFj
+dGljZXMucGRmMCwGA1UdEQQlMCOCIWNhdC1kZXYtdG9vbHMyLmNhYy53YXNoaW5n
+dG9uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAaJGtzFqAkD/JqKJ4IyEvQOIsuPb+
+gOcB62jBAI6sIfF9OV+B8yWhk2iWfkIqpZL9RAs3RVTnGh6rXTnXHhilZr09aM7s
+YW+8Lqblyj0iqZjJ1mEaNXblQMCT/9TmXNBcM6DStrKW/FGieiqK0+PZw/IRlpQM
+856m79IJcWUSV3bxClZwwLOw+dSqzwusIEhAeu1AJR2ospB9XySXilCC3bGpRJDU
+ZNvxdZ4Zj6LlKP0NF/Ui30udcdlbmivjEFHCpmIkyqoTPnnzWlfexURDYWLhi8Wm
+vfFvpCmiQp4Gr1B/ALr9191z6wMr7sLgPSl/z6CiShZH7AGhWFZ4bkZEag==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cat-dev-tools2.cac.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Applications Engineering</GivenName>
+ <EmailAddress>ds-apps@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Catalyst IT</GivenName>
+ <EmailAddress>catalyst-it@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cat-test-tools1.cac.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 213, expires on Thu Oct 2 20:12:54 2008 GMT -->
+ <ds:X509Certificate>
+MIIFaTCCBFGgAwIBAgICANUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAwMzIwMTI1NFoXDTA4MTAw
+MjIwMTI1NFowXTELMAkGA1UEBhMCVVMxITAfBgNVBAoTGFVuaXZlcnNpdHkgb2Yg
+V2FzaGluZ3RvbjErMCkGA1UEAxMiY2F0LXRlc3QtdG9vbHMxLmNhYy53YXNoaW5n
+dG9uLmVkdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6tXirPIH4TFjzGAY
+5duEbad9C4dMgb1JDNcwrKWYl1elmKU+PkdnjvWnon8RNQl8CADVGagrv2BmcR8k
+LmfiD4eIySSg0XP+60VCLiPqetDnkr77rv5Ks7GPgt4vJTrrI1hDln15JvqgOeGW
++ShjOeWz2GfhDZbnKdY+TGAnDmkCAwEAAaOCArwwggK4MA4GA1UdDwEB/wQEAwIF
+oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAd
+BgNVHQ4EFgQUrUUT96Mn8Sna09LnF6IKPusMBWAwfgYDVR0jBHcwdYAUky3IYRit
+Y+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNv
+bW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGa
+aHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdl
+L2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2lu
+Y29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUH
+AgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJh
+Y3RpY2VzLnBkZjAtBgNVHREEJjAkgiJjYXQtdGVzdC10b29sczEuY2FjLndhc2hp
+bmd0b24uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAeILafBZMSJp5kHAmRn0yRzEqV
+G8qJpf6YxL0AcTEc3Lb5KoP7dLxsHr0HpBCIx8gd6/52Jq2Y6bpk1r/Vv5RKqFD4
+vhcTZUqNhdk58ZP9OMU0kGB/WIpSUv16zBg3+w+2vTSgq7qDR3cvWgMW8vJroPRQ
+Pt1fEW71GG4hXjdsh1I7F6V11b1KNCNYzO30KX6NocxUvGHnYgS4ylgg+P8G+eke
+dqWIE8PaCExazguFJhEGFEHPoDefvvCeMyEPfdFyayKH9cKzJgx/SvCobGcW0JeQ
+cKqS8L5nLDs9llSjBOLM3P5hir2f78BnsOISCaOmimZ7eB1CH1HACtP1j1X9
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 440, expires on Fri Oct 1 18:16:37 2010 GMT -->
+ <ds:X509Certificate>
+MIIFMTCCBBmgAwIBAgICAbgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkzMDE4MTYzN1oXDTEwMTAw
+MTE4MTYzN1owLTErMCkGA1UEAxMiY2F0LXRlc3QtdG9vbHMxLmNhYy53YXNoaW5n
+dG9uLmVkdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6tXirPIH4TFjzGAY
+5duEbad9C4dMgb1JDNcwrKWYl1elmKU+PkdnjvWnon8RNQl8CADVGagrv2BmcR8k
+LmfiD4eIySSg0XP+60VCLiPqetDnkr77rv5Ks7GPgt4vJTrrI1hDln15JvqgOeGW
++ShjOeWz2GfhDZbnKdY+TGAnDmkCAwEAAaOCArQwggKwMA4GA1UdDwEB/wQEAwIF
+oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAd
+BgNVHQ4EFgQUrUUT96Mn8Sna09LnF6IKPusMBWAwfgYDVR0jBHcwdYAUky3IYRit
+Y+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNv
+bW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8v
+aW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5j
+cmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRw
+Oi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5w
+ZGYwLQYDVR0RBCYwJIIiY2F0LXRlc3QtdG9vbHMxLmNhYy53YXNoaW5ndG9uLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAn6eCIrAkfI0JGSaulTchNWlh84JB8IdCyEOa
+Z1VDYRmr+7uPZMADnheqE96454RiCmOrfJDHIc/QEdG10eYg7g/H82CEMZI74Q+S
+P+w8TQTdB+G1qqR7rhTmedX3O70DsM2g68U5Yv8Pk8k8JHfFnyCO71USQDa5zNhC
+TQf/OKX9+0H7c8714rL/HgN9J1IEAD6iDHyquJujt0r4820fy61C/PQz/N5PWkwv
+fUWou/YoNQw/bMy/qZfvifNyfkMPTI6VHPxV04Qxsky961ld2eKULM7S6e/c8RWg
+HdLahbyk+ogu7ENxlePd0sQrJgaxthYA2gCyI5lPTxolPzG7yQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cat-test-tools1.cac.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Collaborative Platforms</GivenName>
+ <EmailAddress>teg-cp@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Catalyst IT</GivenName>
+ <EmailAddress>catalyst-it@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://catullus.sonnet.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 607, expires on Mon Aug 1 17:54:50 2011 GMT -->
+ <ds:X509Certificate>
+MIIFKTCCBBGgAwIBAgICAl8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDczMTE3NTQ1MFoXDTExMDgw
+MTE3NTQ1MFowKTEnMCUGA1UEAxMeY2F0dWxsdXMuc29ubmV0Lndhc2hpbmd0b24u
+ZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDA2uD21RfVR78zV/B2TpO3
+UKAsTU0hyjVl17L5FvXxkc2/EMD/KENLKJfAT639r+h/WhuMOJdV08ZcjfrVLNcB
+QUgRf+vrFs8vZrSPAfWnuJcS4wNrpqleoiDmeRlNqDtfo4fiCzWnCsdOLaL3ZwFB
+lTfmN8Or5pGIHfkFbUUHcwIDAQABo4ICsDCCAqwwDgYDVR0PAQH/BAQDAgWgMAwG
+A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud
+DgQWBBTQkFeSDirbajGoaGjHWEVCRvQV3jB+BgNVHSMEdzB1gBSTLchhGK1j45tl
+s53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9u
+IEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAp
+BgNVHREEIjAggh5jYXR1bGx1cy5zb25uZXQud2FzaGluZ3Rvbi5lZHUwDQYJKoZI
+hvcNAQEFBQADggEBAEzj2GOf9lHhKy6zuP77pXzr0iC5M1BOXdLcJpD6xf37DJjL
+5tSVp0mJPwaU2l6utYjmXlj+vBvgAlfXAnfWF/0jOS16TiANe+VeNMhkh9wrFq42
+8Nf9yfeTZ7XtvrvpKytYEqGVq3rLTaOu5nXWZhMpipA3QT/8DeaOirRqJ+ZKXF97
+RbPUx0TKqJkVTOtu8sNJQhlVKHlmPmSb5R3inwLidpzxQJXDPdjHCa1xNvutVe5P
+Ds7K7vNbQzWamcD9BD0eCA33DuFXfudcE20753WofrYlIcvcYr1o5Pn9TeFTTk1M
+JymQEcmtVepXZdzhH9PC/lEhsxl0R3BS23P8bF0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://catullus.sonnet.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David Jones</GivenName>
+ <EmailAddress>drj2@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brian McFarlane</GivenName>
+ <EmailAddress>samspade@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cdb.iths.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 662, expires on Mon Oct 10 17:08:03 2011 GMT -->
+ <ds:X509Certificate>
+MIIFBTCCA+2gAwIBAgICApYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwOTE3MDgwM1oXDTExMTAx
+MDE3MDgwM1owFzEVMBMGA1UEAxMMY2RiLml0aHMub3JnMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDUpai1Ck/DHykQ1FcXVasY1PIi7B+L8YImsB/l/cR5qSVX
+UNe0Y4VpxDFRwt7r4shUOofUCiJenLZn72tykb2CnEzXckdataHPPbEaRGPqa7Yd
+EyNX/fs60+74KV0LP3u6n2wVwRE0rGJexfkPazkvp1Uf2dFPCQoU3/73RQpWvQID
+AQABo4ICnjCCApowDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRdsEvTnH+EJXss8Jua
+pNbFIlWRWzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggxjZGIuaXRo
+cy5vcmcwDQYJKoZIhvcNAQEFBQADggEBAD1C3eqyHH4C90Job3gFC45/SU94ijYj
+3MRUT/N2ve/B8BPJhMgcKIYEzSYfHV/K3GwegL4gPXFCpu+3L/dT2mSCEUv9cKes
+9YWpREeXX8+zGyoPuRkzyp/4uQ2Ohz6d1IKGYhHN3I2D5HK+etZvENTvucZlo3LA
+1mI6QLIocas52LHW2RKGr/SYeDZA0vG7mUIAh0yFn6jGO9niLWIfmj0o2NsBxEYv
+Iy4r92NED39oWtws9D7whv3QBQKRePR0qXpdMBuczWS4yBcfHWscIKZAuQ0x2KNm
+fX6u1srbX7Lsgr6wJRPl3J6OZ7LRZghZ7fNhWOt9Y+h4YEDGghUMsRo=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cdb.iths.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Justin Prosser</GivenName>
+ <EmailAddress>jprosser@washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cnics.cirg.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 636, expires on Thu Sep 1 18:19:38 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAnwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgzMTE4MTkzOFoXDTExMDkw
+MTE4MTkzOFowJDEiMCAGA1UEAxMZY25pY3MuY2lyZy53YXNoaW5ndG9uLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAz+X22U5HVo7wO1QOwHnVvY0VZ3h9
+DrWXpX4jT07zQRajkiixxnWEromS+U2JL3nditsAl9R7yiZaJydLFLjC2AhHkPPQ
+B1KnQTz6x2JQjnya4a8srbhl89fb5tf5fBEWztzLw8OS8XZkqU+8ETfqE6catqdp
+2DSxJ9qOEGRg5LUCAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+RZ7ETmkIuIGu1gVhm3qmfHK4q14wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZY25pY3MuY2lyZy53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEANOJjehWAe2EgFG09L3qsYOWYWjWscxT2GRUQe5TyLpILjdNZCix4rbEMjGmX
+ztsDNbZc5F6K3d15deJrbAWiTr96XZAVciqBlAt9R3Ku56PbCry5lZd9+r1P6kxE
+m/upgsfUM/bBi942My31kXPtjqMwSEIlb9Or+uPCN+wKm/wz9vt4IvFIENeEzHjt
+3Fs2/8zHrN2O2q3cObg8J5ZoAMR20cS5yB5U9fkBFiy2box0tzTEcTdkSJgsI1eW
+i18xIzi333IrcFwtjSItARR1S66DVclDHiWfMVUcCViGTRZutJLdRAmrX3tm9bbr
+JMGsfi19kdSBHe1ty5jTRuft+g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cnics.cirg.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cnics.cirg.washington.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Svend Sorensen</GivenName>
+ <EmailAddress>svends@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bill Lober</GivenName>
+ <EmailAddress>lober@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cstest.cac.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 390, expires on Sat Jul 24 19:40:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAYYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcyMzE5NDA0NloXDTEwMDcy
+NDE5NDA0NlowJDEiMCAGA1UEAxMZY3N0ZXN0LmNhYy53YXNoaW5ndG9uLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr9M81J7UH0eC7xywyYdCvYKNzzEJ
+5iA5dGllGsi1XrDDJ7HOcy/AANLjt+Bs2Atl2kXP2rlTTaBgJuHKCizCWuWAXc9m
+42WSkofW5hR4/RTb3XHvIOOLxe2O/zrIfvI5IvSJFZK46roOu6NqvdxCaxM4yBO0
+OkdZlpvxx+N7BTMCAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+8YihReZILdBKMDgD+bLbncGGzFwwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZY3N0ZXN0LmNhYy53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEAm7jWgQqpqoaQi8+wEnA+X1iqoRyBulLreJ89YdkFy7zwpYWbyazBCINxuuFg
+xGeB38TdIIrSutpowi/Si5bZC6v7dvA1HjMCeVyrfYA25KY7HWc93wb5Jgs+pyQ9
+yKE+4A4HRbsx/9PW5xNSeOsJ3kxJJ9hVCDSIDUonJsV4PqQ0R+A67OgWXG0TIUhD
+aPEAl89zHc0nsd/rv31bVPCAqC81JNN2/Dxj43HJvmUgoqS6Y14E3G76A5ICvL3U
+yQ9qLM0OOO3c9nYwj4vf5Snlo6x8MVDVkYx4cbr3upBLyjVoyQyl6ViLfj+tA59w
+FmAKmiTJN8BwGjIQAoNKK0PscA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cstest.cac.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>SMVTT Technology Initiatives</GivenName>
+ <EmailAddress>smvtt-ti@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://dev.moodle.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 288, expires on Mon Mar 29 20:22:15 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICASAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMyODIwMjIxNVoXDTEwMDMy
+OTIwMjIxNVowJDEiMCAGA1UEAxMZZGV2Lm1vb2RsZS53YXNoaW5ndG9uLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0Pc+/cjlreJl1JEXCUYSXEcd+5jl
+V/5ilI88oZZWdZwYtWE0qY+1jLTUrtUKT+ZTPxaPK/npO5OnsdMCk0O9epXch8sq
+BNheRkHRQBN4EbbYVkP+SecgUlLWTnpWyNwjQB9X389fnYzv49DSUfsC2qQrzuJC
+l5y5x7NbeEf0DK8CAwEAAaOCArMwggKvMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+x/Q879IbqYIr7fgHvOJnjOxTbfYwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAkBgNVHREEHTAbghlkZXYubW9vZGxlLndhc2hpbmd0b24uZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQB2O7qDm8gecVKlTUrML3+IfSkXJ3S8Y0srW4BjJYWcvkF7jWX7
+VbsPR6Ou9NRgfHZd2dPGmGhfDEpi2FGXHED97kJApo66TEv7SEkLsEc9nNRB24zA
+R3gx+pJdjpNhobs1uRysb2OSD73A5w3tIXshreWcfvDPw/rQj7dSdUJKgJDXOIEr
+se5p+0tNy6S0uGh3ooG2ixylH9vOm6l9XTt3ir6OEAkc1ygiLo/CC1cStwPBZTWx
+avCxwZNZT2DDJD2/7U7hZpZLw1iuI8l2K8VLjzXdYAF01KsiAURn0YH7RLgwk5o6
+cbleQPzwScJ97I0nRcDZwze1i3EZbDWhM9xE
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev.moodle.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian McFarlane</GivenName>
+ <EmailAddress>samspade@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://go.francisella.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 378, expires on Fri Jul 16 18:46:54 2010 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAXowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNTE4NDY1NFoXDTEwMDcx
+NjE4NDY1NFowHTEbMBkGA1UEAxMSZ28uZnJhbmNpc2VsbGEub3JnMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDRaN7BJ+Wa0HMYBkKAHb5TCvklI5yAHPd6/Rza
+c1EoJ4dPehpphHyVVpiPr42TLb3EvHIta2X9rsHn1KpbeFHyrdTn8XQlNyb1rLnQ
+k0dDGZgjBuqEIv3wNd3KY6MtQ2c8Pez4sjQXWvzRz9/eHeUbhU0sbwxVCPEtMcDg
+gRS9+QIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQkUb+wRFtg
+m8VvVes0ibxlkRZMwjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJn
+by5mcmFuY2lzZWxsYS5vcmcwDQYJKoZIhvcNAQEFBQADggEBAHUlldzfRF3Sj/j6
+QtSXKdqNnIbTKBO8Lk7X/muYIyfZZY2iJSN/nwKVsap+HGpImN1ut0c2FUXE9qE3
+whsIF3DwsV8Lykb8ruwi9fCD4ClVkHMRRY4ca45o1I8XEw9TGvCEpI3KqCKhdKPJ
+GAS12GT/0VBoVPEgeS9r2qm2Au1bRKQjwcGL507q822lJVPoTrfkqcLfs08srS7u
+DWL6i4I30XEORmJ5SnRXfxnqL1D46aFqmDfDDjM9yvZQdXU7pfZD8QY+DTGE95Im
+v/2pt2r0edA95WiMfQT5K73IkOv/LNltqHvIjX45o8MHoB8r6aAqOIMsOy+DgmkN
+MDFJwH8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://go.francisella.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Matthew Radey</GivenName>
+ <EmailAddress>marad@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Matthew Radey</GivenName>
+ <EmailAddress>marad@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://go.nwrce.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 359, expires on Mon Jun 28 16:51:41 2010 GMT -->
+ <ds:X509Certificate>
+MIIFBTCCA+2gAwIBAgICAWcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYyNzE2NTE0MVoXDTEwMDYy
+ODE2NTE0MVowFzEVMBMGA1UEAxMMZ28ubndyY2Uub3JnMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC7eoZmKB84QLBivY5GkRhGSncfuLWBnKYEdpmkctaLZPPf
+N+sOlfKGBF5MeEnrn0mE3xm7voSA4/K/RcYazi6lIiDxHxTysKPS+ldBrVA6SMRm
+Z4mIsChrYJ48Yp0W/umz4GtDXrWkr8zeTEcCMYYH7tQ3zBzrHbVhe274sH/ZpwID
+AQABo4ICnjCCApowDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSXrRHJQ9sRv1zcd1/H
+7VdqdOSpZDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggxnby5ud3Jj
+ZS5vcmcwDQYJKoZIhvcNAQEFBQADggEBAA/iFTXgw+yK8/3h+hT7tTtZXUsIKwcR
+Urm/jbPnW9GOMkWTShMGEkBb/ucU/3lWoLdiuYmeaLYBqrcUmuloeAmzJfkKa4Fl
+uoFg4iOaAoGUkKiyNyhjj8NKETYO0U7Z9EHyV46Z7cHe3IKyrDMWiJo5I+SVwhxr
+J6ZOXLI1eGp2WucwLizXyqhkNkK4yk1CXxopmPlJsy6R2f2FbY+PanDzlFQFhFVL
+7gLobO4ZvBRo8urUCeqB3z+/ZzRCcyXuEm0g3/G8IpD1aelevTk127+574tQ0AVq
+hlmjT4LY/MM7aoKAuBySbSMGNpI1S06cE2JlErhEBqucIoIr4ew6wac=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://go.nwrce.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Matthew Radey</GivenName>
+ <EmailAddress>marad@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Matthew Radey</GivenName>
+ <EmailAddress>marad@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://isds-auth.cirg.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 522, expires on Mon May 2 16:55:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICAgowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwMTE2NTUwOFoXDTExMDUw
+MjE2NTUwOFowKDEmMCQGA1UEAxMdaXNkcy1hdXRoLmNpcmcud2FzaGluZ3Rvbi5l
+ZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALGw5ILCpvY4GxB+8c7we6o4
+WqwxhAOlQ9jJWMCmrlktocidhKo4PoAmuIesciK+AIaqgdAbcA6OLcFjE4347yzi
+/v8BFJpwcwnFFi4IjVwUz+Z0P18WHd08nOtdOFRVhoKl7+LCzevmHfoThllrYS93
+GGXH1c1KEpWIuOjsJhuFAgMBAAGjggKvMIICqzAOBgNVHQ8BAf8EBAMCBaAwDAYD
+VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0O
+BBYEFIj2ViDfZMX6xblNMI7OHAN1Ke6xMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wz
+nd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24g
+RmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8v
+aW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGN
+BgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29t
+bW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4G
+A1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2lu
+Y29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCgG
+A1UdEQQhMB+CHWlzZHMtYXV0aC5jaXJnLndhc2hpbmd0b24uZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQA1WjzpCvSDPjZMiSwplK0NM4hLRjEvKOst7/7tjbHY952gW4Z9
+f9jbaEUEPEeRH3z2x2O7UYzSGOOaSLCoVCyvobHyRnBjRW676iK5TiZbs4vxjSnf
+9iJtq+/6BoLk+FSjjfYBUfie3FC1AthRLBcGsskO9/r/ZFsazGuqQqejQJagVOzR
+FOvTvvxeHxyBXzbJyOJEtIXcllj5JlNiJkaCBmQ171ONAIY8PcHsQCfZslnqGX4f
+3zp3aZ6IaryVblAjZdm0etXeRVSScKb9U4xEFwYDpMnKRHfzHo0XptVzWwJgeQ0Q
+LI6ZQu4VJQpvtJIIGT7+vHrb6iOt+MJI+n7X
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://isds-auth.cirg.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://isds-auth.cirg.washington.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Svend Sorensen</GivenName>
+ <EmailAddress>svends@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bill Lober</GivenName>
+ <EmailAddress>lober@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://isds-dev.cirg.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 11917558635593549627, expires on Sat Dec 15 18:54:19 2012 GMT -->
+ <ds:X509Certificate>
+MIIDWzCCAkOgAwIBAgIJAKVjrG/ocUc7MA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGlzZHMtZGV2LmNpcmcud2FzaGluZ3Rvbi5lZHUwHhcNMDkxMjE2MTg1NDE5
+WhcNMTIxMjE1MTg1NDE5WjAnMSUwIwYDVQQDExxpc2RzLWRldi5jaXJnLndhc2hp
+bmd0b24uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjKHwLFI
+FHg3PMwDCZB1Gqj3Az1H3PZj6UM4pvZ1Yjo09R2t4v1gdM9qdwTCpxMWYWWLAufz
+T12TOaK/5g2f2edwei+Rt9MXtexzoQaqlnO058+gtTPE7TmB3Eoux+WKStlBBIFm
+2q7j51zDusdlMvZSBpvyAvjF9ZPZbPmg8ieEkUj7zyLmOTUZykiAHOB7fdYylrCF
+EHkz90Ma+fabjZM4CzRg9tJ/JWXHOeOf9OKTjzw2Fsy4yfOiT9uXg8tR0j0Y7ba8
+CFKaf2hxFzTVyVL7hG2ZQAonhhq/iyrouFhoQ9jEcjeheJRNtsCZn71jsyMnf4Mp
+vBZ4ewrJDvijYwIDAQABo4GJMIGGMB0GA1UdDgQWBBQW7Z/eZ5ArJ8nArXp7rIXX
+X4ikIjBXBgNVHSMEUDBOgBQW7Z/eZ5ArJ8nArXp7rIXXX4ikIqErpCkwJzElMCMG
+A1UEAxMcaXNkcy1kZXYuY2lyZy53YXNoaW5ndG9uLmVkdYIJAKVjrG/ocUc7MAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBACUba2UchNBXkWGhJ2v4MKCD
+L7zevjD8qdnltxsQmuexbvAsM+FNZnt+NSBgw2ZajstNBSxx1I11VRDghNRFRq47
+hYg197+NP7yM4BxpFmsqowYf1LBJZDyeOaEGajlteGqPjv1wMHw5/lpH0/ruzUOG
+rTfq5gk8V3hoUpk5CEPY28e1vGaJh/k2/nf+6Id2jZ5Zttp/swza92ITXYveQmv5
+PKRBaIn+lyKlDSq+pVIqsrH4kSFyX0HyormGe2uxRlu0l3I1ua0FO0tmrUmzFxRO
+0Y3qJDG70c6eZqbAbOi+IBTUl59ck6pfEc6DmsELy4lQOirNgaLY6uOPznPSH90=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://isds-dev.cirg.washington.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://isds-dev.cirg.washington.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Svend Sorensen</GivenName>
+ <EmailAddress>svends@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://isds-flu.cirg.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12286240137836580451, expires on Sat Dec 15 18:58:59 2012 GMT -->
+ <ds:X509Certificate>
+MIIDWzCCAkOgAwIBAgIJAKqBfk9g5U5jMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGlzZHMtZmx1LmNpcmcud2FzaGluZ3Rvbi5lZHUwHhcNMDkxMjE2MTg1ODU5
+WhcNMTIxMjE1MTg1ODU5WjAnMSUwIwYDVQQDExxpc2RzLWZsdS5jaXJnLndhc2hp
+bmd0b24uZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDdDjt4X
+S+E4QwZTidk1bE7Dh7ddajCtS3WEiTCOdn1zTfKiho+0+BIWwJ7Duaa5/tjdVEcP
+TMNxC8oyEi6892DZM6wPzFSW5XeVSXHM1H0dgpS6zaO7iUU//XcjoPpltV3IWDqq
+RXN7B6cysu3JHi+XROCLB+O4v/rxyzpsFCz5qyEBcHHIviraMDeSepPwM1OU8M9R
+opNg2V/S+Hd+V6AO26wfdw6FqBTERcWPkfNOmR9gXlfjrqbBY+I2luWjtbTmTSSI
+7cDH2FcOJe3YQ1M6At4jqhAbfr95eNXIqcpLPsP3ezwk6t5brx29T3mfLU5uPCiU
+F1VNVxAHpZdedQIDAQABo4GJMIGGMB0GA1UdDgQWBBRrlfMTI77V+4QHrpaVvMU/
+EdgYxjBXBgNVHSMEUDBOgBRrlfMTI77V+4QHrpaVvMU/EdgYxqErpCkwJzElMCMG
+A1UEAxMcaXNkcy1mbHUuY2lyZy53YXNoaW5ndG9uLmVkdYIJAKqBfk9g5U5jMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAG+XKcPMOpgWrOREb6+55Glv
+dFKZJrXuIYyAk/8Uq0Ibmju4P7Ber0aXP88awuyLOEVlmbTuVjal5a6SxMEarN5E
+NECQ5rGD8VitHv3D5PwWxmv57+/HEMqUbyQlESikXsycL78YSHNBvYCXmg5AQYiX
+GyKmBs5zHSDBrYkQkK8p9N5yQwrpnPVsb8zx4fiBrT58MgRCpGl9qB3yhBt37bwt
+bNBvec2etizCaYvaGc6u9Q/Q/FHOHYBQFxG9AKOQ0gxoxXbnNev5lWG3IKCiLned
+DeJolKWtjsnPgRv3xAd9b/6Bpjra8nP1WrVbGrHHszDJoHbL2AtxjYFta2KCTko=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://isds-flu.cirg.washington.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://isds-flu.cirg.washington.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Svend Sorensen</GivenName>
+ <EmailAddress>svends@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://isds-stage.cirg.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 656, expires on Sun Sep 25 17:57:50 2011 GMT -->
+ <ds:X509Certificate>
+MIIFKTCCBBGgAwIBAgICApAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkyNDE3NTc1MFoXDTExMDky
+NTE3NTc1MFowKTEnMCUGA1UEAxMeaXNkcy1zdGFnZS5jaXJnLndhc2hpbmd0b24u
+ZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0Rw8bSBfp4wJfkDrUJNts
+GOErDeAbx93r/KliovcRN2uY0XZ5Xlyh/fJCVGIWX/dm4OsWGBsC0ayLxSXud6k3
+JAPO/kIJon2yadLgW78WBlT3klG1JPuK6lN3D8zEXvlXU6/YnfAv9v6xlDTepTDM
+LbZF+7KVrspgde94lmn7MQIDAQABo4ICsDCCAqwwDgYDVR0PAQH/BAQDAgWgMAwG
+A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud
+DgQWBBSiHJvkwZy+XC2KtJ7I+iDjtc7+IjB+BgNVHSMEdzB1gBSTLchhGK1j45tl
+s53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9u
+IEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAp
+BgNVHREEIjAggh5pc2RzLXN0YWdlLmNpcmcud2FzaGluZ3Rvbi5lZHUwDQYJKoZI
+hvcNAQEFBQADggEBAE6ZCDtQsv2ZMMhpErME+HW8c2OkYfTnxQuJt1K9PhMcYzdT
+xGIug8lC4GAtvr24nuQtAYHGYJFrGU2VBrl55xlNxxF9ZH+psxfRTQMDDoK8jeL+
+UBottAzrOjcQZwmWctL47kxHE5F4pvV4JypqARjPON879kyf+oCBixeRFSosgRtd
+3b6EBZtO981xn3vbS1opThdnOzzG7uxBCz0SfXufEuvqc4NLY1Fu0GTSEpF3Ne6m
+6FHBfbDCHGtQAbp2N174EBtaKlgEKgl4wsBwwvQmjrVnIHMapQkUO6ZCipY8x3v4
+l3NGSt5x0HPtd/0NnwKrH643ms4rXToKaGpqg5w=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://isds-stage.cirg.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://isds-stage.cirg.washington.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Svend Sorensen</GivenName>
+ <EmailAddress>svends@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bill Lober</GivenName>
+ <EmailAddress>lober@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://miller-lab.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 360, expires on Mon Jun 28 16:51:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAWgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYyNzE2NTE0NloXDTEwMDYy
+ODE2NTE0NlowGTEXMBUGA1UEAxMObWlsbGVyLWxhYi5uZXQwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAOkcJB7rL8QAnJ7j92mVKj/2gGVHDMULeXYySje7l52Q
+knzrbMLLvYgk4GMNnnKpAjMqLLjYGL9m4hBGO/Y9PwPz8vUlj72Sa+RF/tw3TJlb
+NOwPZvijHCALUbPlOEuD6nX114y2OqNpzenr+t+WAkvscWQMzRunmERRHDD6z+L/
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFPWNWtz1TK8Zr9vh
+IwKULipQS1VEMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDm1pbGxl
+ci1sYWIubmV0MA0GCSqGSIb3DQEBBQUAA4IBAQA1PPbh6E8HCe6ew/8dL3/Hnrb/
+AfRIrC3HvKEJ7SJ0fIUetAHRNMxCF4romz4L6lhixlbGXL6+2EOK3MNLahxHbo+b
+vdrm4VN1y9JVtwLWbRRw0yc60rGo+D7BFq3IoySlIdSu3l7nNxDjChrqjZKFP9wz
+mvnpVU/9t5dO06myvJjyNckJU6UHbvUi1xS0WVb5TJkZekilFf+YEsE8K6y7c6EA
+Yr67L1ulYAtwX7JyBOgkk/r2lvXY7PS0Tbrop5GaB5WISVp4ez9dM7cFRFemGsOz
+uGqjGuxklhWRPPWuNbPNT9TkVLh9XaxuAPJ+lYgmZTMKI+kqa66JJl/6JV8O
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://miller-lab.net/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Matthew Radey</GivenName>
+ <EmailAddress>marad@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Matthew Radey</GivenName>
+ <EmailAddress>marad@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://moodle.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 289, expires on Mon Mar 29 20:22:27 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICASEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMyODIwMjIyN1oXDTEwMDMy
+OTIwMjIyN1owIDEeMBwGA1UEAxMVbW9vZGxlLndhc2hpbmd0b24uZWR1MIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQCqh3ubZeGPhQXm3mNXnW73bKQ35/ek6Hex
+PSsoChNqI95ivsHMuczAk2qeN8xdK3qE/hX6s80GHWDMCrcThvVcgdXl5ei7htB0
+x+4POPdmOUqNyUWpJXJ9SzjbM5pKhRwaH+Q1/5+2fCLKx4E3PRQSA48u9XLc5kb6
+Vj/RL5DHQQIDAQABo4ICrzCCAqswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBR7EguT
+GiXQy1o2OPNSUI8jAt6dOTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGN
+BgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29t
+bW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4G
+A1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2lu
+Y29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCAG
+A1UdEQQZMBeCFW1vb2RsZS53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEAIvSqnar9Ctn++OcvdKdq27EUAxFdc0o6AZ9P4lREBfWoYpWLMYRPAu8CXrCU
+0lIDEKyuOGobUG2ytVOx4NeTvHQmxnkVtkEt7PVKI2l3Uj7u1hChiPt4NCCx9RLM
+VB7aoZBXhyFIZjczTV66jGuykGOuPwt1/MMhqspHJIRuPsE31fa2WXAsrefo05PS
+UoydOZte4NuxMSfBvLziz6UB7AsBDrZwkJkJTmSAjN4KziUtaZbMokE9cIXilGqi
+GJtf1Yq2NpuLC3pyDIiE83n06xly41HkMtKOE60LksDi8Jml2LJ89XxohCniXav+
+LyL6RiEO7Tl6wOOjEGoMjcAWvg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://moodle.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian McFarlane</GivenName>
+ <EmailAddress>samspade@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://naaccord.cirg.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 637, expires on Thu Sep 1 18:19:42 2011 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAn0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgzMTE4MTk0MloXDTExMDkw
+MTE4MTk0MlowJjEkMCIGA1UEAxMbbmFhY29yZC5jaXJnLndhc2hpbmd0b24uZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHlCMm1Dh35heLn2vLYP7zg27i
+oiRSo6IZ9jSZ+onhGngDXYo0xmac5skEHuvjfgIMSMhhgP61cTKMyRuygh7JG+tl
+jnpJPNgRIMrpM+JCbtfp1y5lRktwytZvDOPEye6EZeEZ8dMZ146ABsj3cu+Md+IG
+pHBZnjM+nXUC87fnEwIDAQABo4ICrTCCAqkwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBSdXeRO+IqE6OefZrpFm4d2poJNfTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAmBgNV
+HREEHzAdghtuYWFjb3JkLmNpcmcud2FzaGluZ3Rvbi5lZHUwDQYJKoZIhvcNAQEF
+BQADggEBAAM8A7L/xlHAfchPrGGtEhVbi9J2Lu4CYHiD5Rq7ZijjcB9XhhsHcd2K
+LypPJxdxXiE7cW7fPmas88p5JraMMozcinw+J2uS1kZKrTx7vGAsivbKPgFNetwR
+63v0xSjepyjEgt7VPt4PefdgC3H1XWBhd5Pp9d3QUVRmLZkdwOp/HoB1cy5iM5OY
+7eekHBHSroL3jz2MbmSA2fEpbUW25i06/BiLDzkm7DYyfkvGc+aw9HAYdqjdknjY
+o86JXU88Ij9XYu5Nmv3SnpSdnLsLsBFF7hpB3GYyM7zT33dGfsX4EQjuY0mwVPJc
+RFlvD8V5OO1xf3ZswRI/qSBL6vFf+gU=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://naaccord.cirg.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://naaccord.cirg.washington.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Svend Sorensen</GivenName>
+ <EmailAddress>svends@u.washington.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bill Lober</GivenName>
+ <EmailAddress>lober@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://reset.moodle.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 615, expires on Sat Aug 6 17:56:37 2011 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAmcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgwNTE3NTYzN1oXDTExMDgw
+NjE3NTYzN1owJjEkMCIGA1UEAxMbcmVzZXQubW9vZGxlLndhc2hpbmd0b24uZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD6hWPTJxjTWy2Qw4AldAxUH3al
+GiDokcinGdXIlqPFEQpaUj5Ob2vTiU9McNqc407GVjyTmhGjOM1D6Vy++9Cfwyie
+uquG2oKUpHkuHrmV4CV0vxybD6cIyn2D1rPany9PYfbszHRvolly0k5yOh+Uua7B
+3i3G4JhZHAPCkuXq2wIDAQABo4ICrTCCAqkwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBSwhR/jhCP0uZ7UMxshZu+ALOUktTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAmBgNV
+HREEHzAdghtyZXNldC5tb29kbGUud2FzaGluZ3Rvbi5lZHUwDQYJKoZIhvcNAQEF
+BQADggEBALGBkRHQX/zbDZynyjwUJeAD06bD1svM2MlhDh2/fgaYyw2VgB8I1LOR
+kLbJ1pZoWgzFtt1GWTbq/yRCmCwyozfhJNBlhy8dBFa6ncCniAmrQOBzfGWGCk/7
+FkqRc82QcrLJu2zvbdpvNqVJzGa9VZnberbC5344ghp6GT1k3rsdVjLbCkg8MEQp
+D6tupt3AaNLj+kmo6dANCrxsgYEheTFJYEQiu0QR2WHehftoZon+Yw76yG0Xo0D3
+ovejMr0dvfQoUK7XaBOU61tG7Kn6QoIRoE3rBf0G5w0xhhSFspfKKClKvlZZAjtI
+moQb9093tYA03h4mty3JlOmGL0bpztE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://reset.moodle.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Lucian DiPeso</GivenName>
+ <EmailAddress>ldipeso@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibsp.biostr.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 387, expires on Mon Jul 19 17:49:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAYMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxODE3NDk1MloXDTEwMDcx
+OTE3NDk1MlowJzElMCMGA1UEAxMcc2hpYnNwLmJpb3N0ci53YXNoaW5ndG9uLmVk
+dTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5tZ/ZXpsq9cNrW2QgiABe1q4
+9EYbhQWKMgl9xfaqlltc3LXhIt8QPhqEtyqYsIq15BIUCSqJkFAmIXl21TrpHcGZ
+WdXzTrZ3Agum63nBScg2WS+3+4/PbU/A1Tb/iwZbq4emtlBsEHfYSTT3OUm4ou4D
+9SzqpBtJ66YlRjGC678CAwEAAaOCAq4wggKqMA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQUug6BktWF3GxV2yDo6y3sKaKHElIwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9p
+bmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9j
+YS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJwYD
+VR0RBCAwHoIcc2hpYnNwLmJpb3N0ci53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0B
+AQUFAAOCAQEABLNdFuLjfu5LjZHHV2PHLMhJyzZwhM6MWT1i1XpHQakcVsDD/iUU
+SLBa01FE76KgQP+vl5pMJ+ISAZa37JjpA/fpYm7WFesSxjXl40G7gZJJvJr6+mk5
+uei1ujjJh2MdneJ1RHd8w2nwNiTOTZETWvkxLxT2YrWX+FX9WZIv5w/6DRiXeqyd
+IG2es3klDpiCmtkpYqdv86yU+L0gpSuS0MyO2xn5yoz6iaHU4Py86fOG0X4GFV2U
+hXoa7xavpw4wQa7SShegZH2/rby6XdR67oEfCswUCCIdMVAUz04UwqhOHcUnFtLA
+eu/uzV51UJxTC1iVtuJsrkrEID8B9BcWSA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibsp.biostr.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Joshua Daniel Franklin</GivenName>
+ <EmailAddress>joshuadf@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://sog.cac.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 559, expires on Fri Jun 17 17:53:53 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAi8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxNjE3NTM1M1oXDTExMDYx
+NzE3NTM1M1owITEfMB0GA1UEAxMWc29nLmNhYy53YXNoaW5ndG9uLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2PPC1bHYcerYqo3WwCQY4Jmdt+v01viP
+NZSKHdTaa7tXGALq7k5rGDaUhvpwDgcypPZgBIY0HdCmC264lK+gSyI4bGwwbvyu
+ANchuemlzl8CZAjCxs9tyAJYjIGWrDirJC1oTvpd0yFc213DW0eHciVYHIyclmst
+Q2LfEgnjca0CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUrfa1
+pmWIuaao2NinpzhJhu1At+cwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc29nLmNhYy53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEATz6S
+rkBATEXqH662OWAphFIhNTNUDG130Y0ytORA3FWGrW1Mo5NIGZzYJ4cjSFTkg1Oo
+3z90+5lIBCkMzHOg3pvAW8k1XVFECS140RTwoK6jFJUlzDcDvEXTECPCi8fhHq03
+6n+gXOfZ1V/bVQfnFTdRhfvfRBw/Mw27WCSbmoNwA6DHY3pWzBKDQxfwjT5L/VLT
+2d7uJRofot3fb8+BV+ttUNo7QPUspzXOMrJcUicvPLw2NsVyQ3bDKvYq8dvu51CA
+apllJj6Ht381XW2VpopGpumLFbioXY7XQ46nzoUcuHd6SKmXjcvxQIXsrQtr1Rim
+PKYAaI0qn3tfqZkJHw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sog.cac.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Distributed Systems Applications Engineering</GivenName>
+ <EmailAddress>ds-apps@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://tools.nwrce.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 301, expires on Sun Apr 18 16:43:04 2010 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAS0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQxNzE2NDMwNFoXDTEwMDQx
+ODE2NDMwNFowGjEYMBYGA1UEAxMPdG9vbHMubndyY2Uub3JnMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDhaBF7fUlgPZExZIm8DawfxXlDlDQ0BWDcam0WQcU3
+AglOS2u7gTYDM1nl90PEAumlpbN7Ys4bpsKlknLEMmJZ/PJfU1v69Lq7bDtL3Llu
+Kw3QluD1XFiyRzn+V7nthk8wdbzPnSBjyem8jEgcvS/QrhXk4XWjQgfi6zaYRI38
+nQIDAQABo4ICqTCCAqUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRlJKcj2G8PNuNk
+7/6yfU6NuPCzfTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6Bggr
+BgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+CgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBoGA1UdEQQT
+MBGCD3Rvb2xzLm53cmNlLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAA+3JQf0SL/QO
+r3LpR/n11ExHsnphkriJJhDDwnXuTD3Og9QhIRWKpALwYRqt0AAaBpcZNIb/d4mE
+l2wojPXxdOCavglHCyH+JH7ieZtae8I+2yCkfKl5dqxESmSPOD6qGA5i4ehqRLp8
+ivqyqBK0XYINLwTckj9tbGkerThiZPXEUdHyGI47qVRlTCNuN/JTmPthuVMdiEUh
+oBFa/c44SxylvVG4y1Zs/57b/6aMC7O1zRWmUk+K/FbaKyig04pxcG6C7/YRyR6J
+x0JtnufMcNcNFXuWIOYnrQIjNhmRY9j4nrro2a0keg66VRtwUpKzil8jRQDpWu9R
+nfHwUXWKsw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tools.nwrce.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Matthew Radey</GivenName>
+ <EmailAddress>marad@u.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://urizen2.cac.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 654, expires on Fri Sep 23 17:54:23 2011 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAo4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkyMjE3NTQyM1oXDTExMDky
+MzE3NTQyM1owJTEjMCEGA1UEAxMadXJpemVuMi5jYWMud2FzaGluZ3Rvbi5lZHUw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANmoX5JWhcoyxIFN1IqKmN3k4aSH
+YBRnn6NV8ZRbM5kaLFNftVG2iudOIMXdFDI0jC3If3El6+1JBEi5VopCDRCKThpw
+yUysJU4gyDlSTIGb8wFLpcc7o5BvpLlz9rZCUmXdHbYHxyJZNyi6ZE2cRDjCTMo/
+nvEtfHlCPIyM68pvAgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FHjeHd1No+0GU0hyYyxoIC0PZww8MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCUGA1Ud
+EQQeMByCGnVyaXplbjIuY2FjLndhc2hpbmd0b24uZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBs1r9/kBveUyIBx/XcQg3W4ytGJTMZ6mIU88qjgbIYIeUe8/ItyngDzWUs
+dVBJTJXlYY/eaGwUuwzeEXitszdR9fh+h6jYaaoUAeZB8AHUKUpunWZ06qa842tu
+gGsOvZIIKKZh8dGCahLR2dcrLWUOe/RINV6sQvCO2iOnpIsYvBHyztwiBXNk44cd
+7ObSwiGyjb0j7qsP8+A4a2kqa0Q76pN76Pn+n9bwbLCEOPRpwm0vQSt321fr4WUJ
+0kdapwrnVVlnu/odrtH2N8PekbbrD3w6gYDtq4d8dpNEw5Zx1VB+Qk4rcGlQeVx4
+5Mg/2Dc5CH4WDn5xxaHSE/Z+9Scg
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://urizen2.cac.washington.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://urizen2.cac.washington.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://urizen2.cac.washington.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://urizen2.cac.washington.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jim Fox</GivenName>
+ <EmailAddress>fox@washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://vegitron.eplt.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 374, expires on Sun Jul 4 18:14:26 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAXYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMzE4MTQyNloXDTEwMDcw
+NDE4MTQyNlowJzElMCMGA1UEAxMcdmVnaXRyb24uZXBsdC53YXNoaW5ndG9uLmVk
+dTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA21YMraQ6nUOCN91WIfbr228S
+OPRDg7kyTcz9Aa2Qt8Uwpg6fX51dntYTqNSOamXw3UaUiGJuNoEmcO/X87E971jN
+x6Vtzi9yFv5ZmCq3GTvhCulaN4J0j/uDCmm2xdcP95qKw2nfnbg0dx5ULc5pYtKR
+AvKXf2UCqJllWThjxCMCAwEAAaOCAq4wggKqMA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQU8iewgV0ifIm1cYrni9dqonXVegcwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9p
+bmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9j
+YS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJwYD
+VR0RBCAwHoIcdmVnaXRyb24uZXBsdC53YXNoaW5ndG9uLmVkdTANBgkqhkiG9w0B
+AQUFAAOCAQEAcZ9qZayFJnVTwdr5jCoewvQUSZAGaJYzqhwXjXr+iX1hLH0N+I8m
+EPdCD0Dh7nEJEYAyDz6kihVBJ7fzcjQ3c/0nvdaaEHVhM83TK725yQC32SR7aT+o
+zXkaZ46Mvie66+YEbkriMROTzjPJHzs52TuqIERj0yG3voM58dsjy0EZL6YvX9pS
+2DrjoMR1sBCdS7d5FnsL46zOQ50n0bGatSgs7cEo5S9lQ9shqSm3pmSLfJUIo+VG
+6RSkESD+j/ryXF+yGmVqwJZyjFCDGHH0pOZ+i5s9XK/c/um1LuY6A+JdtsMSz5B9
+sxfmDy4LFek0IUdJuDuDtUnZHGNVeGmUVQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vegitron.eplt.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Patrick Michaud</GivenName>
+ <EmailAddress>pmichaud@washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://wiki.admin.washington.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 319, expires on Fri May 14 17:34:08 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICAT8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUxMzE3MzQwOFoXDTEwMDUx
+NDE3MzQwOFowJDEiMCAGA1UEAxMZd2lraS5hZG1pbi53YXNoaW5ndG9uLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0xuy8d1QMxy2ClmPkXghIyKzGl/H
+Neg4d5oOkoqDPAgOBQjtWIitkJSBtWTg6olj8ljMdQ3G7UyOiEqzHpgHM26/BvJC
+6cnwN+9BzqQVz+0Lhuzqzn0ExtDtz9sscinmg31OgW+YtGSRfwQABo3XDyS30FiC
+cyLDZYjcfHA/M0ECAwEAAaOCArMwggKvMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+XzCZzGUZ7hd4715XUPLbUhBVIMcwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAkBgNVHREEHTAbghl3aWtpLmFkbWluLndhc2hpbmd0b24uZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQDAweN1JpDzzWZ8yLFyvM6mgOiTY3R1sP0vtw/Q2KLp8Gy5uy5v
+O192PAhVbK5Ds0UopSwRgkqQH9IntvLcmytJG+OkvjeNZqFkkN7W0H4FZ1fpCWqu
+rWMJeClUowlS7EtbxjParBKs7XlqaY5R01QmMzUYI4UdgdDvVC1bMTOzJ+h+Vgmn
+JfKyZ5WJkeBYkfpTzrOma3ao8PT6NE4w+6xwR/GU9xkf17iEXzyEyw9p4QzqlCJK
+kynQVcNfftsFp7OjSdLZh2LlkhOVNVkMm0Mf6TdWAt0GjxdpaTkVCuitTfaIUgbw
+D47Cl7XxO90x+NRbKHVZAnkBULGyZOudELX8
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wiki.admin.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Applications Engineering</GivenName>
+ <EmailAddress>ds-apps@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://wiki.cac.washington.edu/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 248, expires on Thu Jan 14 20:39:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAPgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDExNDIwMzkwNloXDTEwMDEx
+NDIwMzkwNlowIjEgMB4GA1UEAxMXd2lraS5jYWMud2FzaGluZ3Rvbi5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK8vilBf0x4dz5YkUqpIKyCpszJ55WFp
+kMSCtf78GDo7pBDirSW0AF5ew47BDyq/jr0nfJjGZivLU7MtptdyriVCEMvwPqAs
+xNVRukPDN9O/gFsntWycTQxK6/iy0j021QnkK122ES0xvZMaOiqiY2M+iEvAl1QJ
+Ptr19xCMXKErAgMBAAGjggKxMIICrTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFDYf
+vW56lB0yToYwrXPPKTOzjQNdMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+gY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+XgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8v
+aW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYw
+IgYDVR0RBBswGYIXd2lraS5jYWMud2FzaGluZ3Rvbi5lZHUwDQYJKoZIhvcNAQEF
+BQADggEBAInrjjsbmUSOLDOpYIbDlg4NtS4bEcdyxSJ0u9b4ZCCAf57PQBgEwWLe
+Y6TiVRig96J9orU7UsyRjRrJIJC5rXjbULZ4wBBhHH0nsGJ8x4RkVtlzseMBAXnG
+jwCjayi0lFBYMFoFq+1Hh29cp8CivPKz6cvJ2uoGc2Tb+6Ftdc4BBttMhksXYNHu
+kOyfPSrFX6GLSMMam2bJEx6nFinbfxsJrLEFSH749GFulFur5VY17lzWTaLmQmzt
+d2QzJNScj9mzHXfZa8o9+Bec2tuxcdLz7ppA0i4kB4Eg6A8wKW6U+M/uzugVck5S
+FYPde/DAu7OXPGyW2dX18LX9ktGfls4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wiki.cac.washington.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Distributed Systems Applications Engineering</GivenName>
+ <EmailAddress>ds-apps@cac.washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.iths.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 449, expires on Mon Oct 18 19:23:33 2010 GMT -->
+ <ds:X509Certificate>
+MIIFBTCCA+2gAwIBAgICAcEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAxNzE5MjMzM1oXDTEwMTAx
+ODE5MjMzM1owFzEVMBMGA1UEAxMMd3d3Lml0aHMub3JnMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQDSKDBGGpo5GbzpHeBw43uNTo5uH+caY+501VKXPkeplhQY
+nzziFz6M+sriPQPHOKQvOMdj/AsblVK64ISFV9AAxDNV6zLxn4PwJkkmtUrykoq9
+f1J5S9GIYdgTz+LxtOdxGtSUF7YiqgIke4hFVVrY1cnsfwkN0BNQ8hH+GphNzwID
+AQABo4ICnjCCApowDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSoRE777g/HJDJxbNUZ
+zvYOb926LzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggx3d3cuaXRo
+cy5vcmcwDQYJKoZIhvcNAQEFBQADggEBAE9286v4VIWsZ/DJBpwgf+LjY3twr2BE
+pinwCR5ydr1SqsygFXRchjRsuYMpjxvYa8bgw2fDZts5hBZa07uXNiR8b9Pr8o/u
+G2p+cUmX6lbPw4ODC9FQKVGHKvVCg7wRtLcsFtpCfXrO2/h9LBNviIPFTK/hyRJX
+Jbk6MjB+YEmbaNgUlMgMn5x5kEfVXf+AQd86BbWD2dpqRrAUX1Oyof4WzMuBvwtU
+kQDFDQHU2hMhBJ6IomFfDkAks/eyItroGCU96B3T6boifzrDBbkpf+9TNQOnH8nN
+vTI54DHc5+qb+al0xnUkOnFTKmKDBdvTqe0pPFNe3QiWHMXXuV57PZ0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.iths.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Washington</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Washington</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.washington.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Justin Prosser</GivenName>
+ <EmailAddress>jprosser@washington.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Elsevier -->
+<EntityDescriptor entityID="https://scauth.scopus.com/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 224, expires on Sat Nov 8 17:34:39 2008 GMT -->
+ <ds:X509Certificate>
+MIIFSjCCBDKgAwIBAgICAOAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTEwOTE3MzQzOVoXDTA4MTEw
+ODE3MzQzOVowSDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVsc2V2aWVyLCBJbmMx
+ITAfBgNVBAMTGHNkYXV0aC5zY2llbmNlZGlyZWN0LmNvbTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA5VNOBWVUvnbVnNX21xZ2pUVMgiu1wKephFZ2BW+fMa9m
+CuKzmwfNYCbNo3ZyIZ5RdtiuPhwKKgoOjNJS24nblpIH6c50qGYWJhIVMBerGc8p
+FaeDrZqG3+4QJ4p1SxgijHCMgXS3dGJjefTUdK0KGg/cBub61gnsGzj2UozB8TMC
+AwEAAaOCArIwggKuMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU+xFv7JcmuzUdPXXr
+l8+kXt+VQ14wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJ
+CUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAa
+ghhzZGF1dGguc2NpZW5jZWRpcmVjdC5jb20wDQYJKoZIhvcNAQEFBQADggEBAKjw
+mQJLXCVUMF4XIoPPiSvcXj3gPQ19EUiCY/P8/jdGkzlg2GyrS0I1PgY//L223Rkm
+6NU6EtZJscq6kiTzSQtpGqx3opobBzXN1hE05/t5HDARVPIXt4g5244ra0xcJe/N
+WeqsaE4YIr+pNtavOCxAbUf7MkGe7MtTMdOqJSi27q8hOK2NuYrSy0BQzpVvj/bJ
+8kW+ltqtNcE5jHcm5u1YLFGaH+XqlSjeM8WuS8q61bYxoAc117mtil0M9fqfpPze
+CRv9Y7gZsPOTxSwW2Uv+o16dL/4tOue+u0ZgvQmMdS5YaiGN1dnJoIFhgpwLZwOu
+azDbUlz5529i+bLUp2U=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 462, expires on Sun Nov 7 20:16:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAc4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTEwNjIwMTY0NloXDTEwMTEw
+NzIwMTY0NlowIzEhMB8GA1UEAxMYc2RhdXRoLnNjaWVuY2VkaXJlY3QuY29tMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlU04FZVS+dtWc1fbXFnalRUyCK7XA
+p6mEVnYFb58xr2YK4rObB81gJs2jdnIhnlF22K4+HAoqCg6M0lLbiduWkgfpznSo
+ZhYmEhUwF6sZzykVp4Otmobf7hAninVLGCKMcIyBdLd0YmN59NR0rQoaD9wG5vrW
+CewbOPZSjMHxMwIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBT7
+EW/slya7NR09deuXz6Re35VDXjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhzZGF1dGguc2NpZW5jZWRpcmVjdC5jb20wDQYJKoZIhvcNAQEFBQADggEB
+AAfJC1KlCtRqCJqMhUI3fBjnwAslW6XhFGwuGa3WcLYs8H5eq2QoXDzITgSLcSMo
+dcuT/MvS6XA8KiWDd5/V+p96gYK0/3tTrTjAWSwa6Xt13Re7xqLMauRZgOvbYzZ4
+dKfQLxPgcBFMeqVXW1RrcW35ZJPGQ6Qd8OsV2Cbl0D+Y1hZWrt3kMvTNFRkLFx4K
+HmHAvx3TndztBr/8vy6vYPnf30+p7VXGJOX0dKkYyMm1009sJrpJEpb+WtV1dbrx
+O1voDTwBEPTyNkcIEOpMY8sFrjJSiHf5EQfcsu9S9RS4DrGBLs12vQf5ss0l/53V
+d3d7MjqxClPPsaO+ehxSQAs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://scauth.scopus.com/SHIRE/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cdc324-scauth.scopus.com/SHIRE/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Elsevier</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Elsevier</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.elsevier.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Application Support</GivenName>
+ <EmailAddress>EDITAppSupp@lexisnexis.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ale de Vries</GivenName>
+ <EmailAddress>mailto:ale@elsevier.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>SDBDSecondLineSupp</GivenName>
+ <EmailAddress>SDBDSecondLineSupp@elsevier.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://sdauth.sciencedirect.com/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 224, expires on Sat Nov 8 17:34:39 2008 GMT -->
+ <ds:X509Certificate>
+MIIFSjCCBDKgAwIBAgICAOAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTEwOTE3MzQzOVoXDTA4MTEw
+ODE3MzQzOVowSDELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUVsc2V2aWVyLCBJbmMx
+ITAfBgNVBAMTGHNkYXV0aC5zY2llbmNlZGlyZWN0LmNvbTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA5VNOBWVUvnbVnNX21xZ2pUVMgiu1wKephFZ2BW+fMa9m
+CuKzmwfNYCbNo3ZyIZ5RdtiuPhwKKgoOjNJS24nblpIH6c50qGYWJhIVMBerGc8p
+FaeDrZqG3+4QJ4p1SxgijHCMgXS3dGJjefTUdK0KGg/cBub61gnsGzj2UozB8TMC
+AwEAAaOCArIwggKuMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU+xFv7JcmuzUdPXXr
+l8+kXt+VQ14wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJ
+CUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAa
+ghhzZGF1dGguc2NpZW5jZWRpcmVjdC5jb20wDQYJKoZIhvcNAQEFBQADggEBAKjw
+mQJLXCVUMF4XIoPPiSvcXj3gPQ19EUiCY/P8/jdGkzlg2GyrS0I1PgY//L223Rkm
+6NU6EtZJscq6kiTzSQtpGqx3opobBzXN1hE05/t5HDARVPIXt4g5244ra0xcJe/N
+WeqsaE4YIr+pNtavOCxAbUf7MkGe7MtTMdOqJSi27q8hOK2NuYrSy0BQzpVvj/bJ
+8kW+ltqtNcE5jHcm5u1YLFGaH+XqlSjeM8WuS8q61bYxoAc117mtil0M9fqfpPze
+CRv9Y7gZsPOTxSwW2Uv+o16dL/4tOue+u0ZgvQmMdS5YaiGN1dnJoIFhgpwLZwOu
+azDbUlz5529i+bLUp2U=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 462, expires on Sun Nov 7 20:16:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAc4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTEwNjIwMTY0NloXDTEwMTEw
+NzIwMTY0NlowIzEhMB8GA1UEAxMYc2RhdXRoLnNjaWVuY2VkaXJlY3QuY29tMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlU04FZVS+dtWc1fbXFnalRUyCK7XA
+p6mEVnYFb58xr2YK4rObB81gJs2jdnIhnlF22K4+HAoqCg6M0lLbiduWkgfpznSo
+ZhYmEhUwF6sZzykVp4Otmobf7hAninVLGCKMcIyBdLd0YmN59NR0rQoaD9wG5vrW
+CewbOPZSjMHxMwIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBT7
+EW/slya7NR09deuXz6Re35VDXjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhzZGF1dGguc2NpZW5jZWRpcmVjdC5jb20wDQYJKoZIhvcNAQEFBQADggEB
+AAfJC1KlCtRqCJqMhUI3fBjnwAslW6XhFGwuGa3WcLYs8H5eq2QoXDzITgSLcSMo
+dcuT/MvS6XA8KiWDd5/V+p96gYK0/3tTrTjAWSwa6Xt13Re7xqLMauRZgOvbYzZ4
+dKfQLxPgcBFMeqVXW1RrcW35ZJPGQ6Qd8OsV2Cbl0D+Y1hZWrt3kMvTNFRkLFx4K
+HmHAvx3TndztBr/8vy6vYPnf30+p7VXGJOX0dKkYyMm1009sJrpJEpb+WtV1dbrx
+O1voDTwBEPTyNkcIEOpMY8sFrjJSiHf5EQfcsu9S9RS4DrGBLs12vQf5ss0l/53V
+d3d7MjqxClPPsaO+ehxSQAs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sdauth.sciencedirect.com/SHIRE/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cdc324-sdauth.sciencedirect.com/SHIRE/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Elsevier</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Elsevier</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.elsevier.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Elsevier Application Support</GivenName>
+ <EmailAddress>EDITAppSupp@lexisnexis.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ale de Vries</GivenName>
+ <EmailAddress>ale@elsevier.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Chris Shillum</GivenName>
+ <EmailAddress>c.shillum@elsevier.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Internet2 -->
+<EntityDescriptor entityID="urn:mace:incommon:internet2.edu">
+ <IDPSSODescriptor errorURL="https://origin.internet2.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">internet2.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 269, expires on Sun Feb 28 21:18:51 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAQ0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIyODIxMTg1MVoXDTEwMDIy
+ODIxMTg1MVowHzEdMBsGA1UEAxMUb3JpZ2luLmludGVybmV0Mi5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAPVmhDcRQHvtJ4OMyo9NlJT8/5Cl85040fLJ
+pli+S+2+6ijWZGThHLkD19PLY85ocKp9lKkMShE6URGyxaQrf93CPyD4gd/aYIqU
+qoHSwvj9hu3UGd+dsLFbL4407hj2ELa4Asq/ox4/MPGgSzTM0d9mQtUdGOYa3XY2
+JeSmGWWRAgMBAAGjggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNWWyl5+
+bV1RxZM5xCST13tH+AeBMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYD
+VR0RBBgwFoIUb3JpZ2luLmludGVybmV0Mi5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AGrV1Zdj5FM8FgKHbNO62r5ZaE2NlYLwDy1EYKWov2knbT9JHvYx+MH46xL7vCwX
+R/gFNOZ2bQAPWVlRwA/vgOcRaUCiY16EoXYRlPtV5iheGgZmf6t5cwekNM0fTE9r
+kHYyIGXQeH5nXzckOlBLqMQvla3qr8AjIYDS/bGAlUnLipo0jb30RucpKQVMa72U
+Kae26sd7MUM7apEXibOIZ0ulHD18Bx3cwkEbNzjqO7Fhie4eHP7YLfZ4qqiwHIan
+aDAvd3cq7kfauomnRFfk5m6If5r8CARRt/9ddJQJ2fR+UTVgq4Y0vrArC1RWlHCU
+fNWyS+DPScAAr7W2Ia1K8T8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://origin.internet2.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://origin.internet2.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://origin.internet2.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://origin.internet2.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://origin.internet2.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://origin.internet2.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">internet2.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 269, expires on Sun Feb 28 21:18:51 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAQ0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIyODIxMTg1MVoXDTEwMDIy
+ODIxMTg1MVowHzEdMBsGA1UEAxMUb3JpZ2luLmludGVybmV0Mi5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAPVmhDcRQHvtJ4OMyo9NlJT8/5Cl85040fLJ
+pli+S+2+6ijWZGThHLkD19PLY85ocKp9lKkMShE6URGyxaQrf93CPyD4gd/aYIqU
+qoHSwvj9hu3UGd+dsLFbL4407hj2ELa4Asq/ox4/MPGgSzTM0d9mQtUdGOYa3XY2
+JeSmGWWRAgMBAAGjggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNWWyl5+
+bV1RxZM5xCST13tH+AeBMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYD
+VR0RBBgwFoIUb3JpZ2luLmludGVybmV0Mi5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AGrV1Zdj5FM8FgKHbNO62r5ZaE2NlYLwDy1EYKWov2knbT9JHvYx+MH46xL7vCwX
+R/gFNOZ2bQAPWVlRwA/vgOcRaUCiY16EoXYRlPtV5iheGgZmf6t5cwekNM0fTE9r
+kHYyIGXQeH5nXzckOlBLqMQvla3qr8AjIYDS/bGAlUnLipo0jb30RucpKQVMa72U
+Kae26sd7MUM7apEXibOIZ0ulHD18Bx3cwkEbNzjqO7Fhie4eHP7YLfZ4qqiwHIan
+aDAvd3cq7kfauomnRFfk5m6If5r8CARRt/9ddJQJ2fR+UTVgq4Y0vrArC1RWlHCU
+fNWyS+DPScAAr7W2Ia1K8T8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://origin.internet2.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://origin.internet2.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Tech Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://apps1.co.internet2.edu/simplesaml/module.php/saml/sp/metadata.php/default-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 645, expires on Fri Sep 9 17:59:36 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAoUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkwODE3NTkzNloXDTExMDkw
+OTE3NTkzNlowITEfMB0GA1UEAxMWYXBwczEuY28uaW50ZXJuZXQyLmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAO1EOiyiAt59b84u+HE6JdWRBBS6
+40Ob+n4rbpqxZkJ7fyyqT2NoWyZj3RpFJeQy0x8oj4jtayZZOBqp5jr8IUNhteDI
+na7TZR/8oTt1jVQc+vFbiYFp3yytJ9gIM9FYGSreMc+CMVBhqOH347t1LozD4CzO
+Xg6NeMySAQkIqQPMPkyGdo/su5ETmjMmOHUxKkcbKfwynH3c6ClOcAvKLBDCZApY
+rp4qsyx8LqeOhf/PYRLShQ5hFoSIVTokdjhtxac6+tq9INSuES+cRHvuD966kD4Y
+6ohbZaN48c/1tYss9H/UGE9ghF6NQLXmKovO7/7rDlEdkzqegC/AlSvTqpcCAwEA
+AaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUWoGu9xI7hDtAYQ5GiZnI
+nAH3ttowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBowGIIWYXBwczEuY28u
+aW50ZXJuZXQyLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAsmikl7wc3MqJSqOpMpO8
+T4PeI+GYZgzxo5BZsJaqYtZzV6E1JJ54SnrFn5POxACjMq3OyCmaKnJyHaLEYyz3
+7ZPKpJhZQKrgETA/9xeYp4qr3ZzZzBMgzPSwKUH7qR6hfD7S7eaWrbxwvMLENkFw
+zB+fCwFZrv9AObkkDZReWpnoRgDRTaN2kXebbDAfJFRUdLLTHyoEaIrSxWFou01+
+h3njfVnlF/JFUyfigiEwPNgi5DCLdUvmpB0TEeK2LFtq6uA/YxywNZfehFNZt8UQ
+f8I8ypF2PrrGNqZ1Y4cufE+10CT20m9eTaNtvITJV2x9SX4FF9k5EzrPRuQqLG8S
+ow==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://apps1.co.internet2.edu/simplesaml/module.php/saml/sp/saml1-acs.php/default-sp" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://apps1.co.internet2.edu/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Michael Gettes</GivenName>
+ <EmailAddress>gettes@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://backup3.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 18396801670460518708, expires on Sun Oct 27 15:23:11 2019 GMT -->
+ <ds:X509Certificate>
+MIIDBjCCAe6gAwIBAgIJAP9OkaYbHLE0MA0GCSqGSIb3DQEBBQUAMCAxHjAcBgNV
+BAMTFWJhY2t1cDMuaW50ZXJuZXQyLmVkdTAeFw0wOTEwMjkxNTIzMTFaFw0xOTEw
+MjcxNTIzMTFaMCAxHjAcBgNVBAMTFWJhY2t1cDMuaW50ZXJuZXQyLmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGZnXEPi3WPlU8hXpvI/hd4AZNu
+ioaRlrqCTbnRPdiQeDn9njUPr4gIRQhwXlVzf1fj+JxWrOBT5Gj3uZFLyfMcnp3I
+4y7Z2njf2LzygQpoalEBFKXLHYNnKuTN/vgnsF8XxrjBZyaPbJJnLwUNEEdGGCha
+GdFuitKhShGdTNU1gZ/b67EretOompbT2AR27Zy2BgG4NN0POLD7jJbNi/yetcrw
+f4zybvs9SZzpgrTia0iGJ/EEiRhK1UvMwVAFNFHdHafB6NCRTgWt/NgNP6o+hCyo
+nIQMVNlQUsU6RdSYqpelMOGwDSTra6t4QXLYVXfuC23T0mbTn30t0tPJp4kCAwEA
+AaNDMEEwIAYDVR0RBBkwF4IVYmFja3VwMy5pbnRlcm5ldDIuZWR1MB0GA1UdDgQW
+BBR2VhkNXLt18HCW+4hqXPI2IQXSSTANBgkqhkiG9w0BAQUFAAOCAQEAUFMQnCB2
+0wy7m/A9GKv+nN+LzpaoH+Vh19H63DEepprpK9RrGExgpAoOqNqxlOO9fKdnF/MM
+5wBJ0/bXYPzvlnd3LiEfLxMQN7akeBkKmuWpeai1+R+ASbVN56JGk8DDsYfol+Up
+rqk7Wm4Bf/2eh+WRNi1DXuXCms9HlcpUojF99JunrYeFb8iobqQfNAOQ8NkQuCTZ
+d0QbxKIxFb9lu/57q9WCsVsKMuHctj1T3poOIUA9m7MJZF22UgfCyACieFfX3bEh
+lOAqZEm1US1nLSwrBClULQ+Y0lZHIXwZivld2u7bYesLeGY/IFDA5rQv/skt3g/V
+8u+QGllmiQYYeQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://backup3.internet2.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://backup3.internet2.edu/Shibboleth.sso/SAML2/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://backup3.internet2.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://backup3.internet2.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://backup4.internet2.edu/Shibboleth.sso/SAML2/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://backup4.internet2.edu/Shibboleth.sso/SAML2/Artifact" index="6"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://backup4.internet2.edu/Shibboleth.sso/SAML/POST" index="7"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://co.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 211, expires on Sat Sep 20 15:08:24 2008 GMT -->
+ <ds:X509Certificate>
+MIIFZTCCBE2gAwIBAgICANMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDkyMTE1MDgyNFoXDTA4MDky
+MDE1MDgyNFowazELMAkGA1UEBhMCVVMxQTA/BgNVBAoTOFVuaXZlcnNpdHkgQ29y
+cG9yYXRpb24gZm9yIEFkdmFuY2VkIEludGVybmV0IERldmVsb3BtZW50MRkwFwYD
+VQQDExBjby5pbnRlcm5ldDIuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDA4/Ytcos5QURHIdQAW91R7e0KrmLwR0woDMQ7jA1e4NIbc7yIEarzZu2cjg+R
+ooEavIgmLxv8mXYQRYX8nhGeVJQvX+zTsa+321hBZeRhfLsfhWhW5V5AGI+2uiVC
+DQmdJtwBLuXnS5/QCr9hVgei744ScKJ+W3BrrT6mOrToEwIDAQABo4ICqjCCAqYw
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRKzzJwQHTUDHo3qJK9mrc0uHZhdDB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCB
+pwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAt
+IFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBsGA1UdEQQUMBKCEGNvLmludGVybmV0
+Mi5lZHUwDQYJKoZIhvcNAQEFBQADggEBAIO+9S3UVuE/VgsjZ4enAZz0I0D4NQxi
+/XkTK3rFZS5n7OKMAAtolX3JWjaDvHh2gWDx50BO08VlhtThkb8aqf1BkN0BjP4C
+vxtn8Gw4O+Sw0V4465rYDbn+uf10Ln6s2dg73w3QGEVNa4FQuzwvBpf/qLNW1/Jw
+oxhvwmvCk8wF/5POpzPYR6/MmOchU6pJU0663B4Qjt70amy+H27sVMO954GtY1tj
+ZWd0oASSmO1GTJ5o2B9ZUKSzIdKMWMt9irFkpR8MCcziq+UaLulO42QHo1tZR1fR
+V+HuMEjqLKFeSh3Q88jnExw6MJlhsEyLUOX2hC/MTSjIGtKUyE2rCL0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://co.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://co.internet2.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://comanagedemo2.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 483, expires on Sat Jan 15 20:10:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFpzCCBI+gAwIBAgICAeMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDExNDIwMTAwOFoXDTExMDEx
+NTIwMTAwOFowJjEkMCIGA1UEAxMbY29tYW5hZ2VkZW1vMi5pbnRlcm5ldDIuZWR1
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl6rOYaJFHvMPwoh0OwW
+f1Qu98ETqDHNy0Xqh1y27hxRHGoEhAcaHZ1VqnkNeDTSFY/BDtRvxsZ8diGCluGL
+kBt0qk57W257hYnqOzUY0kDCV65Hj0wBq8Mz2u01VwG+bcthIp8EoBj52yzZPqLx
+SbRra5rViiykKyZikNNUodsqSkLFXxkCOwYd7gTsrMiFbHqkmCFridKcQvoj1vMS
+LNCBOgzTWGdDYKc47XoKbBJ0vNSz9/AF7q4H/XqVuoxUc8zB/ubeoo8ceWi8iJTb
+6uDHlrfGPQl3YJB1+D9x2y6/3kmTTdmZJBM5vCzSRSuQGjVTNqLxs4mLvc2C8/Oa
+jQIDAQABo4ICrTCCAqkwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRsdfSUibM++kTB
+izw6XMxQJFlQpDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAmBgNVHREEHzAdghtjb21h
+bmFnZWRlbW8yLmludGVybmV0Mi5lZHUwDQYJKoZIhvcNAQEFBQADggEBAAmbHtWg
+AWB3eX9AoM7L3xMUBkiqn6NB+GHXDrKZ2Hb7o2SkZhb2G+OtV98V3vIZCiXBgVHL
+1enMZQiZtCGmGtx9DR9vMoUq8atvFZzMDL2VajYb699p48NnScYalVc5QVfa9ErU
+PHu0+PBwb/0D9TIMUpzSFJIw+AQBZ/qglTZmQRcMUuj3RHRLdE4ZYggfXgoZcwF0
+POcI/NKgo/6hmky4HFf9m4w1WBzNHCjudECB5VNRERkCgNCHhZ9OVfui2nOMC8Br
+wxWoVU/q4dksx0Wd8CkpTyroc1SzeXbWa2JV55q/tBdTQ5KGT4pECTOMDotAtcFd
+fmOFSm1C0Rscyzs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://comanagedemo2.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://comanagedemo.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 480, expires on Thu Jan 13 20:06:18 2011 GMT -->
+ <ds:X509Certificate>
+MIIFpTCCBI2gAwIBAgICAeAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDExMjIwMDYxOFoXDTExMDEx
+MzIwMDYxOFowJTEjMCEGA1UEAxMaY29tYW5hZ2VkZW1vLmludGVybmV0Mi5lZHUw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDH0kk2kcLU3K6D9zgUq74z
+x0xJ71ndDqDMQAjeq3Kdj3iBlijDtKId2fAJaOj1EV50K/O8SurGvLhi7sr2Hz80
+F1tRjo0d+HchP048T+aX24qxpe1IuQOT8NQF7nVJU7FErOPCZ4FDr0JpRKXcUPY0
+2qw/ZUDZec//wHKPAlKD247G9WYtThX7o02pp+L9tmZtN2zyIs2WoguHsObrBpLA
+ILMe5xDbsRZZeUn2PeUtXh9dbfVpD6+J+i13m+/eub4H/+zjWGUJy6tSMs5RTXRe
+9CqijKKaoXzyQmYcDLZTnHOihqVngZy3zzOOh29eBwfP6Yav0KTbaP8H99i+w1Nn
+AgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFANDEuiuJ9y0FcVW
+j9JWF1tE99tXMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCUGA1UdEQQeMByCGmNvbWFu
+YWdlZGVtby5pbnRlcm5ldDIuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAEvgF0AzPn
+WtxSYhQ2VePUMrpSLytz6a86Zg2byCZXQSMltAN8XZpesNJ2ygTOzLIMCJIPbIQD
+xayVzHh7Dsnu1mCFgPgRqI3PjzADgyUFC2l6DMbQ0GdsfKuJh4gt1ai3nzIWFAZK
+zai9qdA+9UHPxIghV36ubpN5gK7d2gMu5F23Vxnv/oxEO0WA0B5nMFDuUihqXiBi
+/05xWbtlUdzP/RaGpCDyYF5OkjCZiqO1jxu5eezRaRMDgwGvgdhQacjFC1ZTw15W
+jjiY4wgBn+ADerH0Le8S5TXyk2ELh06rxaOxVp1lXYo98fH2nro9+zJrOZyvA/Tz
+aW6JMR3rTwF1
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://comanagedemo.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://comanage.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 157, expires on Tue Jun 3 13:38:44 2008 GMT -->
+ <ds:X509Certificate>
+MIIFQjCCBCqgAwIBAgICAJ0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDYwNDEzMzg0NFoXDTA4MDYw
+MzEzMzg0NFowQjELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEfMB0G
+A1UEAxMWY29tYW5hZ2UuaW50ZXJuZXQyLmVkdTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAtS7oOeMrrVv2OagkJt6TXgB4guAEhtzwWuQxAaARhPHsRxzWqkC3
+hUgVBulJTUsLtwEZxGZ/uxd8CV1zeeXfwcEEayOTwNSmQJiET2ZN2kWt7vy6uJcK
+YI/b9fs0TsAn1DUd7EAJjqz0GilwePYd7h1sO4+yVUmFh8dU9YRnzFkCAwEAAaOC
+ArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUje01mBqxOqT/T+Fj3FXAPa5V
+IoMwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEE
+ga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElz
+c3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAhBgNVHREEGjAYghZjb21h
+bmFnZS5pbnRlcm5ldDIuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAcgVtzfAzbWGSO
+VclZtqispdjIjwpvG2g0GCcLXDOjWOuXgSJGptxg7sSBcC7I0Xyz2UcfuD4LcYCg
+ShNX4SOMLnbJFnBOmO52bxdirkWSwzhAQTB/SeVcrvd2flzLm91cbZ/RBhdBXfEZ
+Rc+P1W3GGdMfFfPFxBaQfTxtrdp2Zr9UkaF57emUovcldvVEy4TrO8DX+LCnbzIZ
+gFiQsYPrbTk93TcPxiCBSsb4E6OSS519sZWzqTf4wWO2wiI25JFesr2QNqbPgrNY
+3NAif+o3pZ7yCs7UfL5cpEMsYQggaIplqoIqxRtxuyrDY9kCBsQ61xaHAAWj3F3S
+CSmhlkv+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 326, expires on Fri May 28 19:28:38 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAUYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyNzE5MjgzOFoXDTEwMDUy
+ODE5MjgzOFowITEfMB0GA1UEAxMWY29tYW5hZ2UuaW50ZXJuZXQyLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtS7oOeMrrVv2OagkJt6TXgB4guAEhtzw
+WuQxAaARhPHsRxzWqkC3hUgVBulJTUsLtwEZxGZ/uxd8CV1zeeXfwcEEayOTwNSm
+QJiET2ZN2kWt7vy6uJcKYI/b9fs0TsAn1DUd7EAJjqz0GilwePYd7h1sO4+yVUmF
+h8dU9YRnzFkCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUje01
+mBqxOqT/T+Fj3FXAPa5VIoMwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZjb21hbmFnZS5pbnRlcm5ldDIuZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBH8Ir8hnGpxKP2nMGlwHY6EW7998ZC/rjFwa/LHdoTRVX1DMaWTKVk6WZ7
+DC14RThqkSyoUPvQZgUT0CWngbLsHmSSYPQeMyoHbqJawIUJvn5edgRGr/Hjxtf9
+vH3wAg4FcAdn0P+HeKTDOJTcKqYHYmtyC0RyxABFtfDFf1Eo8W6OLc9mxdVPfpHL
+fEiK6yg4kLmkugiVUFaZI8wSHnF56eV54ml1rowvL4u5hyT6U+s8hKXDmtNzbDvT
+AReSgyuMH/1m/8ByYHTfvWTLppRlcF3RSnwfeSM7Kj8tQc5YPsiN0AFy0GbIiwAW
+xs3npI/RpbnVlWFZuFuV8B/tzhaK
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://comanage.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://comanage.internet2.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Michael R. Gettes</GivenName>
+ <EmailAddress>gettes@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://getz.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 67, expires on Sat Apr 21 16:09:42 2007 GMT -->
+ <ds:X509Certificate>
+MIIFOTCCBCGgAwIBAgIBQzANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwNDIxMTYwOTQyWhcNMDcwNDIx
+MTYwOTQyWjA+MQswCQYDVQQGEwJVUzESMBAGA1UEChMJSW50ZXJuZXQyMRswGQYD
+VQQDExJnZXR6LmludGVybmV0Mi5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
+AoGBALYnzkUW0a7z6HULzh3KFitiwhGJYXRMKOAnLEViQ9X8gSSS2Q/aBaKrTJsQ
+Mm6U0yoqz6Zfrz96/3MLYnSDhn/WcOr2YGQeMmEE/jtigvjnxj8D5RP/cwSolDPG
+vvkAcwtjdhu/HTC4kMlqh8KqdemhmsKdOyviKSf7Dec7K+RHAgMBAAGjggKsMIIC
+qDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFB1iBC9Qgbfz+Ak4Yal8icBxKhPMMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGq
+MIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJz
+IC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHQYDVR0RBBYwFIISZ2V0ei5pbnRl
+cm5ldDIuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCPUzrdsGkEkoTjWY4w78YHVdmz
+VsPquEghrrDuC3hBqU7O99xzCvO5gIb6swRmSVZtCS3tXOh9y7u4HVe0wuZfF0Fq
+cvDtpAapXlpogOYkgAeWNw8Itok1vT4a1m6Js9PkwU0/RBRgCakgbnwXDs/cR5RU
+27r27Vsup7WN6pifi+gENGeFXBsjxeKxnCnSnjJl8dQz2DsDb/YZO1IcYnDHWqZ3
+GRGSIKXWZArysHlDrNQkiM04gN+3xb0M81/lQzOIcaGRiUDUdFVc+Hqq/iRUEzxZ
+JkT76YmD5qNOGEYvKLPbEu5c1ueoL82c3d+zTLeHNON62muIdXhd/s2ZMiBA
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 143, expires on Wed Apr 9 21:14:31 2008 GMT -->
+ <ds:X509Certificate>
+MIIFOjCCBCKgAwIBAgICAI8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDQxMDIxMTQzMVoXDTA4MDQw
+OTIxMTQzMVowPjELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEbMBkG
+A1UEAxMSZ2V0ei5pbnRlcm5ldDIuZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQC2J85FFtGu8+h1C84dyhYrYsIRiWF0TCjgJyxFYkPV/IEkktkP2gWiq0yb
+EDJulNMqKs+mX68/ev9zC2J0g4Z/1nDq9mBkHjJhBP47YoL458Y/A+UT/3MEqJQz
+xr75AHMLY3Ybvx0wuJDJaofCqnXpoZrCnTsr4ikn+w3nOyvkRwIDAQABo4ICrDCC
+AqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQdYgQvUIG38/gJOGGpfInAcSoTzDB+
+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMC
+VVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29t
+bW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCB
+qjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVy
+cyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1UdEQQWMBSCEmdldHouaW50
+ZXJuZXQyLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAbGq5y1g8pUxClvsDeOAkJ9CS
+dTodS6aL8NyBEVyBjcJco0fk3vldgQEbTlDmv/ZzmFSUMxSBXmYFAN/byyJXDD6d
+yyNO9AQ3e544ddNiRE384Q7xf3x9VB7FhkoxTQ5OlfEEgWj7GxEDoiefWdVuWw84
+3u5uklRqZkjogIvq1nFO0j0WRZIzHqF9+b33H5zehFpAmczJt3HZlMuKBHlsuB9q
+KOdCzB52rPky6jx08i7bcV727bnCQyptqWuqNERLbm4SscDDp3vgG/5nbGwvnh+R
+WkRGFiw/sK/T8p6Wg6d9HiVK5PvJ6mGvlZzvPMj2oK015P5Gi/Ci95HiPYbAJw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://getz.internet2.edu/Shibboleth.shire" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://getz.internet2.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Techical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>IJ Kim</GivenName>
+ <EmailAddress>ij@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://k20.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12231440985948926067, expires on Tue Nov 26 11:33:54 2019 GMT -->
+ <ds:X509Certificate>
+MIIC+jCCAeKgAwIBAgIJAKm+zsWSo7BzMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWsyMC5pbnRlcm5ldDIuZWR1MB4XDTA5MTEyODExMzM1NFoXDTE5MTEyNjEx
+MzM1NFowHDEaMBgGA1UEAxMRazIwLmludGVybmV0Mi5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDfC8cEhLoi57hF/9xbHXds/A3D1JCsuq6rGYvB
+EHsKEhcx68qwB6+dLSQ+VK0FuZdb2jKdHTvDSrX6wLfGMlAcAHbNDWG8YPgG9rOj
+GzmXtMqaH/iXNbuVtmxA4b5ddPNq8R4wxpYNupqqlcAu91B8H98wnnMtYqVXs/G/
+CBsFe3+HpvwBc2trt6/PPTbwBQN9dWQ6hSacd8ljrs0HlpGbyMTMBddsv63XcicV
+odnGU36vDZCemaCq+E5CotrH1nJmfO076qq4qgbpwNI1OO2nt78DYvqCqzCDM32K
+ut+/tJTmCZNHOdFKsnlFdq6EQMGXxQChmWvZ/xJyS5N+0z0lAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEWsyMC5pbnRlcm5ldDIuZWR1MB0GA1UdDgQWBBTo5kQdd3ZIAx5o
+YDFzBMsnnN/6AzANBgkqhkiG9w0BAQUFAAOCAQEAbd4m8UhmhFJbDQ7YoNAjMgXW
++8lQPWoM0Apw4IpsZqDw8WuM2oRjzox4vo7Yn79MBaJMsdd+91XsX+ToAmy+SuRG
+9NRdcQKACNFGGVkYKfPjJ/AAOIAodPsSd0ddHclkoYnaLgAjlwXmG3khGA2rYIAt
+Rqmjc7cryuORjkf9h5yUQvQKl/qi6Hv/5JNsTIAnxmkq6itKR20aiVBaKERAMTET
+FeKcUT3HObTuIUhJGdD7Vcvj485rCS/55nrvGyA05Z+gu+kB5batJQFH/s64GFsr
+eAce5p5WU2H/Sbm6G+2lx1qqarMDegkHYh/itS5ihi4K7mLCqaHFn8bWNrxUVg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://k20dev.internet2.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://k20dev.internet2.edu/Shibboleth.sso/SAML2/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://k20dev.internet2.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://k20dev.internet2.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://k20.internet2.edu/Shibboleth.sso/SAML/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://k20.internet2.edu/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://k20.internet2.edu/Shibboleth.sso/SAML2/POST" index="7"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://k20.internet2.edu/Shibboleth.sso/SAML2/Artifact" index="8"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://netutil.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 501, expires on Mon Mar 14 19:21:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAfUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMxMzE5MjEwOFoXDTExMDMx
+NDE5MjEwOFowIDEeMBwGA1UEAxMVbmV0dXRpbC5pbnRlcm5ldDIuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2MPK88VasqNP7nyH5PPN9Q6aup07
+zbLLdVzmz5WHTOq+RYwr/obulctF5EDZz/Q5g6N9w17kMqjegliVk69rJSfI1Y2u
+xFQ72qaGfVJ94PYjfRtF9F1amOyDz67vKYgjM8ggiRHKeYSffwqR/VLQpcu+FnEC
+gRpptBvpDlY0gk+5YoyY78dkPSfeWe495vJqtu+31EE3ezJHTWhKF4lQGfQltdIw
+ejYY3ZzqUyGlO8ZHQFAHCqIlrdFTMcklDlT/cMyrKHv7Xaf+OJhVH5OkDJDPr/8z
+0NQJM6v6ZjkI5MxzGXso44+MO1OBZgl6XN1sji4B3FKPVR1qfCOffRA9JQIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSRH2oLDdW8KtMt3U175Ilt
+EH993DB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVuZXR1dGlsLmlu
+dGVybmV0Mi5lZHUwDQYJKoZIhvcNAQEFBQADggEBAE0vP5JXYqECgNO/Gak6TIi6
+bhon2d+TgjKKjLK2E5z+k6MBbIK8+q7g928mSKkm0oFBzZXcrjkZ2IlFqr9s8y3/
+l/okVOikGRNWaMB3I1GsLeXu0dRuAwiQ8JQaKZv1sEkgYyEZVEcjx28vYVwCLD61
+iD+yUDZWP/MTTwObsQgw0bO7gi27IST6sODcTtfaEOA6Ejz1F91ZmUYVDjOwY0Gl
+30zBGuLeSBlWRMWId8oYbncXTGctmyJybkFOkmxaJZGayV/tmdXmCWDpK/f3to5H
+jMwUKDSZRv2aB/77/DUNf+SQ2PDY2B3gK8dw9XQK6K6+WQ6+hDsbykDVzmRhsEc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://netutil1.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://netutil2.internet2.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://netutil2.internet2.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://netutil1.internet2.edu/Shibboleth.sso/SAML2/POST" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://netutil2.internet2.edu/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://netutil1.internet2.edu/Shibboleth.sso/SAML2/Artifact" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://service0.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 365, expires on Fri Jul 2 17:15:21 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAW0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMTE3MTUyMVoXDTEwMDcw
+MjE3MTUyMVowITEfMB0GA1UEAxMWc2VydmljZTAuaW50ZXJuZXQyLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAypCbDYC9nuDfXauMi6MKfSJVv+vvv/+G
+BRmeZ8c19XGmEt5YLaUvMbAqkJDRvWWwaUEkg8LiTnGTf31Ljaay1EiMUWvZuc5E
+pn4dYDLfCbpe39kt/iAC2JTsBpDf7DztcNjIpccNUnM3lJ/srx25754K9kavEox6
+OB95M66JoPsCAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUrh8I
+Sfz5R8cK/tma0FeXnAcMxIwwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc2VydmljZTAuaW50ZXJuZXQyLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEArYyb
+to+ZyxJZEnKliyTN14OYJQTzczBzQCVrT7a6743BDQOibTimtx7sDB65sqpjHxMr
+LfwTiAplrrkCMG92Pvo+WTQtKCqxebbLWiG7gvruC7Zhv+jZtIAo8bllhpn26r4H
+d/gr+j/VOWZof4q7CuHJaWxWNrUsM9KsI5mo/eMY77qDuikeBxUuWXvfCzD7DFrz
+EJw3Z2epNueCpfEDNq9ev9FA+BqL2LxOnsKuGE28m2KychW7L1mku4HnyLyBPadV
+jPHvVd+Lonacf8vh1DNuTahbAgNCYaS67yAysqUXmGf/MPhGHtmqtWd0bFZaSUBQ
+3T3vosjt19a+DAeS+g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://service0.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://service0.internet2.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://service1.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 366, expires on Fri Jul 2 17:15:29 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAW4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMTE3MTUyOVoXDTEwMDcw
+MjE3MTUyOVowITEfMB0GA1UEAxMWc2VydmljZTEuaW50ZXJuZXQyLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvjJ4dn94EinZ0p2wvL+3SD20wQ//G+PI
+v8cXRmJVYHCMv2k0cI2fAdZJI2cikj0OmZsFZKi03/5oZPc20nSHskEPIS0Cmufa
+lln0IgkXpnLerW1zPmfywISZR+xLmSvMFU6ZV8zzbHV/lqeNFPjpS4JKK4mG80Xv
+HfwoxksPGDECAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUNk2g
+72k0m4vsmp10q7/UNIQz50kwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc2VydmljZTEuaW50ZXJuZXQyLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAFXCS
+gAeUVir1nEV/MIIhps8v3luRmKFPLbE5vPHgE4SLSqBuTukkaG9m8eCCOpkJTod3
+EWzEWUcfMbc0I5YH3EqIxcTTypmmkVdZFlhHXAqZTgr5bRroO6ODTGOOSEJY/tB9
+M1rGc1CtmHCpLaC640hpGyzJgd2l0vjxmNVy/GHiLd10JiS3uejHd2IAstMp2AJ6
+J9YLFftQCUOLp1YNWvAZV+Usgyk1ha6uu32Vv2rlIOGC+Tu38h6AnNe5sKaRQ02O
+7WuR99wjKojDuTAOuCRQ2cYnJ8A6/84LK8gSRxdfvqbHwUDN9DClMidY7yWk9fVs
+FGk0AgmKinE6owHSvQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://service1.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://service1.internet2.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://service3.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 0, expires on Sun Feb 10 14:30:45 2013 GMT -->
+ <ds:X509Certificate>
+MIID/zCCAuegAwIBAgIBADANBgkqhkiG9w0BAQUFADCBwjELMAkGA1UEBhMCVVMx
+ETAPBgNVBAgTCE1pY2hpZ2FuMRIwEAYDVQQHEwlBbm4gQXJib3IxQTA/BgNVBAoT
+OFVuaXZlcnNpdHkgQ29ycG9yYXRpb24gZm9yIEFkdmFuY2VkIEludGVybmV0IERl
+dmVsb3BtZW50MR8wHQYDVQQDExZzZXJ2aWNlMy5pbnRlcm5ldDIuZWR1MSgwJgYJ
+KoZIhvcNAQkBFhl0ZWNoc3VwcG9ydEBpbnRlcm5ldDIuZWR1MB4XDTEwMDIxMTE0
+MzA0NVoXDTEzMDIxMDE0MzA0NVowgcIxCzAJBgNVBAYTAlVTMREwDwYDVQQIEwhN
+aWNoaWdhbjESMBAGA1UEBxMJQW5uIEFyYm9yMUEwPwYDVQQKEzhVbml2ZXJzaXR5
+IENvcnBvcmF0aW9uIGZvciBBZHZhbmNlZCBJbnRlcm5ldCBEZXZlbG9wbWVudDEf
+MB0GA1UEAxMWc2VydmljZTMuaW50ZXJuZXQyLmVkdTEoMCYGCSqGSIb3DQEJARYZ
+dGVjaHN1cHBvcnRAaW50ZXJuZXQyLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAMIUX0ET1wvAJpfbiviTnUbTwpUYmEi5748/0ro4CHWHLFEYtQa/
+uNYv806k+kJU6zVzkYto8lwRKZnCslCxs3t41ozxD43V9lS1AoMz1jH9d3C6RZDl
+3cs5q+BqXpTAIs7wF6XzFmfIJbBbxcP2KxpebxQhgYwo0pP/fndKMEMiuyCkb1jV
+WBwLkvTbuODGBVIIHzEAdRp5B6IYfE5bMA+tK8vcIl/OvEAivGVeWxVagWCrSL6U
+GHh86bxrxiuQvG15wlK6s3Di9iB6m/rzYFi1+otHiQ9ZPIutcBzYI0a69Zmo+zyY
+LQNbGomeyGb+S8L9oTwJDhDk6bSFnAO4YFUCAwEAATANBgkqhkiG9w0BAQUFAAOC
+AQEAaGCU8zOMjbzc2+FyFwWAaMq4iG13dmDduaRjR86vXC4MdKV9VQFhMRu4KorR
+t94qYw4FGAqHLePfKBANbOqO+Dx1IptVh0nRPoe3RbTsRQJgJdbV8N8U0yDkdmfL
+sm2U0fZSFfP4raBRE806LfKP4LTHHkEalZU1rQmcrAQRMh4HdV+H4hhlyyL6gh9K
+fipamd0zEk7+L3hmgBZGc4PelT0sKokM17phkGl/hnw1+LkAOyUOnvlTtCc0Iqop
+Fmplkf3tRmV1oJVdurmUWUbLc0Ek65RxpmRvZOB71LE5uFZQdDXOHE6BjTbj0UrW
+1an8ArpiaxO8m0uals9Ny5nqbw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://service3.internet2.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://service3.internet2.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://service3.internet2.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://service3.internet2.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>tech support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://spaces.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://spaces.internet2.edu/Shibboleth.sso/Login" index="1"></DiscoveryResponse>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://spaces.internet2.edu/Shibboleth.sso/Login" index="2"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 164, expires on Tue Jun 10 15:25:00 2008 GMT -->
+ <ds:X509Certificate>
+MIIFwDCCBKigAwIBAgICAKQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDYxMTE1MjUwMFoXDTA4MDYx
+MDE1MjUwMFowPzELMAkGA1UEBhMCVVMxEjAQBgNVBAoTCUludGVybmV0MjEcMBoG
+A1UEAxMTd2lraTIuaW50ZXJuZXQyLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL6qxmw4kPG/Is1KdOtIZWq1+wIacbA+VNMcor8VbFSewVFvZYFp
+NV9JCwqiIHp4MPcyTXYEzlYm30/8mxZzRQWPzdlPrg2RgVnKuR7SyVvgFyTzfyk5
+MDFpLnBW1xiE/jpJ/i5BjX/kvUmPv+jNttLxWN19Dd3CCJWcqOsJMbTnvq67g9C2
+DsOTc9NsKhiMFd2BC3yeXfPyHgCWlGeH1Frvga12Z6DUlW0FN60yqSOvu+kl9yEb
+uxKAR/TCuElsCYuRWqw5fSsKrP7+yPStBoKA/AP61g199aaz74TDNEfxXZteR8bb
+A7bApL0H5x4Le1ll9ZeGzB7tByDUrvPR2qECAwEAAaOCAq0wggKpMA4GA1UdDwEB
+/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjAdBgNVHQ4EFgQUZGLVzRfA+O7qLeA0wAtggVjWyNEwfgYDVR0jBHcwdYAU
+ky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQK
+ExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUF
+BzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0
+cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYI
+KwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvcHJhY3RpY2VzLnBkZjAeBgNVHREEFzAVghN3aWtpMi5pbnRlcm5ldDIuZWR1
+MA0GCSqGSIb3DQEBBQUAA4IBAQCvnBhFehX0ZB69IT1XB0sHgY07hjeJfPhAdq+L
+19axcvuGZU7JUaPrTYvDBSJRWdBHZT2sGRmIAVUaRu4WXfWGvIRgm30feSthAutl
+kcDAA6VUe/YAUl9bQKe9Oyv0zjP4jVB+vZo0qRC/O+DrYQvpwHOGlOB4MORiPjKx
+ggyHlsn3fbc+LIn51yIK1IQzcoW33TCMtlpr9xD+ggjhoLoMbOn5hJLVI6qbFzPZ
+CtmXmsznBS6aYIWfHNzVpYn4kTTBaU46xqIkr1FyZSef2PRkrBsSesFmyf/F36fP
+ONwPTbUbw8hxFHpF3ujw1xiJsNnce6sPIZtwInNAwihlprDR
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 347, expires on Fri Jun 11 16:27:07 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAVswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYxMDE2MjcwN1oXDTEwMDYx
+MTE2MjcwN1owHjEcMBoGA1UEAxMTd2lraTIuaW50ZXJuZXQyLmVkdTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAL6qxmw4kPG/Is1KdOtIZWq1+wIacbA+
+VNMcor8VbFSewVFvZYFpNV9JCwqiIHp4MPcyTXYEzlYm30/8mxZzRQWPzdlPrg2R
+gVnKuR7SyVvgFyTzfyk5MDFpLnBW1xiE/jpJ/i5BjX/kvUmPv+jNttLxWN19Dd3C
+CJWcqOsJMbTnvq67g9C2DsOTc9NsKhiMFd2BC3yeXfPyHgCWlGeH1Frvga12Z6DU
+lW0FN60yqSOvu+kl9yEbuxKAR/TCuElsCYuRWqw5fSsKrP7+yPStBoKA/AP61g19
+9aaz74TDNEfxXZteR8bbA7bApL0H5x4Le1ll9ZeGzB7tByDUrvPR2qECAwEAAaOC
+Aq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUZGLVzRfA+O7qLeA0wAtggVjW
+yNEwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEE
+ga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElz
+c3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNVHREEFzAVghN3aWtp
+Mi5pbnRlcm5ldDIuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCtp+FWsqjhS3n/VQWP
+ybuYqxE1ZljLyHv0/3ymaiQITiNgp+LQR3eITd+QnTlo5yQdm82CzmdGHj2DsV9t
+EcZmgR1K1AzE1nFkr6K1/eOqasYK0IjIL+nDAHiaF7h6ClPg0D3Q5/Xc5VvZu8+c
+lDaxJtlHvoRTwTAnNdqn7RVEsu3YihV+2C8x6pvaguCsQ/ekEeBsq6ee2t6HE0a3
+9zsajKfkIOvXyp4KQTVXYW4rYS5Rrhk+oYc/y1so1xnBRi4+Q0rfStelealgsR+U
+7V2tyNKBEavhA+nDB4IMOF527a7usEVoy7Uts27QFU3q2iuomua3taidzNDnZZRS
+YAen
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://spaces.internet2.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://spaces.internet2.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://spaces.internet2.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://spaces.internet2.edu/Shibboleth.sso/SAML2/ECP" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://spaces.internet2.edu/Shibboleth.sso/SAML/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://spaces.internet2.edu/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://staff.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 367, expires on Fri Jul 2 17:15:38 2010 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAW8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMTE3MTUzOFoXDTEwMDcw
+MjE3MTUzOFowHjEcMBoGA1UEAxMTc3RhZmYuaW50ZXJuZXQyLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAumSNp95J3C34cMV2Y7BF/w2JKu52Dl+XPfZx
+7ZVgz0VRNTMbSK0Fd7dSSEeH9t2jp7cCsyJ2DOu1/thIEeQV1gDYt87eZJ+Q+iCX
+F/UHICvfF/OvOH4QinYFzB8RNsNcwGyoO8Ikgx409uNpWfnx2E1eeAR1hjSnS5y+
+PYMrBT8CAwEAAaOCAqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUOQK9SXu6
+KfJXKNFEPnuMzPgfet4wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYIT
+c3RhZmYuaW50ZXJuZXQyLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAw1q0tRxd8Jd3
+mIBrwgkLJL0otlalqxTHoIBaLHcWN2yvBsGFl2hHwOY8IW6Yj8eCc0ZKijzZZkZ5
+kp5d0HydDA7CSLNubnrN4XSpmIL5DGA4eFW4EB4lN71VI/UQlZk7h5h51k3e7Tnd
+IQ693CwodXdha7dpWZ5yEgdHAD8OzricKVSKE8C95nBveJZx3U+7iO3igXsUWmun
+KthT+TEm+PR65IBmI/S3gWJgG5LR0a29UlTOodF/2wlZ6PqAIpFaMVuc7Bgswf/u
+ZDDoKe3XSmYvvNxBu4Y4lmyLKM8WPgrLmQ5/2zuaYZXxI3ORFE3IhAChcs1Ct6lZ
+UUmDIRCYlA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://staff.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Techical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://wikitest.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 368, expires on Fri Jul 2 17:15:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAXAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMTE3MTU0M1oXDTEwMDcw
+MjE3MTU0M1owITEfMB0GA1UEAxMWd2lraXRlc3QuaW50ZXJuZXQyLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArcBJE+GIXj7MVX524hy/Y99P5lOsdVus
+5vRZnse2sAbL366J+YKGFQWZ8HLJKpA8cc7aqFnlUSorXfvKrmInHwc9j/N7HiHO
+8LMsHeLTnqf8B8ved8BazkgfzE4DtdtER6djJk9q8+aew+jk0RL697ZssMJkC3Dz
+oXdw7ivFeD0CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmFoU
+nA5EQQGBDJHdIskSnZ1QrgwwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWd2lraXRlc3QuaW50ZXJuZXQyLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAcg+Q
+z1/Yofaz1PRRtrfrDNZTcnoAvmtanT5dm1LDylRsccfXhAeA/KSVkufaY8K/qd2o
+PNEvCdo229sRNLZR+rRJpr18T0YKyly5aYdBabwg1yydOygAZ1Ikm6AE7ensygyM
+8qWIAjPSzIoGgyFtAD6f1WrOfawocFFwm/QER/cpWdlz3w1YwEynPYifBOpvFL3+
+6JzTP52Ql+DtYr3OKj815FX8QNs6t6bUUXBdOxc2UzJVyp0VVyf2V5xuxMo1IyFL
+cTS5bnNvWI04g9y0ggB+jrR7bHC6wgHI5AR2BpEmhSqYCzttrtf0wpYi36NMRJiZ
+tXnoQNPE8k4A5JNpig==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wikitest.internet2.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://wikitest.internet2.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.internet2.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 275, expires on Fri Mar 5 21:37:01 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICARMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMwNDIxMzcwMVoXDTEwMDMw
+NTIxMzcwMVowHDEaMBgGA1UEAxMRd3d3LmludGVybmV0Mi5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAL6YNg+bKtrsFXscmSNBEpGC4o87K95axWgMuPS1
+GT04vYATp9gFJN/k6sNedi0tYkdTs6ct3fIiqtT3fwxBMVFL74O4Ms41VQuCEM+v
+wzGzoX59PepmwBEpL8MVBCRjoPo7I+/fjH6i4qDLI/2RCARQsyL4An6rIHWdKYzz
++S85AgMBAAGjggKrMIICpzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFAOdomwuiJLm
+0ZA4pivgxh0HCb8EMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboG
+CCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHAYDVR0R
+BBUwE4IRd3d3LmludGVybmV0Mi5lZHUwDQYJKoZIhvcNAQEFBQADggEBAKQRgpnT
+VQpW1cW5XzQXMQAwhWgiPOarRSOjVUAf4h6/ZoUzCQMNS1k0EX9TWmSdSu89S/bw
+u2e3A5abgABulX+rsSgx7GARSCn1w1m2bwAm2cAvjcCrY4tl6VwNy5kVBXh/dzRK
+NvHSWV6uw4yNSsfo90WJhgySE12mH0j8inSsDD9x1Gs03NKsRR4ynhXhhWFVf7Jo
+DvZNhRUx8AqjeARw/u1czzfrJ5jO+2oxC9PRw+ZjThS3ZWTS3p8WKmw4PfoRqBbb
+HbmI8YJAgVCaKyUllnkjVfz2+vJWFnFJ8+HeeILd/0NAql05VqnWBYX/vdfrpTxA
+wdskRbmftyLM/lM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.internet2.edu/Shibboleth.shire" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.internet2.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.internet2.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Internet2</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Internet2</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.internet2.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>IJ Kim</GivenName>
+ <EmailAddress>ij@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California-San Diego -->
+<EntityDescriptor entityID="urn:mace:incommon:ucsd.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucsd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 268, expires on Sun Feb 28 21:18:44 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICAQwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIyODIxMTg0NFoXDTEwMDIy
+ODIxMTg0NFowFjEUMBIGA1UEAxMLYTQudWNzZC5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDcEzH+KYmuGSDjlZeaOJc8VJS0/bRBjfE6HHDV9nN8
+ghEm5AMS5OPx/ruM+5gchwuryogOMY7abSe3BpvVT/3A+fjKSNnklMPmQUuO6AqW
+7a6/w9w30tl/2OzG3u1sGAr1FkEXf/DmJOtXpAOhPAmyYb6o41k+ZwpvnRuyaoup
+IC1R5LLU2jCnnZCxBF6gvDlvmpaEO2c2aHrKJIaqxDuVhTDJRWp+IkcT8Jy4JAwv
+0R1w8FJXLyZ0RVeNL8v3ZcCzInfxsS1/+FuOOHitZ18WO4Ds5PJ5tEzree95EGe+
+U9dpjMrJQDdKiqPE18K7cQGuHfVkIMkU4phuyUXWKk09AgMBAAGjggKlMIICoTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFPe85gpJxg5DPieEeNZF9FHWbW0rMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGn
+BggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0g
+VVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwFgYDVR0RBA8wDYILYTQudWNzZC5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBAJeIDxI87H9yjtD8BLdiwEBsyKiADqL4jo2EeF9Z
+kz6GA89zEUXaL6M+UeWaHwrpbKbpR7JYb87qJhFYzCBBdLjUpHnvHI1M1/wl44XF
+/W8PpcuDF5vZmVDxYmKEJQJHnvRqOU08vIvk5bpgcI8ctNXUDWh9uEdtKMrg3+Tk
+gKCmAXAl9I6SOrnEy98RJ7yWL51qXHaWE5xXl9dTCh43JONZWlsah0smeDYkYhZq
+7g+zU6RW3i/LigqVYW84V0+WH30htKco5uwr0SGoL9u8PGbYPgrRtCJIo5r8eE7N
+R1kv+lykb9hrz1KUyDvLTDhWQ7l4bXDaP7/dIpaTrtd0zC4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://a4.ucsd.edu/tritON/HS"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucsd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 268, expires on Sun Feb 28 21:18:44 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICAQwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIyODIxMTg0NFoXDTEwMDIy
+ODIxMTg0NFowFjEUMBIGA1UEAxMLYTQudWNzZC5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDcEzH+KYmuGSDjlZeaOJc8VJS0/bRBjfE6HHDV9nN8
+ghEm5AMS5OPx/ruM+5gchwuryogOMY7abSe3BpvVT/3A+fjKSNnklMPmQUuO6AqW
+7a6/w9w30tl/2OzG3u1sGAr1FkEXf/DmJOtXpAOhPAmyYb6o41k+ZwpvnRuyaoup
+IC1R5LLU2jCnnZCxBF6gvDlvmpaEO2c2aHrKJIaqxDuVhTDJRWp+IkcT8Jy4JAwv
+0R1w8FJXLyZ0RVeNL8v3ZcCzInfxsS1/+FuOOHitZ18WO4Ds5PJ5tEzree95EGe+
+U9dpjMrJQDdKiqPE18K7cQGuHfVkIMkU4phuyUXWKk09AgMBAAGjggKlMIICoTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFPe85gpJxg5DPieEeNZF9FHWbW0rMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGn
+BggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0g
+VVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwFgYDVR0RBA8wDYILYTQudWNzZC5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBAJeIDxI87H9yjtD8BLdiwEBsyKiADqL4jo2EeF9Z
+kz6GA89zEUXaL6M+UeWaHwrpbKbpR7JYb87qJhFYzCBBdLjUpHnvHI1M1/wl44XF
+/W8PpcuDF5vZmVDxYmKEJQJHnvRqOU08vIvk5bpgcI8ctNXUDWh9uEdtKMrg3+Tk
+gKCmAXAl9I6SOrnEy98RJ7yWL51qXHaWE5xXl9dTCh43JONZWlsah0smeDYkYhZq
+7g+zU6RW3i/LigqVYW84V0+WH30htKco5uwr0SGoL9u8PGbYPgrRtCJIo5r8eE7N
+R1kv+lykb9hrz1KUyDvLTDhWQ7l4bXDaP7/dIpaTrtd0zC4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://a4.ucsd.edu:8443/tritON/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-San Diego</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-San Diego</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucsd.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>ACT Help Desk</GivenName>
+ <EmailAddress>acthelp@ucsd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Matt Elder</GivenName>
+ <EmailAddress>m1elder@ucsd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Gabe Lawrence</GivenName>
+ <EmailAddress>glawrence@ucsd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Elazar Harel</GivenName>
+ <EmailAddress>eharel@ucsd.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://sccoos.ucsd.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 635, expires on Thu Aug 25 17:57:37 2011 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAnswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgyNDE3NTczN1oXDTExMDgy
+NTE3NTczN1owHjEcMBoGA1UEAxMTd3d3LnNjY29vcy51Y3NkLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEA+cBUje59TeQqhrUldoffGD9mEwURXQVsbLDf
+X+51FL/YoBM4BkxXwBnw48g6CHrN3ToHJinR3YggvdhzuNUu67ex+wuwQ7T17eJ9
+e0K6EHkAj8w+ceTyYjaAfbZfNE8nsImtNG+WW5FaKP149Oqdimz+erogJPMPlYrD
+fAgoC70CAwEAAaOCAqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUEHHdB8IV
+/lbTNDwxpepudfF+ZaswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYIT
+d3d3LnNjY29vcy51Y3NkLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAYNt+T8FAT8wu
+1B9OIgSw88NqIo+QrFV/0C63fc3413Zu5zqiYuaPJzb0fGMdJu8eCsAuUErTRwqt
+3B/eCKj6rtC4NqjJYupHmV0swkHJQjqh0izdotMN4zrrwx0Zun3VvMccJ6VLM6CU
+LJ3/FX8Oe1TiEV5LWA6Ni4U6pC0fLzIsG4fuJQ2ftUAD99qNEozeJFrHB5WC0/4X
+7s1dIFswePI61jVmxBsycriMG/WV9gRgKgip+u20Ili2YPQZA5OIABISLbV7/Ack
+greiTB6PfZ2XRDiZ8cY4n3w0OeyysZSpctb+Qc6fDkWmZGEGdXk0K+bbLBP3i0Jk
+1uJ5hA9kFQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://sccoos.ucsd.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-San Diego</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-San Diego</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucsd.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>SIO Webmaster</GivenName>
+ <EmailAddress>webmaster@sio.ucsd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Joe Chen</GivenName>
+ <EmailAddress>joechen@ucsd.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucitps.ucsd.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 252, expires on Fri Jan 29 16:57:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAPwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEyOTE2NTc0M1oXDTEwMDEy
+OTE2NTc0M1owHzEdMBsGA1UEAxMUZGFuZ2VyZXNxdWUudWNzZC5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBANY3JL+QFfNnuEcUVLJVzZD3YT56Ya5YDBDt
+wTtA+BE/CVkt/7AsWmUn1wpzgaWJFywN6Xym9gZYQJYU74YC05EAni1dn4xQsIVn
+AQiNBve+0yfNpfuxJTUeY8a6XwOdMK1u+5cmHBRGCj4dK8uOJwVKwFTPyna73FxF
+LdAq36jtAgMBAAGjggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNvFifJg
++DqsnlKNUDofOaIESBZfMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYD
+VR0RBBgwFoIUZGFuZ2VyZXNxdWUudWNzZC5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AF/48Y3F3XCmYQehJNppvICepJN+f2tLdJ2k2lYAgHl80f16PK9dd+A1X2NHRftb
+INB6i5z01ibCuCDR6CuBvN/h8TCZN0UqQ2o17v4azmcpTJJS3/wDaxWTKlvJU4cC
+Kk9eTGFRyQq7TDfqbyigzSyTmRigkDGDFfN+cPKjnnF66HsBvG3T9VFXaQNm7Ko+
++aujoWvdFH8FlEO9FLeczZVa8+Tu5n1cCupAAC5ZjGHnrTDnjjgWdqwfQ7jRtzmk
+Mmsgkqp+NBunAjbSr+gSrX4jAMqh/iyNIntxGSn1x2dfS8E6x3xHfPG+8SpGQIUz
+EX+2+P6/x9eQMWHMcoy2PVc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucitps.ucsd.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ucitps.ucsd.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://ucitps.ucsd.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://ucitps.ucsd.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-San Diego</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-San Diego</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucsd.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>ACT Help Desk</GivenName>
+ <EmailAddress>acthelp@ucsd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Joe Pomianek</GivenName>
+ <EmailAddress>joe@ucsd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Matthew Elder</GivenName>
+ <EmailAddress>m1elder@ucsd.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- WebAssign -->
+<EntityDescriptor entityID="https://www.webassign.net/Shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 340, expires on Fri Jun 4 19:18:55 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAVQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYwMzE5MTg1NVoXDTEwMDYw
+NDE5MTg1NVowHDEaMBgGA1UEAxMRd3d3LndlYmFzc2lnbi5uZXQwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAK2taVFldBZCgKMtNPxty8bOQoopsby1OihRTWD9
+xhmgRH/f3c+gkh4Mppc6+xvBbmhOss3zWrksW/08eYc8oLKbpEDWtemMNtASaF4S
+TpIBzTqTmDTdIOAkkLjEKssPQNWoU1AUKP/rneELPG6wsbj3wYc1eR5rym1X9+Wx
+1Hu1AgMBAAGjggKrMIICpzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFPUL0KJSQMKm
+xoZ28w7HyORKltmZMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboG
+CCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHAYDVR0R
+BBUwE4IRd3d3LndlYmFzc2lnbi5uZXQwDQYJKoZIhvcNAQEFBQADggEBAALh4ln/
+1m5tKh3CFZyR+U95OwZd3Gq4MeuVChDB6MCshfpnN3HxnlEcpPCf8ulUgkUs6saI
+uC1jJiMq1eRVkswQ1nlWw3QO77H9RU8pEbTDCBSK07YvSK94AqW2U+w8xICQhkYp
+Iom740d62+TCnYsfICjnfq+2icOfRrVWkiEXpfSSI/yCaXcAvPmA1Og/esqXbkFn
+7mWpQs9E4HB3GtafCIDbSbwjnMAOfuQut7obbyrukY4N/17SayZLFOp5Kr4ozxyS
+IFve3PdXgQb8KynyCdyj3B365lavmqNouwsMZP+3d57EyNCFKuRLgQL7i9kKLWVX
+pAtXhCgWHu7sPLM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.webassign.net/Shibboleth.sso" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.webassign.net/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">WebAssign</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">WebAssign</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.webassign.net/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Marks</GivenName>
+ <EmailAddress>brian@webassign.net</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Case Western Reserve University -->
+<EntityDescriptor entityID="urn:mace:incommon:case.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">case.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 560, expires on Sat Jun 18 17:57:16 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAjAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxNzE3NTcxNloXDTExMDYx
+ODE3NTcxNlowGTEXMBUGA1UEAxMOc2hpYmIuY2FzZS5lZHUwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAKcCefqTc8suEkgar24ks2RL0WV4KsAPAHfjdDrVfYxf
+rcjseaIaEOIwqR+rdSRikWexcYoJqo1kYZxdZIS+4PoN4/tB0UCT04YBrUtUA+PG
+3Bl4qn7glJqJ7fVMH3hW0W9HlmyxGaqGzBAHW3lfklVfSk5SVrhwfEq0dayCN/Mn
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLTOx9JNomexcb/l
+QnH8W/RKs4TpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnNoaWJi
+LmNhc2UuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCU6/WZKIC5oEwq0TWNadIt/Gcr
+fGT6k8k4cjHAvG+8FEmu1A8e7LXJUDdQ5gADlnaglzgOkQmkWgTJtfhkzZcDF2g0
+UCRkY4VoL8N1XEqgj4uyNwCJXweSxDWtCWA8MrhW7Ms12CwiUITAKpEClAyXnjRQ
+OM93/VD6shuuP4Tq3IAk/7x0mo2tOoF8XfdSgZRE3zLmNkqWPI5smNS0+p/Ts55H
+i2UQK7qI0z64jDJoB/NnTRpyfT7esgeCdAPRXFjwl2Y547+Sn6s+iVgkVGlHj9JU
+KulWMoWseAJg+8Y7yp56znrzPY0UfxKKzTtIRrPRB68KXX3M1ZkdrexcbMKO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibb.case.edu/shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">case.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 560, expires on Sat Jun 18 17:57:16 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAjAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxNzE3NTcxNloXDTExMDYx
+ODE3NTcxNlowGTEXMBUGA1UEAxMOc2hpYmIuY2FzZS5lZHUwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAKcCefqTc8suEkgar24ks2RL0WV4KsAPAHfjdDrVfYxf
+rcjseaIaEOIwqR+rdSRikWexcYoJqo1kYZxdZIS+4PoN4/tB0UCT04YBrUtUA+PG
+3Bl4qn7glJqJ7fVMH3hW0W9HlmyxGaqGzBAHW3lfklVfSk5SVrhwfEq0dayCN/Mn
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLTOx9JNomexcb/l
+QnH8W/RKs4TpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnNoaWJi
+LmNhc2UuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCU6/WZKIC5oEwq0TWNadIt/Gcr
+fGT6k8k4cjHAvG+8FEmu1A8e7LXJUDdQ5gADlnaglzgOkQmkWgTJtfhkzZcDF2g0
+UCRkY4VoL8N1XEqgj4uyNwCJXweSxDWtCWA8MrhW7Ms12CwiUITAKpEClAyXnjRQ
+OM93/VD6shuuP4Tq3IAk/7x0mo2tOoF8XfdSgZRE3zLmNkqWPI5smNS0+p/Ts55H
+i2UQK7qI0z64jDJoB/NnTRpyfT7esgeCdAPRXFjwl2Y547+Sn6s+iVgkVGlHj9JU
+KulWMoWseAJg+8Y7yp56znrzPY0UfxKKzTtIRrPRB68KXX3M1ZkdrexcbMKO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibb.case.edu:8443/shibboleth/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Case Western Reserve University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Case Western Reserve University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cwru.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeremy Smith</GivenName>
+ <EmailAddress>jeremy.smith@case.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Kovacic</GivenName>
+ <EmailAddress>david.kovacic@case.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Virginia -->
+<EntityDescriptor entityID="urn:mace:incommon:virginia.edu">
+ <IDPSSODescriptor errorURL="http://shib0.itc.virginia.edu/shiberror.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">virginia.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 334, expires on Mon May 31 19:31:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFpTCCBI2gAwIBAgICAU4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUzMDE5MzEyM1oXDTEwMDUz
+MTE5MzEyM1owITEfMB0GA1UEAxMWc2hpYjAuaXRjLnZpcmdpbmlhLmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANZljhr7AY1Z2nBHoDQ/H5qccnA0
+4uO7XaH1PTlY2GqawbYozgIAh30Xl0uFZRu4//HS74wOWveaTTT+4rM9neT2gmk9
+zaddyjJavUGaSwre82JjzNvy8hTyXHJz6TP3PFUjramILFDdDaL+us11UL/Ecnx2
+u/xzYdZ1M8IihrYmoANEYudkb76HK3h3xuXoaTMqD5epf4DXl9nWzZ00mrNUHTZR
+S0Np/scir0ADxypfe63MCbxw5EuM/7ttQwDmu63tgEXtq91ioO/ireDqqV7L8nYH
+UGp7anhT1DpKGgu+49hDuAKXIBG1f6VuKHmJMR2yjMBO5wZRDBbvallMSXkCAwEA
+AaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQURglUXBMi6zg/bi6hI1g4
+azFIMaowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUH
+AQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNB
+IElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAhBgNVHREEGjAYghZz
+aGliMC5pdGMudmlyZ2luaWEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAkcokc+Nj+
+7HYOXRczV6lJUYMdRDCk38zIOybpa1Na58XPn0UN3DUzD0jpyJpjvT0z03C0oOR4
+q89PVw/cXwHIPhu6zwyyWeKiYoTtEWbLIrtw9Dhyassx/06+s77nCo5cc3J2GhTt
+5bqvOBFVmLSSvgdEms6qmDxlSMKJuUNPt+V3nFBVfsKPSS3rBHN3l5D3KFVoOcIV
+pKgBVQt3vKv5tKx30Mz9+NYH+uo4VFW1+twOkf0w/S6ci58qyHiyQAtpP1OQL3H3
+Tau5cNrSJYshFluUimrvVbd6JtQP2FS4gk9TdAs9+R4dm0dblBfXir2UWQl3plmU
+YAJxCYkeG921
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib0.itc.virginia.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">virginia.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 334, expires on Mon May 31 19:31:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFpTCCBI2gAwIBAgICAU4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUzMDE5MzEyM1oXDTEwMDUz
+MTE5MzEyM1owITEfMB0GA1UEAxMWc2hpYjAuaXRjLnZpcmdpbmlhLmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANZljhr7AY1Z2nBHoDQ/H5qccnA0
+4uO7XaH1PTlY2GqawbYozgIAh30Xl0uFZRu4//HS74wOWveaTTT+4rM9neT2gmk9
+zaddyjJavUGaSwre82JjzNvy8hTyXHJz6TP3PFUjramILFDdDaL+us11UL/Ecnx2
+u/xzYdZ1M8IihrYmoANEYudkb76HK3h3xuXoaTMqD5epf4DXl9nWzZ00mrNUHTZR
+S0Np/scir0ADxypfe63MCbxw5EuM/7ttQwDmu63tgEXtq91ioO/ireDqqV7L8nYH
+UGp7anhT1DpKGgu+49hDuAKXIBG1f6VuKHmJMR2yjMBO5wZRDBbvallMSXkCAwEA
+AaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQURglUXBMi6zg/bi6hI1g4
+azFIMaowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUH
+AQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNB
+IElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAhBgNVHREEGjAYghZz
+aGliMC5pdGMudmlyZ2luaWEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAkcokc+Nj+
+7HYOXRczV6lJUYMdRDCk38zIOybpa1Na58XPn0UN3DUzD0jpyJpjvT0z03C0oOR4
+q89PVw/cXwHIPhu6zwyyWeKiYoTtEWbLIrtw9Dhyassx/06+s77nCo5cc3J2GhTt
+5bqvOBFVmLSSvgdEms6qmDxlSMKJuUNPt+V3nFBVfsKPSS3rBHN3l5D3KFVoOcIV
+pKgBVQt3vKv5tKx30Mz9+NYH+uo4VFW1+twOkf0w/S6ci58qyHiyQAtpP1OQL3H3
+Tau5cNrSJYshFluUimrvVbd6JtQP2FS4gk9TdAs9+R4dm0dblBfXir2UWQl3plmU
+YAJxCYkeG921
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib0.itc.virginia.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Hamp Carruth</GivenName>
+ <EmailAddress>ehc@Virginia.EDU</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@Virginia.EDU</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@Virginia.EDU</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://datajr.scps.virginia.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 629, expires on Fri Aug 19 17:55:12 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAnUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxODE3NTUxMloXDTExMDgx
+OTE3NTUxMlowIzEhMB8GA1UEAxMYZGF0YWpyLnNjcHMudmlyZ2luaWEuZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jUxmIIB0nuPfeBRDDpPZ84e
+5T46pJFDiaq3dixZx7UkqipTYk4Yv9oZIe+bYr1Yn9JmJWCSRihWEOwFJ/IHLp9I
+obfxsLfdX3qa47CvOMPJF9regZkDG+/r+Df9OhIs4xIoiZSMA8LXhHw7ZqRTUPCA
+/09xeiGZ6weWfZuVauh/9ghvSI2L/nhO2PuGqKbv3h8Bn0ysFDlo2SDPUriTzukV
+eEg3+YfZ1zuuf462Iz3lgAUp38aKcIxjvC46W+Wbe6FGqIniTy+nDeaNpVk9WXz3
+TRByWqrJ4fY/rTcAapJ3sJT8skxOwT3mMdY81mK2y3Krm+gfqCJS1YyjHTiaYQID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSnirxRVTKGCy+XEzbZ
+msqP6E8FkDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhkYXRhanIu
+c2Nwcy52aXJnaW5pYS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAD+yaiQgnIRPdxQp
+no7Ye7fqpNVHJr6jR0PBmou1YYwg4BVmxxCCqISMp2OMidShEy5kOJXZuCboTm9S
+yMuriQSTgIzPWTl9JexhE5m3AQ774tXTDGH70yLjXWo9Gv1y9TlUTPjOlXB97Wi6
+DkDxHKUrelwQoTo3HMZgkx49Tv6o6Hhwv/PKYD9YJb7gM4nzzTfCCMaOVrkxdM1q
+Eo9bRIH3mB1GCC4wDAR0EWlOLYzIUN05gH8qIgFtsBKN2ZzZUWs0cwUmdoBwn0v1
+8N8nqo7SyYxacl+hhdb2v5K8SyCGaHMiZ6OvX/tuY1sW29vYmggh/325FBHi+dgb
+hfpLgnY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://datajr.scps.virginia.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://datajr.scps.virginia.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeffrey Wolford</GivenName>
+ <EmailAddress>jw2w@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Rick Downs</GivenName>
+ <EmailAddress>rtd2m@virginia.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://data.scps.virginia.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 11412079960493942540, expires on Fri Jan 4 21:35:31 2013 GMT -->
+ <ds:X509Certificate>
+MIIDSTCCAjGgAwIBAgIJAJ5f2kKhmGcMMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNV
+BAMTFmRhdGEuc2Nwcy52aXJnaW5pYS5lZHUwHhcNMTAwMTA1MjEzNTMxWhcNMTMw
+MTA0MjEzNTMxWjAhMR8wHQYDVQQDExZkYXRhLnNjcHMudmlyZ2luaWEuZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCx6sGNoiRc+MfWMt0z7DeFh
+s9xzJbwBlVib6Fz0AM944eFkw9p3a5JJI9f8H7fv61S+ZqN7GT3McErVrosDvdY5
+fklmyGwmARWirCxxMKUBs8bPUnN6wd8jMQkpslQab2Wdz8Qz6FjAYhpk5bEc0ZgF
+/uD+cmf6NBzTUM3ODHxsV85OaJpuvpHH27vWV842HIytpc+6FG/L+3VThwwXLDER
+2Xy0/ty2F6Dkq62XId+lUKE0jWzAWIMsm3xYjwl6ARn7ehayiCPh7t5jXtj1GAwb
+oR3bGTReJHPpc+pw8AtbGNgRaFTbDC4YAWzNe+qL438ehvlXJqLP3AZ5PorzqQID
+AQABo4GDMIGAMB0GA1UdDgQWBBQi59ocQJISB4yqFTa7ozSSCQQV/DBRBgNVHSME
+SjBIgBQi59ocQJISB4yqFTa7ozSSCQQV/KElpCMwITEfMB0GA1UEAxMWZGF0YS5z
+Y3BzLnZpcmdpbmlhLmVkdYIJAJ5f2kKhmGcMMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBALfJZgMNam+8mCcIOdqOXcJjthe82vMy8LDfJYnTBEALeCYe
+pnRkrnzZY+CG1NAtuvg/nGV13UomKpluXDH5zfWKqwmp7Mho4/sxf8HdYJgRHaHA
+r9Zil80SGzRJgdifEHuDzIuLF2EprnqcDXFHdULX6XeKimAu1Ngfq2XLYmkN4LzN
+YZKRKw6yms1w5J5JjIreDYHkgC1O9WphDedagPv7cCvsUB7kLspiu5/YUFZBmsU7
+J/nJh9aYbA/KO1+O4tlZM2JRMaCpvy5D1f4xrXK6aoffktohZqPIG3cQW++vNFXW
+nMhG0SHbI/pdrdnEBrBHKPQooamaJZ/tj+GUQn4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://data.scps.virginia.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://data.scps.virginia.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@Virginia.EDU</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeffrey Wolford</GivenName>
+ <EmailAddress>jw2w@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Rick Downs</GivenName>
+ <EmailAddress>rtd2m@virginia.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://hops.mail.virginia.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 614, expires on Sat Aug 6 17:56:36 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAmYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgwNTE3NTYzNloXDTExMDgw
+NjE3NTYzNlowITEfMB0GA1UEAxMWaG9wcy5tYWlsLnZpcmdpbmlhLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAv6br544BBThhmPl5HFachZKkrXUYp0Iq
+PCTCLo2GFjcWsJp0ciddiBagl/Z6wUeU9G9aQ6Bm0IJN/5Gm3+DuSc8NF0rOwqHo
+VdfbeeOQS5cp5DAwu/d4xRprxoMTjwRBH5gUb3CGgJ6QFj89c525zv5TNbiSZ4XK
+1zK6LthBWxECAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUsUqD
+rjz963MX10QgCMNBX2qEEPcwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWaG9wcy5tYWlsLnZpcmdpbmlhLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAGC8k
+xvQtI94DB7tHfxuObonr3l8wW2BWLYgNKZ6TeNJzGCXN9OLzRR48eajxVmRx90kd
+04nb1t8Pz+PftNBnW0PxvBEeJVGQSRJJutFnZWXxf1KpVi+9NdH6RqUCdlGaQShQ
+KgiNuEtC5Q8z1oUNDoeH9LBcMtQ2hYQE7TaZ5Mf1HjxstZ5CJ/nHWqnOBg0VGw45
+WZxfrO2jMswZ3X2oBms7wW/s3gCaFaqIA3dDS+7Whj0xL2C9eaTsn7PmURceaQAx
+mfMQCiK4W6M5LpXwy/tZ4DcgVizymrr6U7xqYY2G3fa1EnaP+HzY6QGq26AEFB4X
+hHnhLxVvlcr8iwdiaw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://hops.mail.virginia.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://hops.mail.virginia.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Christian Dahlhausen</GivenName>
+ <EmailAddress>cd3ef@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Callie Bouchard</GivenName>
+ <EmailAddress>cbc0b@virginia.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://pbsvid.itc.virginia.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 239, expires on Sun Dec 13 17:22:07 2009 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAO8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTIxMzE3MjIwN1oXDTA5MTIx
+MzE3MjIwN1owIjEgMB4GA1UEAxMXcGJzdmlkLml0Yy52aXJnaW5pYS5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKJqXNjKY/XkdUzy/dc7bJ5lzN8yySTI
+5fecs7sec9oOgMwKuhOTx9W79rAO2dTJMxzz++PsKO8SmmF5uSSvg7Oji25oO6F+
+frXflGrt75LaRr1fVNoj0QoXcdgeSwyAoCXRdN2fUFyM2blT+ijpwSvm17Asbbh8
+slxRZ5jdysnrAgMBAAGjggKxMIICrTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFICs
+DtpAaeXI1irM1Y/mRDgUsGLjMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+gY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+XgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8v
+aW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYw
+IgYDVR0RBBswGYIXcGJzdmlkLml0Yy52aXJnaW5pYS5lZHUwDQYJKoZIhvcNAQEF
+BQADggEBAEiWDzqcVtjwofbr5jx4/tmrHmm3m3sLI8VX0ncQzgKvVg0Dk9ts4X+J
+SMm6CT3NKpTOqV3svwiEjH7aw0kQIjQsAiz58J8EwkmfjbbKzhg5tnXHbDCsj58F
+f/uNM0rNi+S3RUc5rQlf8tPjiB/OWyFfKxbbC54T4K0vsEsHnWAuJGlhTvePD2M+
+/eoPnK6Vj13LlAJgRGaBNQlg1trz/ytV/u3XvdtEEtsShAFxvLsdd/ZYiwA1OFEV
+vQTb+nvKkO2suJltI4bDr9lkyGVly1NWsbcNz5s5J2xGeZH8MlZePXyPYpx+M56J
+wlWyxrw7XF9pFB+Ot9Grjx9QreJwlXI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 17942132496367375819, expires on Sun Jan 13 22:04:54 2013 GMT -->
+ <ds:X509Certificate>
+MIIDTDCCAjSgAwIBAgIJAPj/QnGm+FXLMA0GCSqGSIb3DQEBBAUAMCIxIDAeBgNV
+BAMTF3Bic3ZpZC5pdGMudmlyZ2luaWEuZWR1MB4XDTEwMDExNDIyMDQ1NFoXDTEz
+MDExMzIyMDQ1NFowIjEgMB4GA1UEAxMXcGJzdmlkLml0Yy52aXJnaW5pYS5lZHUw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDPtN5/sH31w4WnogXzwmHp
+JIaInfkDN8K2zJS4dzPJ4Dhxf3OZ322puxKvM4IRiiZAdHt0acRjpfa5jVALvxlw
+IdVXaa4RHBeTZgx3wHjcSv6Q+s9EsCLmweIo35Los2AUKF0uJqwaOhsLt8y1TJD/
+MprEPPpMkkxvWsGvQuJImMbzGddCPiOjSetc91sfxgOMjAteVJkD4eW/sarehUJr
+ZDiUhv2/wZMdTqxvlY1eYVeOHPOMCXwT+IjGGc/5Nohnt2rFraUtK43b+GV4RwLC
+zXNoMsptxLI3CC0IYvagex/eCw1GmQSrHctNrNjBc4bmW8HvXT5M7sTs6GFQSHAH
+AgMBAAGjgYQwgYEwHQYDVR0OBBYEFJ0Eqvkv+PX/pnBDdvHqiv0vkMowMFIGA1Ud
+IwRLMEmAFJ0Eqvkv+PX/pnBDdvHqiv0vkMowoSakJDAiMSAwHgYDVQQDExdwYnN2
+aWQuaXRjLnZpcmdpbmlhLmVkdYIJAPj/QnGm+FXLMAwGA1UdEwQFMAMBAf8wDQYJ
+KoZIhvcNAQEEBQADggEBACRlVEZ74YaRBaCHdovFjNvjWcbvrx2V6ilsOEsm2oJ9
+4o7mJfMa0xd453PAV6siNY1A04C52kG7AK2wj82y719LIvX2VivmBR4CUuVTGkhZ
+8v17vP6/PFUcdaCsaSoH7/JfuJSxQsOVHXo6Sffxlqq71JytZ5Gjm6ocBdWjdT3J
+CN2uydhJAZdu7YjVwH7ZI8tS6b6tU/WQoxbrj6S+xBJXwKm/yZfXKOf8H+o1Zkry
+swDnfwJzBlSK0m8VNWLdzQ3cKoAmeWc3J3bcWEwW7BT8a0jT0uo/E3uorIaKiQBv
+32pp0LSFLefCqi0s0zxf/kyy/VDQ4294WDlpGNbDPfQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pbsvid.itc.Virginia.EDU/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pbsvid.itc.Virginia.EDU/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Hamp Carruth</GivenName>
+ <EmailAddress>ehc@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jim Jokl</GivenName>
+ <EmailAddress>jaj@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jim Jokl</GivenName>
+ <EmailAddress>jaj@Virginia.EDU</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibdemo.itc.virginia.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 599, expires on Sun Jul 17 17:56:10 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAlcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNjE3NTYxMFoXDTExMDcx
+NzE3NTYxMFowJDEiMCAGA1UEAxMZc2hpYmRlbW8uaXRjLnZpcmdpbmlhLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxQl1j9GhRzFdJdZVanwz5l9jAYTj
+sUpoarrGz+WlISAQX8T2rhjXn2p/a2QpeWd8/8fMD4ZDmirHyO7UwOZxGpathKTc
+ghzEXgvfkoWJbErw4AFTkPgwKmGLrJvCk+99eDLBe530oerBT1EV6K+R7IXyfrBr
+U5AuTG5rKVV0h68CAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+fm5L85pBjsTm2bjk+WpZclaD0s4wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZc2hpYmRlbW8uaXRjLnZpcmdpbmlhLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEAJtJDZsaPImLbGNzfX0RmEezkMXfAvvCo2ZDneE5N0W5XeiYASUnlk7eb24lU
+AEdB8TR7I2odKPdnq8p+4rntJj5vMC8pDZEF+wR/Ff6PE0s8grjWzsG2aZqcxMoy
+kUU5ywR6m2rWLIFbirGhMh3LkwvRRLwwhMlWuD4V5q2IwAfsGWaiwh11QbHs3m5n
+QHN7q/ZfnLj2udDiWvOJkYIh3h0/Ke7d8oDcujugcW1ZVecCSaQ3bewrM+efz+Nx
+G4NKkZaCqrP65vUbxuuBSVpFn+0Q2kXVQf5Usw1NMs3i+KUU8nkYgc6PWCn5eXnN
+BooOzoJmeO2SxlKrkDlPMB/o6g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibdemo.itc.virginia.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shibdemo.itc.virginia.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Hamp Carruth</GivenName>
+ <EmailAddress>ehc@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@virginia.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibsp.itc.virginia.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 529, expires on Mon May 9 18:43:38 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAhEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwODE4NDMzOFoXDTExMDUw
+OTE4NDMzOFowIjEgMB4GA1UEAxMXc2hpYnNwLml0Yy52aXJnaW5pYS5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOoim48eIohCmBsLGjw3h/wldOu5dCKy
+Cz5i/fwVKd499+xvmCu7DzxtU/fdXx7Tbo75kLIg4ZIXWqa7B6bImvRQFxe89lH/
+g3PmTbRQ3VLfc2hap8n7RPozi1D6AR/HEhPJfMOJRH9qZZCCYuxjpmxIXxuORPVd
++yat/cl4Ugl3AgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJqs
+OaEAnmS/yKYZXSFzPhIFhu1WMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF3NoaWJzcC5pdGMudmlyZ2luaWEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQC3
+Gkeq662EHlUOQHcolTs4nonY6EY89dr5T2UNrfwd4Oun9TURPg4rLpYNclYKVi/6
+nhyQzzGn0m0xcYbkVK4YH5H8ba6RVFYKGa9GNbE95zlEJ5SWcFNzuBwXc+jWevxP
+fmRDVZCLd4oHohFLUNiHkDGVJn7VxpLyTuj7Vw79U3sIAhrRvnZdz3Z7Q8aB5OBL
+DclPol0G8ivoGjXnQR9y1MDZ20nJS/HF4nlyUW4bEfLndknu1q5zLrgKHixkOxb6
+Ln/qMG5ijU7khTYfXYGZaBNkWZbLva+IkzpXW0Sfn49V2Ucd8BUHdYzXtK2qkpH3
+NKcdRcmcu10sIE7KvRsk
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibsp.itc.virginia.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shibsp.itc.virginia.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Hamp Carruth</GivenName>
+ <EmailAddress>ehc@virginia.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://wl-shib.eservices.Virginia.EDU">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 246, expires on Fri Jan 8 22:25:36 2010 GMT -->
+ <ds:X509Certificate>
+MIIFMTCCBBmgAwIBAgICAPYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEwODIyMjUzNloXDTEwMDEw
+ODIyMjUzNlowKTEnMCUGA1UEAxMed2wtc2hpYi5lc2VydmljZXMudmlyZ2luaWEu
+ZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJygOj5xX8QYPN9iXL4cmm
+g0RukFQv1oXDmdvjmm0LHAGGiPltZU60aEG/CQ0dMoEO8MZjPKnHPqK0Dm74Dbp6
+C373AcBNsQzXQDCy3zmR2yC55HigdYHMPGYlGL3vuTXPsxUudYaKfFnf5M3NhUcz
+1BnmKim3XjVeRRubX0/0vwIDAQABo4ICuDCCArQwDgYDVR0PAQH/BAQDAgWgMAwG
+A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud
+DgQWBBQWbGfr0a/w3cTm//m2yqasDho1DDB+BgNVHSMEdzB1gBSTLchhGK1j45tl
+s53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9u
+IEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRw
+Oi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21t
+b25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2
+aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGlj
+ZXMucGRmMCkGA1UdEQQiMCCCHndsLXNoaWIuZXNlcnZpY2VzLnZpcmdpbmlhLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAMN3tu/aQReNshLM9cYef6Ru66/BDup4Sg3v7
+oWotckfGY8+KdF1HMnmGxVHTOgbgVzekMXu0ps0ejFGCi21cY8ExHk8vNp2VvTcz
+jbJgkRPkDAtqQ3Rrq3tFCaLkuaICM7p9KjWP9JmO9LnHeZ0VFg6v/wMfG3r5my3j
+nlTNwzoicLTCoUHaztaWoSWfk85QE4XMcM1AwG980XjNttY58HR1fw+ixbJR6Cwv
+ZdlxgJGKBaxuA60ek4Cn5vtVzo+8E/HVG7DSpNDHEhwNr6p1GcmLvwrK5SzCIMTJ
+aoYDDcsCzy4VMCHLvOL9LsYxGYiyz2KWGyuOcM4wLjUp6OnLPA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wl-shib.eservices.Virginia.EDU/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://wl-shib.eservices.Virginia.EDU/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Microsystems Group</GivenName>
+ <EmailAddress>itc-microsystems@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Hamp Carruth</GivenName>
+ <EmailAddress>ehc@virginia.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://wl-shib.eservices.virginia.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 246, expires on Fri Jan 8 22:25:36 2010 GMT -->
+ <ds:X509Certificate>
+MIIFMTCCBBmgAwIBAgICAPYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEwODIyMjUzNloXDTEwMDEw
+ODIyMjUzNlowKTEnMCUGA1UEAxMed2wtc2hpYi5lc2VydmljZXMudmlyZ2luaWEu
+ZWR1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDJygOj5xX8QYPN9iXL4cmm
+g0RukFQv1oXDmdvjmm0LHAGGiPltZU60aEG/CQ0dMoEO8MZjPKnHPqK0Dm74Dbp6
+C373AcBNsQzXQDCy3zmR2yC55HigdYHMPGYlGL3vuTXPsxUudYaKfFnf5M3NhUcz
+1BnmKim3XjVeRRubX0/0vwIDAQABo4ICuDCCArQwDgYDVR0PAQH/BAQDAgWgMAwG
+A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud
+DgQWBBQWbGfr0a/w3cTm//m2yqasDho1DDB+BgNVHSMEdzB1gBSTLchhGK1j45tl
+s53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9u
+IEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRw
+Oi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21t
+b25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2
+aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGlj
+ZXMucGRmMCkGA1UdEQQiMCCCHndsLXNoaWIuZXNlcnZpY2VzLnZpcmdpbmlhLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAMN3tu/aQReNshLM9cYef6Ru66/BDup4Sg3v7
+oWotckfGY8+KdF1HMnmGxVHTOgbgVzekMXu0ps0ejFGCi21cY8ExHk8vNp2VvTcz
+jbJgkRPkDAtqQ3Rrq3tFCaLkuaICM7p9KjWP9JmO9LnHeZ0VFg6v/wMfG3r5my3j
+nlTNwzoicLTCoUHaztaWoSWfk85QE4XMcM1AwG980XjNttY58HR1fw+ixbJR6Cwv
+ZdlxgJGKBaxuA60ek4Cn5vtVzo+8E/HVG7DSpNDHEhwNr6p1GcmLvwrK5SzCIMTJ
+aoYDDcsCzy4VMCHLvOL9LsYxGYiyz2KWGyuOcM4wLjUp6OnLPA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wl-shib.eservices.virginia.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://wl-shib.eservices.virginia.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Virginia</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Virginia</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.virginia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Jokl</GivenName>
+ <EmailAddress>jaj@Virginia.EDU</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>ITC Microsystems</GivenName>
+ <EmailAddress>itc-microsystems@virginia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Hamp Carruth</GivenName>
+ <EmailAddress>ehc@Virginia.EDU</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Iparadigms, LLC -->
+<EntityDescriptor entityID="https://shibboleth.turnitin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 318, expires on Fri May 14 17:33:59 2010 GMT -->
+ <ds:X509Certificate>
+MIIFpzCCBI+gAwIBAgICAT4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUxMzE3MzM1OVoXDTEwMDUx
+NDE3MzM1OVowIjEgMB4GA1UEAxMXc2hpYmJvbGV0aC50dXJuaXRpbi5jb20wggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClFXU2TXopZSwBQkAne2vuWGlI
+xmVsPnKv8DeqqWOs8ScBqf2F4bhNW2eVtUMZJd2L8xdzkNDhoqAzn8YDiuEA52e8
+1SdE0VBpIjwWifhOMfmacmRc4XCbKGFhtMo+gWfSkOkReO4wtKNfcJyhvwFH0MXt
+6hNaXk5G2j/7A6AK/sw0EywDPDFmHCQ/tSMJr/eOE4utVQrjwWF6qXMapKid7P+w
+YsPGrR0CsCBydv0imOsbJs5wI1USC/x04J/w1g1Py4+g2LcpgfTCsWU+jfd55S7i
+MHqXGuIR45qegR7ErZBo4Dzfe9u4D6YuIpgFaBu4RTWTZALckHo9aalqjH6TAgMB
+AAGjggKxMIICrTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFMiCK9/ikFWgsFB60TT3
+c1LPDRE3MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUF
+BwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlD
+QSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIgYDVR0RBBswGYIX
+c2hpYmJvbGV0aC50dXJuaXRpbi5jb20wDQYJKoZIhvcNAQEFBQADggEBAJV1IB5T
+1boMXn3D62DRfdzG84s5f1bBAsjo9SXi0woXktba5o7lGAkfCy0gaRCZjT/FwShx
+akWYtzrMgCS2ThgBtjVIKLN/FF/YEyWwalPhdEbgsJs/uMF/D4uiM1BHyuV536PM
+F3mTBHGJ/VCSZ8qMehY2GtdIpa1xelCVB7glAm6/rZj5g12+2PE2UnYuPCWs+Dm1
+qas1ii/DbDqGfKS4hShZ9mGJuEY8KJtmf83xvpucEShyLmdhUeIrCYEE29gsXLEK
+TEbgyoWCOyjlbWxUYXMOEBI9qXjrZ060fukVIGy/tri493L64uxIhNedeH5IT3Bw
+6G9zqobsMtXrfUE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.turnitin.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shibboleth.turnitin.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Iparadigms, LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Iparadigms, LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.iparadigms.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David Wu</GivenName>
+ <EmailAddress>davidw@iparadigms.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Chicago -->
+<EntityDescriptor entityID="urn:mace:incommon:uchicago.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uchicago.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 612, expires on Mon Aug 1 17:55:17 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAmQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDczMTE3NTUxN1oXDTExMDgw
+MTE3NTUxN1owIzEhMB8GA1UEAxMYc2hpYmJvbGV0aDIudWNoaWNhZ28uZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA98rTmuDl1CxD658zZKvS1OrS
+hsjsi+gCPjmJx6P6sUuqwLQIRNSB8GgI1LlfuiJp71QGOdj41nXidTvRGlroY9cU
+hckif2pH9iRz1akuANZ/54blZ2tt19OfzfpyMCvRsaTbGnD6zl5ulMSveSAhtVvl
+4GkaxtD0hOe1djvIGj5mn+ZI7OKV2y9jbVVnLnKWZiq+yG0WJcRZefvMKCSlG03g
++tZqUuro41GF7KRqWcPDkFZ+Pk206Z/ghL6JyiNbxdpVYh9CRPPqZQXsuePdarWk
+qC63loUToIFa2iLSXpoWLiUCoTi3qdX1QXikdN6L+SzFY0vZYhsX9vU9awTdlQID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBR68tr4PAoR+zkSodd5
+q2mB/vJKNTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhzaGliYm9s
+ZXRoMi51Y2hpY2Fnby5lZHUwDQYJKoZIhvcNAQEFBQADggEBAD/J2ZOn2fefBWRF
+1HNGBBe9fWJOrLcnK/R8q6CR59d4UB7WF/FMcWEmHKekneY8ty96BSmQKLWbt9/3
+CzZ97B9YhiLc0mTP5DRXP9wJTy9bf9J56IdW/i7+Jfh5LQNYs4u5npOh7sdEf6jH
+oegc3k4xMDe2W8ACApJ2F4crn/hn9CvXHRLj0gZr+GZSK6HHS4834dyyZLZWSziM
+Q6TZy9N42UV4cY8r/9cmNOSM6Qxj+Qzv/BbO4E3pPUie3tKwpDil7wV6tGyuKD97
+u7WzPQPLeb26es0x4jFo5ztfX6LFyCuFirAQnnDRrDi4euEYT/nyi+Q7G67CTDvr
+GZT4Jfs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth2.uchicago.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth2.uchicago.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth2.uchicago.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth2.uchicago.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth2.uchicago.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth2.uchicago.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uchicago.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 612, expires on Mon Aug 1 17:55:17 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAmQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDczMTE3NTUxN1oXDTExMDgw
+MTE3NTUxN1owIzEhMB8GA1UEAxMYc2hpYmJvbGV0aDIudWNoaWNhZ28uZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA98rTmuDl1CxD658zZKvS1OrS
+hsjsi+gCPjmJx6P6sUuqwLQIRNSB8GgI1LlfuiJp71QGOdj41nXidTvRGlroY9cU
+hckif2pH9iRz1akuANZ/54blZ2tt19OfzfpyMCvRsaTbGnD6zl5ulMSveSAhtVvl
+4GkaxtD0hOe1djvIGj5mn+ZI7OKV2y9jbVVnLnKWZiq+yG0WJcRZefvMKCSlG03g
++tZqUuro41GF7KRqWcPDkFZ+Pk206Z/ghL6JyiNbxdpVYh9CRPPqZQXsuePdarWk
+qC63loUToIFa2iLSXpoWLiUCoTi3qdX1QXikdN6L+SzFY0vZYhsX9vU9awTdlQID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBR68tr4PAoR+zkSodd5
+q2mB/vJKNTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhzaGliYm9s
+ZXRoMi51Y2hpY2Fnby5lZHUwDQYJKoZIhvcNAQEFBQADggEBAD/J2ZOn2fefBWRF
+1HNGBBe9fWJOrLcnK/R8q6CR59d4UB7WF/FMcWEmHKekneY8ty96BSmQKLWbt9/3
+CzZ97B9YhiLc0mTP5DRXP9wJTy9bf9J56IdW/i7+Jfh5LQNYs4u5npOh7sdEf6jH
+oegc3k4xMDe2W8ACApJ2F4crn/hn9CvXHRLj0gZr+GZSK6HHS4834dyyZLZWSziM
+Q6TZy9N42UV4cY8r/9cmNOSM6Qxj+Qzv/BbO4E3pPUie3tKwpDil7wV6tGyuKD97
+u7WzPQPLeb26es0x4jFo5ztfX6LFyCuFirAQnnDRrDi4euEYT/nyi+Q7G67CTDvr
+GZT4Jfs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth2.uchicago.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth2.uchicago.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Chicago</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Chicago</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uchicago.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Redmond Militante</GivenName>
+ <EmailAddress>rjm@uchicago.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Tom Barton</GivenName>
+ <EmailAddress>tbarton@uchicago.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Champion</GivenName>
+ <EmailAddress>dgc@uchicago.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Roy Bixler</GivenName>
+ <EmailAddress>rbixler@uchicago.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Miami University -->
+<EntityDescriptor entityID="urn:mace:incommon:muohio.edu">
+ <IDPSSODescriptor errorURL="https://shib-idp.muohio.edu/shibboleth/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">muohio.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 237, expires on Sat Dec 12 22:15:28 2009 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAO0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTIxMjIyMTUyOFoXDTA5MTIx
+MjIyMTUyOFowHjEcMBoGA1UEAxMTc2hpYi1pZHAubXVvaGlvLmVkdTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxAV+DcXA1cn3RGHlBvI2yejibktnW4
+cfXemjO0CvKk1h7zdERPAcfhhvbQossgo92OsE/6stvVrKn+xurhI3YrPPm3XYvf
+C4wzznnMEVhpzSGKZUxlWoIIJgWf9eH6TOxC8LPE9hhE4jj+84w9wGfyhYHUdvQH
+69qvrUgovcI3Hx1+TMP1remjCf/iR0I9cOIDz/CG7GL0eouuT5sH07rF7YM+sS93
+WuizaOF+E6CZVN3x7QhmC/DoIfPjBPj6gQkGciJDxXTHtxVcsWHC1Z3zb+Kr2YTE
+z8ah62BfnsxrNc0xU9tKYWfzm7Dl/QnOLyuKj81EInJeLbhZo4lUMCsCAwEAAaOC
+Aq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU6Rqv0bfCRwLoaXd9Y+9gw7zC
+iRowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEE
+ga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElz
+c3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNVHREEFzAVghNzaGli
+LWlkcC5tdW9oaW8uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAqFk1/yQJImBQXMK5o
+hwZnYHMsvLeF5ksA9fPgzLIrL0/uP2utcEvwkaM0F0ZMp824xlijK2GKKiF1ObdN
+JkQUM1h4SklrV70Qb3n9mDOoYCj1lgv4BIP617Yvnpxdq3WzK4S+9ZmYp0dwNKo9
+qO0/vHmA0p3SOeq/UFDR/IgN1/pAArkS/npQl9Xvq1HVoY1aVpSqBH8Lz999nEXD
+EOlGbtX7D4EWuFy+gmUeFGEGx1gkGK0H1vQb3eDfrCwj7AtKZXjMR6hjGAP5SWfu
+ZKN+3QhIloMpOAoppjZ6bgxw2lHSFkS/km8j13r6zMRBiLpMWXqngti+sw8AVBqK
+lKw+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib-idp.muohio.edu/shibboleth-idp/AuthSSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">muohio.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 237, expires on Sat Dec 12 22:15:28 2009 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAO0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTIxMjIyMTUyOFoXDTA5MTIx
+MjIyMTUyOFowHjEcMBoGA1UEAxMTc2hpYi1pZHAubXVvaGlvLmVkdTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKxAV+DcXA1cn3RGHlBvI2yejibktnW4
+cfXemjO0CvKk1h7zdERPAcfhhvbQossgo92OsE/6stvVrKn+xurhI3YrPPm3XYvf
+C4wzznnMEVhpzSGKZUxlWoIIJgWf9eH6TOxC8LPE9hhE4jj+84w9wGfyhYHUdvQH
+69qvrUgovcI3Hx1+TMP1remjCf/iR0I9cOIDz/CG7GL0eouuT5sH07rF7YM+sS93
+WuizaOF+E6CZVN3x7QhmC/DoIfPjBPj6gQkGciJDxXTHtxVcsWHC1Z3zb+Kr2YTE
+z8ah62BfnsxrNc0xU9tKYWfzm7Dl/QnOLyuKj81EInJeLbhZo4lUMCsCAwEAAaOC
+Aq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU6Rqv0bfCRwLoaXd9Y+9gw7zC
+iRowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEE
+ga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElz
+c3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNVHREEFzAVghNzaGli
+LWlkcC5tdW9oaW8uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAqFk1/yQJImBQXMK5o
+hwZnYHMsvLeF5ksA9fPgzLIrL0/uP2utcEvwkaM0F0ZMp824xlijK2GKKiF1ObdN
+JkQUM1h4SklrV70Qb3n9mDOoYCj1lgv4BIP617Yvnpxdq3WzK4S+9ZmYp0dwNKo9
+qO0/vHmA0p3SOeq/UFDR/IgN1/pAArkS/npQl9Xvq1HVoY1aVpSqBH8Lz999nEXD
+EOlGbtX7D4EWuFy+gmUeFGEGx1gkGK0H1vQb3eDfrCwj7AtKZXjMR6hjGAP5SWfu
+ZKN+3QhIloMpOAoppjZ6bgxw2lHSFkS/km8j13r6zMRBiLpMWXqngti+sw8AVBqK
+lKw+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp.muohio.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Miami University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Miami University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.muohio.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Dirk Tepe</GivenName>
+ <EmailAddress>tepeds@muohio.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Stanford University -->
+<EntityDescriptor entityID="urn:mace:incommon:stanford.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">stanford.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 321, expires on Sun May 16 19:10:30 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAUEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUxNTE5MTAzMFoXDTEwMDUx
+NjE5MTAzMFowGzEZMBcGA1UEAxMQaWRwLnN0YW5mb3JkLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANI3AIyMQqO6fGB6Wfvc8KsrxSV3VykXPNeK
+AHy0rblfuS6dSBZmHt/yFryQTCH3Mff0jsfLCXXzfUz3ruGPBfjxPTSagmyrnS+A
+eszkDDv8C/bwIOQXv41+EQWZ4T1xR/iySGop4qNEQ2J3uvis5v1AFL6TB4weJO6r
+473UtztPXv57LhuY2WlunVrAo3AE/Jc/8/fWnn7viWMugm0F0UIP5oF2nuWGd6V1
+/rylvSYBFp8nspIDldzpYRPpHrPZ0rmIzQOPkDTuEQGrtMCsMj0rXvjSYP18T6JW
+3cywS+YqnpHOu0d6QUWLVrAkFE2DjsJP6ycq3cMeS4GV9Y4uJ2ECAwEAAaOCAqow
+ggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUN6Rmbkx/bBGq2F3c4zEnL4RROHAw
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0w
+gaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3Vl
+cnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREEFDASghBpZHAuc3Rh
+bmZvcmQuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAQZI4Zrr26sgQec9swH3w/rwq5
+nLNR36JYpNDhm/EaKALolZh/cm9Fdb5IxY87u0O1h8zDv8JAWjP17R1YrxTg9pNO
+dj2aqoKu0cZYIk+sUNeCZFhq9sJfcMlmFlgqKcb1G6f1gMW0v4IHBmYYFAajitr+
+VZ3IAUC7oa2Ung9CNAmIqlLzUF77KpRm7nBO9IRjjQVVozr+F8jzDulXLoDiadaC
+tYldAgjArzuKhqF5zrj1GDrnB1EJas6P0OAQl5ALEJGeKJVl/IkUZWdMSoqOMVgw
+OM+lOwFibbhFDr8OXA8xZGKw7ALjLnqxW7QJswbBGCDvdX0fWgIlToffYSIV
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.stanford.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.stanford.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">stanford.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 321, expires on Sun May 16 19:10:30 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAUEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUxNTE5MTAzMFoXDTEwMDUx
+NjE5MTAzMFowGzEZMBcGA1UEAxMQaWRwLnN0YW5mb3JkLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANI3AIyMQqO6fGB6Wfvc8KsrxSV3VykXPNeK
+AHy0rblfuS6dSBZmHt/yFryQTCH3Mff0jsfLCXXzfUz3ruGPBfjxPTSagmyrnS+A
+eszkDDv8C/bwIOQXv41+EQWZ4T1xR/iySGop4qNEQ2J3uvis5v1AFL6TB4weJO6r
+473UtztPXv57LhuY2WlunVrAo3AE/Jc/8/fWnn7viWMugm0F0UIP5oF2nuWGd6V1
+/rylvSYBFp8nspIDldzpYRPpHrPZ0rmIzQOPkDTuEQGrtMCsMj0rXvjSYP18T6JW
+3cywS+YqnpHOu0d6QUWLVrAkFE2DjsJP6ycq3cMeS4GV9Y4uJ2ECAwEAAaOCAqow
+ggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUN6Rmbkx/bBGq2F3c4zEnL4RROHAw
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0w
+gaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3Vl
+cnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREEFDASghBpZHAuc3Rh
+bmZvcmQuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAQZI4Zrr26sgQec9swH3w/rwq5
+nLNR36JYpNDhm/EaKALolZh/cm9Fdb5IxY87u0O1h8zDv8JAWjP17R1YrxTg9pNO
+dj2aqoKu0cZYIk+sUNeCZFhq9sJfcMlmFlgqKcb1G6f1gMW0v4IHBmYYFAajitr+
+VZ3IAUC7oa2Ung9CNAmIqlLzUF77KpRm7nBO9IRjjQVVozr+F8jzDulXLoDiadaC
+tYldAgjArzuKhqF5zrj1GDrnB1EJas6P0OAQl5ALEJGeKJVl/IkUZWdMSoqOMVgw
+OM+lOwFibbhFDr8OXA8xZGKw7ALjLnqxW7QJswbBGCDvdX0fWgIlToffYSIV
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.stanford.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stanford University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stanford University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.stanford.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Shibboleth Support</GivenName>
+ <EmailAddress>shibboleth-team@lists.stanford.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://courseware-univ.stanford.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16099079101833407397, expires on Fri Feb 21 19:29:04 2020 GMT -->
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIJAN9rayWDseulMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGNvdXJzZXdhcmUtdW5pdi5zdGFuZm9yZC5lZHUwHhcNMTAwMjIzMTkyOTA0
+WhcNMjAwMjIxMTkyOTA0WjAnMSUwIwYDVQQDExxjb3Vyc2V3YXJlLXVuaXYuc3Rh
+bmZvcmQuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxW236dfo
+0ag63R+1aK1rE15Mgz9v7hAez1EDsdCRl5u7QksBzxjADlCJFht4/sJluO34KC85
+RVIDpcfehIt16BW0l3zreubynlu5F91msY7EL3U0Qn6qHckH7UufPpilI1P0gnVB
+HOPGqjjacEPFkzJLgkfuG4kupLGvdWZpT4X3NlhzIUkhho9Oq6Tuwm0v84+FuNnz
+6Bp/F6PLbyqaRDSUMF+xEUUrgTji27f5r44XNx+7NncZ1o6SqK7WZ3EcTtKacHtt
+tM68qinDDwrWk3zxKJrF7sRuOdRkQdW8j6l7IZq6yU1uA7TFPjW2flc9UBGHIXHv
+tEorPPKsQxQ8QQIDAQABo0owSDAnBgNVHREEIDAeghxjb3Vyc2V3YXJlLXVuaXYu
+c3RhbmZvcmQuZWR1MB0GA1UdDgQWBBSIgfMjvyxop2ot5bmywtz8oz23sjANBgkq
+hkiG9w0BAQUFAAOCAQEAQMEj+HE3uWY9CDPWQWjhQzjd2mxYO0BNpXX65KFR6gaT
+2mVSwXooO1XTTIezpLOo3WMSxrwjcSE1oNnTC81uLM0Xrx5xG5cwcCUKh1Wql/fh
+fiHSV5TZ0SqgYazCaTk8kZ+vOnul4Om0wbYAUIFvTaFDILkTtJslfn1grGjFRPmY
+1nn/SDnJPo0vvNvkcQmlwa7VmCYgr+2cDG2PkR0FTb2trVyQ5KZ1bD/V7SfiJmhr
+1fYYUZP0bmeEQ6FgpKIfLZSw0gOfzgssV8aVDAz76MballcjBAgOuULAFKFrFBT1
+6AHpXGUt+bwX7T/zKsnbYsjbAYLnzmGmveuRjRpAdg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://courseware-univ.stanford.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://courseware-univ.stanford.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stanford University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stanford University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.stanford.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Akhilesh Gupta</GivenName>
+ <EmailAddress>courseware@cs.stanford.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Akhilesh Gupta</GivenName>
+ <EmailAddress>courseware@cs.stanford.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ehsappdev1.stanford.edu/shb">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 73320189246568539311511869020311168919, expires on Mon May 30 23:59:59 2011 GMT -->
+ <ds:X509Certificate>
+MIIF4jCCBMqgAwIBAgIQNyj0bcKoeh5+gRHK9IinlzANBgkqhkiG9w0BAQUFADB7
+MQswCQYDVQQGEwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYD
+VQQHEwdTYWxmb3JkMRowGAYDVQQKExFDb21vZG8gQ0EgTGltaXRlZDEhMB8GA1UE
+AxMYQUFBIENlcnRpZmljYXRlIFNlcnZpY2VzMB4XDTA5MDQyNzAwMDAwMFoXDTEx
+MDUzMDIzNTk1OVowggEFMQswCQYDVQQGEwJVUzEOMAwGA1UEERMFOTQzMDUxEzAR
+BgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcTCFN0YW5mb3JkMRgwFgYDVQQJEw8z
+OTcgUGFuYW1hIE1hbGwxHDAaBgNVBAoTE1N0YW5mb3JkIFVuaXZlcnNpdHkxDTAL
+BgNVBAsUBEVIJlMxOTA3BgNVBAsTMElzc3VlZCB0aHJvdWdoIFN0YW5mb3JkIFVu
+aXZlcnNpdHkgRS1QS0kgTWFuYWdlcjEaMBgGA1UECxMRQ29tb2RvIEluc3RhbnRT
+U0wxIDAeBgNVBAMTF2Voc2FwcGRldjEuc3RhbmZvcmQuZWR1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Zlo3PsF3RrL8caqr0IVB/lCwgdW/LaxExL3
+lnqgrLPMaxNwTVdsMQxtn/3oHoNePVdxX13JiXpifxEGK2Qi0Obpf/Jlk8Fb7rH8
+r0PgFlDXl0zzV6VK2YNc83aNULTtJrjVMZIg1iYbgjHlwI3Yh0Vt249uGxC8yRR1
+zPxA+rsgY0TmC00+4Dt1pl+4sNz8jad7/67NON1yr/+xtpZsrydEYAneQJoi++ey
+NM7s0XJY+XpIE4yqX3lX8cbYKzOu6mS12ZCmWkcUn10i/L09rXfM9P7shez+MziV
+bh4XSKZYFVISzeE5BgWL8YjOoWMaF3ixxg5s6cPzuROaL3ptjwIDAQABo4IB1DCC
+AdAwHwYDVR0jBBgwFoAUMEPcZM0ZXKnzGdI3CZaRngzo1j0wHQYDVR0OBBYEFPX8
+afqj8/a6SGB+K8Kqoqe++ggOMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjARBglghkgBhvhCAQEEBAMC
+BsAwRgYDVR0gBD8wPTA7BgwrBgEEAbIxAQIBAwQwKzApBggrBgEFBQcCARYdaHR0
+cHM6Ly9zZWN1cmUuY29tb2RvLm5ldC9DUFMwfwYDVR0fBHgwdjA6oDigNoY0aHR0
+cDovL2NybC5jb21vZG9jYS5jb20vQUFBQ2VydGlmaWNhdGVTZXJ2aWNlc18yLmNy
+bDA4oDagNIYyaHR0cDovL2NybC5jb21vZG8ubmV0L0FBQUNlcnRpZmljYXRlU2Vy
+dmljZXNfMi5jcmwwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v
+b2NzcC5jb21vZG9jYS5jb20wPwYDVR0RBDgwNoIXZWhzYXBwZGV2MS5zdGFuZm9y
+ZC5lZHWCG3d3dy5laHNhcHBkZXYxLnN0YW5mb3JkLmVkdTANBgkqhkiG9w0BAQUF
+AAOCAQEAWnijjFEofUgtSHH1fRF6cGbjkc3ijIB9AOtgJ/nsYRDwp4L9nDGuK05w
+YFbEDc1LvRCmaz5PSB5q3Ktzp04+r+u3G+wUHxxGz6I25jslLbiV/tZuEXHeD66q
+Di2GvShzG2f1mlKblLLmoEzW4pB200ACmwBJjIPjbJU8WYmfNXtyDtQ0g+g0yI17
+AYjBQ0ojGhsUDZN7lRzKmpvDz2Qm/Ij4oe7A6xUzcrJSVBVMcsFQRVRRMUTDtHmS
+LY1yrUWkkmTNAW8oVvKsuNr5fLg1gC/JA3fo8DwXlvc68pMZ+2CXy3xT67cZdC/u
+W3z02QGA4MvF80TETHkv4WwO89LfiQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ehsappdev1.stanford.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ehsappdev1.stanford.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stanford University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stanford University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.stanford.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David Chaskelmann</GivenName>
+ <EmailAddress>dchask@stanford.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Palle Nielsen</GivenName>
+ <EmailAddress>pnielsen@stanford.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ehsctweb1.stanford.edu/shb">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 191697145830504975574066860235017306184, expires on Fri Nov 25 23:59:59 2011 GMT -->
+ <ds:X509Certificate>
+MIIF5DCCBMygAwIBAgIRAJA3hv/PaC5JEx6KmStmQEgwDQYJKoZIhvcNAQEFBQAw
+ezELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
+A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ29tb2RvIENBIExpbWl0ZWQxITAfBgNV
+BAMTGEFBQSBDZXJ0aWZpY2F0ZSBTZXJ2aWNlczAeFw0wOTExMjUwMDAwMDBaFw0x
+MTExMjUyMzU5NTlaMIIBGzELMAkGA1UEBhMCVVMxDjAMBgNVBBETBTk0MzA1MRMw
+EQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhTdGFuZm9yZDEvMC0GA1UECRMm
+MjQxIFBhbmFtYSBTdHJlZXQsIFBpbmUgSGFsbCwgUm9vbSAxMTUxHDAaBgNVBAoT
+E1N0YW5mb3JkIFVuaXZlcnNpdHkxDTALBgNVBAsUBEVIJlMxOTA3BgNVBAsTMElz
+c3VlZCB0aHJvdWdoIFN0YW5mb3JkIFVuaXZlcnNpdHkgRS1QS0kgTWFuYWdlcjEa
+MBgGA1UECxMRQ29tb2RvIEluc3RhbnRTU0wxHzAdBgNVBAMTFmVoc2N0d2ViMS5z
+dGFuZm9yZC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDA8drz
+oGv1bKWCRxn/kL7k73pzjjm5HGuefbUnubr0MBHpYYwux1g6jI/31gzbNc+Ss46c
+tr2mOp4usn1R2K9PwQyYCD1o7k2UkG2mD4xQKrIXJCYRe2xnBMHNe1rOhgPy/RYv
+vUnu+NNAqHu9+YsaaDKMM8CfmJZCt5Sr/WxMtoSKay4+2zCHj+hpZvfTcxyOCChE
+Z0VnhgkLP7ui7O5GDZdTFm4otj5CX876Rf2iz4x8Oizs2QGeq+njDcWE6h7NRUya
+7yj8jo8sJORVRew+KNMZsCuiTdjN7GWev3+jOmywfca1okqv13MrV49HmRixabDS
+ksk6mFcjbqFfGSnVAgMBAAGjggG/MIIBuzAfBgNVHSMEGDAWgBQwQ9xkzRlcqfMZ
+0jcJlpGeDOjWPTAdBgNVHQ4EFgQUUGeNRJMhDLOM9QULGreVZqG79u4wDgYDVR0P
+AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMEYGA1UdIAQ/MD0wOwYMKwYBBAGyMQECAQMEMCswKQYIKwYBBQUHAgEW
+HWh0dHBzOi8vc2VjdXJlLmNvbW9kby5uZXQvQ1BTMH8GA1UdHwR4MHYwOqA4oDaG
+NGh0dHA6Ly9jcmwuY29tb2RvY2EuY29tL0FBQUNlcnRpZmljYXRlU2VydmljZXNf
+Mi5jcmwwOKA2oDSGMmh0dHA6Ly9jcmwuY29tb2RvLm5ldC9BQUFDZXJ0aWZpY2F0
+ZVNlcnZpY2VzXzIuY3JsMDQGCCsGAQUFBwEBBCgwJjAkBggrBgEFBQcwAYYYaHR0
+cDovL29jc3AuY29tb2RvY2EuY29tMD0GA1UdEQQ2MDSCFmVoc2N0d2ViMS5zdGFu
+Zm9yZC5lZHWCGnd3dy5laHNjdHdlYjEuc3RhbmZvcmQuZWR1MA0GCSqGSIb3DQEB
+BQUAA4IBAQB2pbM5IlzWL4mk8mn8hC7+kp6MhDmyhIx7URs/tWDRF6pIHsDg//Nk
+NaAHdKo5QJQ8eoMef86HbVOOyJ0EUSxfTkcHjJNkLAONMDNlG5xG5FthgAaVgZEI
+J655evwQTH+TjBrwqoWeRDdWim97sQF35bNtOcMLNahUYPd8W3blp/jkBEk830P/
+xPgYSkRfzzARj/ah9ZSKlIgmtH9H8YRC7ZUWWvpHZ/krd4RiciqQw1lGSbnukda1
+h26HqjoiitfWp4noVmKJT19ceniLGtxCyf/88hiYma42sIc+xrgKQTdElynuS4lC
+BA1ETMsJKskWPE85DbelyFazqmiOZgP4
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ehsctweb1.stanford.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ehsctweb1.stanford.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stanford University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stanford University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.stanford.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David Chaskelmann</GivenName>
+ <EmailAddress>dchask@stanford.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Palle Nielsen</GivenName>
+ <EmailAddress>pnielsen@stanford.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://itarch.stanford.edu/shibboleth/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 188, expires on Tue Jul 22 15:34:54 2008 GMT -->
+ <ds:X509Certificate>
+MIIFyjCCBLKgAwIBAgICALwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDcyMzE1MzQ1NFoXDTA4MDcy
+MjE1MzQ1NFowSTELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE1N0YW5mb3JkIFVuaXZl
+cnNpdHkxHDAaBgNVBAMTE2l0YXJjaC5zdGFuZm9yZC5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDHroeavlcu0ycs1sxA5JWKpJxydiT4s3js+YA1
+xnBjpntynfiiUohe5FlQhZq169OCykujJJWNDP9LMffqVKus6hpDiPiuUB/39giH
+Z0eSgDgOH/7VFaIoRASceghSYGixZnUrMS44V/PRl9V61VNh9q3KGp6efp/s9a7F
+oyxVwrvzJVupd8no/GlHORot6R//ACT684lzercv4amjHvokk0S9H04+Z87AtKuu
+4OdOUGxQOpaPxf7ZBRS+5HvMUaCCPsgbNgE8fT8TsYuxvtAjdAuSv4PfpfAIlyQR
+ndhsMzi4Ro1oS+WXMo78RVZ/hzUxY1lS5t9IKq9UQJf35v4DAgMBAAGjggKtMIIC
+qTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFIYEg0xGMlf8ZAC/lTA1h1e5WGuNMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGq
+MIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJz
+IC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYITaXRhcmNoLnN0
+YW5mb3JkLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAfdDyTeFgQxKgt+0Q0KYTloJI
+OCGiuULSfkPuPKs9oO1Waf3jFKW4rfcJTsNDzrSaaWzGHyn2vNwZ2wVC1vHawuN8
+pMQDj8EKQonzn5fz83M2CM7YFNfFuGu68TVjTyvJUW3pnFPRO1VVn4c9YxJuNZh+
+mK/U/mhWGqsBZTYPky/9MarFW07CCxhNGWfBPH++eDaHZnwOYyRf6V1Rj9Wwfrbu
+XiSTiQShkMEQF6BvikOqwyUQA/NYBE27NqRamLpFM7xVVCYfjF7O75DMphT3C/9q
+N1MbE9o78BZMASp6nBuypbPndp4d9BOjollWmj325wFO87J0R503a/WPaUPZQQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://itarch.stanford.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://itarch.stanford.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stanford University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stanford University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.stanford.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bruce Vincent</GivenName>
+ <EmailAddress>bvincent@stanford.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Scotty Logan</GivenName>
+ <EmailAddress>swl@stanford.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www-shib.stanford.edu/shibboleth/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 110, expires on Thu Nov 15 22:04:21 2007 GMT -->
+ <ds:X509Certificate>
+MIIFzTCCBLWgAwIBAgIBbjANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYxMTE1MjIwNDIxWhcNMDcxMTE1
+MjIwNDIxWjBLMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTU3RhbmZvcmQgVW5pdmVy
+c2l0eTEeMBwGA1UEAxMVd3d3LXNoaWIuc3RhbmZvcmQuZWR1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iXuBhRhHC45NqRxWoKFAJ95iCakMbulbbj7
+sROYxfbbIAN6wkiTHQRdZQAIFh2T7oMyfb4fcXQEv1ShxHpC+KT3AwENgh1VpGZg
+AVs/sUXPM39h6O8ci1ysi3151+9Y0Mp7rKJAbbowZGv5jcNfuk9X8DNoQQL39eeM
+wiIBMOmgQ/dBau7kX4Iyi0zqxKGbwdQDHZqXu8n5zblxkSEwEafQB+IAEGPisoXn
+c+1zOmigC3mUblOwaMsi8EOr1L59q6K+N9BUAa899KWHB1MRsZPfr1vRQX+tPFTn
+aNRiaS+JYRR+5+uaeOkA13jT1tf7ue9l4JfVqFA4K5vJs3LsXwIDAQABo4ICrzCC
+AqswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQNUOIMH05VSI4xQyG88tWO8d5tDTB+
+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMC
+VVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29t
+bW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCB
+qjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVy
+cyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCAGA1UdEQQZMBeCFXd3dy1zaGli
+LnN0YW5mb3JkLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAr5eDL9FsII9fEdOLdy6w
+zN8nZ9dbOVTfyESrjzeY5kO6TkjAXch3D3nj5bVfALYgRG7fyxSJCaNuiv42Vvya
+/OKQLi/k+DU/1DcGX+p1/pLPkcXn6CQoAH6kymnCLwYNDCFe48cWJbVBo2NQySQf
+sepoOAedxiKkK5POP1bMaMo0Q6UUByLBrJC7K0jlUO82dqdLX22WC+DK8Eoy+VuD
+L1s4v3DI7z+MNYe6xg1Zb5VFfIe0J0hQo3CUuQvGH5603QsEN5jGQnXiKdQ4X6vL
+RbpF11hwXDhGZ33Jd03Wcl8hZSJSwjv22Ab56pyBLTSLYooT2iOcjQi0hLooZlXC
+yw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www-shib.stanford.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www-shib.stanford.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stanford University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stanford University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.stanford.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bruce Vincent</GivenName>
+ <EmailAddress>bvincent@stanford.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Scotty Logan</GivenName>
+ <EmailAddress>swl@stanford.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Alabama at Birmingham -->
+<EntityDescriptor entityID="urn:mace:incommon:uab.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uab.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 311, expires on Fri May 7 19:08:37 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICATcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUwNjE5MDgzN1oXDTEwMDUw
+NzE5MDgzN1owGzEZMBcGA1UEAxMQc2hpYi5kcG8udWFiLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA09nElsNeEHmUZK2CMOccLeBz60/pBGkJvhiHhuuX
+WnnpNZ421KTo5Iu9jOTwvf24/aMdP0sWbCHgNwXFwI0/6tbExk0e20OaoiphVT8b
+5OFiCY3hS3J6RlFth9bjzZ5pN0vul5GptgdRSxCBQlWnIdYSxLIEuD6yfvKCIstt
+AQECAwEAAaOCAqowggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUH9D/9ia3Sg70
+V7HpaS66Ch9K7uMwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREE
+FDASghBzaGliLmRwby51YWIuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBVTyPquMCn
+QQjjZreVm7samz+JbKfDg/j8duMwvJb+cxsmRoei0sDtkkAyke2Wjtep6x8KuedW
+Z4vAXuGYLnda/oodNTgai3WxiFkyY56NUqeBvu+JuQhNuixL79IRgHJaZIldcttA
+2niIt7dWLQK+UDO0WqGQNxQtTNNwaB9hZ8POccs5UXwHcxLTEip7BiZGi0s2iBWF
+lD8u4/Fr5sN9qA5rzHIO+0kOY4bkHmBxX7+nSIPTQLecfqWR6CytEbwwZIJJxDh9
+ejlZBH16GRfO7uTi/uIzbIdMYJ2wHE5jM9sB1M8Or4KY7czFn/FRXIKab8rhlxl2
+A5XRJGPqXwQS
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.dpo.uab.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uab.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 311, expires on Fri May 7 19:08:37 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICATcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUwNjE5MDgzN1oXDTEwMDUw
+NzE5MDgzN1owGzEZMBcGA1UEAxMQc2hpYi5kcG8udWFiLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA09nElsNeEHmUZK2CMOccLeBz60/pBGkJvhiHhuuX
+WnnpNZ421KTo5Iu9jOTwvf24/aMdP0sWbCHgNwXFwI0/6tbExk0e20OaoiphVT8b
+5OFiCY3hS3J6RlFth9bjzZ5pN0vul5GptgdRSxCBQlWnIdYSxLIEuD6yfvKCIstt
+AQECAwEAAaOCAqowggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUH9D/9ia3Sg70
+V7HpaS66Ch9K7uMwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREE
+FDASghBzaGliLmRwby51YWIuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBVTyPquMCn
+QQjjZreVm7samz+JbKfDg/j8duMwvJb+cxsmRoei0sDtkkAyke2Wjtep6x8KuedW
+Z4vAXuGYLnda/oodNTgai3WxiFkyY56NUqeBvu+JuQhNuixL79IRgHJaZIldcttA
+2niIt7dWLQK+UDO0WqGQNxQtTNNwaB9hZ8POccs5UXwHcxLTEip7BiZGi0s2iBWF
+lD8u4/Fr5sN9qA5rzHIO+0kOY4bkHmBxX7+nSIPTQLecfqWR6CytEbwwZIJJxDh9
+ejlZBH16GRfO7uTi/uIzbIdMYJ2wHE5jM9sB1M8Or4KY7czFn/FRXIKab8rhlxl2
+A5XRJGPqXwQS
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.dpo.uab.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Alabama at Birmingham</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Alabama at Birmingham</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uab.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Landy Manderson</GivenName>
+ <EmailAddress>landy@uab.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>UABIT User Services</GivenName>
+ <EmailAddress>UserServices@uab.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Robert Cloud</GivenName>
+ <EmailAddress>recloud@uab.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://uabgrid.uab.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 216, expires on Sat Oct 4 17:39:45 2008 GMT -->
+ <ds:X509Certificate>
+MIIFVDCCBDygAwIBAgICANgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAwNTE3Mzk0NVoXDTA4MTAw
+NDE3Mzk0NVowWDELMAkGA1UEBhMCVVMxLDAqBgNVBAoTI1VuaXZlcnNpdHkgb2Yg
+QWxhYmFtYSBhdCBCaXJtaW5naGFtMRswGQYDVQQDExJ2by51YWJncmlkLnVhYi5l
+ZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALJitH7NIm/VTzCmbsfF7KQg
+rZOxli/vQtjZvbXezudmyCgWeul5nBBpKyi/8XYJynRVKkHg4KLb+4mK9algxOs/
+HBXcJarEIp/p+pSeiRaUHB5wwDLewId5NfX8LSGlsyJ0RGFknU8cZ7zCkOI5j2Gr
+qFqT6pqgghXrttM793jTAgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYD
+VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0O
+BBYEFNeOZXIUBx0nFDPtRQpQKab9iKqyMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wz
+nd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24g
+RmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6
+Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0
+cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1v
+bmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZo
+dHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNl
+cy5wZGYwHQYDVR0RBBYwFIISdm8udWFiZ3JpZC51YWIuZWR1MA0GCSqGSIb3DQEB
+BQUAA4IBAQAjb2HRiPUBHZ2jw2Fxtihmgo59f4NqlCa9wZCfZxkxGojA4jne18Js
+NCIuY3IOVOvL7rvRzn3Im+9miJx106ytl8uwbbfDG5bDXbbAnC/pF0rundBOKePx
+tovUU1SnUXSQ1mYlLHswFShI2md7kMynupBq0pkrGfaIxe2c45aJ38FsfSvdQbfO
+6VywzeH4q+8qSnZeNN946frvonLUZSoo3E0RMw9ikNJFFVbp8y7TZtVIW+na/9j/
+VgaM0CCd+XwtUY2OUC37BpoDAIhXnf+TtL3XNf/odRS9BerzUoQiUwOwRtRD8IoS
+33TZhDdq1t+LAnwRyWZ2tE63jFqXCfJQ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 432, expires on Thu Sep 16 18:25:30 2010 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAbAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxNTE4MjUzMFoXDTEwMDkx
+NjE4MjUzMFowHTEbMBkGA1UEAxMSdm8udWFiZ3JpZC51YWIuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCyYrR+zSJv1U8wpm7HxeykIK2TsZYv70LY2b21
+3s7nZsgoFnrpeZwQaSsov/F2Ccp0VSpB4OCi2/uJivWpYMTrPxwV3CWqxCKf6fqU
+nokWlBwecMAy3sCHeTX1/C0hpbMidERhZJ1PHGe8wpDiOY9hq6hak+qaoIIV67bT
+O/d40wIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTXjmVyFAcd
+JxQz7UUKUCmm/YiqsjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJ2
+by51YWJncmlkLnVhYi5lZHUwDQYJKoZIhvcNAQEFBQADggEBAE296xUa3/wHbcL+
+7H5YA/eaOOrxQh2toxrjN9SC+e1Z2lezN2pNtUscwxBvTI1eZ9gmN9DFr0DJ8yXc
+FRk8K33tw2GY0pTisKqwyCqvsvlX5cxJjgEQQPeTYwVIk/d1eYCw+glOW1y6f+qz
+jDcw6KBTU6/wuLa6/gPpq8K5HV9i56GHFDDFJaP5sRV0auY4EWyfNlFUe+zFwHPa
++XZsvPchVlNnOolCWGsmVSj3T4BaiCvIjxB1sMhsdlbRi6BtX5RBxZhGHA9A7Glh
+2Smf7UanWGX9+Sq8STmj5PjC0wyoAdQSRuvKsgjAZhxd5xLGA/aNMv8F+lXARmSb
+4XIZYAk=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vo.uabgrid.uab.edu/shibboleth-idp/SSO/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://vo.uabgrid.uab.edu/shibboleth-idp/SSO/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Alabama at Birmingham</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Alabama at Birmingham</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uab.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>John-Paul Robinson</GivenName>
+ <EmailAddress>jpr@uab.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>John-Paul Robinson</GivenName>
+ <EmailAddress>jpr@uab.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Robert Cloud</GivenName>
+ <EmailAddress>recloud@uab.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California-Los Angeles -->
+<EntityDescriptor entityID="urn:mace:incommon:ucla.edu">
+ <IDPSSODescriptor errorURL="https://shb.ais.ucla.edu/shibboleth-idp/WAYFerror" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucla.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 349, expires on Fri Jun 11 19:17:02 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAV0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYxMDE5MTcwMloXDTEwMDYx
+MTE5MTcwMlowGzEZMBcGA1UEAxMQc2hiLmFpcy51Y2xhLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMkYQurmq6HbVXY42AAdNF1Ooxti7rxZNbps
+6694miK0WYxe7bMwq57A+4dECY5EZicCx5lYMZUljsyfhvGFigc37mLyUJ7uUbmv
+odVAPnepyr2/BG0NbbAItZKrnm3gK7u6igHUSJmfVNtDCbqeQmH1gKFEir9IY8RX
+Q6V5kbVsf9CzlL7NCdV/v46Vmgy7znvpETiVRKs5nUhj4taP7lRid/J6kR26J9i0
+mQMRx93+IJHgbXhlECr9bHDXgJJ/az6RfGRXiUaXKzf6FtKXTnWrubEnti7GxtHO
+/ffm2B7ndsdtmHWmZsHCJOSAs+S4Fb3P8Vm54V5ZwQ447a0IQGMCAwEAAaOCAqow
+ggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUBKsBMqi4LOXVNXCtAECr9XcC0skw
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0w
+gaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3Vl
+cnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREEFDASghBzaGIuYWlz
+LnVjbGEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQARG1hR6Ghtgv+NaN/joNKOOOqS
+mALHXFWAIYiFqPO4lx2IIwvgrB2A9Q2wHRt+wF8R+z4oev2YbgQyoLzIeAs+b40y
+S4VoBaDKmg6I2anp0SQdUFdFQFj+6SwM0bsVFY5caeTvbCRFjuOjwEoeNc2obzGJ
+fYuhztKbIG7wCBn+q/OLUml6idpOez6dgoU1jCprV0WqM53VPJrc1iwBjI0Fqj4a
+VUQFozc1jyQL6q8nuVrW4kvlub0SOCM90OvEj5Sysy0PuN46ILvjJMHtwyQ6+alY
+Qll7dKbOyF1hv3Zo+mCkDMclMl5KRTWMvy1yJ8Gv/Or6B8TEMNmv84eJS36c
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shb.ais.ucla.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shb.ais.ucla.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucla.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 349, expires on Fri Jun 11 19:17:02 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAV0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYxMDE5MTcwMloXDTEwMDYx
+MTE5MTcwMlowGzEZMBcGA1UEAxMQc2hiLmFpcy51Y2xhLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMkYQurmq6HbVXY42AAdNF1Ooxti7rxZNbps
+6694miK0WYxe7bMwq57A+4dECY5EZicCx5lYMZUljsyfhvGFigc37mLyUJ7uUbmv
+odVAPnepyr2/BG0NbbAItZKrnm3gK7u6igHUSJmfVNtDCbqeQmH1gKFEir9IY8RX
+Q6V5kbVsf9CzlL7NCdV/v46Vmgy7znvpETiVRKs5nUhj4taP7lRid/J6kR26J9i0
+mQMRx93+IJHgbXhlECr9bHDXgJJ/az6RfGRXiUaXKzf6FtKXTnWrubEnti7GxtHO
+/ffm2B7ndsdtmHWmZsHCJOSAs+S4Fb3P8Vm54V5ZwQ447a0IQGMCAwEAAaOCAqow
+ggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUBKsBMqi4LOXVNXCtAECr9XcC0skw
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0w
+gaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3Vl
+cnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREEFDASghBzaGIuYWlz
+LnVjbGEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQARG1hR6Ghtgv+NaN/joNKOOOqS
+mALHXFWAIYiFqPO4lx2IIwvgrB2A9Q2wHRt+wF8R+z4oev2YbgQyoLzIeAs+b40y
+S4VoBaDKmg6I2anp0SQdUFdFQFj+6SwM0bsVFY5caeTvbCRFjuOjwEoeNc2obzGJ
+fYuhztKbIG7wCBn+q/OLUml6idpOez6dgoU1jCprV0WqM53VPJrc1iwBjI0Fqj4a
+VUQFozc1jyQL6q8nuVrW4kvlub0SOCM90OvEj5Sysy0PuN46ILvjJMHtwyQ6+alY
+Qll7dKbOyF1hv3Zo+mCkDMclMl5KRTWMvy1yJ8Gv/Or6B8TEMNmv84eJS36c
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shb.ais.ucla.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Albert Wu</GivenName>
+ <EmailAddress>albertwu@ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Datta Mahabalagiri</GivenName>
+ <EmailAddress>datta@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="http://classes.sscnet.ucla.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 411, expires on Sat Aug 21 18:17:38 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAZswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyMDE4MTczOFoXDTEwMDgy
+MTE4MTczOFowIjEgMB4GA1UEAxMXY2xhc3Nlcy5zc2NuZXQudWNsYS5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMIdoPCiA3WkFJ5wbuK4HQ8r9VWhUzck
+N9f2tKiBCxohwhyFjsewcU1aNJcUvVCucLhXIQF/ehEDSNG9UIhJxM+dU2wmJIO9
+yuQtkI6rEA8sHfr7Y36WoYmsnXVNOwkRkCSWDkMSw5G7p9iUFa2fAQ+mYhBSWIPM
+/h4oVZNOu9oRAgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJZb
+jehOq/1+7z2THM9eSIPG9bHlMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF2NsYXNzZXMuc3NjbmV0LnVjbGEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAL
+iMENPiSUbHnigfaCiwbeG2vtlVXcBnStTz/TSWkJVL+CO9AtRzpWHWLSb3haeTeY
+SEyB7qdCbhZ7/1G6Pt1RI3knm9v+RTHSAI0YByZYTlj39VW2F35exkxlj9aZ4jaO
+8CIh/uNBpE2X1rvERU38OkbPTTcR0ts8byctIOLPbuBGt8oaCDtxNIFe3Q2yjOju
+4ZEJvpcoyyd3yEzrZmQMaRpwUl3DV/KEuWoKtjIlj0TEft1E1oiGtNiiQgy27fUH
+Hml1mLevvPLUHXFSPm8aH7ZrpwmpcMJ9ReY/KDEY/nvk8VYGf5VdXJ8Y4f4HzHzv
+K8igxwQP7J2ADWMbW+Dp
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://classes.sscnet.ucla.edu/shibboleth.sso/SAML/POST " index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://classes.sscnet.ucla.edu/shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Caroline Tam</GivenName>
+ <EmailAddress>caroline@ssc.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Mike Franks</GivenName>
+ <EmailAddress>franks@ssc.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>SSC Help Desk</GivenName>
+ <EmailAddress>help@ssc.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="http://collab.sscnet.ucla.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 412, expires on Sat Aug 21 18:17:40 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAZwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyMDE4MTc0MFoXDTEwMDgy
+MTE4MTc0MFowITEfMB0GA1UEAxMWY29sbGFiLnNzY25ldC51Y2xhLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0IDQcoShZkWynJQhfNvsL/ScTjr5ceZd
+g2gcZGVJJtm1V2B23QNVDzTkCFkssTdAz9aj905FcuAY2u2spQFtN4steXcxJdgJ
+nAf7UZL14Vojcu2EUcmpcVOSRvmVi0dC90D3csW75KGiA5bSHBBiHt5uJaS7m4sZ
+NNJfUGW32XMCAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUEFxG
+MQyK8RPylPhOnbPpP9VOuX4wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWY29sbGFiLnNzY25ldC51Y2xhLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAFiXk
+LtCE2JqX5EIPD4mGGk4jRu83M47ONqtnr9eOuMwJ5RdP/57BBNnllCXCSvsmzkwA
+MxmfY/Iz20+u1SAUXRq8PLSDco9aOMWsI4Bo0KA7mAh3Qdlu5mKEJ9ZU7dVwS030
+mnAREqZ1R7rStnAvF5WFILZfZEbVnOuJo/lOvAJrrm8kakZiLOnuBdA7cLoTg/KH
+7+vNMM6KeXtB6fBYXrmMPC7h7Ee2L7FXzqK/IdvQf/iSIccosyZG+uohK314+7HP
+lH+15Z51Y7NNwyyUQbOaRsYWrNv5hP0Um+g8gXahSv26M5LJpFJwkp6GHaSjFydc
+2V7JOD1KDvsqi4u9Dg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://collab.sscnet.ucla.edu/shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://collab.sscnet.ucla.edu/shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Caroline Tam</GivenName>
+ <EmailAddress>caroline@ssc.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Mike Franks</GivenName>
+ <EmailAddress>franks@ssc.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>SSC Help Desk</GivenName>
+ <EmailAddress>help@ssc.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="http://research.ucgrid.org/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 314, expires on Mon May 10 18:39:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICATowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUwOTE4MzkwNloXDTEwMDUx
+MDE4MzkwNlowHjEcMBoGA1UEAxMTcmVzZWFyY2gudWNncmlkLm9yZzCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEA5wngAb67nOiiG7sQX+quwOhbbgpDn+/88qYW
+5Y7gwmYRGIkC0uWge/g9OFPhfTSIhEwQdUZE7dAxlsONJdFr3I2a3S3Ii3cd/yWF
+cqaFlDNA86XXdR3gNaJc2aq/W1aDRATsz7nu2EIm9MivOcF13swlc0qWvZ7bwDQN
+5n6hdNECAwEAAaOCAq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU1HxYnPEx
+V/RhIM+x+QSyUWO7X+UwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+ugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNV
+HREEFzAVghNyZXNlYXJjaC51Y2dyaWQub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAH
+hVl3G5p4E6vfReAoxIzK9QKf/ty2VOTOPqTS+HEJGm9klpyyq1bbGIVIrpphf79/
+40PBM/KH1va/ujugwKce8VkKIBpLZtVLu5rpFaVp5PDhDB9mh1QgztVquU96qDnD
+94waIX2e2OrtsaJropwvxWJP9YuQNQqkK1+nG88yzG46K3CsoenPj7IFbTyICYw7
+N1yVWD11N2VHwZPynEZnA2ZWZ2AbAVs/XiEnnQgZh1wuIvOx7s9hmrEzI0tux7/U
+AZ40qTGyqhVhUTeBoM8CVQfN8stvD+3bTqMw/rL5OB0wGZBnNEoOGoyiHP+Rgyb0
+3zsU5A3eGcx88v5oAVGY
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://research.ucgrid.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Kejian Jin</GivenName>
+ <EmailAddress>kjin@ats.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Kejian Jin</GivenName>
+ <EmailAddress>kjin@ats.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>UC Grid Team</GivenName>
+ <EmailAddress>atshpc@ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ers.ais.ucla.edu/shibboleth-sp/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 695, expires on Sun Dec 4 19:56:38 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICArcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTIwMzE5NTYzOFoXDTExMTIw
+NDE5NTYzOFowGzEZMBcGA1UEAxMQZXJzLmFpcy51Y2xhLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMWhi96zHeyBNehhJfJjIoeNIWOakSpWJ8KO
+EpP8lMONJR1e3/cb5YMgO4ZBObXNyiQf1J52yqyZyH2kKjvjOVf6ELWjW6/mt99O
+1iMgBGyZ5XtmypGF4RuEwUHmqueDN0tJgbl/vWwgDFxnM9+OaR++UD146fdSn5IM
+/OfzlodN+C1mxsltrDgmCq1qvUccC3r8uyMxTee+Ay92NFArgVzDibTzIZ+9yrSO
+vahoa3xfIkJImH3TxF6hKVlYTC44/4x3RpIBOov/Kc0FF7hhMIGupdcnCZ0KEKhu
+p6C3Sq3hRpzXc6XgwoqFoVjLeONdJDKZtbE6GjMdx0SnifLEKxcCAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUvPc/sQHc5T/i62aDhJRhxygTjW8w
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQZXJzLmFpcy51Y2xhLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEApXg/xup+e2+HuTrrp3iNI+g528Fx+NE6n9ck
+6fM9wF96MFXCIt+fRdpc8d6yc1Grqv2dMCWnGialduew5pIuhU1CPfS+jwTXCfnm
+MDKaDLWByEeIFRcxJbXBE48uL9AH2QyQwYYtnK3Bam8KPAlb32b6T4i/5/qkHpKl
+L5L+OAbVyGI+2DdvUSGMNhqFLby/9ap/EWz+HEBqu2c60/gq4E7szjsjBUVO+56M
+kF1DEKCC1o6ymxPfhjgsvkGxDabkbSpdZXP//yN78KNZSO+avNTy6rFZvocGuho7
+jI8N9KNUTA4nj4ESH5DvCv3cmdal9czFBi7Dvk3dOkVvyLcPGg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ers.ais.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://ers.ais.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ers.ais.ucla.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://ers.ais.ucla.edu/Shibboleth.sso/SAML2/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David lee</GivenName>
+ <EmailAddress>dlee@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Wen Tang</GivenName>
+ <EmailAddress>wtang@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>AIS Helpdesk</GivenName>
+ <EmailAddress>hd@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://erst1.ais.ucla.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 684, expires on Sun Nov 6 19:58:44 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAqwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTEwNTE5NTg0NFoXDTExMTEw
+NjE5NTg0NFowHTEbMBkGA1UEAxMSZXJzdDEuYWlzLnVjbGEuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1afiAKBMIqFq7tYVueyTppaG2qrdHMIg
+ePmSLK8XJBH/r1SPskaTIs5zXJ5CHhqGUrq4eXFWeUnZL77mPTLUCk24NAF/m3DI
+Gca1In1EmepUiU28P4nus9GHEn+yA22Bb7ZtEN72eNMT2Og1DbLSFQMrrhRv4BFS
+oA3SG+MJYIvFqgFed1GE4629kHx6LyfxBTyjLdtnNuoOzUOqstmnd54ejT3GwWRQ
+JgmQgmLUvsRKIWtV3lhVlnc6mJHDlnxGRM6s9a+wZnhgs51gXllDqW6TYR3ptIz3
+i62811hmedXFXcApkEqwDPa+M56oskpQiOrO8xHn/eYHBax37hO6MwIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ5XFl8ACZT/Trtm0T41IK78BQF
+KTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJlcnN0MS5haXMudWNs
+YS5lZHUwDQYJKoZIhvcNAQEFBQADggEBALNvvLbz9gdKe3nluRCRr24S2NQipAoP
+OkMo07XKccJx8eXe3bL6dgQn+DC2DU3cwoj5uJFPmNKFRj/4lYvYUwR8W4djYFa0
+BYTteR2bp4MQbWzyigwS7xkI1qSNV0InFBNS744MOVVtlGyqiv5proHQUnLXzczk
+qaGLwNLnv8GsnaRr6qJcrxiWrCJ51Y4k3BPsZp2KGjzJ8iWVbT2ZRU8UjWXXI7nl
+v5bL9ohWP1BvaJBZlnIpy3JHrLr5UtW8NIfuq8qUIRWj/c8Xe04X7nGuqhEP3k38
+Xc9GSkgJ1DfwD9X2djBHLrWTW+eUssmoKEUlta8UgXRGca8ireV9Unc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://erst1.ais.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://erst1.ais.ucla.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://erst1.ais.ucla.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://erst1.ais.ucla.edu/Shibboleth.sso/SAML2/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Wen Tang</GivenName>
+ <EmailAddress>wtang@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Lee</GivenName>
+ <EmailAddress>dlee@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>AIS Help Desk</GivenName>
+ <EmailAddress>hd@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://express.travel.ucla.edu/shibboleth/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 680, expires on Fri Oct 28 18:56:40 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAqgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAyNzE4NTY0MFoXDTExMTAy
+ODE4NTY0MFowIjEgMB4GA1UEAxMXZXhwcmVzcy50cmF2ZWwudWNsYS5lZHUwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDoHHPSHNy1CWysB6IJY92JZSIt
+0+w3t8eJ8eZCQjBPbK5k0+mL7OZevmbUJnjiCO+b871rLYtPCCiWWXqJPleM9Zbx
+woUgOr6bY/Dne1Lt6fKDK4Q97WhuX/6o2nmsjDGyPLVTteJMNiFQ+JV5xyWhE+AU
+PUh/CGCYuCIQ8bJNhdkeFxbaseSHPTIOQwu8GWJZ+2uL9ZI9JU5H475p7tx/NiPD
+D7R+ZlzC7HZMTOANK8qpcXqY7V8dL7Xt7uv1RlTqpIOcIdIqQ1wIuHokr/scnZjf
+MQ5uerRzvaSGbH0ZYymGJLp6CRpmrrEHCyYsbo8bJSTzz/lMJNu7fiBungxDAgMB
+AAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFEZwtTUOr+gK5DRXUKtI
+S3COZgqxMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQbMBmCF2V4cHJlc3Mu
+dHJhdmVsLnVjbGEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBpLJnielRYMjrGXdhk
+0l3ABTWE6bB1B4CNJS0GYmIoPWvIwhNmINRThjvBp9rM/N+tiyhrBoSJNSe1CwFT
+YRPiLqLKh3ZplroYJlQp2fNZXdHcCIC+BngbqP7Oz/utiSwx+YeVqpPeFf8TiBvI
+plmSQk/QeQ7c64jwifGXaqkZBamkYtWgzSHOhMWyZtarTCAw0nAD3eBoKi4h9sYB
+qJD0gOgEd/wkn34u3fkikicENmUTdv22FtxDMvuWwQHTt5TjoLPg1UlQBlx3oXbi
+INOvplHYFCJRmukXTdeYJFhQ2p+8F1qMiMuoxqCx1RXc9gzJP+Dh6VxZTdmG4v7J
+laGf
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://express.travel.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://express.travel.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Hemkant Patil</GivenName>
+ <EmailAddress>hpatil@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Hemkant Patil</GivenName>
+ <EmailAddress>hpatil@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Travel Accounting</GivenName>
+ <EmailAddress>travel@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://pcard.finance.ucla.edu/shibboleth/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 563, expires on Sat Jun 25 18:00:35 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAjMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYyNDE4MDAzNVoXDTExMDYy
+NTE4MDAzNVowITEfMB0GA1UEAxMWcGNhcmQuZmluYW5jZS51Y2xhLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA9ENM2BEuJ/LQLBV0TegxeCCva+M/d4iV
++kl/Hr7FnnJrPHJc06tz0+UTtF1P+bN+8TCysUkhNNlrgsOoigbQXWPZHnKamqSA
+NH5cJAI40v/WocmygtHVNM5+u+XfOtFIDYZn/npzbOlQAHswMx9RQ27Yg7l9I9Qa
+rUJ5IaUayn8CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUJpPB
+R0hUMembMNUlnOUZT2YrGkswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWcGNhcmQuZmluYW5jZS51Y2xhLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEALqRd
+7XmveurzMsXgjNnnYTk1kYqzFAZvmQp2GAmRkw+yZ+l0/plnDeLmWLrQ64VCEf3n
+b57ixdc97wZirhLNPOhidG2EwmXDgYPg40Uy8URbBFvUsFWvYYnIr/6v5/9Z57XS
+MyBRxFiF1BKqO70cKzSRF8K7ZT75Ct53WgdI2zR02Vcp7HgJ/DBDwa5Hzpy01D6K
+Y1uln5TXMhujlsaMZK1nD+h2pywen5lxp+1qQ3g/CMAe5nrnuZ5jFdNzWLdovsft
+DOfAcz1PaYYbAF6+ZGdAFipO5WvzjU2TV1YEFMNBybTCS9gHlKessGYDy8H/Y/VK
++kawJnWPilrpBSO8qw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 647, expires on Sun Sep 11 19:02:06 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAocwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkxMDE5MDIwNloXDTExMDkx
+MTE5MDIwNlowITEfMB0GA1UEAxMWcGNhcmQuZmluYW5jZS51Y2xhLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAm+lOdhoj8ZEcggcnd38b22uMIqMT1CY/
+483mBEvQMZVV3y7AAWLNI43boKxg4mCLlnGPQop58AZf+vaU2k018CrYKXNs59bC
+fmqO1JBCr2gKppkXkJHZeA+YN8EZdwO+eR+T9Rh8U/uoJi+lWl+eaHJRxtNlNZ78
+F7ppBnt5tQ0CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUzPdI
+7i1hZMGFEkLFirPngm6pL88wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWcGNhcmQuZmluYW5jZS51Y2xhLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAjKwP
+RtD9LTQhlXckCwgnBzQFB/PdfJssM2E41+ocJ6D22dINcP1zrz1KgmAy6eC8f24u
+bM6SBVJtqJdwpeeRP8sYxDUMtQuuIW3gUs6qN3lQgZYC7iqy5uc0fG6fTYW9NYG0
+qTsylpGWa1v1DTayBqk4+SeDOEm1Glj2DHlaUe/dQy8BLcL8jmEAUaeJZYHx/zKM
+iGSNllMoUDj5KFeFjXRajcLcZJi8WgAsQEUlwBpBUFdQDqQ/+/J0zEmv3fa2/72W
+iJe6JJGah8kso1BR6kvE7TFLiLtG1eFrGMOeGvGFJsXAQ5lhPLtpSuQScc08Kb7Q
+Q6RagTLiJb7ut4ReQg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pcard.finance.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://pcard.finance.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Hemkant Patil</GivenName>
+ <EmailAddress>hpatil@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Kim</GivenName>
+ <EmailAddress>bkim@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>AP HelpDesk</GivenName>
+ <EmailAddress>ap@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://pcardstage.finance.ucla.edu/shibboleth/incommon/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 581, expires on Sun Jul 10 17:53:23 2011 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAkUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwOTE3NTMyM1oXDTExMDcx
+MDE3NTMyM1owJjEkMCIGA1UEAxMbcGNhcmRzdGFnZS5maW5hbmNlLnVjbGEuZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCtdvyH14ZIVLGmgecC31V2OsOD
+svBjz2YtnEjc6vwnFMJp5IHKxDiiRM30SmNNaSwv5zyzDFgNmPBHkXvfN63q1WfZ
+bCIaUSO3GqvumZP4DaWULKYBZ0BVSPXi2vbTb0z7JwzN3Z8dxhwKH7VridS7DqRL
+FYYo8DMxkXa1eZK+aQIDAQABo4ICrTCCAqkwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBQ//OR3qQTo0UOhtMiFORACZjEJ3DB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAmBgNV
+HREEHzAdghtwY2FyZHN0YWdlLmZpbmFuY2UudWNsYS5lZHUwDQYJKoZIhvcNAQEF
+BQADggEBALoUfHolITahCAGOjo6gTu53wZSZE7lMfHTi+wCsiMwBiP05RoBYeEwl
+jEluP/S8fQNVRc4RyZOgzxAEtD3cp+LjPJBB/EZQiMW2+lQj0wBHszp+4K6imtSS
+4G+N5rSSOpvOqjiBfVtsQKprE9huWAv66eyR8ARqXbxLMS1jyBkkSU7FsODi0Uvh
+1DLTAsE4QpSd0x1LBaG+MP154LHYe1i+i8QfMmwn5yhz4eUr6L9cCY2/oVaAimQz
+lHoGSIQTLCea/ygKEhQ6pIII2y8BQjDr6mS9kjbNGN/i7mvamG80zFxK+CURoMj+
+RvmRi58MQC8qUZjBGqsSKUw7SPKu2rU=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pcardstage.finance.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://pcardstage.finance.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pcardstage.finance.ucla.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://pcardstage.finance.ucla.edu/Shibboleth.sso/SAML2/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Hemkant Patil</GivenName>
+ <EmailAddress>hpatil@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Kim</GivenName>
+ <EmailAddress>bkim@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>AP HelpDesk</GivenName>
+ <EmailAddress>ap@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://pretrip.travel.ucla.edu/shibboleth/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 677, expires on Fri Oct 21 17:55:12 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAqUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAyMDE3NTUxMloXDTExMTAy
+MTE3NTUxMlowIjEgMB4GA1UEAxMXcHJldHJpcC50cmF2ZWwudWNsYS5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM+mU2trSLMVUeV4OIJqz4b5pxhAGMb/
+Tqu923NC0j9oxcHcHauGeeRBR5i5h8hYq5WJ5Ul8rxGoO51FZpX0ISQR31bVm+Qg
+6haNEFaYI8cRgSIHjz7UHc3vbTvfchf+taMbJDLn84WrUf8IgR7Kwy8XlB2JwB8e
+5Z529ymQ9N9/AgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFGnv
+27h6WQEx1/hk17Jko/MMV3T+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF3ByZXRyaXAudHJhdmVsLnVjbGEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQDB
+iCOs1JWESt5B74asvSUu32/wpWr3wTOYGPYAKWju1I5CJ8KFrAoU3iMX3cwBIvSA
+k2k9p2Njz02+ushkmiCPpha+Ey6opSjk/Kbj0Sw3C6VCF+AaxgwHKP35QTmNK32i
+r7Zr6anzETa8Nn+cwXkf+tYWiP0Wj7YQncUNGNmeRCa42Peq32K+XBy12jxtP4Jg
+ZYmYPUNhsReDcsy/7CLU7aGQgdDgecpJq5+sKqFC85GRzHLD+/23Bjh8d62jvHiC
+neA92ObevTQoDwk3yILhcs3K59eySLof+JIOgui5XA7JjSqTW6Ot4sf5qIvEL5yg
+MFKFY/yuexmr8vlK09Rs
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://pretrip.travel.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pretrip.travel.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Kim</GivenName>
+ <EmailAddress>bkim@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Hemkant Patil</GivenName>
+ <EmailAddress>hpatil@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Belinda Borden</GivenName>
+ <EmailAddress>bborden@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ptatrain.travel.ucla.edu/shibboleth/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 660, expires on Sat Oct 1 17:51:56 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICApQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkzMDE3NTE1NloXDTExMTAw
+MTE3NTE1NlowIzEhMB8GA1UEAxMYcHRhdHJhaW4udHJhdmVsLnVjbGEuZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDl8ODLKYCWMzZoSmY3zL9JHhhzLVeO
+ufd3zH25qzjfS5crZSIPDqmHG+EMB/3UyPApI0PK02c1+VDtuTWWTZAfU4avezPp
+tTxVFveRz/57Ix8LQ+rgs8bQ7a2/FErKgAs81YGnPC+pBPS1jW3E3yxPZ04lTKt9
+GmCqRIvCzHoc6wIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTq
+8u6NOzzqUidTQhQJs2yBhFGUSzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhwdGF0cmFpbi50cmF2ZWwudWNsYS5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AA+kGfZjiFWxZCRZljTVPQDxo4TLGzeXQuovaD1MC4ecNA92RINgYXKSCguQCE/N
+PXfY2rzOFD8u1b/fdQBqOaxql3sN9AenHwpVmrqCL6bZRZ5rSr7nbVgJf5HpRIU1
+9W1VvIIjl+wzY6bAOqalmug58VFAnC+pCqB3ldRXl83aPUzkz4qdNn6GXLqDFBud
+nfNd74GOPXEKxxGFb19oQw2uJqg9vCZWXDlYxcUaAbIViybeF3mdjJWpk77oFjI2
+XQ0BZEnBryMecPFpvvxmJ5PTezhpoiAtbUCcXiotrZpRKfagnOwI56gS2avSRnrj
+Qb4eEN+jD7k48tmh/T0V44o=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://ptatrain.travel.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ptatrain.travel.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Kim</GivenName>
+ <EmailAddress>bkim@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Hemkant Patil</GivenName>
+ <EmailAddress>hpatil@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Belinda Borden</GivenName>
+ <EmailAddress>bborden@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://secure.career.ucla.edu/sp/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 17697397991964425436, expires on Thu Feb 7 19:24:28 2013 GMT -->
+ <ds:X509Certificate>
+MIIDSTCCAjGgAwIBAgIJAPWZybV3wDzcMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNV
+BAMTFnNlY3VyZS5jYXJlZXIudWNsYS5lZHUwHhcNMTAwMjA4MTkyNDI4WhcNMTMw
+MjA3MTkyNDI4WjAhMR8wHQYDVQQDExZzZWN1cmUuY2FyZWVyLnVjbGEuZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7J9t0Up497sOw9dGoRRP2NSK
+4lG4YSpkd3kUKRAOG8tggZky4JcKGiJbbuIk2SyING3g6LXW5LyuBrrPNj/ZBCWF
+lKLnrYmBia/dfokI85cMoe927x/cxn7gAntQQecghr7e1wWYvgG/e7Cy5/AAq4lK
+F11JDjCOyfk/WogxvwhMlaK5wyDFy7x8oi2ZdpS5p4dzRB3v9jgU4thWZw3LiUBd
+dyhSKACU3RXinQCL0fI1ofOiGWcECrPaRNgivP75PRdHXnSzD7WJIDtmAK8CEq3a
+dYtYVuHsq8pGqDXMqAOP9vjJxvOaQCQKK4qaZxO/FuRH7XGVd4qRNp9VsvZfUwID
+AQABo4GDMIGAMB0GA1UdDgQWBBSljqWTe+BoLBSrTImbH9gjME3FcDBRBgNVHSME
+SjBIgBSljqWTe+BoLBSrTImbH9gjME3FcKElpCMwITEfMB0GA1UEAxMWc2VjdXJl
+LmNhcmVlci51Y2xhLmVkdYIJAPWZybV3wDzcMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBAEogLC9w3+vmcFROejx3r99lojP7ra+9j06hL9N9d7SrygzA
+M+kPYmiY2+qml/YHyB/0vxKN+Hm1m0W5D1K0dLs+nmyED28eYwZmT0r3tF6bXph5
+yE6kNwTZWyS1aFoNkLkWEck4etevPEsrYeil1J/GdshbY8a9gr5gDvuldJE7AB40
+ZWbiLxlAxcCUXSyiWL+64em89enkbnU3dbRnCudcFWSJxSNKYMf87gHGkuKX/HpA
+mov+PpdCPEYbKxsDWe6ioP+aG4dcSarRdZXXEv6+kkuEFfn0+fWr5CaANnnLMAxZ
+zQAXZSyvnfpHX2oFXqHOfMRBL1rHTj8Pu+Hk4yM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://secure.career.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://secure.career.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Career HelpDesk</GivenName>
+ <EmailAddress>ccadmin@career.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ren mao</GivenName>
+ <EmailAddress>rmao@career.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Joel Bellon</GivenName>
+ <EmailAddress>jbellon@career.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://spaces.ais.ucla.edu/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 254, expires on Mon Feb 1 21:16:33 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAP4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIwMTIxMTYzM1oXDTEwMDIw
+MTIxMTYzM1owHjEcMBoGA1UEAxMTc3BhY2VzLmFpcy51Y2xhLmVkdTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMYkBX8bv0dJaZnxafG4UnZc5CeUYnqi
+FiVr6mrsf8dEWZfPS2MpzBMLR0eOlVAMirSfAHpQEc+hMyHgVPtGz5QlMCbnIkap
+aq08URF+szYiEt0WSBqTEA1zB1mM0yWd4ywrdcQ3PXgEAyEncHX/LYvd15Redoel
+hbve9TrdvRoCJDhHzbAMlCY4b+msTuovJ/o0wv3SQe9YuYHjH2uYN2NnvAmK2lWd
+UZGb+f8PbAwGGMGqkhzt+j9PbTCedqwySNZYYMqH8n2CqdYeVMLWP7gyG8McP65b
+JMDU05ls/SLWNbgPuxwAHTNDrlueY+weYeHhT4aB9NytNWNNrWQhw8MCAwEAAaOC
+Aq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUjZcKNg9jla3CpHNpQOtGgcak
+LzEwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEE
+ga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElz
+c3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNVHREEFzAVghNzcGFj
+ZXMuYWlzLnVjbGEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQB7iv/3clngGoHuFU+i
+TKy4+Dv8Bp8ikDtH+KqeywBSHROd5BzPQJ6/8BMvb/mg2bdOKTVtVmZk4x6r+6Cn
+cUDzcyl2wKmPD+K8AyzQDxG7Nd4nITeP/qggKj/OdXdAIr+8ThgLZFuRAAPYF1uT
+1HUT4wa/y/zzYH2JHxk0InXELpdtolc7rdCA3Zlo4PhkswzkaNWZI2jX9izB7b4s
+/zDjHyXB/d+6iHIwQELB6TZUwC1FWqtdaDaLxSLeTc9JWxhRb72b++v0R7lVuU7y
+zSdtuFCeNVYsMGwpTw1dDM/D9hcOfIuKh0iJKK9oKGtC7cys0j1pnujvhTgKfNUD
+464a
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 0, expires on Mon Jan 14 22:23:25 2013 GMT -->
+ <ds:X509Certificate>
+MIIEMjCCAxqgAwIBAgIBADANBgkqhkiG9w0BAQQFADBzMQswCQYDVQQGEwJVUzET
+MBEGA1UECBMKQ2FsaWZvcm5pYTEUMBIGA1UEBxMLTG9zIEFuZ2VsZXMxDTALBgNV
+BAoTBFVDTEExDDAKBgNVBAsTA0FJUzEcMBoGA1UEAxMTc3BhY2VzLmFpcy51Y2xh
+LmVkdTAeFw0xMDAxMTUyMjIzMjVaFw0xMzAxMTQyMjIzMjVaMHMxCzAJBgNVBAYT
+AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQHEwtMb3MgQW5nZWxlczEN
+MAsGA1UEChMEVUNMQTEMMAoGA1UECxMDQUlTMRwwGgYDVQQDExNzcGFjZXMuYWlz
+LnVjbGEuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLU67hDX
+G1dT7pyNg2Uy5QLF82TzaRZ+rZnjdoLxS6WBoQTYA4nIKDpFtD8mQzk0vVE15NLH
+FgCvzcMY4XbDm18KGN/XhkrlP5i5fP7+i4A2U95UFkd3fwIAa7kut26ETd76YuIE
+kkb0hoEvbI+EgaLOYV0EzRKdPbML7Fz1hF6OXVI4D2gopf2A25yJ5Jrnk/ju5SLr
+mjPjws92TJaN6rkT/dVOZqpczTadGxlPZGAlrmylf14XaBs3CihzKAZZagynmvSM
+8R+vPDjMSaDJXg0UQ4DrdSnDcGGyotr5rZcCLa+AtzGUxbE6eilStnlAX1VZnkq8
+rzr13CjoczX8bwIDAQABo4HQMIHNMB0GA1UdDgQWBBRuFUiW1D+S+bn91tOwdmwV
+ihFA9TCBnQYDVR0jBIGVMIGSgBRuFUiW1D+S+bn91tOwdmwVihFA9aF3pHUwczEL
+MAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExFDASBgNVBAcTC0xvcyBB
+bmdlbGVzMQ0wCwYDVQQKEwRVQ0xBMQwwCgYDVQQLEwNBSVMxHDAaBgNVBAMTE3Nw
+YWNlcy5haXMudWNsYS5lZHWCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQF
+AAOCAQEAoJnWfkWQolWHH+qi+eUdVukUAgpVKKngnG6gMIFUpGuESh/8UvLaFiXL
+Bp6AmhXiK++sIHv2jVL98hP/rrig4GNPMYZEUgnYtnA7BA3H+HMBtiFu0mDA197w
+V5zEyLEOhoiwpyT3a4fgliLdXQJUr47b0mFD9Qn4cY5YLEan44LLgua1jBhUHsrn
+EQgSSLcuFqhNfdOjikPF6DModNm017Cvi1iTjkmM0mo5uwtbTl9XGw72j4gTE9zT
+dV/owKnzXkeygXrpkGKvBU5AJCsSnWeqi7xlslrCZ3KkCtMtDKA9u1e82URMOP0r
+Yg4OHsaLX5y5ukj+U9+Aitg0K10jvQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://spaces.ais.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Albert Wu</GivenName>
+ <EmailAddress>albertwu@ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Warren Leung</GivenName>
+ <EmailAddress>wleung@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Carl Uebelhart</GivenName>
+ <EmailAddress>cuebelhart@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://training.eqm.ucla.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 631, expires on Sun Aug 21 18:00:49 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAncwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgyMDE4MDA0OVoXDTExMDgy
+MTE4MDA0OVowIDEeMBwGA1UEAxMVdHJhaW5pbmcuZXFtLnVjbGEuZWR1MIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDi8ixSN1ZoBb4/MaQer5pUrm9zVPWZKzdE
+kJtyeF0z53YLuGrC0vhxAXMNWZIdRlrgl+t9njFB0Lc1xEo/U9roCvbTCZq2SP8f
+xGYvwJwIKmytBZH6F9b69Z+bioeTnj+1pOCEB2scKqVG8CiNmcbkm1dh2u985y2v
+VRfYaaiqvwIDAQABo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSgKqeN
+cLm+FzIPuhx6rFAEXgCx0TB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAX
+ghV0cmFpbmluZy5lcW0udWNsYS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAErromxU
+NBSZnVxvawKVsrnpBmH1+3BS4OqLXVV0NnQSJE/Biag4Yfe1tvpSyJXIaFgrqON6
+ZI+S1HAd+ABh4fK8gtEtgalNY022W4i4sxP15RMHTgXMP3QF6d60pxnGuUv7J7qC
+CVc9UTXGNnsOe8CVJtPloWrbqjuhyPkJ2zncnhdIi5tCUiLCtc2BbjkoWcu8N2Oa
+SqRjRAIER7Z1e4ci5lrxAbbN2IsayRhxLsbudbLFTxCQo36yiUKIEjzg70te7bD2
+Q71JyLKIIRT/mM0SeWmmPV78wiX5frCu/ETP+t9KUtE1CUYMoqwR9BIdyuenGoYV
+KPE10n4a9vqXPwA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://training.eqm.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://training.eqm.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>George Rodgers</GivenName>
+ <EmailAddress>grodgers@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Annoushka Shojania</GivenName>
+ <EmailAddress>ashojani@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>George Rodgers</GivenName>
+ <EmailAddress>grodgers@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://training.express.ucla.edu/shibboleth/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 679, expires on Mon Oct 24 17:53:36 2011 GMT -->
+ <ds:X509Certificate>
+MIIFozCCBIugAwIBAgICAqcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAyMzE3NTMzNloXDTExMTAy
+NDE3NTMzNlowJDEiMCAGA1UEAxMZdHJhaW5pbmcuZXhwcmVzcy51Y2xhLmVkdTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK4igX+PTQiJxl+J2HnifFmP
+jQ+8gpdAtKF1H3/Pb3DLZrkGz2u2PSTZm9DQrMIGoFT1F3u/Gg09oaVRRxUI9/np
+IIq4xE8Dx6RxKpNGUgT1dhE2txBga4uPjfGl9icV7y1ieV6SDCYdx0o94HGPpxye
+XwAqfSLcJKogCBPb41PXnbfbW2CK5xQys6MT28ODbrcVzIcNg+41lccrC6oyVypG
+XbsMSCOJxEFFgQpmeOSJ+qO7Yepm/hYgQtDz7P6LlcvuHnnMfSfvfiVbyfJl1mj8
+IBsLQKVqjRWqehyRpUpLuUhesLrrD5yg+4FGbyd11oUn5m3hYrOoDTK6e6916RcC
+AwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUCkrSbot4JnIqAQJB
+NxQqrUlTvfUwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0RBB0wG4IZdHJhaW5p
+bmcuZXhwcmVzcy51Y2xhLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEARSoAcL+oRpO6
+NGasWCQqnjQxmEYaelhHRQYWtmyXSUz/vwFlgPGT3jXf/9Yl4tgs5HUidLyKY+e7
+HS4FGEMZIwtaf+oMuCOa+N/YiZQ1fUcE30Jq8zUYb1aPYAkiQK63i17vDROCmxvM
+IlPu4/zWV9poemnbJdXgoYYOjhIL2iuHPdhLRDrtvbGZK8KQJktGSxnny0H7f5a7
+qPA1rNyoKYmP8iuoS0mr0ZxodDkdDhxwtZjaT7NpJ6wqDqChXD/Q6Ay/LyU9Wt7m
+9Me34BQui4bm/lhOvM6de2opm5kqHzyQDd+QLVl5bowDMuwAp0D0e0T3c7uCtvFC
+SkNqmpwckA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://training.express.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://training.express.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Hemkant Patil</GivenName>
+ <EmailAddress>hpatil@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Hemkant Patil</GivenName>
+ <EmailAddress>hpatil@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Travel Accounting</GivenName>
+ <EmailAddress>travel@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://whoa.mi.ais.ucla.edu/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 191, expires on Sat Aug 2 14:14:27 2008 GMT -->
+ <ds:X509Certificate>
+MIIFvTCCBKWgAwIBAgICAL8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDgwMzE0MTQyN1oXDTA4MDgw
+MjE0MTQyN1owOzELMAkGA1UEBhMCVVMxDTALBgNVBAoTBFVDTEExHTAbBgNVBAMT
+FHdob2EubWkuYWlzLnVjbGEuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAwEW6N2h1EjBNOOUQpHfNQclRDHyVLuBiy0Zhk6k8O/d4MvjqVpl+HDKT
+rDQJm8w7BACsdSOdvi0+HTVucB9Xi4qmAwrMjlyC7EUTIg9+nWotTYvmFKBY8e6t
+hTVpY/bxoPc4YqVwqnEL/oK8FJCvIglTN/nRIJHZXEVZAscq7gvs9XJh5Fgy44Mh
+PjizQoyngTblY2obWQe50qDLyvagCDJfkaoTVoVqnYc2MbtAq56btUhERNdJ6jYh
+GrTBET7p62xt6oHFJ1p8tstO20gCuAtjleuQg3Jt1bAEE1e33SDj0S/3GYmQWc4l
+8Rp7J4c/rEWwO6EO7mDCVCOKt/HanQIDAQABo4ICrjCCAqowDgYDVR0PAQH/BAQD
+AgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMC
+MB0GA1UdDgQWBBQ0NzJoUiMSRgaPSa72Q73N/0wBhDB+BgNVHSMEdzB1gBSTLchh
+GK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0lu
+Q29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRp
+b24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKG
+gZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8v
+aW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEF
+BQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9w
+cmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFHdob2EubWkuYWlzLnVjbGEuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQBRTEqOWucLR8zF5lSWDDnz/EGPjGmjAfroLXGKyefY
+bNsdWQYIUBFvb3klf/c3LGNs1c8Ce5lsSqW/HF9itAYmEW0DVwAmva11soKEM4cr
+mDPcXTxzWsOPiECu6FTpWU3C8+jGlDpsCZdW62OYujgWBXJw2zHsz8mo3ciLcP09
+xyr0Y5ZIkAaYDu8XCIGS9DGQRgMYRR5+/cxNWhOujNmxD73nlyKGJWEL1tLjIY/I
+RzeCz+zy6cwu2zAmM6Ngn8BvbPPTIy2u2tWuRmi+1DsoqegmVgWpoFsftsnfznq4
+0rspq7Nl/2UAaVwqsLE/mSaNVUx3a3idz+aW6MIussmO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://whoa.mi.ais.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Albert Wu</GivenName>
+ <EmailAddress>albertwu@ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Carl Uebelhart</GivenName>
+ <EmailAddress>cuebelhart@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Datta Mahabalagiri</GivenName>
+ <EmailAddress>datta@ais.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.eqm.ucla.edu/shibboleth/incommon/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 633, expires on Mon Aug 22 17:53:10 2011 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAnkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgyMTE3NTMxMFoXDTExMDgy
+MjE3NTMxMFowGzEZMBcGA1UEAxMQd3d3LmVxbS51Y2xhLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAwEWS9QM7knfGcELRohS/UOZEHcrljmQsS7V3ZD7C
+BiG2oXcghlvS5QlPmOxvayjycFkWEfzy8XbqC8ckyssCuL3W5uI8Wb/oCU3nBfEz
+3tUITB0po9m+IHcUk6VtXP8NakpJBpb+JN1a3ut2JdmpmI3OT2Mn7K/sxbS05MoM
+a6UCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUTK7QES5Ze0t4
+Ll3Rc1S3QDYPwXAwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQd3d3
+LmVxbS51Y2xhLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAdGcm064If52AyI9D1vRh
+r5VpU0kJlXYi1pQ723DnbkGdK1kx2QwmQzj65ECdel99OXg2VRNlOYKZ58ZCmtcL
+FgVTrQ/csNVGqF7U/K/Wzq6MVoXSAUHUIsJs3phQ2Haj3AvMf2uKmVjhl0KHA90f
+ANbDqw09lyEaVnaZ3lNdzCaJM26ew+d0jdeK+UWdTZatS2woGVf6Y0yWMNLO1YbQ
+W2wyAXFh8NOrsvZuEtVNocz+4Xqblh1SSlppnm44k8Etv8+qYf202Au1LHvMTvxV
+WvXF6KFFHaIeMQI1jStmLZCnKm3/il6nCMDQUEWd5iTQ5kaUc+j3Va3z1PLRBxLU
+pQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://www.eqm.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.eqm.ucla.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Annoushka Shojania</GivenName>
+ <EmailAddress>ashojani@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>George Rodgers</GivenName>
+ <EmailAddress>grodgers@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>George Rodgers</GivenName>
+ <EmailAddress>grodgers@finance.ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.tools.ucla.net/shibboleth/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 315, expires on Mon May 10 18:39:08 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICATswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUwOTE4MzkwOFoXDTEwMDUx
+MDE4MzkwOFowHTEbMBkGA1UEAxMSd3d3LnRvb2xzLnVjbGEubmV0MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDyJLy2WOMT0UvE4A5j4OMS1ERuVZGtZAHuJLz+
+pHpKAPyug0QJsHDeD6NkXXHzrITJzvm3BSOGW4nL3pLFCCHwGYXrrFBKwMO0G3tx
++BOAdMMW4l9zZQ50LvX1EIoqWOv/DBMoaiNhAX6sLSqeNPxy0W7j+TyNABf2F85Y
+73mQEwIDAQABo4ICrDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ41XG3stdy
+6lRg92bTDPVftsdQKzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6
+BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1Ud
+EQQWMBSCEnd3dy50b29scy51Y2xhLm5ldDANBgkqhkiG9w0BAQUFAAOCAQEACz3z
+yvnbAIM3FjxFea0g1BjQib+//IIWUpI6CaRj3/88EvlAr/WLGYm/eHzXQzY8HDPI
+ezAOrHaRiLqH5yvGG92DLKyaJsfLYruXmLJ1gYN7C0FFA4naAd4SecSt2QkZhAAE
+rFBipYfbt7iSU6ac+4B5wqBm9moJcUASJoPMNmZwQlpYrgxO9KfR3GjWSzkB3dQR
+30uD86Ho8veW8eQSIEl1uQzM5K7DbplUruDWN6tpyEy4gxibgJ21GYhKpMtrJKhO
+hlX9WsL+9WVU5pP2wcx5GusdZdZCS6vF0JJhVxIVNdZVHXjJQbzZzOQnCtjPbD+K
+dILaFuB8HpoCTn9m/A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.tools.ucla.net/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Michael Van Norman</GivenName>
+ <EmailAddress>mvn@ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Michael Van Norman</GivenName>
+ <EmailAddress>mvn@ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Help Desk</GivenName>
+ <EmailAddress>noc@ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.ucla.net/shibboleth/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 296, expires on Mon Apr 5 15:09:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICASgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwNDE1MDkyM1oXDTEwMDQw
+NTE1MDkyM1owFzEVMBMGA1UEAxMMd3d3LnVjbGEubmV0MIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC1gTjxkSAsuadYGbWKk3jZ3Vpwpre8tL3xOcgltmCHs5st
+pmHxnFu124lxR0r3nMKYAyF2byY5c1YiGWTFpEAwk4A0OOJFarcvmxjJF0J4jofW
+Qvvh5JtJDab/BvPVxIVWg7F0UalBh2Sk7IQ3VuyyhJtYe+wBOokvTenJuKOyvQID
+AQABo4ICpjCCAqIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQFePM0wYzaKK1k/iXY
+FvUa344f4jB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEF
+BQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJ
+Q0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBcGA1UdEQQQMA6C
+DHd3dy51Y2xhLm5ldDANBgkqhkiG9w0BAQUFAAOCAQEAtWeJyrmlfGDbmzikR2Sy
+5OsB3sSltvLF05aLveo9FgCrGufClQhH7Nhzz5Wh3vpzeMVoxZTe4696HSpBVSJe
+SoNCgWJp2j9tH+NsXcAckXAS8/F3i4SzwWafgPtXp041iNW+zUDfYOssMHUcVdG7
+uGUC36ynR4jGpt8pTfX/CdkK8hT+GuFumYipH8q5SoEq7hvsrGAEcYtDKaWWupzf
+nDW1t/CCBVssIg7roO7V8kPTf+U09AXCLk2W4fsXLpaiyavr3cRPGjLPN0zu4KsY
+9Ai+2Jse9VjK0LBhPlASmBAmFfvmDCO2zWZtz8IlB59bvNUcjAjosQB3j1oUJG3h
+eA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.ucla.net/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California-Los Angeles</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California-Los Angeles</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucla.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Michael Van Norman</GivenName>
+ <EmailAddress>mvn@ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Michael Van Norman</GivenName>
+ <EmailAddress>mvn@ucla.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>UCLA Network Operations Center</GivenName>
+ <EmailAddress>noc@ucla.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Rochester -->
+<EntityDescriptor entityID="urn:mace:incommon:rochester.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">rochester.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 84, expires on Tue Jul 10 13:12:18 2007 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgIBVDANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwNzEwMTMxMjE4WhcNMDcwNzEw
+MTMxMjE4WjBQMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXVW5pdmVyc2l0eSBvZiBS
+b2NoZXN0ZXIxHzAdBgNVBAMTFnNoaWIuaXRzLnJvY2hlc3Rlci5lZHUwXDANBgkq
+hkiG9w0BAQEFAANLADBIAkEAzHgCFKTtEZNTCfS00QXeLyLLAs/boWMG8KoJxEx5
+VZMTC0Uy7XK6gG5qDlkx+aFAy+82ngAwCAWxpiacb07CwQIDAQABo4ICsDCCAqww
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSJPzddSlw19Kzg+RuTOwR4y+V9WzB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCB
+pwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAt
+IFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCEGA1UdEQQaMBiCFnNoaWIuaXRzLnJv
+Y2hlc3Rlci5lZHUwDQYJKoZIhvcNAQEFBQADggEBAF1LQgTiOgEgX19a3/jhLvhF
+wvkMKswH3i+NzKiVdiBa5QcnVazHaCwnqMyRxu/jQ85l7qHNE4OroBaF8SShsTVx
+zpUij0URu5G3hGE5ycVNbaVjvmR4/rcOg9sL4txnpcfa2Xv85ScWmaqp1Zv+gHPp
+SOdjCgkIsq9/J8aGITCXOhSYsZdpxiyrqrDEVcgIEkTFTvzDDzcBkYIl0hpF1Wm8
+f2ABpCA9Cpz5NDrCaflSBVvYAEfWUILsQ4VCa1ZrqBt3tzMsWovhsL1mGfu5Jtt/
+MKcOcZSpMBjUSv8pMS9s4Mnp7Isymmr1F8yrlWJfiXDWV1bzw+Zv/OuzpprR97M=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.its.rochester.edu/shibboleth/HS"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">rochester.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 84, expires on Tue Jul 10 13:12:18 2007 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgIBVDANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDYwNzEwMTMxMjE4WhcNMDcwNzEw
+MTMxMjE4WjBQMQswCQYDVQQGEwJVUzEgMB4GA1UEChMXVW5pdmVyc2l0eSBvZiBS
+b2NoZXN0ZXIxHzAdBgNVBAMTFnNoaWIuaXRzLnJvY2hlc3Rlci5lZHUwXDANBgkq
+hkiG9w0BAQEFAANLADBIAkEAzHgCFKTtEZNTCfS00QXeLyLLAs/boWMG8KoJxEx5
+VZMTC0Uy7XK6gG5qDlkx+aFAy+82ngAwCAWxpiacb07CwQIDAQABo4ICsDCCAqww
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSJPzddSlw19Kzg+RuTOwR4y+V9WzB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCB
+pwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAt
+IFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCEGA1UdEQQaMBiCFnNoaWIuaXRzLnJv
+Y2hlc3Rlci5lZHUwDQYJKoZIhvcNAQEFBQADggEBAF1LQgTiOgEgX19a3/jhLvhF
+wvkMKswH3i+NzKiVdiBa5QcnVazHaCwnqMyRxu/jQ85l7qHNE4OroBaF8SShsTVx
+zpUij0URu5G3hGE5ycVNbaVjvmR4/rcOg9sL4txnpcfa2Xv85ScWmaqp1Zv+gHPp
+SOdjCgkIsq9/J8aGITCXOhSYsZdpxiyrqrDEVcgIEkTFTvzDDzcBkYIl0hpF1Wm8
+f2ABpCA9Cpz5NDrCaflSBVvYAEfWUILsQ4VCa1ZrqBt3tzMsWovhsL1mGfu5Jtt/
+MKcOcZSpMBjUSv8pMS9s4Mnp7Isymmr1F8yrlWJfiXDWV1bzw+Zv/OuzpprR97M=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.its.rochester.edu/shibboleth/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Rochester</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Rochester</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.rochester.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Charles Yanaitis</GivenName>
+ <EmailAddress>charles.yanaitis@rochester.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Sean Singh</GivenName>
+ <EmailAddress>sean.singh@rochester.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Sean Singh</GivenName>
+ <EmailAddress>sean.singh@rochester.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California, Riverside -->
+<EntityDescriptor entityID="urn:mace:incommon:ucr.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucr.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 220, expires on Thu Oct 30 20:58:09 2008 GMT -->
+ <ds:X509Certificate>
+MIIF1zCCBL+gAwIBAgICANwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAzMTIwNTgwOVoXDTA4MTAz
+MDIwNTgwOVowVzELMAkGA1UEBhMCVVMxKzApBgNVBAoTIlVuaXZlcnNpdHkgb2Yg
+Q2FsaWZvcm5pYS1SaXZlcnNpZGUxGzAZBgNVBAMTEnNoaWJib2xldGgudWNyLmVk
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALK8YCXNZ9JU8GCIfhNY
+JIOV2o6OqPdqfkUNrhFXYokkmR3r9/hkw7FizSqq8ojvyL/n8D03tIudNBsDsz7X
+J3SE0M/hK4INDpD5qH7kax9CEZoKdyiMrrIyDDzcdGNG99XO+2me24CYQJBUHvdl
+jytqMiFuf29x/lyLjJFd4OoapZRlfDL8PgKZdjkbis+mvcCUARpgTFaY68iWwOuc
+RIisVQx6QHvMorqfqJcvfW7a3Ta19nho8uKbB/BSjZ1Cp8ntK4z0qTUZMUCrY1sA
+wkOFEI2z1mWVNfEgBpEfNrxqWWP8jLkbQFCTNyP6GrWEQSnorDPftg7qMfTOmbyC
+HkUCAwEAAaOCAqwwggKoMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUdBdr9xbDpybh
+58J/mSI5cs0bFiswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREE
+FjAUghJzaGliYm9sZXRoLnVjci5lZHUwDQYJKoZIhvcNAQEFBQADggEBAE603Wiq
+Gj7gmiIQwdc0pPGUnIUBe2fbYFZJxFEb6Kz4KvWbK6T0tfB6jLjkvHIGgxLl1QAo
+g6bfEqCJ758J4R9ii1N72d2aLq2EMUpNmgEEJe/wORSikEA7fbHfW5zfxPgSvkZK
+XBTOApeOHyEeZJNC50/ntZpLJjfwRp2amMUVxUeVgkGJHTxkMw5VbLlELjHMW02B
+uzNRc6klcFcrP07gOu0zdwE07+OI7i+wE0Qls+ysXcCGC+jZJrkbEkTY18jjLvo9
+wB4mCO1FqOShVABtLQhLpu+imnH2SHGgjViOP/XHfPNymFMOhNDgU9j1qVFDjPzg
+oKfFUuXOmS1G2Ew=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.ucr.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.ucr.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucr.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 220, expires on Thu Oct 30 20:58:09 2008 GMT -->
+ <ds:X509Certificate>
+MIIF1zCCBL+gAwIBAgICANwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAzMTIwNTgwOVoXDTA4MTAz
+MDIwNTgwOVowVzELMAkGA1UEBhMCVVMxKzApBgNVBAoTIlVuaXZlcnNpdHkgb2Yg
+Q2FsaWZvcm5pYS1SaXZlcnNpZGUxGzAZBgNVBAMTEnNoaWJib2xldGgudWNyLmVk
+dTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALK8YCXNZ9JU8GCIfhNY
+JIOV2o6OqPdqfkUNrhFXYokkmR3r9/hkw7FizSqq8ojvyL/n8D03tIudNBsDsz7X
+J3SE0M/hK4INDpD5qH7kax9CEZoKdyiMrrIyDDzcdGNG99XO+2me24CYQJBUHvdl
+jytqMiFuf29x/lyLjJFd4OoapZRlfDL8PgKZdjkbis+mvcCUARpgTFaY68iWwOuc
+RIisVQx6QHvMorqfqJcvfW7a3Ta19nho8uKbB/BSjZ1Cp8ntK4z0qTUZMUCrY1sA
+wkOFEI2z1mWVNfEgBpEfNrxqWWP8jLkbQFCTNyP6GrWEQSnorDPftg7qMfTOmbyC
+HkUCAwEAAaOCAqwwggKoMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUdBdr9xbDpybh
+58J/mSI5cs0bFiswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREE
+FjAUghJzaGliYm9sZXRoLnVjci5lZHUwDQYJKoZIhvcNAQEFBQADggEBAE603Wiq
+Gj7gmiIQwdc0pPGUnIUBe2fbYFZJxFEb6Kz4KvWbK6T0tfB6jLjkvHIGgxLl1QAo
+g6bfEqCJ758J4R9ii1N72d2aLq2EMUpNmgEEJe/wORSikEA7fbHfW5zfxPgSvkZK
+XBTOApeOHyEeZJNC50/ntZpLJjfwRp2amMUVxUeVgkGJHTxkMw5VbLlELjHMW02B
+uzNRc6klcFcrP07gOu0zdwE07+OI7i+wE0Qls+ysXcCGC+jZJrkbEkTY18jjLvo9
+wB4mCO1FqOShVABtLQhLpu+imnH2SHGgjViOP/XHfPNymFMOhNDgU9j1qVFDjPzg
+oKfFUuXOmS1G2Ew=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.ucr.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Riverside</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Riverside</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucr.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Russ Harvey</GivenName>
+ <EmailAddress>russ.harvey@ucr.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Mike Kennedy</GivenName>
+ <EmailAddress>mikek@ucr.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Steve Hock</GivenName>
+ <EmailAddress>shock@ucr.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- New York University -->
+<EntityDescriptor entityID="urn:mace:incommon:nyu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nyu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 124, expires on Wed Jan 16 23:23:03 2008 GMT -->
+ <ds:X509Certificate>
+MIIGTTCCBTWgAwIBAgIBfDANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDcwMTE2MjMyMzAzWhcNMDgwMTE2
+MjMyMzAzWjA4MQswCQYDVQQGEwJVUzEMMAoGA1UEChMDTllVMRswGQYDVQQDExJz
+aGliYm9sZXRoLm55dS5lZHUwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11
+EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzX
+gTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7D
+AjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc
+9QKBgQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEH
+EIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7
+YnoBJDvMpPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhQACgYEA5GK+
+eV3YuyfbTeJXnqV4jT+Ocz7XCL4TmeYApcuA/tG7vRRKl2Oyo93VCe7GxwOAFyp2
+ajqxdzB/yB/Mcz80GELz/UE6vkA9CW315gHQ+zWImUbPxdp5vfoe1wZ7WmXDRN5+
+4SDptlKBPsZBatAJhBjJOkWL/z09dyRdg+YYXcGjggKsMIICqDAOBgNVHQ8BAf8E
+BAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwHQYDVR0OBBYEFInR3E2yLHtThH/xcXn8RjPAFno4MH4GA1UdIwR3MHWAFJMt
+yGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT
+SW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcw
+AoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6
+Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0
+cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29t
+bW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsG
+AQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L3ByYWN0aWNlcy5wZGYwHQYDVR0RBBYwFIISc2hpYmJvbGV0aC5ueXUuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQCtTu3zFQro8ocJP9jfnJe7LQwvC+8W0n/AxJnkoadA
+WXvL6sWU/FoTg48ppe6A4LFmZ8SZIq/7Neo6SfvUkhT+O9mArnjZJ6XAu/cH0fD/
+KBAkUhkEQlltSy1PT2Apor/ti20IV6ycXJPc4AVBh7X/mKpZ646CWnHvoiPUqPAi
+zjxkx0TmosaL+2IVA8/Vd2FXp+cJLJgoXMSDeTs2nfj90+hNE5GE9shRf6lJlpdV
+4nVc74u6E0RwoCe/76Uruk9VzciLSiJwEj/kuFPfg93s1K5w1xyslmtdxYd6HbEx
+NGqVSO5aqZjOpoF5O/Kp39NX1iv08yjLUGus10UlK5Bx
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.nyu.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.nyu.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.nyu.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.nyu.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nyu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 124, expires on Wed Jan 16 23:23:03 2008 GMT -->
+ <ds:X509Certificate>
+MIIGTTCCBTWgAwIBAgIBfDANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDcwMTE2MjMyMzAzWhcNMDgwMTE2
+MjMyMzAzWjA4MQswCQYDVQQGEwJVUzEMMAoGA1UEChMDTllVMRswGQYDVQQDExJz
+aGliYm9sZXRoLm55dS5lZHUwggG4MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9TgR11
+EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzX
+gTuAHTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7D
+AjVUE1oWkTL2dfOuK2HXKu/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc
+9QKBgQD34aCF1ps93su8q1w2uFe5eZSvu/o66oL5V0wLPQeCZ1FZV4661FlP5nEH
+EIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64eK7OmdZFuo38L+iE1YvH7
+YnoBJDvMpPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhQACgYEA5GK+
+eV3YuyfbTeJXnqV4jT+Ocz7XCL4TmeYApcuA/tG7vRRKl2Oyo93VCe7GxwOAFyp2
+ajqxdzB/yB/Mcz80GELz/UE6vkA9CW315gHQ+zWImUbPxdp5vfoe1wZ7WmXDRN5+
+4SDptlKBPsZBatAJhBjJOkWL/z09dyRdg+YYXcGjggKsMIICqDAOBgNVHQ8BAf8E
+BAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUH
+AwIwHQYDVR0OBBYEFInR3E2yLHtThH/xcXn8RjPAFno4MH4GA1UdIwR3MHWAFJMt
+yGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMT
+SW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNh
+dGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcw
+AoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6
+Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0
+cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29t
+bW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsG
+AQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L3ByYWN0aWNlcy5wZGYwHQYDVR0RBBYwFIISc2hpYmJvbGV0aC5ueXUuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQCtTu3zFQro8ocJP9jfnJe7LQwvC+8W0n/AxJnkoadA
+WXvL6sWU/FoTg48ppe6A4LFmZ8SZIq/7Neo6SfvUkhT+O9mArnjZJ6XAu/cH0fD/
+KBAkUhkEQlltSy1PT2Apor/ti20IV6ycXJPc4AVBh7X/mKpZ646CWnHvoiPUqPAi
+zjxkx0TmosaL+2IVA8/Vd2FXp+cJLJgoXMSDeTs2nfj90+hNE5GE9shRf6lJlpdV
+4nVc74u6E0RwoCe/76Uruk9VzciLSiJwEj/kuFPfg93s1K5w1xyslmtdxYd6HbEx
+NGqVSO5aqZjOpoF5O/Kp39NX1iv08yjLUGus10UlK5Bx
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.nyu.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.nyu.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">New York University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">New York University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nyu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Alison Kraskey</GivenName>
+ <EmailAddress>alison.kraskey@nyu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Gary Chapman</GivenName>
+ <EmailAddress>gary.chapman@nyu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Michael Losapio</GivenName>
+ <EmailAddress>michael.losapio@nyu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="http://dram.nyu.edu/dram">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 128, expires on Sat Jan 26 15:38:16 2008 GMT -->
+ <ds:X509Certificate>
+MIIFrDCCBJSgAwIBAgICAIAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDEyNjE1MzgxNloXDTA4MDEy
+NjE1MzgxNlowMjELMAkGA1UEBhMCVVMxDDAKBgNVBAoTA05ZVTEVMBMGA1UEAxMM
+ZHJhbS5ueXUuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxySx
+tAOKfuAIUcRQUVoEZM3QiKrHoNWjyaL+o3pJCsDLcUhaco5HaewGrgD8HC/mNE9P
+lT58o98zL0jEwgRiKhIAaslXxMEjfXcy9rbVh7yhPzAs/siUau0t+aUcGheuJpnW
+PW4u1NIsVGOVpWutzH1SUJVW6GmXAWzQs/6Kv6aCqkDVTiZB7HHZSZgO7pbdBUHQ
+EUp79U/dioY2HvKdnlvwUdgcouwP1UJcNvbzvm4CT2rwVYAMsfEb/WVs3k8C9jcn
++RLtURvsleMqbdK1RehcIVRir4P94myaIj3AaOHGi81kLymvgIK6bNsGmV+I5qJg
+HoiV0Q07BPJRTDbMLQIDAQABo4ICpjCCAqIwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBRp9Wzq5xVanTfrV1yghBlnTuZECDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8v
+aW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25j
+YTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0
+cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMu
+cGRmMBcGA1UdEQQQMA6CDGRyYW0ubnl1LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEA
+sOesEs7X4aw5M40bVZ41uPn7IsR4f+My1Q+b6WyNeUmbXsOpq9By/Q8OmBjoFxdj
+119af8/Z6sP4L56CrzRYcTEpTYQeJYxahHm/wyBhlBbHGVQQ74QKiKFleWnkbFYK
+gSucnhuG0SkTMn6NOdPuMyGsOWU2+s9MK+ZJtXXm1UmrGy0Jv5JqDkanU+MsAYSV
+uDP5c02UbPiqnUvQZA5WZ82OUenLfQ4dP0oUjVTaU+44J3ABsnssEnmnbbzRgpix
+5gx/3ma9hCc4ZIFkc3IndySD7f7mqDakTIamdDx+d/eITsaOD+hffYbK8DYdmzjc
+fTA88yq6vVJ68HKssSuaCw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://dram.nyu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">New York University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">New York University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nyu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Thomas Cunningham</GivenName>
+ <EmailAddress>tom@nyu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Rick Ochoa</GivenName>
+ <EmailAddress>rick@nyu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Gary Chapman</GivenName>
+ <EmailAddress>gary.chapman@nyu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Dartmouth College -->
+<EntityDescriptor entityID="urn:mace:incommon:dartmouth.edu">
+ <IDPSSODescriptor errorURL="http://login.dartmouth.edu/shibboleth/error.shtml" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">dartmouth.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 420, expires on Sun Aug 29 18:07:35 2010 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAaQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyODE4MDczNVoXDTEwMDgy
+OTE4MDczNVowHjEcMBoGA1UEAxMTbG9naW4uZGFydG1vdXRoLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAsK4+1DskfBEFdKXU1b8hMnb3R3UjVVo8P9zB
+Y6+ReSCYQMTm4k3CXf/X4/fZ4DD6E/AE/SEX32ODo3LcsWZJwsOJzHK8xpnr5vyc
+lqyQlaDA2wf7GQczlEkWuWhWZG40ucOnqGzZRnzCPlsMwQEyoUj1XN7zYTIWf2LQ
+rZgoVYcCAwEAAaOCAqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUBEM0Yzwp
+FP/ecu6v1NLMnW5s2NgwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYIT
+bG9naW4uZGFydG1vdXRoLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAEgWNWLW6GrPI
+SocOFjWXIfNfComSoceSPJUEnE+xttmf5egMjv2ArCgMR92xGV2trIYcVSW0iX7g
+Lw73Y9UBs5Gw4PhAL/hBkoASmh7hWKjnjdSfte4dn9RSTXJao9G2MMpfeJBiy+eQ
+bdoOGeKQ/O5yT+C4hr92JRopIGheDQiNOC6lwVcyufCNIZua8VUIIdwdfBTXUgrg
+aq/0YiAzxM1ntmU4YW7lMIyXay/Y/icUVlRl6oo9wzlJRRrtVMH8eXsfxKlbiQXa
+Ywop7aYzfxblCHXXofZu5ccbrA8oOrm1In4Aqu0QDV/QuHq47uaxF3xiO35q5+nA
+CLWVhTQGVQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.dartmouth.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.dartmouth.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">dartmouth.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 420, expires on Sun Aug 29 18:07:35 2010 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAaQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyODE4MDczNVoXDTEwMDgy
+OTE4MDczNVowHjEcMBoGA1UEAxMTbG9naW4uZGFydG1vdXRoLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAsK4+1DskfBEFdKXU1b8hMnb3R3UjVVo8P9zB
+Y6+ReSCYQMTm4k3CXf/X4/fZ4DD6E/AE/SEX32ODo3LcsWZJwsOJzHK8xpnr5vyc
+lqyQlaDA2wf7GQczlEkWuWhWZG40ucOnqGzZRnzCPlsMwQEyoUj1XN7zYTIWf2LQ
+rZgoVYcCAwEAAaOCAqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUBEM0Yzwp
+FP/ecu6v1NLMnW5s2NgwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYIT
+bG9naW4uZGFydG1vdXRoLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAEgWNWLW6GrPI
+SocOFjWXIfNfComSoceSPJUEnE+xttmf5egMjv2ArCgMR92xGV2trIYcVSW0iX7g
+Lw73Y9UBs5Gw4PhAL/hBkoASmh7hWKjnjdSfte4dn9RSTXJao9G2MMpfeJBiy+eQ
+bdoOGeKQ/O5yT+C4hr92JRopIGheDQiNOC6lwVcyufCNIZua8VUIIdwdfBTXUgrg
+aq/0YiAzxM1ntmU4YW7lMIyXay/Y/icUVlRl6oo9wzlJRRrtVMH8eXsfxKlbiQXa
+Ywop7aYzfxblCHXXofZu5ccbrA8oOrm1In4Aqu0QDV/QuHq47uaxF3xiO35q5+nA
+CLWVhTQGVQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.dartmouth.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Dartmouth College</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Dartmouth College</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.dartmouth.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Eric Bivona</GivenName>
+ <EmailAddress>Eric.J.Bivona@dartmouth.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Gelhar</GivenName>
+ <EmailAddress>David.E.Gelhar@dartmouth.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>David Gelhar</GivenName>
+ <EmailAddress>David.E.Gelhar@dartmouth.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Sean McNamara</GivenName>
+ <EmailAddress>Sean.R.McNamara@dartmouth.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California, Merced -->
+<EntityDescriptor entityID="urn:mace:incommon:ucmerced.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucmerced.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 264, expires on Fri Feb 19 21:12:25 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAQgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIxOTIxMTIyNVoXDTEwMDIx
+OTIxMTIyNVowHDEaMBgGA1UEAxMRc2hpYi51Y21lcmNlZC5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAK+1zqQR1K+OwplBSS23f/xrl/ut8OqQWj+eObsX
+b1XFxAM+QfI5GvalEp4dZ8JggyAVFJJLkavJD/7014ENLmt0Y4SU0rVoUv/V08s+
+nHZLmLKL1lCLzCfeMOapcVKh+CzxvN/o61VdrKYkuIq+KbZY5AFBGcF3ma4BoSXt
+F1I5AgMBAAGjggKrMIICpzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFKokkF8r2K7l
+Ik4PzxZjD75n+TUHMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboG
+CCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHAYDVR0R
+BBUwE4IRc2hpYi51Y21lcmNlZC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAF4pIerA
+OHNqLTp33YwBBdcwHUVingAMyvmxKJJmz8YenbaOaL4NtqofJHPB5G4ShaGUW5F+
+y247xUW9CQ8gXCSxO3KSkF+u+VKde86UrmFIyK67A0AxYRuGKKsotF8vngl19Bq5
+EbYbomDA48uuIaC8qK8bBBg99TwgqjE6ngkJuHisaY986sby9R7m2+kBqdFk6g+W
+t1givG65nDln0Lcnb19DXRDPEM28H56U1IqKuC82rl/E+vdw0W4T7IeTAnDBSy7l
+OhvX73biE+9ErXzxGFrCUaAE6P09Bhg/kZjv4HTvr6MDKnfpzYatTv7A6yhkJ8h9
+r5UEVmti4DxjcoE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.ucmerced.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.ucmerced.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucmerced.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 264, expires on Fri Feb 19 21:12:25 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAQgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIxOTIxMTIyNVoXDTEwMDIx
+OTIxMTIyNVowHDEaMBgGA1UEAxMRc2hpYi51Y21lcmNlZC5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAK+1zqQR1K+OwplBSS23f/xrl/ut8OqQWj+eObsX
+b1XFxAM+QfI5GvalEp4dZ8JggyAVFJJLkavJD/7014ENLmt0Y4SU0rVoUv/V08s+
+nHZLmLKL1lCLzCfeMOapcVKh+CzxvN/o61VdrKYkuIq+KbZY5AFBGcF3ma4BoSXt
+F1I5AgMBAAGjggKrMIICpzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFKokkF8r2K7l
+Ik4PzxZjD75n+TUHMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboG
+CCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHAYDVR0R
+BBUwE4IRc2hpYi51Y21lcmNlZC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAF4pIerA
+OHNqLTp33YwBBdcwHUVingAMyvmxKJJmz8YenbaOaL4NtqofJHPB5G4ShaGUW5F+
+y247xUW9CQ8gXCSxO3KSkF+u+VKde86UrmFIyK67A0AxYRuGKKsotF8vngl19Bq5
+EbYbomDA48uuIaC8qK8bBBg99TwgqjE6ngkJuHisaY986sby9R7m2+kBqdFk6g+W
+t1givG65nDln0Lcnb19DXRDPEM28H56U1IqKuC82rl/E+vdw0W4T7IeTAnDBSy7l
+OhvX73biE+9ErXzxGFrCUaAE6P09Bhg/kZjv4HTvr6MDKnfpzYatTv7A6yhkJ8h9
+r5UEVmti4DxjcoE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.ucmerced.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Merced</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Merced</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucmerced.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Greg Fellin</GivenName>
+ <EmailAddress>gfellin@ucmerced.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Koehmstedt</GivenName>
+ <EmailAddress>bkoehmstedt@ucmerced.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Faust Gorham</GivenName>
+ <EmailAddress>fgorham@ucmerced.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Southern California -->
+<EntityDescriptor entityID="urn:mace:incommon:usc.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">usc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 215, expires on Fri Oct 3 20:09:10 2008 GMT -->
+ <ds:X509Certificate>
+MIIFUjCCBDqgAwIBAgICANcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAwNDIwMDkxMFoXDTA4MTAw
+MzIwMDkxMFowVjELMAkGA1UEBhMCVVMxKjAoBgNVBAoTIVVuaXZlcnNpdHkgb2Yg
+U291dGhlcm4gQ2FsaWZvcm5pYTEbMBkGA1UEAxMSc2hpYmJvbGV0aC51c2MuZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDM+gtGft1Rqp8EqSK4Do32kRYN
+MUz2glzZCyikRODKT0fodm655RUXM3KtU0EojBmpaDJvH9Gx4eCOOPCAdQ0zaM1h
+vok4hOmPbsbDJ1ZuBgDUmNNu+ArhTfTcVCnVIK0E6lwrYHvgccqpuJz3kdHEo9fw
+wqsrK6Nwyor4hPEOeQIDAQABo4ICrDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBToWvbYMPTntME48Hv8gLVKO0KwCTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8v
+aW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25j
+YTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0
+cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMu
+cGRmMB0GA1UdEQQWMBSCEnNoaWJib2xldGgudXNjLmVkdTANBgkqhkiG9w0BAQUF
+AAOCAQEADvZ2CCgyfTTi8+iC8269yNF4G74BkhSY1/t3L9IVcIzN6yp1bP9XCzEp
+ANbu4+9+z7MA8jGMVC+VEoGGgc4IzoT4Ozd88GTDjk0kaKqvBM+PFrDpW1t3Gybl
+1q89ZHgLnrzEFYxRQPMmNHLEmD+NKAg8G8Gw0g6daKoIzgEh46sZj12rvZFKAozG
+tXtSUWHHHbRCWOsaeLLv6DBVlQlY8jtlzZS3Z4km0Dchs8xbKELjnjG0fiomXLvO
+HAwYO/NexhX4xqhe0/e4Dqg1g4rZ3paW5oV98HVhPcnFpLJwtxzcB7Pm8Uxwm0hC
+i/+ujkDNOTfO58R8UdbZ6M2N8rnHhA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 433, expires on Fri Sep 17 18:10:09 2010 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAbEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxNjE4MTAwOVoXDTEwMDkx
+NzE4MTAwOVowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC51c2MuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDGqmK+0r4oZkmfLl70dD2yew9E39gkafTNTdDB
+28LV9BiM6Nsz2CXyyfhqHt4g9RQ7stTJR+MNayVKQPeGjdJPBxSbvbj5QVIT2Wb5
+9L6XaxM5/oUKklN54xducalBey7TePToou5TX+7UllxedrawhUZQYAqRlEA4g/Kf
+V6sfpwIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ91L7HB/qN
+lDJO6TkzQ40J2Pml7zB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJz
+aGliYm9sZXRoLnVzYy5lZHUwDQYJKoZIhvcNAQEFBQADggEBAJOsixFfdbUyUoqK
+RcARsvIOxHjf8IKfUtWJJuxcAGtSYQ2WAS7ezAsfCKNjY/sVew42kGZdxNL/9Z6u
+7uaUDHoeI1YFL1jUcuHFAB1fGjImOa9DvDYC/GdQlbXEpGD4jvfGIjUi7jpnguDE
+w4reSxuNAE6wOdbiZ/SGmDovt7CWDonkYmF/F8PTBu4T55k61uG8zEbszuhQIAoa
+PpxZV+VbpdEmbm6fFviGTRBzTdP8Ges98ryQzkTXV1ivsahrftCtOo2imH22b0zd
+UyzcHstiqAfNX/TX6HSl/gtPda7Gcedc/RHiYNk8H5jFVFQYek5YhZMHfTGRZh+w
+aY7nMHE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.usc.edu:8444/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.usc.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">usc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 215, expires on Fri Oct 3 20:09:10 2008 GMT -->
+ <ds:X509Certificate>
+MIIFUjCCBDqgAwIBAgICANcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTAwNDIwMDkxMFoXDTA4MTAw
+MzIwMDkxMFowVjELMAkGA1UEBhMCVVMxKjAoBgNVBAoTIVVuaXZlcnNpdHkgb2Yg
+U291dGhlcm4gQ2FsaWZvcm5pYTEbMBkGA1UEAxMSc2hpYmJvbGV0aC51c2MuZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDM+gtGft1Rqp8EqSK4Do32kRYN
+MUz2glzZCyikRODKT0fodm655RUXM3KtU0EojBmpaDJvH9Gx4eCOOPCAdQ0zaM1h
+vok4hOmPbsbDJ1ZuBgDUmNNu+ArhTfTcVCnVIK0E6lwrYHvgccqpuJz3kdHEo9fw
+wqsrK6Nwyor4hPEOeQIDAQABo4ICrDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBToWvbYMPTntME48Hv8gLVKO0KwCTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8v
+aW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25j
+YTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0
+cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMu
+cGRmMB0GA1UdEQQWMBSCEnNoaWJib2xldGgudXNjLmVkdTANBgkqhkiG9w0BAQUF
+AAOCAQEADvZ2CCgyfTTi8+iC8269yNF4G74BkhSY1/t3L9IVcIzN6yp1bP9XCzEp
+ANbu4+9+z7MA8jGMVC+VEoGGgc4IzoT4Ozd88GTDjk0kaKqvBM+PFrDpW1t3Gybl
+1q89ZHgLnrzEFYxRQPMmNHLEmD+NKAg8G8Gw0g6daKoIzgEh46sZj12rvZFKAozG
+tXtSUWHHHbRCWOsaeLLv6DBVlQlY8jtlzZS3Z4km0Dchs8xbKELjnjG0fiomXLvO
+HAwYO/NexhX4xqhe0/e4Dqg1g4rZ3paW5oV98HVhPcnFpLJwtxzcB7Pm8Uxwm0hC
+i/+ujkDNOTfO58R8UdbZ6M2N8rnHhA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 433, expires on Fri Sep 17 18:10:09 2010 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAbEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxNjE4MTAwOVoXDTEwMDkx
+NzE4MTAwOVowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC51c2MuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDGqmK+0r4oZkmfLl70dD2yew9E39gkafTNTdDB
+28LV9BiM6Nsz2CXyyfhqHt4g9RQ7stTJR+MNayVKQPeGjdJPBxSbvbj5QVIT2Wb5
+9L6XaxM5/oUKklN54xducalBey7TePToou5TX+7UllxedrawhUZQYAqRlEA4g/Kf
+V6sfpwIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ91L7HB/qN
+lDJO6TkzQ40J2Pml7zB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJz
+aGliYm9sZXRoLnVzYy5lZHUwDQYJKoZIhvcNAQEFBQADggEBAJOsixFfdbUyUoqK
+RcARsvIOxHjf8IKfUtWJJuxcAGtSYQ2WAS7ezAsfCKNjY/sVew42kGZdxNL/9Z6u
+7uaUDHoeI1YFL1jUcuHFAB1fGjImOa9DvDYC/GdQlbXEpGD4jvfGIjUi7jpnguDE
+w4reSxuNAE6wOdbiZ/SGmDovt7CWDonkYmF/F8PTBu4T55k61uG8zEbszuhQIAoa
+PpxZV+VbpdEmbm6fFviGTRBzTdP8Ges98ryQzkTXV1ivsahrftCtOo2imH22b0zd
+UyzcHstiqAfNX/TX6HSl/gtPda7Gcedc/RHiYNk8H5jFVFQYek5YhZMHfTGRZh+w
+aY7nMHE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.usc.edu:8444/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Southern California</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Southern California</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.usc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brendan Bellina</GivenName>
+ <EmailAddress>bbellina@usc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Asbed Bedrossian</GivenName>
+ <EmailAddress>asbed@usc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Russell Beall</GivenName>
+ <EmailAddress>beall@usc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- The Pennsylvania State University -->
+<EntityDescriptor entityID="urn:mace:incommon:psu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">psu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 351, expires on Mon Jun 14 20:10:12 2010 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAV8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYxMzIwMTAxMloXDTEwMDYx
+NDIwMTAxMlowGjEYMBYGA1UEAxMPYXMxLmZpbS5wc3UuZWR1MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCkFtWl8heas1dMJHo4TNjQWznzbSU8piz5TmrHlGg6
+wDWQRKoTLHwFs2PRiII0jGwzNVC2eRGs5+GadehYfLv8KqhQXtJqSpUu3dccNxtr
+UrNcX5CL2r9/W0h8rPC+W7Z3Qvds2L6uvP9F/pP41rjnE77VWmaCGQl8sUh464l3
+SwIDAQABo4ICqTCCAqUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRnkR9rZ0bocCoX
+1tzgbdk+n8PNzTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6Bggr
+BgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+CgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBoGA1UdEQQT
+MBGCD2FzMS5maW0ucHN1LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAQQTATH0n/e2x
+QrAIoXJ8jaaIuEY/jXznkgyLpqfY7GvnEbis9XUK+3D9LzwYEyb6zFuDlRfGh1WU
+sVoYZlEk4kGS/yzMDaMSq2DfTjxS1GeEs6z6sPvGcrr23NFVfZ1TTbTCNvJtRljw
+7jr2LZGOeK7CP39nFaw8mCIaLlXt8kY3aELKf2pqR7XMPeb6e8n89VJCagKTAvgg
+s5o1JWZ+wLUUm49POFMf+KFIPxcHfw7Hnm2HI/axRvH4C/bh8RIP1tQFbAeX4qlo
+LZmOK8DcFwc1DbWGgqY7LbpuDC1jwp8y5FhlbEIUj0UXXNNkux7569nmMO7MeWxy
+t8lwzoppsg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://as1.fim.psu.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://as1.fim.psu.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">psu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 351, expires on Mon Jun 14 20:10:12 2010 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAV8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYxMzIwMTAxMloXDTEwMDYx
+NDIwMTAxMlowGjEYMBYGA1UEAxMPYXMxLmZpbS5wc3UuZWR1MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCkFtWl8heas1dMJHo4TNjQWznzbSU8piz5TmrHlGg6
+wDWQRKoTLHwFs2PRiII0jGwzNVC2eRGs5+GadehYfLv8KqhQXtJqSpUu3dccNxtr
+UrNcX5CL2r9/W0h8rPC+W7Z3Qvds2L6uvP9F/pP41rjnE77VWmaCGQl8sUh464l3
+SwIDAQABo4ICqTCCAqUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRnkR9rZ0bocCoX
+1tzgbdk+n8PNzTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6Bggr
+BgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+CgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBoGA1UdEQQT
+MBGCD2FzMS5maW0ucHN1LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAQQTATH0n/e2x
+QrAIoXJ8jaaIuEY/jXznkgyLpqfY7GvnEbis9XUK+3D9LzwYEyb6zFuDlRfGh1WU
+sVoYZlEk4kGS/yzMDaMSq2DfTjxS1GeEs6z6sPvGcrr23NFVfZ1TTbTCNvJtRljw
+7jr2LZGOeK7CP39nFaw8mCIaLlXt8kY3aELKf2pqR7XMPeb6e8n89VJCagKTAvgg
+s5o1JWZ+wLUUm49POFMf+KFIPxcHfw7Hnm2HI/axRvH4C/bh8RIP1tQFbAeX4qlo
+LZmOK8DcFwc1DbWGgqY7LbpuDC1jwp8y5FhlbEIUj0UXXNNkux7569nmMO7MeWxy
+t8lwzoppsg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://as1.fim.psu.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Penn State</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Technical Staff</GivenName>
+ <EmailAddress>root@aset.psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Steven Kellogg</GivenName>
+ <EmailAddress>kellogg@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Miller</GivenName>
+ <EmailAddress>max@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Penn State ITS Help Desk</GivenName>
+ <EmailAddress>helpdesk@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://angelshibaccept.ais.psu.edu/Shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 394, expires on Sat Jul 31 18:12:17 2010 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAYowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDczMDE4MTIxN1oXDTEwMDcz
+MTE4MTIxN1owJjEkMCIGA1UEAxMbYW5nZWxzaGliYWNjZXB0LmFpcy5wc3UuZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQClkfi6MuIJnWxOg+86vC9yUBHC
+3b16IwocbKkwCN8H95Ve9KYuEGUHpPd4cwGdAW8OPoDGQihoNcbkN3OxBgFfme02
+qS2nQv8zedWbkrrJdI++Nl+NWWXgEGTqHyCcaS1Ma1ws3NYXWwnoh89ieeqnFgRW
+UHDRUpWSimYsd4PmDQIDAQABo4ICrTCCAqkwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBSWp88hPoLAnWpKsbtUFgHC/PNTPTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAmBgNV
+HREEHzAdghthbmdlbHNoaWJhY2NlcHQuYWlzLnBzdS5lZHUwDQYJKoZIhvcNAQEF
+BQADggEBAGC8L2wH3T8UjKBtpPJnDdwlZZyHzzhjqIXQUTOo8WGsMXl6qplk3U6e
+maO8oHhUtmj9NXQZAAnEui+aj0dooLS9yLZ/EFrhOy1nHj50XcV7xR6id4nY5xaQ
+tKWlQ89+6AfvhWyS2QvLR0RuEVp9QzDp5oXHHnjg5cmEXBOQCEXDvOZcg6mSzXpZ
+wH3UBiyEKs5R2okUuPjdcxzOe4JSROPWSnz/PASCkINk6ApklX/5pjTSsv8z4+qB
+TiVjEVA4+cDK0KkqTgacX+MQYN+37rCYs3UD+8zLvw8N1PDukhxXYQoXLqzIHgqq
+E02jzU/990xdaEWR/lE2NUWxfabXyF8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://angelshibaccept.ais.psu.edu/Shibboleth/Shibboleth.shire" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Penn State</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Terry O'Heron</GivenName>
+ <EmailAddress>tno1@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Andy Fisher</GivenName>
+ <EmailAddress>anf107@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cms.psu.edu/Shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 452, expires on Sat Oct 23 17:57:35 2010 GMT -->
+ <ds:X509Certificate>
+MIIFAzCCA+ugAwIBAgICAcQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAyMjE3NTczNVoXDTEwMTAy
+MzE3NTczNVowFjEUMBIGA1UEAxMLY21zLnBzdS5lZHUwgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBAKndAKfp08EdL5btW3Hc3Ir1HxymZBQR3qlFZr+SVVmx2p0F
+abon7kbxdpCYf4pikJgoUayA5hEIoXCtwqGv5tCBhplhHs6/hVuQU1HU3n22g1eX
+Axo3h6D+N5hGcea6duNKp8dAT6qn7P0O+mphfvsRF/nqTaXDtFD7ZC3VpoWNAgMB
+AAGjggKdMIICmTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFFL7WHgfeGKus+T3GU4g
+X51d6ed2MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2Ntcy5wc3Uu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBgu96Xx2Fr9b7W6G7n4jIhPWFgsEOguW9U
+kINOvW/2KOE9lYIn5IMtoGOjeUae0oD1KNTfay0W1GDvTlxHGebsRh1MClw1fa/u
+xAmBl3JdMkmlR4oilk0ppCylLkLCauCoSQ0O/PzHIwAWd2yWZ0PO+hVcjr/E3UT3
+51M97s5iQpDrPfa+bb2yYKaJEKQEOj7j+JgH3CmklOkvJwR9tuO++2NNy0gkYmcb
+JbFoduGzC0FRNfy+mjou9+pew/F9i6rsFq8ta6ODHh7sOSdJtmke097dsLjHha02
+zvntocfuV8nr0Y3Vtw5R0veT8NFhqeMzhUeWxvyHQWyF6IKqJpan
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cms.psu.edu/Shibboleth/Shibboleth.shire" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Penn State</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Andy Fisher</GivenName>
+ <EmailAddress>anf107@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Terry O'Heron</GivenName>
+ <EmailAddress>tno1@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://comanage.psu.edu/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 389, expires on Sat Jul 24 19:40:42 2010 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICAYUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcyMzE5NDA0MloXDTEwMDcy
+NDE5NDA0MlowGzEZMBcGA1UEAxMQY29tYW5hZ2UucHN1LmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAJlP3NthFiuysD/g7nO1aBRU7Vw3HlAkt7Cp
+XrS4f94NggG3RxizVcpkt9ZxWa6Dot3xGa4mYnn/zTP/K5FhO2pKn2nnjmWnUpI8
+IqLtZmoVAL7aX0xLhYQ/ZdpKMqEjijYskwu1M/Ccu4wLEsW2/cmbqL0W1eXVBLwB
+rxs2SgnS3kMQugSzAFOgxI+7VJnOA7QQkcZjRf5uUEnlgf2fP7P+PnCTGBJ5G9ud
+AK4gi7C3g3nG7P1lUDMDtXw/i84kVKH3i4381DXrllgyeMIey+MD5EMAhk5U6Eoj
+aOFqUPqK9CcpMiZoR9rXW2nbBXRK9N+yBke3UZ/Zd1BrvsAOh9sCAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUhAXkBcQz3OQaYgzE4t408AMMkh4w
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQY29tYW5hZ2UucHN1LmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAN/MoUubNjZ51n/b4pHJ/Rv8iLouBUHnWUOC4
+wS7iKx1G0hYfjq/UsSw+Ua0DbAgRlNz+NJmunj7XplJi4tU3ZR/bq/z6A4u1R4pE
+2YIk4HUkmIqLE2vwRhxZOgATRS91HYSRpdckxgIVZVpc4MntybhmDx0pzMu/0x5t
+HPKcQW3qAnprbgdKsW3aplQ+RrmTIbuDcH0kAGFQNv0EiM7AdAUSV1gHK5LTxS1D
+J+85AUYzIxE+48DZgNPTKJ9ZSyQhnHDdxn15b3wSl1wgE2ONZkrsrrj0rTYTwEDg
+x4a/CszXVa2CKDJ7hRP3XiUoupIcgJXHhHfB8WXz4ifdM4F6UQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://comanage.psu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://comanage.psu.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Penn State</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris Hubing</GivenName>
+ <EmailAddress>cjh@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Phil Devan</GivenName>
+ <EmailAddress>pmd@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Rich Cropp</GivenName>
+ <EmailAddress>rac@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://courseware.e-education.psu.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 352, expires on Mon Jun 14 20:10:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFtTCCBJ2gAwIBAgICAWAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYxMzIwMTAyM1oXDTEwMDYx
+NDIwMTAyM1owKTEnMCUGA1UEAxMeY291cnNld2FyZS5lLWVkdWNhdGlvbi5wc3Uu
+ZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1sXG6NaOTDrSUKLo
+inAAJ8pdghMP/TZJcLQfxqoqKopLCEICNyX8w29AlKBCUEp2KYniUiN8Kogxcx+O
+ubdSEGFKhKRIBeFaJqRxvK3F3LEk5g1ujPhabujynV7idxBWuyxYd2ufQdp8tsyS
+4wD/KL58LPfSgnpCTbSCf+LdvxNtzWJIm04oESyUAkvORMyilbZJ3pbeHOUdLgHe
+EnIWbsrvCN1rsImf3yCfycoKSCIKohtHXRP6zUYweQihF3675SxdTJ+s7qYuDwXW
+pFQQLk+DDpdH3ukP7INMXgDF5ScRzUBVQS6hbfOSIbAW9VYojzGUsqVqFo4C41Yg
+m0wlkwIDAQABo4ICuDCCArQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSnjfqA3hwR
+oapxNTRPBQhZBX5lkTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6
+BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCkGA1Ud
+EQQiMCCCHmNvdXJzZXdhcmUuZS1lZHVjYXRpb24ucHN1LmVkdTANBgkqhkiG9w0B
+AQUFAAOCAQEAlAgX/tzTM2uiSsgWSihPz1drLDqGvfZ6wKQcR9wCi0uJ+SeZDiDu
+sGrw1vyC4Z9p2MRueVXvTHtXhIhMvak8Oq2BkNET9bMYdEC73gQy8JAGM+o0NIds
+Ux1zCyZMzSd81uSXQOJhKrbjilGG2a1s1CURMhhtFZBfSZAkpOHI2Owc7Q4M3wk4
+bOBrNozXtP9Q1Vnd453NFdRjJa/UWV+DpiN7x+DUKVlJ22vHxIb0EcdCdkhkkPN2
+b62XxShsr9GdjEXZVos03a39wVV6tisBjWT9v/lwLEWH7V4RZVIMrm/VpsonfTNg
+5H4DLiqZuOGL7kOxBikdw9a9AkrFg1I29w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://courseware.e-education.psu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://courseware.e-education.psu.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Penn State</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jeff Wolfe</GivenName>
+ <EmailAddress>wolfe@ems.psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeff Buechler</GivenName>
+ <EmailAddress>jdb11@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://iam.psu.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 675, expires on Fri Oct 21 17:54:58 2011 GMT -->
+ <ds:X509Certificate>
+MIIFAzCCA+ugAwIBAgICAqMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAyMDE3NTQ1OFoXDTExMTAy
+MTE3NTQ1OFowFjEUMBIGA1UEAxMLaWFtLnBzdS5lZHUwgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBAKslsQC+w+5X+e0icrUo6miHGjVBK0sDF3fEgItpc5SWx3me
+c0ycG+oDUg7t1AWNeN1q7vaM2cThMIKLu5PRJiB/GZKs1zlohH2kkliwz9fgAe0m
+SNXToZIJusltAPkUNr0zkUpd0xHxfawIyuzM7Yb5VglhGq0gCtatBuiL0N5jAgMB
+AAGjggKdMIICmTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFGat/839cVUt/Up801ES
++/YCrsYqMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2lhbS5wc3Uu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQDC8z2FSpfgzNC1XTe2cwWr/hee4I6oXprP
+wxFCYYNoridGEUzbhCHcgiDYj06qHfQUDfJ8gV8/wD0htklFgs04NY0KAOBAeGVL
+AZdd7JI0f6EY2j0ZeHpfRPhDg//BlB61WZiG7aNqJYq9/U7H99w1JYaxs8HGWQec
+Ceueg4zpKgBk1grhf35pc2j+x9qF51mfv8ixA7mZI1AIwG1huHXADL+SXYlXDzAF
+S3ivVZQMzMSqm6fgENa00qOGbGjkCIj4GG88b7a3vEhI9YRl+T5oMghhsuovWskW
+mOnVZiht1xDbkY2+/MI/QOp+AjFjaAXvljq5okqzUw3QvI2SXK1j
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://iam.psu.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://iam.psu.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Penn State</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>James Vuccolo</GivenName>
+ <EmailAddress>jvuccolo@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.cic.psu.edu/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 391, expires on Sat Jul 24 19:40:56 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICAYcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcyMzE5NDA1NloXDTEwMDcy
+NDE5NDA1NlowGjEYMBYGA1UEAxMPd3d3LmNpYy5wc3UuZWR1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyiX8QaQ4uItYnyWLP8QSnfG0BKf9V8oYiY+t
+rCOiiajTAQNhctLhOtAVd/tcRjeDnLymfprUk53apLbmDTzGMnSSiAfRlU0qcAyw
+wI7GIgJGgHTQd+6QiMEco2Kwv2w2aDzzd+Av1B5dJ7xzuJOQUxVbwKK0Pun2QWT0
+O2FCmHe0c+5xf2qZMSYs47tE56J99Gcl7kKhB3AMBMhDDlHyxrn8n4zo54tfjCpO
+5ddWoyPpDmu+yngQYSjDtDNm1htqnu/4TGPvkUPPHik4yxx5HZh8A/BD6vhR9JT+
+K0O67cHH5R5oWD1UUncAlaN0OskIRwHIrCAFLSzOQr+iWRv4FQIDAQABo4ICoTCC
+Ap0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSPGLmSyeyjQ2LuQ1IvbdDn7FS3MTB+
+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMC
+VVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29t
+bW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCB
+ojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZD
+aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdl
+L2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8v
+aW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5j
+cmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQw
+QgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg93d3cuY2ljLnBzdS5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBAIuNpjnPqk7TsRnQayA8XZBeyzouThR7VP9aL47y
+o5jiiPzB7uAahfc+a7hHcaqKbEQaOU4GszrwG7V6QeoO0a1siciF3ggI740qfDPA
+Tm/cMwCnGs7PaCuE984vFSYCbF1IggziknW1P8G2A9ZptQbNt9CPsBaXzg0KPmIR
+EaPWY+d6wQfs/Q4hx1k2+eUrudgwfcUgqrlkqkdueT/GhM1qG0FtlaO+YBv6GXuG
+7LZf0HO/IQP/uXBudTfgv+wf3/FFsdWRCWawZZNer4Vn5Hvoukr6e+zN00obKnvS
+JOYtsMhuowiwsRpT0ie/draV1UiDitpdjhmN3hb5G4Btb70=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.cic.psu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.cic.psu.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Pennsylvania State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Penn State</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.psu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris Hubing</GivenName>
+ <EmailAddress>cjh@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Phil Devan</GivenName>
+ <EmailAddress>pmd@psu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Rich Cropp</GivenName>
+ <EmailAddress>rac@psu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Maryland Baltimore County -->
+<EntityDescriptor entityID="urn:mace:incommon:umbc.edu">
+ <IDPSSODescriptor errorURL="https://webauth.umbc.edu:443/shib_error_page.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umbc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 236, expires on Fri Dec 11 21:54:05 2009 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAOwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTIxMTIxNTQwNVoXDTA5MTIx
+MTIxNTQwNVowGzEZMBcGA1UEAxMQd2ViYXV0aC51bWJjLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAOq++RZo/e9vKLyJC+gW5q/5qvHh0oNjgExe
+7D5W1sH3TppYd3PZkvxeBwBKMo36dVpaCsEDR6KW0rH65Q9JGYeMfwh2g2zd0/YE
+k7lr7SB2lmaUN2syJ5S+zpOFiqtE79aa9AGOQ9fHhLZljctPCVov8nd5lBS6EtLM
+K0B6JmPhMEzpwtPt937O1p+LVKFjKKQfXbXUEHHCf88R9LI9DKOAWkkeahwmgRtr
+MZQ1ffC+GVZ6n2432mLH2j7SXvDjhtwi134dLBbdJ5OMGx3XQtCdPEn81VYUJeR+
+ATXif0Ptp30jff2PzaONR9DrsTB9GlgBRaHDBHmpCvgvWcoo1KECAwEAAaOCAqow
+ggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUfpHlqS7yWgDIq8i2Gx+8TFAil80w
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0w
+gaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3Vl
+cnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREEFDASghB3ZWJhdXRo
+LnVtYmMuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQA3u/gGMozRp8+tJU/+92tyTUqr
+fi+/iv7eK1sdWExH8o8vmSyCuNQP64wQueMk53N8aRORvuyLKvGqkXU9JrfJrE+q
+ulgL1N7DqwVWhlFhbmF4Nch/Qtyz7bBQtSYKI02thBGthLcKC7Ayf6lgHjpFUkvY
+tNlML5lQTF2/fjDgIiOQYJxW/kDnB2A1RdQZPExCLN5CCeS9eEEc66OeApdOAY8a
+lZc6l7TeKPDD6KBsDR4mh9/6rsJO+fTQxp+LUzWODR37i/dg4w9IiGQvrn6uIJxw
+lrC3p8cqpK2/GC43XqxjvaUdIRKF7kfiSn7QwiDjNBCvVWEPJsNDczKS/joy
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 696, expires on Mon Dec 5 20:02:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICArgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTIwNDIwMDIwOFoXDTExMTIw
+NTIwMDIwOFowGzEZMBcGA1UEAxMQd2ViYXV0aC51bWJjLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALdTMz7NJ0XHGcC6DunqgUb7f42YY6qdUxZ9
++Apxk4uzF+Cw5PGO2Uej1uL3GLcc8aINajbvzO9FX3yVA1LkjY+k5nCPD+X3pC85
+BtCHgL5Zmjcnln0SkmL7WcJ+nB5+yCsEMf1aMxNHtDpj+Q83jovnTLnaTKS5P1Ca
+xE5mS0zXMQ8Zfsa8SGm0K3HXMGNwto8G0oDut423XSLns30+q9v3I6xd547oNPmR
+G/yg9j7YmnCbKSuCSGZ/ZQZu0fzjZVAIVIhklQdpC5O1qz637YawQso9IxPGq51o
+aN+gjmE6BNAJeeZdndB+D+I8wXgJeaBQDtzUfJ1zEhphe2yJ3P8CAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU2bQeWGyqN/Uc1n0dQxAgplESHxow
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQd2ViYXV0aC51bWJjLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAcJl/ZN4c/9ePgo/GHDKmw0VhuiRrFtxobXnT
+KB1AAW9S+dv8jUlsIO9mvo7OimgrC2/PbiqElEK+5mkqDIiadALSnCf75DW9xHvM
+LHwcKKS8HGKeJv4tqafodhDvvd2c7hHEJkYBPtxmq0dF0nq6zhWxeUHrVi0x+D71
+iaR36iH9B93XEgd5kDkxZwZtDaBuhoeymOU7IA1AkKT3xMWYCrwc5EYTKMXf0v64
+EaEsMW04rypZk1EmJQBwcuoE+HtoUxR4va+2EM4/Qie90/piRnIydR8qnoO5FmEE
+YGFdKPP1hOy8DcZZsEALMEy0Mr2IyjtJIo+saXkD/9miWHEnUQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.umbc.edu:443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://webauth.umbc.edu:443/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umbc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 437, expires on Thu Sep 30 14:58:25 2010 GMT -->
+ <ds:X509Certificate>
+MIIFrzCCBJegAwIBAgICAbUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkyOTE0NTgyNVoXDTEwMDkz
+MDE0NTgyNVowKjEoMCYGA1UEAxMfYWEtaW5jb21tb24uc2hpYmJvbGV0aC51bWJj
+LmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOGbA5T93O4CZr6Z
+/iD9ukvL8tKMcGTD9m7pnJIX1ZSEeyqFA2LgnKJfR2iVpAcOz6KZ70yXwnQfWhj0
+6Jq5s5gPS6zFrOrsHOD6tldVZU+9Dd6DLSDzI4h/x/zEJaSRW5Qg3rbEt2+ps+Ef
+4j0lRkauXBu/hWH3fIjqOWpb9N8XlslPgW0WAk52YJ8YwjIEt/MI6FMyZ2anKfEW
+sN33j5rfQS3pRmRBydz20bAqBOZ25N1+qG368xVwL7miJPtl5zHFzwoS6VHe9rc1
+Ff6U3HM56ZUyHT2qYykToIW35jlQsyGH+nB0ggN9W19l6O3oa5jAgeZwIgRF2WTd
+11jQv8ECAwEAAaOCArEwggKtMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUgnaDJZ+D
+baRKdAD4Pw9JPIlEG2owfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwKgYDVR0RBCMwIYIf
+YWEtaW5jb21tb24uc2hpYmJvbGV0aC51bWJjLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEAttGsyiW9SyMR5G0y0SV9zjbAW8UShSgFpwe617hMAQIic8Lja6TPXIBiFISd
+i6bE/u4ItV3V2UAb/scli3JhUFbIGwQ9JyBK65KPM8YhWEPP3n7WLpCXsBuYr4xk
+QhE6kN3r5Bl2g+No5ocWdF/FnrEmFEKyC84HzoASPwjAP/B65kt9fB6WSJMGh/nb
+K36rof7KkRmVkXjZbSnt1ucif+cWxEgwLi0pEEJc6LoSyS5zY0QBZ8vZha4Wm8/0
+QrS6v1xdmIV/1saB77y9EnvDQ6Dg/64llchEtLDfiv1cmKWqK5Z3ehinPI6Q+FI/
+TliVDC0dSggCsRGcE4h6Lf+qpg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aa-incommon.shibboleth.umbc.edu:443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Maryland Baltimore County</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Maryland Baltimore County</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umbc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jason Griego</GivenName>
+ <EmailAddress>jcgriego@umbc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul Riddle</GivenName>
+ <EmailAddress>paulr@umbc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://hdxdev.core.umbc.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 292, expires on Fri Apr 2 20:31:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICASQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwMTIwMzEyM1oXDTEwMDQw
+MjIwMzEyM1owHzEdMBsGA1UEAxMUaGR4ZGV2LmNvcmUudW1iYy5lZHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJqc8Lz3w2ZCJqlr3qssnxwc8VHTpQ
+U45WTjnglSbxajxI3oXX8nu6h/EMxPseoFgU63V09zzB5uWNHWDYvo1IVP7ChWuF
+qV0jJGAiHSk3e65qdBpgEXqS+gotOgPExUkotV2vKmLKhUajx7nF0dSMNYT2akRp
+nZLM39gsyG8KO4kDh0R6tkVhvb6wDN/6Bms4VtB44ZdWo4cZ1m/sizLpVtIbgQUD
+qB5rPYIbhxdecXR5j8iInvOoVljnur8G3V+Nkdf+b+b6Z/psUJqZv0620QohqTPu
+m8zvZHN76Fax/SIdCSItFBOBYnat/yxPSEOAtkQU2iwixWKQYloOhm/FAgMBAAGj
+ggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNPJXcERQBlvFx0SEaRSxvzn
+ecGeMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEB
+BIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJ
+c3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYDVR0RBBgwFoIUaGR4
+ZGV2LmNvcmUudW1iYy5lZHUwDQYJKoZIhvcNAQEFBQADggEBADCpJn33xgtBvl6T
+cwfMUwlxh1F2b+H4MJj46m1/nf6MNDE5/2b+VwOC7l5F8rExVNjylpBtd7s5Hqd9
+BVwiaMfMsxCIvADtwM2Y24uOQmpRfQzrXv2o6hjmjjtZ2KGrQxb/hxT5ygGj7Gdn
+WRscplkyAxTd6vv7GwTmgDuZZM/HIqMyfsUjEJo357OzPkqHqBJEx5PJbhwi+HyX
+36Ofoxbhqr6cYNKVrEy3+6cR6zTqU0yfAxLbgQwrpTFEr6+f1vaZrjbt4WWTi8l9
+DT6Zn9smsStM2W3Fwx0dYmn8GookN2zh4V541leDkZUV+7rgmxPQVkqRjWljFZrV
+EKMVes4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://hdxdev.core.umbc.edu/confluence/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://hdxdev.core.umbc.edu/confluence/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Maryland Baltimore County</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Maryland Baltimore County</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umbc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul Riddle</GivenName>
+ <EmailAddress>paulr@umbc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://rt.umbc.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 474, expires on Sat Dec 11 21:01:42 2010 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAdowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIxMDIxMDE0MloXDTEwMTIx
+MTIxMDE0MlowFjEUMBIGA1UEAxMLcnQudW1iYy5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCz6NrCXgcYUs5mY5zBb+BNypBnU4HDSx8X9kJ2Kr2z
+beSEiaQpkANEhAe42/6QImhqeU5JkRbEu7qUkzMSk2HrJ16ida208sxzyobpigUr
+4WcQMEX1GKOfYKXIUt7d08WPB/5fb64cg4cuZ43DnJXKZzWW9teFEIiFrZjb9ll1
+UOfLjPbPgL+lcnbrJ/jYxyoAZEV2JiYMJZx/pH6qqMmP8so+fcMl/zvhxksa5ezt
+onacmefepb1UDdYixAdLPJSwBnITTibrVIwVk7B9e4oAzynP0PdDvryoSsd3riV3
+COdXvBclvQ7XDbK9rIg1RlL2oR2WGsk55z+AdfVZ5Ls1AgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFHrhgZ0xRZgseNwiABwbUM2XQmqyMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC3J0LnVtYmMuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQDQaRJ2SMJqH0FYEsai+pz2CUSyofnLmgA+WTbHzssNTiyNK2a4
++tyG5gnqtKPoGp4JvEqI8d3t0Ujo1w44mekUsCB1PIRoKBkGo4u3jGq2/uxpD0xr
++so2uO4Kf5wROZ8MGbSldn/3kv2ekyWLAQAOnrmEZ1jLOUA+H21K79cFLvmgkB8j
+IT+VLNtGZ5usYzKDJp8m5yeVI/L9F0bpr+EncA8qE/W43WwFpi7lVuwqZ+dNmkY+
+wtjCCMWk7aX5ZekT0NX2stxI1Acg32/A/QunZdoAUFONIctv4T8hKnJXnUdTceK9
+Bk3KgaiDbg2alJp0yXWmhdwf22fByPEm2Tbj
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://rt.umbc.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://rt.umbc.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Maryland Baltimore County</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Maryland Baltimore County</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umbc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul Riddle</GivenName>
+ <EmailAddress>paulr@umbc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://spaces.umbc.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 297, expires on Mon Apr 12 19:02:42 2010 GMT -->
+ <ds:X509Certificate>
+MIIFlzCCBH+gAwIBAgICASkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQxMTE5MDI0MloXDTEwMDQx
+MjE5MDI0MlowGjEYMBYGA1UEAxMPc3BhY2VzLnVtYmMuZWR1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yY2CEF/b5WwWyC5STM3A/nYmQV0fmTfKI9R
+xrmQbxjr4CG9KJFEcEQoiEZtnCedQSaUzJVXwvLS0bjE3+fP6LSPFyrarA9zEdOW
+nL/lEvWgb0VaG/wEURBR0t03f5YSAaMqNsusMuXXeBu/grwjtRiwFHKbVQDQr9UW
+T6vBoLm96H5QNpCqobLVkPGyJehz3F3zTaPNig7f4K/9yQjiEuigkqGU8sPZiKNj
+loD/5YthLG39X8fN/rEs7wW067DfrysMEhHqrMKpupF+C96uLvop0ODYUZ3vcSes
+1Ubm6jeu0aZ+v4LuB6yYLGWIkoRNkbRfvLt7FLyU9JEp7VMW/QIDAQABo4ICqTCC
+AqUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTfy4V0Ou0H/XKQIwpcDcfsua+mujB+
+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMC
+VVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29t
+bW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCB
+qjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVy
+cyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBoGA1UdEQQTMBGCD3NwYWNlcy51
+bWJjLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAVeNqz/YP52/3+Fg3ryqSFsQ9ljHP
+ETmGArvQOkdisohYFC4/Ywx2FG1DWgDn8FIwEG+Y0S1dpYAifgOUpwny5HVuPtm4
+IL3Ltx+Rml/1DeQjYURUAxXfCAKs59MKWmck/KaZCAigFdlgk3bnY8lsUwBrMCqH
+wCpfKjrHwUvlEm8xvUrBuT6pvcA3tz1CI3Gnl6vzTeE8nPtj5YdesfEGbSDLCt2D
+PAudx5Gm/7kYxTMVrK3KbutY50WiF5zoh6w+Lc5vWrBeRJeLO+81fLPFKMiMnKGg
+LPYFu6Ypaoy0R0+aIcPoohLHvrDM/0YtX960Pt3pDrQFYGiJMaRZrOEnOw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://spaces.umbc.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://spaces.umbc.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Maryland Baltimore County</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Maryland Baltimore County</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umbc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jason Griego</GivenName>
+ <EmailAddress>jcgriego@umbc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul Riddle</GivenName>
+ <EmailAddress>paulr@umbc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Duke University -->
+<EntityDescriptor entityID="urn:mace:incommon:duke.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">duke.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 434, expires on Mon Sep 20 18:11:15 2010 GMT -->
+ <ds:X509Certificate>
+MIIFkzCCBHugAwIBAgICAbIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxOTE4MTExNVoXDTEwMDky
+MDE4MTExNVowHDEaMBgGA1UEAxMRc2hpYi5vaXQuZHVrZS5lZHUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZLnQ/SNUArYDHOXG9bqiCcAFgR0c6PRIB
+QgKSG8xS+gZGYKLBko8XiB1k4NQSmf+OPrJUk2uWyqVhF1RgabYnHK9HuQcF7uV0
+VkOkMVX8VAWl96ltzm+R7GVLh30+YjAZMBzoFTPHXbww++ntmMrxQ3YMNYq7hNwB
+JWnNUpFqNHqR2rtdmSu3If8XO39tnJiPyEp/mstVVzU7O2ltOXe8M5mtrjEXHohq
+MxLR3/Nyeb46SvqLDr1kTa+v6BnD1tZlujuR5ArN3a7aNJGN/q/xaXCEg5OVSl7W
+u36x9VkvMHPJytJ7eDGhBxshReiwZJb+dIDb0DPOssKIJegkjminAgMBAAGjggKj
+MIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFKs6ASVxYi5YHvK45Bc0Is8E9VXs
+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQG
+EwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5D
+b21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGl
+MIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAC
+hkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXNoaWIub2l0LmR1a2Uu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCf66Rd9fSCcrC6wq4VYAyC451Oamzfj9Xy
+SJzXbntT5TvDhxZrvEaBKE8HZK94ncwvd9BmgZucfW3SVkPwJjrWBiVD9waUyoyv
+KywQ/UjB0Hhf1LP2SHedtKeMH4NvatA40Udf3DZUqdf9rtjer9gcUgahx0iHWKX0
+s6C4rpghXJuZ1U/Iu5+r0uGIqFfvgf00vJpJ0bo0ExnEynetfN/4MudmKHMv0RRT
+SL/7kkDOvYdwAer+PKXkHWXzEJLA8uuvjDSpfyMubJQP+P6L2BvtKLMirckMiIAG
+lFB8YmSPRPc1VCtXe/LbLmG51ge3ykYpT+/r3ckhtnOuDMB4cbO1
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.oit.duke.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.oit.duke.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.oit.duke.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib.oit.duke.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib.oit.duke.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib.oit.duke.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">duke.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 434, expires on Mon Sep 20 18:11:15 2010 GMT -->
+ <ds:X509Certificate>
+MIIFkzCCBHugAwIBAgICAbIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxOTE4MTExNVoXDTEwMDky
+MDE4MTExNVowHDEaMBgGA1UEAxMRc2hpYi5vaXQuZHVrZS5lZHUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZLnQ/SNUArYDHOXG9bqiCcAFgR0c6PRIB
+QgKSG8xS+gZGYKLBko8XiB1k4NQSmf+OPrJUk2uWyqVhF1RgabYnHK9HuQcF7uV0
+VkOkMVX8VAWl96ltzm+R7GVLh30+YjAZMBzoFTPHXbww++ntmMrxQ3YMNYq7hNwB
+JWnNUpFqNHqR2rtdmSu3If8XO39tnJiPyEp/mstVVzU7O2ltOXe8M5mtrjEXHohq
+MxLR3/Nyeb46SvqLDr1kTa+v6BnD1tZlujuR5ArN3a7aNJGN/q/xaXCEg5OVSl7W
+u36x9VkvMHPJytJ7eDGhBxshReiwZJb+dIDb0DPOssKIJegkjminAgMBAAGjggKj
+MIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFKs6ASVxYi5YHvK45Bc0Is8E9VXs
+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQG
+EwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5D
+b21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGl
+MIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAC
+hkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXNoaWIub2l0LmR1a2Uu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCf66Rd9fSCcrC6wq4VYAyC451Oamzfj9Xy
+SJzXbntT5TvDhxZrvEaBKE8HZK94ncwvd9BmgZucfW3SVkPwJjrWBiVD9waUyoyv
+KywQ/UjB0Hhf1LP2SHedtKeMH4NvatA40Udf3DZUqdf9rtjer9gcUgahx0iHWKX0
+s6C4rpghXJuZ1U/Iu5+r0uGIqFfvgf00vJpJ0bo0ExnEynetfN/4MudmKHMv0RRT
+SL/7kkDOvYdwAer+PKXkHWXzEJLA8uuvjDSpfyMubJQP+P6L2BvtKLMirckMiIAG
+lFB8YmSPRPc1VCtXe/LbLmG51ge3ykYpT+/r3ckhtnOuDMB4cbO1
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.oit.duke.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.oit.duke.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Duke University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Duke University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.duke.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Shilen Patel</GivenName>
+ <EmailAddress>idmstech@duke.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Shilen Patel</GivenName>
+ <EmailAddress>idmstech@duke.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.nescent.org/webapps/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 18325474227657295040, expires on Thu Nov 21 21:55:03 2019 GMT -->
+ <ds:X509Certificate>
+MIIC/TCCAeWgAwIBAgIJAP5RKbewFsTAMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD3d3dy5uZXNjZW50Lm9yZzAeFw0wOTExMjMyMTU1MDNaFw0xOTExMjEyMTU1
+MDNaMBoxGDAWBgNVBAMTD3d3dy5uZXNjZW50Lm9yZzCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJW/kBWaraLDhZW7GkbvpWBymdvzT2NrkDk2Kl1NXSpa
+zUzLt1jiBixOgDG37M/DJdGQG4pvozk3446awuFlzN6dUnma7H5RoHx3NYSnJGJl
+5hSh3p1yzaEKeTIySqdZKkstgNdUvfRRDInurRRwndXPe50Fm3DFV5z7xdCCCgl8
+MYscWSNs6Kni03NycAs9YhIIsSpS/TuHX6BaFP++/HWhJSKd/qu9HZgVvwSj/MBF
+V/Gq8wB9NNqqXSURkVazlNstnlVZTGaz9RIMQGwcXuv0Qa0HhSk3FTxMMczQvvtH
+RYRgoQAyhbLmL1JP7tJ9KAdV/YhkV54qi9hk4mL6Rm0CAwEAAaNGMEQwIwYDVR0R
+BBwwGoIPd3d3Lm5lc2NlbnQub3Jnhgd3ZWJhcHBzMB0GA1UdDgQWBBRdPVL8vF+p
+1/9euxzDDOCiiXr2yzANBgkqhkiG9w0BAQUFAAOCAQEAlNVlQ2q8Fwrd2MYUm81y
+UNwuebClwZ+6wohYQEyxN0//UguQqLbZ9QtUi9mrZpwhl9o9RX2LliiH6SusD9dn
+SGjxfVGbZc/OvXzMQi1ACsuIXcCZU02PvCXZHlg+YGyRo0HpFcxnJbT2z17KasK5
+HCjGXM8DJG39gLvXcG0xSL6ObDyX0zIlOuuZpofD3uQxKt/JatWr5mx7nSaT7GBG
+iAjRLi87Fmp0vu3HmintcTSQek1rPGoSuNGRd2JZ6kQlQ5MTLi9FpYDLazqg7sqF
+h1NDMkXbswUhf1JSn1mBpmcQmeOvWgyHm3bzKdQMpiFFRf2LDBcAYKDAq6YPWCH5
+CA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.nescent.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Duke University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Duke University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.duke.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Jon Auman</GivenName>
+ <EmailAddress>itadmin@nescent.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jon Auman</GivenName>
+ <EmailAddress>itadmin@nescent.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jon Auman</GivenName>
+ <EmailAddress>itadmin@nescent.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Ohio University Main Campus -->
+<EntityDescriptor entityID="urn:mace:incommon:ohio.edu">
+ <IDPSSODescriptor errorURL="https://shibboleth.ohio.edu" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ohio.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 121, expires on Wed Jan 2 21:01:27 2008 GMT -->
+ <ds:X509Certificate>
+MIIFxTCCBK2gAwIBAgIBeTANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDcwMTAyMjEwMTI3WhcNMDgwMTAy
+MjEwMTI3WjBFMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPT2hpbyBVbml2ZXJzaXR5
+MRwwGgYDVQQDExNzaGliYm9sZXRoLm9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA+8JQBPIRuyJd4J3BPwGx0GK2gnB2SNu2ZFatIckaLqnp
+ks2W8Mqa1mZpTDJsH8Vk+vdKZIvN3zGCiypmewfpZFdX4LOZMvSKxtgSZB161CMh
+untIq/4uDqxPlDf59O4mt5GQvezPR/WrIE3CSHkKbTN/ZtVZmcrEtB49tS6Uex6L
+qVqF/1Eh2/qB3+I3BE6nLYDcmauquNHrfJuGV9dJpF78We/zeAohODfnTU2jkuiL
+UDGHF3S0S3WCEEyfCkyFVzanzQpCLR/SLQLiUIWxyNQEZA5b/TGvyRo8O+6BWVl3
+Au9X4g+yq9eFD033GoXrhf/QOVUvXmmaU2lXC/0qlwIDAQABo4ICrTCCAqkwDgYD
+VR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMB0GA1UdDgQWBBTSFfhFNlXTyEdPrrYVwZ2MasnfUTB+BgNVHSME
+dzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAa
+BgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYI
+KwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVS
+STpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMB4GA1UdEQQXMBWCE3NoaWJib2xldGgub2hp
+by5lZHUwDQYJKoZIhvcNAQEFBQADggEBAE9xxHbThphYDeOJOHo3k+iQ5p2sf+IK
+1rxKzd111VUPQ9CQqQzvz+RMHf2i+hy3gOvkS85/ZTF7aPa7qA/OOmIKo2N/F1I9
+Jrwm31wGvkRcW5fSdEKOKFCqd+B0E2FdHQF3qnkaJ3fxDhofbC8hhbSpXE5RlUWr
+OVEK/uCXk/Pls7scAPLExQuo0Ex1aVYpaywy3AOYyrk078+P8TSFUU/VMYb8AXb7
+RLVnuLbkjVr5+hnuHcAWyqg+rj2FAWdkoBRbrqQM31WJBQaZ0m0XSEeDUeOx+Mfv
+WsTdoMPy7o7q3igCJnJoOWdyZGphhMbi55QPeeMuK6RkUN9zoR0VJlI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.ohio.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ohio.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 121, expires on Wed Jan 2 21:01:27 2008 GMT -->
+ <ds:X509Certificate>
+MIIFxTCCBK2gAwIBAgIBeTANBgkqhkiG9w0BAQUFADBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDcwMTAyMjEwMTI3WhcNMDgwMTAy
+MjEwMTI3WjBFMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPT2hpbyBVbml2ZXJzaXR5
+MRwwGgYDVQQDExNzaGliYm9sZXRoLm9oaW8uZWR1MIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEA+8JQBPIRuyJd4J3BPwGx0GK2gnB2SNu2ZFatIckaLqnp
+ks2W8Mqa1mZpTDJsH8Vk+vdKZIvN3zGCiypmewfpZFdX4LOZMvSKxtgSZB161CMh
+untIq/4uDqxPlDf59O4mt5GQvezPR/WrIE3CSHkKbTN/ZtVZmcrEtB49tS6Uex6L
+qVqF/1Eh2/qB3+I3BE6nLYDcmauquNHrfJuGV9dJpF78We/zeAohODfnTU2jkuiL
+UDGHF3S0S3WCEEyfCkyFVzanzQpCLR/SLQLiUIWxyNQEZA5b/TGvyRo8O+6BWVl3
+Au9X4g+yq9eFD033GoXrhf/QOVUvXmmaU2lXC/0qlwIDAQABo4ICrTCCAqkwDgYD
+VR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMB0GA1UdDgQWBBTSFfhFNlXTyEdPrrYVwZ2MasnfUTB+BgNVHSME
+dzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAa
+BgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYI
+KwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVS
+STpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMB4GA1UdEQQXMBWCE3NoaWJib2xldGgub2hp
+by5lZHUwDQYJKoZIhvcNAQEFBQADggEBAE9xxHbThphYDeOJOHo3k+iQ5p2sf+IK
+1rxKzd111VUPQ9CQqQzvz+RMHf2i+hy3gOvkS85/ZTF7aPa7qA/OOmIKo2N/F1I9
+Jrwm31wGvkRcW5fSdEKOKFCqd+B0E2FdHQF3qnkaJ3fxDhofbC8hhbSpXE5RlUWr
+OVEK/uCXk/Pls7scAPLExQuo0Ex1aVYpaywy3AOYyrk078+P8TSFUU/VMYb8AXb7
+RLVnuLbkjVr5+hnuHcAWyqg+rj2FAWdkoBRbrqQM31WJBQaZ0m0XSEeDUeOx+Mfv
+WsTdoMPy7o7q3igCJnJoOWdyZGphhMbi55QPeeMuK6RkUN9zoR0VJlI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.ohio.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Ohio University Main Campus</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Ohio University Main Campus</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiou.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David Alexander</GivenName>
+ <EmailAddress>alexandd@ohio.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Aaron Leatherwood</GivenName>
+ <EmailAddress>leatherw@ohio.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Resler</GivenName>
+ <EmailAddress>resler@ohio.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://avalon.cns.ohiou.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 283, expires on Sat Mar 20 19:06:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICARswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMxOTE5MDYwNloXDTEwMDMy
+MDE5MDYwNlowHzEdMBsGA1UEAxMUYXZhbG9uLmNucy5vaGlvdS5lZHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDV2fEaiKvae7jW0kI4HdzvM33jGkBv
+/6pdG5ubRjC/L/TE9uM4vQhc9JTfZGFrY9fAdJVFvoujH7ybyI1ZYjLpTjYpbeXX
+r9ZxQCa284eoin/aawnR4DHaBPdQtTi7SpwK7dntMC2qH6pQY4c74eUnpWqpDh9X
+AKSjZ0E7rwvaOYXCnM6Zf0MUkLZOKkoKCeO7QesTy+meS1yoXFEsKwTH3haEEQim
+9Oyq5NSYUNjX+YmtedxWfFwVu8ab73LULA3iZwakKdoq2SJRu4fOY6R3aAsSxMCA
+hEKfKAR6EFaCJRyEoGS3MRWeT24Pc6mg+p2MMFF7CFngWs4WNBpzM+ANAgMBAAGj
+ggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJUko8dMKoecD6vyZyDF8LRz
+gHtDMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEB
+BIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJ
+c3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYDVR0RBBgwFoIUYXZh
+bG9uLmNucy5vaGlvdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAJMRbYS/dPiZJsJr
+qvyAx7gr48PcP38pouKWFxVqsi4v2Pz3Z02kBUzOrdRXZRVwlXDn1J8+Jf1oZaBM
+YSJzCWYlNuBnSJO+YIxhr/VgFnwoKCcW+PKeeAaXcoxrn6XCj3Pxh08TYqWQQQCc
+hBSDyhdxzYPmi8A7V3dTZZKhqyojUrm9j3eBhqYHnkn27q9nJdIYoJevnMYiL+wX
+OvR+cj2W5uHnV5WnPjqs7UZvbW29YeM1Y+913cTlDESx8jYQ9dbzvGEG4Ulq/hfg
+/myBTnGZmDzw5twb4sLp6kC+GbzoOKa828CwYCdwUwwvo+wZqtquk5WU4JLrQirf
+IW0MCvI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://avalon.cns.ohiou.edu:8443/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Ohio University Main Campus</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Ohio University Main Campus</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiou.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David Alexander</GivenName>
+ <EmailAddress>alexandd@ohio.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OIT Service Desk</GivenName>
+ <EmailAddress>servicedesk@ohio.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Stony Brook University -->
+<EntityDescriptor entityID="urn:mace:incommon:stonybrook.edu">
+ <IDPSSODescriptor errorURL="https://shib.cc.stonybrook.edu/shibboleth/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">stonybrook.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 258, expires on Fri Feb 5 20:17:26 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAQIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIwNTIwMTcyNloXDTEwMDIw
+NTIwMTcyNlowITEfMB0GA1UEAxMWc2hpYi5jYy5zdG9ueWJyb29rLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyk8siTi8b1NmPsn2iTu1ZXh2QxVKkjLx
+j91gX8CSLybwSuQL1qTyU+wHO1rwjSXrifyBCZrYDE5cmfbDKf0xd+K489Zf5koy
+gwSyPffu48sI6HdHU4yRRwljLh0cOOZEWDMAMxgXfbVlpta8qj1iNaETDY7qcmSr
+effZsEYizgMCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUMxal
+4gVod3rnMG6guawlo1zIU5EwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZzaGliLmNjLnN0b255YnJvb2suZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQA+za5epZx9NYHi2+lQXI8X+jWT990xskyWRp6K5ilebCLoa14JREdr4ALk
+UmjGJ3+A1tfr77zg7jRABJ+ATm+ECUsYSZB88GkpUtY/mABRi+Cwc6WC2yHGvPR/
+OgpkeBa4P+zf44AGfeFAwF3ANQ4bjAQx3dY3dOLZrQcMt75nY0sirK+R3Wh05O7F
+CvLlfa0JOEVLl0mLJgCMI9Gs92KK9d8ZzyWgn5jksxJJLBxwN4Q4/Gzb8aBuyhL5
+OU2ScNk8FiXMHDG4KJdG9I47PxukJlrj+/cUfGPzYDusbLQDIYJM69IFFu2nkQKV
+ITv/pkigpLXNxhHoyri1yy2Nnv0R
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.cc.stonybrook.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.cc.stonybrook.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">stonybrook.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 258, expires on Fri Feb 5 20:17:26 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAQIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIwNTIwMTcyNloXDTEwMDIw
+NTIwMTcyNlowITEfMB0GA1UEAxMWc2hpYi5jYy5zdG9ueWJyb29rLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyk8siTi8b1NmPsn2iTu1ZXh2QxVKkjLx
+j91gX8CSLybwSuQL1qTyU+wHO1rwjSXrifyBCZrYDE5cmfbDKf0xd+K489Zf5koy
+gwSyPffu48sI6HdHU4yRRwljLh0cOOZEWDMAMxgXfbVlpta8qj1iNaETDY7qcmSr
+effZsEYizgMCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUMxal
+4gVod3rnMG6guawlo1zIU5EwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZzaGliLmNjLnN0b255YnJvb2suZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQA+za5epZx9NYHi2+lQXI8X+jWT990xskyWRp6K5ilebCLoa14JREdr4ALk
+UmjGJ3+A1tfr77zg7jRABJ+ATm+ECUsYSZB88GkpUtY/mABRi+Cwc6WC2yHGvPR/
+OgpkeBa4P+zf44AGfeFAwF3ANQ4bjAQx3dY3dOLZrQcMt75nY0sirK+R3Wh05O7F
+CvLlfa0JOEVLl0mLJgCMI9Gs92KK9d8ZzyWgn5jksxJJLBxwN4Q4/Gzb8aBuyhL5
+OU2ScNk8FiXMHDG4KJdG9I47PxukJlrj+/cUfGPzYDusbLQDIYJM69IFFu2nkQKV
+ITv/pkigpLXNxhHoyri1yy2Nnv0R
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.cc.stonybrook.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stony Brook University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stony Brook University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sunysb.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Sanjay Kapur</GivenName>
+ <EmailAddress>Sanjay.Kapur@stonybrook.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Heller</GivenName>
+ <EmailAddress>Brian.Heller@stonybrook.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ezproxy.hsclib.sunysb.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 320, expires on Sat May 15 17:44:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICAUAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUxNDE3NDQ1MloXDTEwMDUx
+NTE3NDQ1MlowJDEiMCAGA1UEAxMZZXpwcm94eS5oc2NsaWIuc3VueXNiLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwdqjhr3h+VSlkbd+SdV7kjlLOfr5
+nKDv1MwKfnKNn7PmXOInHxQFPJd1dPl4CHB3m4/BDB44YPfs73irEck0hDBB4Ybf
+h0lQ1H+OuwxrjdyxFXIfrbOqwRkSO43G7VyjIdosu5iFAQCDOHSoYMSnw9q2qrr2
+IAuv5rINucNuN5ECAwEAAaOCArMwggKvMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+5Ln51JfgQ8MS2iDb32wXm7BaOZ8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAkBgNVHREEHTAbghllenByb3h5LmhzY2xpYi5zdW55c2IuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQCa3KWqy+GI+xGMPn+PqKDA21flZvCLGOL40F8P+nssCh12I3fM
+ruTNC2zzgfNfymtuBJMfEyqpW6MRP2aZ0E3N3DCSRR/sGxForoCY9iVWo+J1gm3W
+SStOM0qCbDEXYcvcCKofIrfKDJutafXafBygjKvjhEjadY3mq59Hhho+nOTH9uVo
+BtSmcDgI/WhpOKW6VcIA5iNf/DOjqJrco20LJj9KfgMOpoe7ToNWyUvCmdTEI5xa
+vogYhelt+xnatqzGgN173QIxTsDSvaiOkzty5UZ0joKXq+ioslYqJTM/upKposus
+RjNlYmeo+yHlHWAcyZpCBz7mATbGqUvelRSL
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://login.ezproxy.hsclib.sunysb.edu/Shibboleth.shire" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stony Brook University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stony Brook University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sunysb.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Joseph Balsamo</GivenName>
+ <EmailAddress>jbalsamo@notes.cc.sunysb.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Uday Karki</GivenName>
+ <EmailAddress>Uday.Karki@stonybrook.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibezproxy.campus.stonybrook.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 151, expires on Fri May 2 19:32:46 2008 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAJcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDUwMzE5MzI0NloXDTA4MDUw
+MjE5MzI0NlowWjELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFlN0b255IEJyb29rIFVu
+aXZlcnNpdHkxKjAoBgNVBAMTIXNoaWJlenByb3h5LmNhbXB1cy5zdG9ueWJyb29r
+LmVkdTBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQC9TzEloxXt5da2hHfU/s7AdyGR
+Dvfbaw7q9qNyEbKmQmv0+Nnnvh3CKKG9lzBU6LIYTwbg49pYX7yOHTgLyorjAgMB
+AAGjggK7MIICtzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFE1eSnxmfrx7/sICAkQK
+dzOh3K3eMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUF
+BwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlD
+QSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwLAYDVR0RBCUwI4Ih
+c2hpYmV6cHJveHkuY2FtcHVzLnN0b255YnJvb2suZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBMwpWknhlr0aIWlC19b180hYpcOafG6mcosuCxsyj6eyZquGC0qUJmKNgG
+o+Zz2mribkvDfPpTiiLfbEnzQTdINmX7fS7ulKIbYc1XSd3oLYcdPBTVWQG1DMSh
+YCXEa+lPz1lLvKVvdMPnQ1eP+CCwoYiFB45B56o452StIKlCW3J5PCuIt9zQwJMv
+uUe7uc7N0aNGUGZhiKecGscyMBlPUCu1AthbycKMOzLLXlDaE06xU6BVpiabt9lK
+x11mGAv0+ffpypGN33jsOrcot8OPBGuqMrfdrlqlTGVFnH5R70M3ujJZDzeOUPHO
+uMOTN9rgXJYzAP1v7zxsADTZBTrI
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibezproxy.campus.stonybrook.edu:8443/Shibboleth.shire" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stony Brook University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stony Brook University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sunysb.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Heller</GivenName>
+ <EmailAddress>Brian.Heller@stonybrook.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibtest.campus.stonybrook.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 129, expires on Tue Jan 29 22:05:48 2008 GMT -->
+ <ds:X509Certificate>
+MIIFXzCCBEegAwIBAgICAIEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDEyOTIyMDU0OFoXDTA4MDEy
+OTIyMDU0OFowVzELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFlN0b255IEJyb29rIFVu
+aXZlcnNpdHkxJzAlBgNVBAMTHnNoaWJ0ZXN0LmNhbXB1cy5zdG9ueWJyb29rLmVk
+dTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo1L08nWqcFsQ7Vx28k1N2PkM
+EQGdKmc2akMpvm5gPwa9p918tJgeryNtJeHHLO1Vpbj5Zj8B7LCC3xujb4E32wi8
+HS813b/BoADjqIS62Ni+pzqWIYBRAneE8I4uKWbRsn4T3lKhLWd+t8xJXMHzh1Kx
+zTkJcEIwN7R0xW+qVt0CAwEAAaOCArgwggK0MA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQUv47z+BWaqpjqpCUcVX450exFX24wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9u
+Y2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0
+dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2Vz
+LnBkZjApBgNVHREEIjAggh5zaGlidGVzdC5jYW1wdXMuc3Rvbnlicm9vay5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBAFqZm9doLA98vros8skArzJit/YzetjiOQIcMN8z
+OSZq8QapbK7gjiwiUB4QM/RHYsYQnf2QcyMjJcrDM+mGRqHXsCUQnRsdZuG2FgSe
+G4GvZWAYxPyKcRV8fpzMlnJgd9rXMlYMub04gHAQxUHSrFjGuo9PwwUzeH6etzsZ
+rwiXhtASxVL/PDzfQczQVS5ztNN8TiEod58H2wfqiEqA7nbdbRIPEnftkANyUqfe
+BbMyJfwfNYWFLJpNpAgXlOp0eRocJ5IvWd03Vw98jOABP/ENWyNAF+ZEmuc9WCNo
+QrelhrE7f6gbpfjXeWL1u9y0EDjQ3gScz0SU2tYorqRxq1g=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibtest.campus.stonybrook.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shibtest.campus.stonybrook.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stony Brook University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stony Brook University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sunysb.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Sanjay Kapur</GivenName>
+ <EmailAddress>Sanjay.Kapur@stonybrook.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Heller</GivenName>
+ <EmailAddress>Brian.Heller@stonybrook.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Maryland College Park -->
+<EntityDescriptor entityID="urn:mace:incommon:umd.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 294, expires on Sat Apr 3 18:36:14 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICASYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwMjE4MzYxNFoXDTEwMDQw
+MzE4MzYxNFowGzEZMBcGA1UEAxMQc2hpYi5pZG0udW1kLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA/LYv/nglT6i8PuSTmJlHIUWRwrMlY/sryTuW5roo
+edAZucZ24/sR0z49VRsCqGiuJfcbndlavOdoDxmw4i3cA3l2+n2aRAjOWjy4wuAu
+iUus77JMciRUXJRuVgm0qn68VkvKtIePOpcaUTLjlcTX5LkXWYmV1T1OIYiIwYHV
+zn0CAwEAAaOCAqowggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUkHT8aCyKXsBn
+fsg2MKch1QP6c0QwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREE
+FDASghBzaGliLmlkbS51bWQuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAjjbiHsMG5
+1c5uKXcLdVlU1wgXf4fcYFzGjWNsdFjyX+P/aM1HMlOHU9ESNYYoLWrmHcj7bhPz
+aZ4Ce6niXK8EJAfzzCNy2MyGEh1A2JNGOWl47yVnJbvrksxYquLPuVMZ+40vUb5h
+IN7h8ALSUyjqHpcqX4Fo9Twr1H5Yt/+QQlfSH3VKhAyHGiVXH8rzulCH/lmcxLM1
+jOuIlDwP7WWSm5sqlDQaLO6buON0Xxq2nlHvZExqc8KAVITKvnUkxQsSxXMwJ9u+
+fWlPPAHvTMsJ6mOehyJuE5yGMCruQkpXv2Wq0bQt49eyFNKU1C/rtr7XD59KT70W
+HnmRnSBaQPBx
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.idm.umd.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 294, expires on Sat Apr 3 18:36:14 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICASYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwMjE4MzYxNFoXDTEwMDQw
+MzE4MzYxNFowGzEZMBcGA1UEAxMQc2hpYi5pZG0udW1kLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA/LYv/nglT6i8PuSTmJlHIUWRwrMlY/sryTuW5roo
+edAZucZ24/sR0z49VRsCqGiuJfcbndlavOdoDxmw4i3cA3l2+n2aRAjOWjy4wuAu
+iUus77JMciRUXJRuVgm0qn68VkvKtIePOpcaUTLjlcTX5LkXWYmV1T1OIYiIwYHV
+zn0CAwEAAaOCAqowggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUkHT8aCyKXsBn
+fsg2MKch1QP6c0QwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREE
+FDASghBzaGliLmlkbS51bWQuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAjjbiHsMG5
+1c5uKXcLdVlU1wgXf4fcYFzGjWNsdFjyX+P/aM1HMlOHU9ESNYYoLWrmHcj7bhPz
+aZ4Ce6niXK8EJAfzzCNy2MyGEh1A2JNGOWl47yVnJbvrksxYquLPuVMZ+40vUb5h
+IN7h8ALSUyjqHpcqX4Fo9Twr1H5Yt/+QQlfSH3VKhAyHGiVXH8rzulCH/lmcxLM1
+jOuIlDwP7WWSm5sqlDQaLO6buON0Xxq2nlHvZExqc8KAVITKvnUkxQsSxXMwJ9u+
+fWlPPAHvTMsJ6mOehyJuE5yGMCruQkpXv2Wq0bQt49eyFNKU1C/rtr7XD59KT70W
+HnmRnSBaQPBx
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.idm.umd.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Maryland College Park</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Maryland College Park</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umd.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>David Barks</GivenName>
+ <EmailAddress>dbarks@umd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>John Pfeifer</GivenName>
+ <EmailAddress>shibboleth@umd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jyoti Sawhney</GivenName>
+ <EmailAddress>shibboleth@umd.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- EBSCO Information Services -->
+<EntityDescriptor entityID="http://shibboleth.ebscohost.com">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 286, expires on Sun Mar 28 15:10:33 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAR4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMyNzE1MTAzM1oXDTEwMDMy
+ODE1MTAzM1owIzEhMB8GA1UEAxMYc2hpYmJvbGV0aC5lYnNjb2hvc3QuY29tMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOJsLwjX/1qADYZj5hs41bzfa+LHJe
+Rh4Fr6mkexEhiKkdMkO+N2Mf87wR8KQ3zrlm+yR40QvuHcnALDhHSP3azA2a7znL
+cnQ8zyaFO/X6nYjRlYuXsoXOzkJVCUbg2DAVE+/XHoIWnvNtKRNv0yRrkrxXE/YS
+7a5cjKSRtVgUPwIDAQABo4ICsjCCAq4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTR
+tA2HJR5/Wj6waGKY92phwXdH7DB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+MIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDov
+L2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRm
+MCMGA1UdEQQcMBqCGHNoaWJib2xldGguZWJzY29ob3N0LmNvbTANBgkqhkiG9w0B
+AQUFAAOCAQEAhEGXiK+3T44QrXgONgdH/oh9O2njb7fBFa+gMeoMuv6uMlyRIwWA
+WN60EunykptjPyE6z6MUU8QjSbFzl0v9f6QJSEJnKJOVqlRhqPNfq3YEtArj4gO9
+tCczfpo+BDt/Csi8K6aV5qjqwmmPVtwjdgHssM4xCHhIp2csv/yYN+uKYyJYvRyw
+dqB2bdZaFcRkx00TrA6oS9H2qxgr2Omkno/4VoQIoax13yQB9as3hVkefc26JAnV
+pEvGx14b1GoEIVBlXF3CZOeWjYcrn6hgmyNooHHw8akxz+dxe88ORQ2olqr+drp2
+plKXri1kg8lCT/7PobvinTLX9PpQjxGxtA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.ebscohost.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">EBSCO Information Services</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">EBSCO Information Services</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ebsco.com/home/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support</GivenName>
+ <EmailAddress>eptech@ebscohost.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Clemson University -->
+<EntityDescriptor entityID="urn:mace:incommon:clemson.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">clemson.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 488, expires on Fri Jan 28 20:05:59 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAegwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDEyNzIwMDU1OVoXDTExMDEy
+ODIwMDU1OVowGjEYMBYGA1UEAxMPaWRwLmNsZW1zb24uZWR1MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDDOSX0h2cJiWgj+4kTzYNEdM4+xhuwEmBNFmlztJZF
+RLdv+Cxcv06YVTR1yVoTVDYYl6q0VJbizsxG7BjA0lVHxYHkq1Kd4/7hdtOSsOc0
+ktkEMhYfk5Qu80aZSivN4NoZTcNvygYNnpYGnJwwAQjanKZ5ihD3yWSSlHNJqOAK
+hQIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSOypzd2X1NA4JM
+UHNRG5nUu2kwXjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9pZHAu
+Y2xlbXNvbi5lZHUwDQYJKoZIhvcNAQEFBQADggEBACIDpQ3N779J32zbdWdhfq62
+jfo27V8dxi9slpBlBMl6tLCJ8p9Fz0YTjKkGBXSqGz7xWIiCRKt0OwFaLL+BrnhO
+sNYo9KFgpoOEMb47+5oFc0M2h9nR6aKPt5jI4oDL5wFJRHDkOW1plhbRXGTIgZVk
+pOw+VYm2SBqDPyRZp/FKWxkedVA6+ew0HPxIWwLyzZgB2XBV43eoeTGfV6L8nq/7
+l16AKTDFpGg7g2+5H1I+VUQIpatsV9pC/aYLhumsnUhyQ1mruzDs3bra2vqHgLC1
+NPc0iUcGtR0MCEDCCss9VxmWTBZ+PPiwA8xvb4bIDW/NNEacx1PLcrAnZ23Zf1A=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.clemson.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.clemson.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">clemson.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 488, expires on Fri Jan 28 20:05:59 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAegwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDEyNzIwMDU1OVoXDTExMDEy
+ODIwMDU1OVowGjEYMBYGA1UEAxMPaWRwLmNsZW1zb24uZWR1MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDDOSX0h2cJiWgj+4kTzYNEdM4+xhuwEmBNFmlztJZF
+RLdv+Cxcv06YVTR1yVoTVDYYl6q0VJbizsxG7BjA0lVHxYHkq1Kd4/7hdtOSsOc0
+ktkEMhYfk5Qu80aZSivN4NoZTcNvygYNnpYGnJwwAQjanKZ5ihD3yWSSlHNJqOAK
+hQIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSOypzd2X1NA4JM
+UHNRG5nUu2kwXjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9pZHAu
+Y2xlbXNvbi5lZHUwDQYJKoZIhvcNAQEFBQADggEBACIDpQ3N779J32zbdWdhfq62
+jfo27V8dxi9slpBlBMl6tLCJ8p9Fz0YTjKkGBXSqGz7xWIiCRKt0OwFaLL+BrnhO
+sNYo9KFgpoOEMb47+5oFc0M2h9nR6aKPt5jI4oDL5wFJRHDkOW1plhbRXGTIgZVk
+pOw+VYm2SBqDPyRZp/FKWxkedVA6+ew0HPxIWwLyzZgB2XBV43eoeTGfV6L8nq/7
+l16AKTDFpGg7g2+5H1I+VUQIpatsV9pC/aYLhumsnUhyQ1mruzDs3bra2vqHgLC1
+NPc0iUcGtR0MCEDCCss9VxmWTBZ+PPiwA8xvb4bIDW/NNEacx1PLcrAnZ23Zf1A=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.clemson.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Clemson University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Clemson University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.clemson.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kyle Peacock</GivenName>
+ <EmailAddress>kpeacoc@clemson.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Barry Johnson</GivenName>
+ <EmailAddress>hbj@clemson.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Barry Johnson</GivenName>
+ <EmailAddress>hbj@clemson.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://hbjapache.clemson.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 632, expires on Mon Aug 22 17:53:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAngwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgyMTE3NTMwOFoXDTExMDgy
+MjE3NTMwOFowIDEeMBwGA1UEAxMVaGJqYXBhY2hlLmNsZW1zb24uZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrXAW+ABfdOKDK4DbhWGrTVedyPR
+BsZiqGYbxiMD5TiHB27NMooX3ozL7UJbrLRZcMUL0cwSyfBcHQha56jPJbO41Ir5
+NmmDZMqii3duv9id2lBwBxdovYWj8FwQlJJ8WSKCRQxekRrPjwNKLhJVK/DuTLU+
+tAE/93QrXDHM90a0r10jqfeU9dtEuUKS2ozJqab/ZVqcNdewkj3BedYWzmLePpf8
+qXzxoeBEU4Bsj9/y5J8PcB23a4mDSdi8xQh2eBaFiuJKO9h/Ji5T74Nh7eL3lvcE
+7hVSiOGvXnoF8pjHOdpl4oIaG5UOnbG6A6fNj1BNUvY0ZtKpBYhVcSzUhQIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSGUIFZ+LBpecFvTCGfKY2z
+flwN7TB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVoYmphcGFjaGUu
+Y2xlbXNvbi5lZHUwDQYJKoZIhvcNAQEFBQADggEBAJfmesX7trBnVLzVsLXlgMjz
+FeGnOd8SHJ97DjsAb6SKXO3cXoSOzw3o446Qet/B9xoCsTffUSshzy2qBbf4inOE
+ysEyc7wAHgmR64Onpx0V7H3lwtpdC+h9I7wqK/9xLdCV7wuHFR+qx++BhVfQUgmM
+xEraYKzY2F1VCiclx6AKu7lPVYo+KGBXlyqYieswYYzjrY2faVL6948iSc27+Jjc
+m7zGgu1WcQ7RwafanqrMG/uUWTWxFuLfhxUUV9iQt8SgX+hfDu5matPd6DXK/X7O
+b91joAhsFvdkmMCoPFtcjcmBfNeIZZaD6EJCAiXYV7B6LV0lLkQSdTYMx4X96Ls=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://hbjapache.clemson.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://hbjapache.clemson.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://hbjapache.clemson.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://hbjapache.clemson.edu/Shibboleth.sso/SAML2/ECP" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://hbjapache.clemson.edu/Shibboleth.sso/SAML/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://hbjapache.clemson.edu/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Clemson University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Clemson University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.clemson.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Barry Johnson</GivenName>
+ <EmailAddress>cyclist@clemson.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://wiki.clemson.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 17621010559269125057, expires on Sun Nov 4 20:17:13 2018 GMT -->
+ <ds:X509Certificate>
+MIIDHDCCAgSgAwIBAgIJAPSKZ75YpLvBMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHdpa2kuY2xlbXNvbi5lZHUwHhcNMDgxMTA2MjAxNzEzWhcNMTgxMTA0MjAx
+NzEzWjAbMRkwFwYDVQQDExB3aWtpLmNsZW1zb24uZWR1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAuejzfYPLJmtRwf+KD41bgT0d/BtLVEqXJhHOIG+P
+UWAyJtel+QYWMqLSuByRHxaSBAropIiKGDIVqk9M0gO1NWgLfVggY4qJCxUDi7/W
+2iF9jU3vsOcmJQGbTxd10ZNet/BVS4adJKccyNK59xRgfseS6iIve0Y3HY/Nmu5e
+y/IM00kQQk3E5jAwRxu6JLhWyQXYq19keHjFwE3aYPpmMg0OFhCZRjIMD0HP7cFb
+wa+lnG0zmbJgpUmpg5c3iyWfhxOFtlL+rNihDB709Ti/a8yLAu6ShaoUrPNmZXuK
+v7/bwj/OE0HFNw9rKhIyALxeWupsAvYM2e2fmIeQWVqSWwIDAQABo2MwYTBABgNV
+HREEOTA3ghB3aWtpLmNsZW1zb24uZWR1hiNodHRwczovL3dpa2kuY2xlbXNvbi5l
+ZHUvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUAZNFPiVlNnKKfNyx8yd3gKkrT3UwDQYJ
+KoZIhvcNAQEFBQADggEBAFgxrdH1hLRx+2xlmUfiyJt82VJiIXuRp0sgk/Buyjcj
+TZjU1RMWRasnmXJh6RsirP000IOZ7mK2NWnTlY2zbGWiIqifhiQpn+SqLiL2Fbww
+1cM9fNdI1lXtamIo9m5DGsnN39AirezbwgjMGnW2tHUrw/KYqjDYui9nRhBOE4BB
+D7r3vVW8CJH/sbId/wKyb27H1Ep/9k5l+wr82kOCvtM4Fr2CCArFbablgOykyKA/
+d1rQlfU/3tgwReVT9tHUVAt4vubiHbHvvH5j5o/WRdXJMNiLBzmmMdi8+m5vT4NF
+2XiCrPad9FnZZWLdPApSsmp4N9vhJKaJWAEB+Po1ud4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://wiki.clemson.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://wiki.clemson.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://wiki.clemson.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://wiki.clemson.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Clemson University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Clemson University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.clemson.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Barry Johnson</GivenName>
+ <EmailAddress>hbj@clemson.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kathy Wright</GivenName>
+ <EmailAddress>kewrig@clemson.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jill Gemmill</GivenName>
+ <EmailAddress>gemmill@clemson.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.intelligentriver.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 416, expires on Sun Aug 22 18:13:03 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAaAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyMTE4MTMwM1oXDTEwMDgy
+MjE4MTMwM1owIzEhMB8GA1UEAxMYd3d3LmludGVsbGlnZW50cml2ZXIub3JnMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnMuvBQ2fe9fBGKxmDB2TtxwZs3Jqy
+MfjjprjLtYlG/3MRHmDtVT/t45D8cogmooJnkP/xf1ps3zNtQT/V12g2f6tSmcRE
+7HUY0rVt/1G5QNFnnZMhmc/t07EiwAFK0vT3VF68HwgzgTm1Oc/alxMxIR/RRcry
+LuLUCP8Cezxz4QIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBT6
+oxcz+PUFOfSg+OrZ/FVA8CXe8jB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghh3d3cuaW50ZWxsaWdlbnRyaXZlci5vcmcwDQYJKoZIhvcNAQEFBQADggEB
+AE+YLgBlhcHgqvGaPU6iJtgknqi0BaIBW4PqrPJbyvRZY93QdthK2KdXRN25hM9F
+7FRm+Oz08uSUaStJG5pt6p4l5JE3nwAX3+LWlFZX3JRkdx87oldrrM7PYq73wtEQ
+2f9AQRR8yiptHR/R5PgbOgjrZypYtDA/qbDPHFOXoW4iTs/aFiwrsXLlrvwfSWsQ
+5sX4VLLwoor93QsWVSiE5fmGlz+lyUJfNAg7n5R9RKwr8bubApBORahwDXKl9pTz
+gJsJ3Do+Fg6nH0EGj6SdLoFeChkKoBW9ftNwdNlMEUEGjfml/XxSaax36QGnyaon
+8TEkIYNxRKaeWjSIpMQ4MB0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.intelligentriver.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.intelligentriver.org/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://www.intelligentriver.org/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://www.intelligentriver.org/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://www.intelligentriver.org/Shibboleth.sso/SAML2/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://www.intelligentriver.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="6"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://www.intelligentriver.org/Shibboleth.sso/SAML2/Artifact" index="7"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Clemson University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Clemson University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.clemson.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Barry Johnson</GivenName>
+ <EmailAddress>hbj@clemson.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Kyle Peacock</GivenName>
+ <EmailAddress>kpeacoc@clemson.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.marinegenomics.org/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 332, expires on Sun May 30 19:08:16 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAUwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyOTE5MDgxNloXDTEwMDUz
+MDE5MDgxNlowITEfMB0GA1UEAxMWd3d3Lm1hcmluZWdlbm9taWNzLm9yZzCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArEduauqR/NLfLHuOK8+58uIig6XvoJIx
+8jT8dptoB7POMl/4Bg2k6f+bSY5lzSz7aVEoGdRxpUtLh1GYMfO22l+gXtJNQVGm
+YHmXgliNjwBisxXAF4P7IbwK4Sclei0Xnynm983ZnVtOuNk0Dvi19LBYQyMxBerm
+uh3RjYlXo5sCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUdohI
+nTDYynNz5/1mikm/Hr0Gi7MwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZ3d3cubWFyaW5lZ2Vub21pY3Mub3JnMA0GCSqGSIb3DQEBBQUA
+A4IBAQC/JJ8hprM/EaslwAmti3ye3SbJ+kAgRvdKhURsixQx7pyEms+6WtL6hBM6
+q4q+QiUbahrrte6bYEAD2wbayJS/U6+ZEkYXf/jg57+qyflOvEqn9RfxRdXWs5mr
+7txMduY8j2RDcAALVjCbfDr5SVQfuXyngd0qYZVJ0OjwpReg+qN9cPQGA2JbaRzJ
+oLsqEcRuKyJThiASXEDBHaDCvL0F/8JLj7z40t+kaD6S9tRy9MRTLWLHQCSSQzlr
+W3LY/kOkqo7KMiJ88tcc48mFGn2QxZhZZVd3wuzZOffIk9KGpxnlY6dexTA9+XD+
+aRhp4TJtqNi1rlhg+COOay/0lum6
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.marinegenomics.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.marinegenomics.org/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://www.marinegenomics.org/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://www.marinegenomics.org/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Clemson University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Clemson University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.clemson.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kyle Peacock</GivenName>
+ <EmailAddress>kpeacoc@clemson.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jill Gemmill</GivenName>
+ <EmailAddress>gemmill@clemson.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Barry Johnson</GivenName>
+ <EmailAddress>cyclist@clemson.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Cengage Learning -->
+<EntityDescriptor entityID="https://tg-dxpres1.oh.gale.com/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">tg-dxpres1.oh.gale.com</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 263, expires on Sun Feb 14 21:17:15 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAQcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIxNDIxMTcxNVoXDTEwMDIx
+NDIxMTcxNVowIzEhMB8GA1UEAxMYc2hpYmJvbGV0aC5nYWxlZ3JvdXAuY29tMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCFIQLiQ3kYwGP4qng27fovdEkFCnwQ
+nLTfeWZPK7cxHvEKIqbTBQc9NqkoNl2S2+frw9O2pp5pYoXqd9F3JQRaosItV0qd
+UIoS5ETOQMrsg19cveo4754hJMi/RMG2UeMSJRolJQP/5v74EE3oSYNqSJAPqpvg
+EBXcQN8m+R17KQIDAQABo4ICsjCCAq4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ1
+b9DSyKkMlostz9E+G08roQUZbzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+MIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDov
+L2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRm
+MCMGA1UdEQQcMBqCGHNoaWJib2xldGguZ2FsZWdyb3VwLmNvbTANBgkqhkiG9w0B
+AQUFAAOCAQEAprTyzUe6RzrggkPc/hEe7oyyMAMro3NQb6SIdE33LjxsVlJkR76x
+wvf33rXPuAM+Eo1mqH9aX6vAqcMMkDIaABF/MH3tTjnDa18WVG2JUXSuh3rKLZFW
+HL3kBeUW06ZlSUDySxLtjP4v0duqThwN5mVfZ00YLfiKrSTiGJGhdlN5snYS825X
+wtoVbzmvsQXJrdl3f3yii5doUWmP/1+r7K66zUl8P9QR/OtBL/0AAgMfDCV6Ba3b
+dbBRL29YqEg7Z8s3AQRlMTp9ppQLvxWZlKlFUDokg3TtJpaf/RScWOVwzdP7M/xH
+ffnOsSafpO+hFdF0HTXUD+r3UEDbysI97A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://tg-dxpres1.oh.gale.com:8445/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">tg-dxpres1.oh.gale.com</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 263, expires on Sun Feb 14 21:17:15 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAQcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIxNDIxMTcxNVoXDTEwMDIx
+NDIxMTcxNVowIzEhMB8GA1UEAxMYc2hpYmJvbGV0aC5nYWxlZ3JvdXAuY29tMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCFIQLiQ3kYwGP4qng27fovdEkFCnwQ
+nLTfeWZPK7cxHvEKIqbTBQc9NqkoNl2S2+frw9O2pp5pYoXqd9F3JQRaosItV0qd
+UIoS5ETOQMrsg19cveo4754hJMi/RMG2UeMSJRolJQP/5v74EE3oSYNqSJAPqpvg
+EBXcQN8m+R17KQIDAQABo4ICsjCCAq4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ1
+b9DSyKkMlostz9E+G08roQUZbzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+MIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDov
+L2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRm
+MCMGA1UdEQQcMBqCGHNoaWJib2xldGguZ2FsZWdyb3VwLmNvbTANBgkqhkiG9w0B
+AQUFAAOCAQEAprTyzUe6RzrggkPc/hEe7oyyMAMro3NQb6SIdE33LjxsVlJkR76x
+wvf33rXPuAM+Eo1mqH9aX6vAqcMMkDIaABF/MH3tTjnDa18WVG2JUXSuh3rKLZFW
+HL3kBeUW06ZlSUDySxLtjP4v0duqThwN5mVfZ00YLfiKrSTiGJGhdlN5snYS825X
+wtoVbzmvsQXJrdl3f3yii5doUWmP/1+r7K66zUl8P9QR/OtBL/0AAgMfDCV6Ba3b
+dbBRL29YqEg7Z8s3AQRlMTp9ppQLvxWZlKlFUDokg3TtJpaf/RScWOVwzdP7M/xH
+ffnOsSafpO+hFdF0HTXUD+r3UEDbysI97A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://tg-dxpres1.oh.gale.com:8446/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://tg-dxpres1.oh.gale.com:8446/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Cengage Learning</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Cengage Learning</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cengage.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Daniel Steinberg</GivenName>
+ <EmailAddress>daniel.steinberg@cengage.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Rajesh Govindjarahan</GivenName>
+ <EmailAddress>rajesh.govindharajan@photoinfotech.net</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://auth.galegroup.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16892308809211734330, expires on Sun Jan 27 18:22:03 2013 GMT -->
+ <ds:X509Certificate>
+MIIDTzCCAjegAwIBAgIJAOptiVzZRGk6MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHNoaWJib2xldGguZ2FsZWdyb3VwLmNvbTAeFw0xMDAxMjgxODIyMDNaFw0x
+MzAxMjcxODIyMDNaMCMxITAfBgNVBAMTGHNoaWJib2xldGguZ2FsZWdyb3VwLmNv
+bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrV1EhZUCSAMsnfUlXI
+0LZgkakthUxbRK5t324xsZwJdKN/B5zuksu1oSgEi4R4Bes2VHHwU3ikfAGCYSa5
+2mgFuggSxbA2kKazPQZ9Da3TgEM072C8QlcKwlKXwYaCheCiWYpGu4xMicJWZnes
+4scSzukL3ZNWRkWV8ZmHqUOE+PquSa2JyHkEP+qdgqhFmicSTHP3UzdaIRdfHnaR
+z70IJRUMTjzy1awggz9/LUyyOMjWbAxCzOV5YJObZD7ya/uKwM72rbArRCorl/zH
+0ZtiG1oKw88b/QYVe5itbsrpcj7ZMjFF9cpPqKbubj4OPe3XtdFKRe9Vi3v2zjna
+kl0CAwEAAaOBhTCBgjAdBgNVHQ4EFgQUC19uKQ6m2ohC63KbGtmw1XuhulgwUwYD
+VR0jBEwwSoAUC19uKQ6m2ohC63KbGtmw1XuhulihJ6QlMCMxITAfBgNVBAMTGHNo
+aWJib2xldGguZ2FsZWdyb3VwLmNvbYIJAOptiVzZRGk6MAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQEFBQADggEBABvByl3SdZyLN7ql4KCZX574j20D58qgtKXZWu7s
+5vwpZH2pCF4ocHqc4w215C3w+JlPbuVIs9qkEDKgzO7Qmn6kLbfhe8lY4Pt2U6IX
+mZvw/lSJYjkD5nGO81M7arWVV049H4ujkBO/Lar5W1e5VAI5N/zod8QOyNPsxsiz
+vVmOkd6RXByS+MaESaAfX1XylnNlelEepKRkdCb0d6vqwQEH9UrykvIAJXWANAj1
+3r8mXcWGBXtkqs41rPe4ywlKMhpaKOYdBQSFhFMOtvATJFYjHvsKIc1xmG9xgo7a
+E0T4W9cZOkFww2m/jXIPbN3OJS4RKjRIJxDtL/384pjLsyY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.galeext.com/auth/capmAuthentication.do" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.galedemo.com/auth/capmAuthentication.do" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.qa.galeext.com/auth/capmAuthentication.do" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.qa.ggtest.com/auth/capmAuthentication.do" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.qa.gghybrid.com/auth/capmAuthentication.do" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tg-txpres2.oh.ggtest.com:8443/auth/capmAuthentication.do" index="6"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tg-dxpres1.oh.ggtest.com:8443/auth/capmAuthentication.do" index="7"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tg-dxpres1.oh.ggtest.com:8444/auth/capmAuthentication.do" index="8"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://phtndev1.ggtest.com:8443/auth/capmAuthentication.do" index="9"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://phtndev2.ggtest.com:8443/auth/capmAuthentication.do" index="10"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.galegroup.com/ps/capmAuthentication.do " index="11"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.galeext.com/ps/capmAuthentication.do " index="12"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.galedemo.com/ps/capmAuthentication.do " index="13"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.qa.galeext.com/ps/capmAuthentication.do " index="14"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.qa.ggtest.com/ps/capmAuthentication.do " index="15"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.qa.gghybrid.com/ps/capmAuthentication.do " index="16"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tg-txpres2.oh.ggtest.com:8443/ps/capmAuthentication.do " index="17"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tg-dxpres1.oh.ggtest.com:8443/ps/capmAuthentication.do " index="18"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tg-dxpres1.oh.ggtest.com:8444/ps/capmAuthentication.do" index="19"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://phtndev1.ggtest.com:8443/ps/capmAuthentication.do " index="20"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://phtndev2.ggtest.com:8443/ps/capmAuthentication.do " index="21"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tg-dxpres1.oh.ggtest.com:8445/Shibboleth.sso/SAML/POST" index="22"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.dev1.ggdev.com/Shibboleth.sso/SAML/POST" index="23"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.qa.ggtest.com/Shibboleth.sso/SAML/POST" index="24"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.galedemo.com/Shibboleth.sso/SAML/POST" index="25"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.galegroup.com/Shibboleth.sso/SAML/POST" index="26"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Cengage Learning</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Cengage Learning</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cengage.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Gale Technical Support</GivenName>
+ <EmailAddress>gale.technicalsupport@cengage.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Eugene Kiel</GivenName>
+ <EmailAddress>Eugene.Kiel@cengage.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>John Marx</GivenName>
+ <EmailAddress>John.Marx@cengage.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jayashree Ravi</GivenName>
+ <EmailAddress>Jayashree.Ravi@cengage.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://test-auth.galegroup.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 263, expires on Sun Feb 14 21:17:15 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAQcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIxNDIxMTcxNVoXDTEwMDIx
+NDIxMTcxNVowIzEhMB8GA1UEAxMYc2hpYmJvbGV0aC5nYWxlZ3JvdXAuY29tMIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCFIQLiQ3kYwGP4qng27fovdEkFCnwQ
+nLTfeWZPK7cxHvEKIqbTBQc9NqkoNl2S2+frw9O2pp5pYoXqd9F3JQRaosItV0qd
+UIoS5ETOQMrsg19cveo4754hJMi/RMG2UeMSJRolJQP/5v74EE3oSYNqSJAPqpvg
+EBXcQN8m+R17KQIDAQABo4ICsjCCAq4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ1
+b9DSyKkMlostz9E+G08roQUZbzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+MIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDov
+L2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRm
+MCMGA1UdEQQcMBqCGHNoaWJib2xldGguZ2FsZWdyb3VwLmNvbTANBgkqhkiG9w0B
+AQUFAAOCAQEAprTyzUe6RzrggkPc/hEe7oyyMAMro3NQb6SIdE33LjxsVlJkR76x
+wvf33rXPuAM+Eo1mqH9aX6vAqcMMkDIaABF/MH3tTjnDa18WVG2JUXSuh3rKLZFW
+HL3kBeUW06ZlSUDySxLtjP4v0duqThwN5mVfZ00YLfiKrSTiGJGhdlN5snYS825X
+wtoVbzmvsQXJrdl3f3yii5doUWmP/1+r7K66zUl8P9QR/OtBL/0AAgMfDCV6Ba3b
+dbBRL29YqEg7Z8s3AQRlMTp9ppQLvxWZlKlFUDokg3TtJpaf/RScWOVwzdP7M/xH
+ffnOsSafpO+hFdF0HTXUD+r3UEDbysI97A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16892308809211734330, expires on Sun Jan 27 18:22:03 2013 GMT -->
+ <ds:X509Certificate>
+MIIDTzCCAjegAwIBAgIJAOptiVzZRGk6MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHNoaWJib2xldGguZ2FsZWdyb3VwLmNvbTAeFw0xMDAxMjgxODIyMDNaFw0x
+MzAxMjcxODIyMDNaMCMxITAfBgNVBAMTGHNoaWJib2xldGguZ2FsZWdyb3VwLmNv
+bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALrV1EhZUCSAMsnfUlXI
+0LZgkakthUxbRK5t324xsZwJdKN/B5zuksu1oSgEi4R4Bes2VHHwU3ikfAGCYSa5
+2mgFuggSxbA2kKazPQZ9Da3TgEM072C8QlcKwlKXwYaCheCiWYpGu4xMicJWZnes
+4scSzukL3ZNWRkWV8ZmHqUOE+PquSa2JyHkEP+qdgqhFmicSTHP3UzdaIRdfHnaR
+z70IJRUMTjzy1awggz9/LUyyOMjWbAxCzOV5YJObZD7ya/uKwM72rbArRCorl/zH
+0ZtiG1oKw88b/QYVe5itbsrpcj7ZMjFF9cpPqKbubj4OPe3XtdFKRe9Vi3v2zjna
+kl0CAwEAAaOBhTCBgjAdBgNVHQ4EFgQUC19uKQ6m2ohC63KbGtmw1XuhulgwUwYD
+VR0jBEwwSoAUC19uKQ6m2ohC63KbGtmw1XuhulihJ6QlMCMxITAfBgNVBAMTGHNo
+aWJib2xldGguZ2FsZWdyb3VwLmNvbYIJAOptiVzZRGk6MAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQEFBQADggEBABvByl3SdZyLN7ql4KCZX574j20D58qgtKXZWu7s
+5vwpZH2pCF4ocHqc4w215C3w+JlPbuVIs9qkEDKgzO7Qmn6kLbfhe8lY4Pt2U6IX
+mZvw/lSJYjkD5nGO81M7arWVV049H4ujkBO/Lar5W1e5VAI5N/zod8QOyNPsxsiz
+vVmOkd6RXByS+MaESaAfX1XylnNlelEepKRkdCb0d6vqwQEH9UrykvIAJXWANAj1
+3r8mXcWGBXtkqs41rPe4ywlKMhpaKOYdBQSFhFMOtvATJFYjHvsKIc1xmG9xgo7a
+E0T4W9cZOkFww2m/jXIPbN3OJS4RKjRIJxDtL/384pjLsyY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tg-dxpres1.oh.ggtest.com:8445/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.dev1.ggdev.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.qa.ggtest.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Cengage Learning</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Cengage Learning</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cengage.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Eugene Kiel</GivenName>
+ <EmailAddress>Eugene.Kiel@cengage.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>John Marx</GivenName>
+ <EmailAddress>John.Marx@cengage.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jayashree Ravi</GivenName>
+ <EmailAddress>Jayashree.Ravi@cengage.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- JSTOR -->
+<EntityDescriptor entityID="https://qa.jstor.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 9702403542340608292, expires on Sun Feb 17 16:41:33 2013 GMT -->
+ <ds:X509Certificate>
+MIIDLDCCAhSgAwIBAgIJAIal3J3AtCEkMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDXd3dy5qc3Rvci5vcmcwHhcNMTAwMjE4MTY0MTMzWhcNMTMwMjE3MTY0MTMz
+WjAYMRYwFAYDVQQDEw13d3cuanN0b3Iub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA2lysfT6QBfG629qc0Cq2ZXLg7gPux0zLnwhTcJRqscJIZCTg
+O9am1OU4qdbsqwxSAknH9voFX8BHx5lVrIplKfYiPjpRCb1FrddyM4QCPWpkhhR1
+l1EQf5GJ+wOOmU6JYNGH/erTjjUtE/Qj8vHslQh3w/AuYVayr6RDGbjXjivWiKiv
+VrlD/mHGYs9RibvFGMi4lQvuBSgi5itTGdTfGJ3e+Xf15V+PoTfTKV+UCuuu7b+I
+2M1tlN2CvY9CCuD4FXMbuMdFdU0uj6kZtTqtIXtW4xF9stZIkQvM0ntlv/Ie6MuF
+M1ivLHJre7FKNG5aEmUPZ7xRXXrkVRG4hwRVHwIDAQABo3kwdzAdBgNVHQ4EFgQU
+VnPj4i6esonhTIWlSYatJYxLKQ4wSAYDVR0jBEEwP4AUVnPj4i6esonhTIWlSYat
+JYxLKQ6hHKQaMBgxFjAUBgNVBAMTDXd3dy5qc3Rvci5vcmeCCQCGpdydwLQhJDAM
+BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAE1Kd6178UQ9DvroxJXGqZ
+/oMJFh4MH73FrssLMxHlRYRre6cCyv50J3U4dfU9tcKs7Vm9nkU/+9YpSpY1xnUM
+EM5L+xPjmM72kuocVL9qHPo4metNysx0AuPs22ABF/0+tPpmoz1GdzvjsnB9P/1A
+uaz9ZpViHzDgmMXnAtLemhGGt/3VhfOj/z4n7cD7Wi9ApKgDbJox15l7d3yL0Jmc
+vmxz8ITYLKjrBCxEz1RpXkcGJu2miK3vOHp4k9mLgGjfbNi8Bgjc9JMa6ip5AHR0
+q7pOWyn4YmYawvjH1pgqfoMZ64OnuuySQGUYBo4XBD4D5hc/e85kyOUiV0bux45l
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://omega.jstor.org/action/samlACS" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">JSTOR</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">JSTOR</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.jstor.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ken Alexander</GivenName>
+ <EmailAddress>Ken.Alexander@ithaka.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Tara Kalro</GivenName>
+ <EmailAddress>Tara.Kalro@ithaka.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.jstor.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 9702403542340608292, expires on Sun Feb 17 16:41:33 2013 GMT -->
+ <ds:X509Certificate>
+MIIDLDCCAhSgAwIBAgIJAIal3J3AtCEkMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDXd3dy5qc3Rvci5vcmcwHhcNMTAwMjE4MTY0MTMzWhcNMTMwMjE3MTY0MTMz
+WjAYMRYwFAYDVQQDEw13d3cuanN0b3Iub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA2lysfT6QBfG629qc0Cq2ZXLg7gPux0zLnwhTcJRqscJIZCTg
+O9am1OU4qdbsqwxSAknH9voFX8BHx5lVrIplKfYiPjpRCb1FrddyM4QCPWpkhhR1
+l1EQf5GJ+wOOmU6JYNGH/erTjjUtE/Qj8vHslQh3w/AuYVayr6RDGbjXjivWiKiv
+VrlD/mHGYs9RibvFGMi4lQvuBSgi5itTGdTfGJ3e+Xf15V+PoTfTKV+UCuuu7b+I
+2M1tlN2CvY9CCuD4FXMbuMdFdU0uj6kZtTqtIXtW4xF9stZIkQvM0ntlv/Ie6MuF
+M1ivLHJre7FKNG5aEmUPZ7xRXXrkVRG4hwRVHwIDAQABo3kwdzAdBgNVHQ4EFgQU
+VnPj4i6esonhTIWlSYatJYxLKQ4wSAYDVR0jBEEwP4AUVnPj4i6esonhTIWlSYat
+JYxLKQ6hHKQaMBgxFjAUBgNVBAMTDXd3dy5qc3Rvci5vcmeCCQCGpdydwLQhJDAM
+BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAE1Kd6178UQ9DvroxJXGqZ
+/oMJFh4MH73FrssLMxHlRYRre6cCyv50J3U4dfU9tcKs7Vm9nkU/+9YpSpY1xnUM
+EM5L+xPjmM72kuocVL9qHPo4metNysx0AuPs22ABF/0+tPpmoz1GdzvjsnB9P/1A
+uaz9ZpViHzDgmMXnAtLemhGGt/3VhfOj/z4n7cD7Wi9ApKgDbJox15l7d3yL0Jmc
+vmxz8ITYLKjrBCxEz1RpXkcGJu2miK3vOHp4k9mLgGjfbNi8Bgjc9JMa6ip5AHR0
+q7pOWyn4YmYawvjH1pgqfoMZ64OnuuySQGUYBo4XBD4D5hc/e85kyOUiV0bux45l
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.jstor.org/action/samlACS" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibtest.jstor.org/action/samlACS" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://classic.jstor.org/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://omega.jstor.org/action/samlACS" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">JSTOR</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">JSTOR</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.jstor.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ken Alexander</GivenName>
+ <EmailAddress>Ken.Alexander@ithaka.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Matt Callow</GivenName>
+ <EmailAddress>Matt.Callow@ithaka.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Tara Kalro</GivenName>
+ <EmailAddress>Tara.Kalro@ithaka.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Florida State University -->
+<EntityDescriptor entityID="urn:mace:incommon:fsu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">fsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 327, expires on Fri May 28 19:28:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICAUcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyNzE5Mjg0M1oXDTEwMDUy
+ODE5Mjg0M1owFjEUMBIGA1UEAxMLaWRwLmZzdS5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQChThukvsx+K6TbtRC3DUPv2q9jH1APBBqZvImmhwTV
+M7myhRjhhj9iaX63iVY5LcxgrFFjXqY7Gd4/y7LjBVJQjsJTnkn28ua7/84tbuq2
+jVSvnWkoI7wOljShPrxZv38dECpaOwMRNQWB5bN1UhhuXFHKQScbnfHmSdMqf2ya
+DiB8Zx4TaAqzoX5vlaE7gw86A6AI8EXeqLZoy5hPACNGv5Yk3BgXXvl0vuqU4ej7
+qEXiOu0Z4kxiQwYSdxziLiuocHVYTlWyLti9GHuEqpTO1l40MNpl9rU/h0AYR/AW
+VNWtVOIqV+5w18AyCy1+JcPe6MbIrPbIeZkAB7tpbwPtAgMBAAGjggKlMIICoTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFEFCZ55Pp5N5O06XuiOb04iv+ogkMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGn
+BggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0g
+VVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwFgYDVR0RBA8wDYILaWRwLmZzdS5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBAEFJmFUrwl7IsaD+/dTh7W0jDDV6JEPYQkIRHGn4
+mGi+4Tod/+EDQnAQ0y+6WCHQ8FyD3uttsrVaOrdOZb7RcAiHPovSPg2E5yYTDsQa
+PW9IOnlq3pBmal6Nk3vohE+r49MyB8jA153AUed91XHMhDdx2bKOGJBxEnrtJnrO
+LKLUq0uUoR+fe5wG6FNTHNAVwc5FDsokNqfVT8jG87ZevsgymwZPDGi3waoolajl
+LFFIcXLXl88uUjdrzCmzc91yzJyvtnFH5WVFa7XXAVwNJDLzrob6EaF1FQXqBBEZ
+2vkeI2Ez5h4aZ/soW69ZKsJvrYSZnoMXedmb6spU6le1qkM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.fsu.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">fsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 327, expires on Fri May 28 19:28:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICAUcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyNzE5Mjg0M1oXDTEwMDUy
+ODE5Mjg0M1owFjEUMBIGA1UEAxMLaWRwLmZzdS5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQChThukvsx+K6TbtRC3DUPv2q9jH1APBBqZvImmhwTV
+M7myhRjhhj9iaX63iVY5LcxgrFFjXqY7Gd4/y7LjBVJQjsJTnkn28ua7/84tbuq2
+jVSvnWkoI7wOljShPrxZv38dECpaOwMRNQWB5bN1UhhuXFHKQScbnfHmSdMqf2ya
+DiB8Zx4TaAqzoX5vlaE7gw86A6AI8EXeqLZoy5hPACNGv5Yk3BgXXvl0vuqU4ej7
+qEXiOu0Z4kxiQwYSdxziLiuocHVYTlWyLti9GHuEqpTO1l40MNpl9rU/h0AYR/AW
+VNWtVOIqV+5w18AyCy1+JcPe6MbIrPbIeZkAB7tpbwPtAgMBAAGjggKlMIICoTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFEFCZ55Pp5N5O06XuiOb04iv+ogkMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGn
+BggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0g
+VVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwFgYDVR0RBA8wDYILaWRwLmZzdS5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBAEFJmFUrwl7IsaD+/dTh7W0jDDV6JEPYQkIRHGn4
+mGi+4Tod/+EDQnAQ0y+6WCHQ8FyD3uttsrVaOrdOZb7RcAiHPovSPg2E5yYTDsQa
+PW9IOnlq3pBmal6Nk3vohE+r49MyB8jA153AUed91XHMhDdx2bKOGJBxEnrtJnrO
+LKLUq0uUoR+fe5wG6FNTHNAVwc5FDsokNqfVT8jG87ZevsgymwZPDGi3waoolajl
+LFFIcXLXl88uUjdrzCmzc91yzJyvtnFH5WVFa7XXAVwNJDLzrob6EaF1FQXqBBEZ
+2vkeI2Ez5h4aZ/soW69ZKsJvrYSZnoMXedmb6spU6le1qkM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.fsu.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Florida State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Florida State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.fsu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Chuck Kemeny</GivenName>
+ <EmailAddress>ckemeny@admin.fsu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- OhioLink -->
+<EntityDescriptor entityID="urn:mace:incommon:ohiolink.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ohiolink.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16522102562013539011, expires on Thu Jan 31 15:25:43 2013 GMT -->
+ <ds:X509Certificate>
+MIIDxjCCAq4CCQDlSky+B2NqwzANBgkqhkiG9w0BAQUFADCBpDELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEcMBoG
+A1UEAxMTYXV0aGRiLm9oaW9saW5rLmVkdTEeMBwGCSqGSIb3DQEJARYPZXNoaWNr
+c0BvYXIubmV0MB4XDTEwMDIwMTE1MjU0M1oXDTEzMDEzMTE1MjU0M1owgaQxCzAJ
+BgNVBAYTAlVTMQ0wCwYDVQQIEwRPaGlvMREwDwYDVQQHEwhDb2x1bWJ1czERMA8G
+A1UEChMIT2hpb0xJTksxIjAgBgNVBAsUGVNlY3VyaXR5ICYgQXV0aGVudGljYXRp
+b24xHDAaBgNVBAMTE2F1dGhkYi5vaGlvbGluay5lZHUxHjAcBgkqhkiG9w0BCQEW
+D2VzaGlja3NAb2FyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+ALK7YRvebxVsCmyP+++BDUUsZQfpKmTWqAahES4jOqeiRNroYOPgH2zk7GA1Xc46
+L12XMJCfQ/4du6wD2ojrV4bblhaYBQOx/46mbtJDwfRG2uxTg875vkrxo3haRqbO
+f0Ur6HAdjzGwuO2rPHCcl3JGom6DMWibgiE5KJY+qepguo+31lozAvqpt+r7xAGU
+JI70iyBedKvQSMcxm/S0LpCQ9IAHvvtKaogVWxFsCQPm/KlTgHO70z3Q1w4uU9la
+HzyK5v0ubeSoC2yJnxl3oG9O66Q5K8zx9pN7tHw38A3z3jPton/l8y8WsMsCdqFQ
+GUKXEy/arXx1ZvdRVQrBGD0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAD+6CTEaJ
+zs5MiqQUWQJLXAJ0+u1SgYmPiEWe6a0oBsmU5xpdC74ZBYfRlAn5s7Oni9RC+vU0
+wproGCSO33ISM0iT09SZ4N2XapQ75p4EF9CffzRDRB7L3WiHKBrF+wGld9R3PHs4
+ih1FLlAyfnVz5tTSotu6mzhHZLnnAx6KV+Tc7yZeB86LXIACScBbD5uJZK6snLzQ
+cYZwaxpFtbiVQDZZuA4I+vUkpuK2QVLgAOuyKG7naPMtb2UvjqGBW097m5uxjHAP
+T9LKck5LS0EE1zfTwYgS1UZ+bQ9YS7x28lVVrJtdNcAYQEnnZ7NdKKI17xJjipio
+E/HVpGNqJPcT3g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://authdb.ohiolink.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://authdb.ohiolink.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://authdb.ohiolink.edu/shibboleth/"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://authdb.ohiolink.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://authdb.ohiolink.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://authdb.ohiolink.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ohiolink.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16522102562013539011, expires on Thu Jan 31 15:25:43 2013 GMT -->
+ <ds:X509Certificate>
+MIIDxjCCAq4CCQDlSky+B2NqwzANBgkqhkiG9w0BAQUFADCBpDELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEcMBoG
+A1UEAxMTYXV0aGRiLm9oaW9saW5rLmVkdTEeMBwGCSqGSIb3DQEJARYPZXNoaWNr
+c0BvYXIubmV0MB4XDTEwMDIwMTE1MjU0M1oXDTEzMDEzMTE1MjU0M1owgaQxCzAJ
+BgNVBAYTAlVTMQ0wCwYDVQQIEwRPaGlvMREwDwYDVQQHEwhDb2x1bWJ1czERMA8G
+A1UEChMIT2hpb0xJTksxIjAgBgNVBAsUGVNlY3VyaXR5ICYgQXV0aGVudGljYXRp
+b24xHDAaBgNVBAMTE2F1dGhkYi5vaGlvbGluay5lZHUxHjAcBgkqhkiG9w0BCQEW
+D2VzaGlja3NAb2FyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+ALK7YRvebxVsCmyP+++BDUUsZQfpKmTWqAahES4jOqeiRNroYOPgH2zk7GA1Xc46
+L12XMJCfQ/4du6wD2ojrV4bblhaYBQOx/46mbtJDwfRG2uxTg875vkrxo3haRqbO
+f0Ur6HAdjzGwuO2rPHCcl3JGom6DMWibgiE5KJY+qepguo+31lozAvqpt+r7xAGU
+JI70iyBedKvQSMcxm/S0LpCQ9IAHvvtKaogVWxFsCQPm/KlTgHO70z3Q1w4uU9la
+HzyK5v0ubeSoC2yJnxl3oG9O66Q5K8zx9pN7tHw38A3z3jPton/l8y8WsMsCdqFQ
+GUKXEy/arXx1ZvdRVQrBGD0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAD+6CTEaJ
+zs5MiqQUWQJLXAJ0+u1SgYmPiEWe6a0oBsmU5xpdC74ZBYfRlAn5s7Oni9RC+vU0
+wproGCSO33ISM0iT09SZ4N2XapQ75p4EF9CffzRDRB7L3WiHKBrF+wGld9R3PHs4
+ih1FLlAyfnVz5tTSotu6mzhHZLnnAx6KV+Tc7yZeB86LXIACScBbD5uJZK6snLzQ
+cYZwaxpFtbiVQDZZuA4I+vUkpuK2QVLgAOuyKG7naPMtb2UvjqGBW097m5uxjHAP
+T9LKck5LS0EE1zfTwYgS1UZ+bQ9YS7x28lVVrJtdNcAYQEnnZ7NdKKI17xJjipio
+E/HVpGNqJPcT3g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://authdb.ohiolink.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://authdb.ohiolink.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://dmc.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 18356669432184504852, expires on Thu Jan 31 15:10:09 2013 GMT -->
+ <ds:X509Certificate>
+MIIDwDCCAqgCCQD+v/2XPKECFDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEZMBcG
+A1UEAxMQZG1jLm9oaW9saW5rLmVkdTEeMBwGCSqGSIb3DQEJARYPZXNoaWNrc0Bv
+YXIubmV0MB4XDTEwMDIwMTE1MTAwOVoXDTEzMDEzMTE1MTAwOVowgaExCzAJBgNV
+BAYTAlVTMQ0wCwYDVQQIEwRPaGlvMREwDwYDVQQHEwhDb2x1bWJ1czERMA8GA1UE
+ChMIT2hpb0xJTksxIjAgBgNVBAsUGVNlY3VyaXR5ICYgQXV0aGVudGljYXRpb24x
+GTAXBgNVBAMTEGRtYy5vaGlvbGluay5lZHUxHjAcBgkqhkiG9w0BCQEWD2VzaGlj
+a3NAb2FyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK0ycCvm
+Sq9ognfj5NpMZE+XVNQc0HNc+dXUADNGrdi2NKEivR82yQadVM0BDMI9+rM07hja
+J+1egYovubIfnTra7HxMEc5vLSgUWt7Gqrp4kDEAUY9TeAfcrHxkfJBjGpZfz3F6
+hseraWWRmS/yYwZeKmZOfRzijgK1agTs/ezvmdBZre9Y8R/yBgRUxFIrVaOIP7KO
+JZTxpPTgp5xavp0Pis2TmDSI9A9VO01XxmpIoGxANApEyrO/w3SM32fswFVvNd3m
+PKPGtKRjFqLCuQQN856lQw9JO5wr7hY8LkYqDBW2Bqkj9jsPGGIu94zHz9j47Z+G
+SdD9L8UP9ej3jaECAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAovOXf1UpQhSc7tg+
+yG+HzTxE5qw0p7KsoRF6lKJkt3O1+qDYY8uY7nYWnIyQOR8kD9gbmDBWn64oFo36
+tRkCY1fcbHJUPsxIz3PDV0WgDRDRFrTpXDDSMhP+FUun7+ErOWyY25MKaCH0BBLZ
+482kCdFNb+61lvtx5R1W1GcCyi2mzqRHbZq2UCtnbzv9VkYRKU3yLrwnKrAf6ra7
+0NE4ZebGA4icg2ROFxggiqqguoZTHB8VGdqmuiIHJTq7NEXfmGy7Di/SR6A7rUfK
+l0UTR6rMaPejk34zIbc+zldBrf0uBw4UShho24ULhzMMb8kA/Rzv70ZgrvBCvvj8
+5xiaAw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dmc.ohiolink.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dmc.ohiolink.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dmc.ohiolink.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://dmc.ohiolink.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dmc.ohiolink.edu/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dmc.ohiolink.edu/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://drc.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 14202020408915384364, expires on Thu Jan 31 15:10:21 2013 GMT -->
+ <ds:X509Certificate>
+MIIDwDCCAqgCCQDFF7ZQ/j/YLDANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEZMBcG
+A1UEAxMQZHJjLm9oaW9saW5rLmVkdTEeMBwGCSqGSIb3DQEJARYPZXNoaWNrc0Bv
+YXIubmV0MB4XDTEwMDIwMTE1MTAyMVoXDTEzMDEzMTE1MTAyMVowgaExCzAJBgNV
+BAYTAlVTMQ0wCwYDVQQIEwRPaGlvMREwDwYDVQQHEwhDb2x1bWJ1czERMA8GA1UE
+ChMIT2hpb0xJTksxIjAgBgNVBAsUGVNlY3VyaXR5ICYgQXV0aGVudGljYXRpb24x
+GTAXBgNVBAMTEGRyYy5vaGlvbGluay5lZHUxHjAcBgkqhkiG9w0BCQEWD2VzaGlj
+a3NAb2FyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANcn61m2
+W7JdxyihI2+VTUv1uzPqYzouza0ZD0Q1pP9iXNcFK1b+cswJ2UKEtwt1cis6/KXS
+TA7+aVrWUlT6HQeXXdn+pYUlKapUZNctVwZfJq6hTajL+SXTC76YU+nfBVexak/4
+SMy460QiEl+Svh0rkZUVUknsDXEAwQK8m+drZMji8SI86EIMc3mkPr5rno9Lmy4C
+lX3nduYnHmjvsPe9NickeNo22WN/qbcy7LrWVBzW3iwhmUUqnAyDUTylHbIl4BuY
+WIkfUGQLcBf2DMmI6SOIj/jwLazn+FllkE0HXhUZJYRC5TTBUAGNo/x8NDVKA40y
+0WxuRGL9QKPjHFkCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEABgClsknXPNsY+tbb
+7c+jR++APph2pb08xegLJXU+A6s/0UCnAJVjLvwPHLq3EfIFQSKeMO3PiRHXOItR
+fXGtSJyMzlZcWNVtiE3dymRi//DcL8g6pd/WYf0DCG0iKOeLvbu6tQffCT68U0kr
+CWDiwZ1angZCkQ/oxMWidTzk5wQN4ckhWJUusAQYuIdmN4R8L8lGJDmiex7U2jkw
+VD4aVDeBggM5zQ03O+aTGf5VWXraAXIyJ4ZEHRJPvd4vzxx7/ve6m+8i97ru49pu
+tXZU1klec5C+tE4yRjZpBgIOHnYLpA1g+Z/r4q67wIMSeRG40fxUC6j/B4k3xMWa
+61BgzA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://drc.ohiolink.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://drc.ohiolink.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://drc.ohiolink.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://drc.ohiolink.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://drc.ohiolink.edu/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://drc.ohiolink.edu/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ebooks.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 17794618238931763981, expires on Thu Jan 31 15:10:27 2013 GMT -->
+ <ds:X509Certificate>
+MIIDxjCCAq4CCQD28y8CJTcDDTANBgkqhkiG9w0BAQUFADCBpDELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEcMBoG
+A1UEAxMTZWJvb2tzLm9oaW9saW5rLmVkdTEeMBwGCSqGSIb3DQEJARYPZXNoaWNr
+c0BvYXIubmV0MB4XDTEwMDIwMTE1MTAyN1oXDTEzMDEzMTE1MTAyN1owgaQxCzAJ
+BgNVBAYTAlVTMQ0wCwYDVQQIEwRPaGlvMREwDwYDVQQHEwhDb2x1bWJ1czERMA8G
+A1UEChMIT2hpb0xJTksxIjAgBgNVBAsUGVNlY3VyaXR5ICYgQXV0aGVudGljYXRp
+b24xHDAaBgNVBAMTE2Vib29rcy5vaGlvbGluay5lZHUxHjAcBgkqhkiG9w0BCQEW
+D2VzaGlja3NAb2FyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AMfwiApCJXnv/RKb7bUxZf2U29srENF7+5iHHxD/U+eLVlxjUhcdN8zGDefMF1q/
+0ILQxzyxfZ9JulCG+Y0bc4UMgsYa0Y9VMirWdb19PzzzZsjwYvc4vpVdpNmrI16b
+5UdN0L+lQy2vH//jBCezQ6TP4LL+iI9E/uX0NV9PSs9P/32Q6VypaLh2uMNdrqh6
+N3d+F1tv4kEhogLzTa3Db87a0SOQZdhhcT16+PcRrto7bK9zptAPVI42A/NiICzB
+Gvp8QRzS4YtlwKLpETIpTsh8m3n99Dvvh6LAb36dpqMoyKSD95Dtm0VhoKThGuqk
+aARZYK2hAumNBJBP4uBGF9kCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAiiHheynE
+syqZoLx4Rjl+tOfQAXwAVT3kOeFF3pB9h67UplqyeKBVAGLZNEU5+r15UJ1X6m0c
+Mt9tsCKnydkDDUmffBclokGh2o+zigpO9qtFkVOTms9gpaShSemJaTX5zhYGq0iS
+/5BFS3GS5Ft0wuMJ1dF3dRFRpneN85rXgvfU/N7F0kytBNkuWOqxsNk5ymzp98e/
+tZrzYRmyCAeBYJ842lwASWsCnFYjR2oPIYk/uPpp7ddhExtoHUq4Qvj2yfZvWjIz
+ar/l2hgyK/eBaqXKFIWblZOGp3J2PfVgjRducDqG9K39wyZYT/bEgXJfHm3k0Xnf
+zuOEynhiSz9yCQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ebooks.ohiolink.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ebooks.ohiolink.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ebooks.ohiolink.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ebooks.ohiolink.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ebooks.ohiolink.edu/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ebooks.ohiolink.edu/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://etextb.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16949402772310261099, expires on Thu Jan 31 15:10:33 2013 GMT -->
+ <ds:X509Certificate>
+MIIDxjCCAq4CCQDrOGAFBpL9azANBgkqhkiG9w0BAQUFADCBpDELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEcMBoG
+A1UEAxMTZXRleHRiLm9oaW9saW5rLmVkdTEeMBwGCSqGSIb3DQEJARYPZXNoaWNr
+c0BvYXIubmV0MB4XDTEwMDIwMTE1MTAzM1oXDTEzMDEzMTE1MTAzM1owgaQxCzAJ
+BgNVBAYTAlVTMQ0wCwYDVQQIEwRPaGlvMREwDwYDVQQHEwhDb2x1bWJ1czERMA8G
+A1UEChMIT2hpb0xJTksxIjAgBgNVBAsUGVNlY3VyaXR5ICYgQXV0aGVudGljYXRp
+b24xHDAaBgNVBAMTE2V0ZXh0Yi5vaGlvbGluay5lZHUxHjAcBgkqhkiG9w0BCQEW
+D2VzaGlja3NAb2FyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
+AMwwEXPhvSj1S/9YOoKCDZpCn673x+uApBVV4ZiW2dH2yeComFz9iJ7aJhlPzRbj
+7cnHtO/OmP2ggqfQTkNSP95hiVtgWP7/KBZlQsVmph1vLGgL/A/XF49UEnkz5ZPE
+/0Q7pUw83QH1hCF0QeEO7EX5T5v1xmwDAYaRnsQXznUYATNClf+4vRIrc/RWHjMa
+dYsmR7Xtwy1ww3lsWE7qhIvsrbzurvl27LP12FdbrS5fHSwx9dMwXoP1lTvxasv1
+qRbwL/tBiZam07eueG/yTLeOFuDwowzj/H2zvcy4aiAeso3LuwZUP+/wGkt5GDda
+1opUl5Gl2MMxP4F1xLc/PPcCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAi3TwgA2I
+ulkZKkj2rFASaVh6DM4mKeMMwbbqaqNe1ctusR7opQleK3LcvrmGLTsWTTbXWSiU
+vA6H1ppeGTiIQIe++kElv5af4APDugCvUo8GyKuXY7JRvVxH+bAzeWBQH/l1OK15
+uUV/HmvUzO1G+Zs0sKgWsXB4m5ybIbDcONrFoq2f0ES+NZKL199bV6/qtflMDww2
+YbiT+zA4iuNK0vOc4oc4VonJukUO2kEX04J1ks3JKW/2pjmWnyxk2DrkxJL+8QJ4
+RpEt6lCe2Y6wGO/YmUOTxxWfPWDzjvoS2I/GBXbxY379FO3mvpZdmcNnwEupaNFP
+/+aadL4wfOPzeA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://etextb.ohiolink.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://etextb.ohiolink.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://journals.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 17096100896678653324, expires on Thu Jan 31 15:10:40 2013 GMT -->
+ <ds:X509Certificate>
+MIIDyjCCArICCQDtQY0vvsStjDANBgkqhkiG9w0BAQUFADCBpjELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEeMBwG
+A1UEAxMVam91cm5hbHMub2hpb2xpbmsuZWR1MR4wHAYJKoZIhvcNAQkBFg9lc2hp
+Y2tzQG9hci5uZXQwHhcNMTAwMjAxMTUxMDQwWhcNMTMwMTMxMTUxMDQwWjCBpjEL
+MAkGA1UEBhMCVVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREw
+DwYDVQQKEwhPaGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNh
+dGlvbjEeMBwGA1UEAxMVam91cm5hbHMub2hpb2xpbmsuZWR1MR4wHAYJKoZIhvcN
+AQkBFg9lc2hpY2tzQG9hci5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDBivNFKpuRtIa6FEuEnhZ9+RE8AQI3DSrdppRuXcUIwKxSZTgTVlrjuyqD
+q5npS9qDv5k3P7qTueR/hEYtXbNht+tDezNta82GZX4csQD2AZQRMwCtZtnHq5En
+jVD8y34lidC/kUa5jVt4ANkyvYv7NB4wibSAMQUXPTrfZ5k/aMkuvZQbnrCKQZpz
+KVdse5nlk9BQgIziXtwZg5nIcZXTYxLSkBjmXNvNan+86UNom5VovdKnrsqbRrz3
+WJIsNkO5p7XlKCHULvHfqTaT7I9+fxaksdO6xNF5y0FvA3vwPJk8kKorHktIVrMR
+8jrYNqeSkl2KtoJj3KhngEFZez5hAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBABJ9
+8J1+Z+r2hssxRDrszrBCP8ac4fIQGe+8FJTwq3FkCrc+3ydN9TkyrLx547rlPXh8
+unstLu+qnrvHRv3l2opIziCFmQ3q5od4UGwsIIKriFHSOUOaxJLETGgkM0bYnlW+
+KMQWzKA2vKnUIastiSRlnN53hW39w9SU+mH7LHyk5k4UoSI6H37DfZCiVBrYgHLG
+sdHVpxQn+RBtNlcKqqmAcVuvf1Vne1e5SOlMIIQCcX+JFZXMrcoOdE8DOQyAff5t
+2WuQ7fbZW6EeLeMf2W4N1RANTjcqOC/E5aq/CTi8bK5s/8TzhwL5+yvi5I7mIrkv
+X500WXJhCtb075PyWrg=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://journals.ohiolink.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://journals.ohiolink.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://olc3.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 9610295319688415001, expires on Thu Jan 31 15:12:10 2013 GMT -->
+ <ds:X509Certificate>
+MIIDwjCCAqoCCQCFXqCs/KCHGTANBgkqhkiG9w0BAQUFADCBojELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEaMBgG
+A1UEAxMRb2xjMy5vaGlvbGluay5lZHUxHjAcBgkqhkiG9w0BCQEWD2VzaGlja3NA
+b2FyLm5ldDAeFw0xMDAyMDExNTEyMTBaFw0xMzAxMzExNTEyMTBaMIGiMQswCQYD
+VQQGEwJVUzENMAsGA1UECBMET2hpbzERMA8GA1UEBxMIQ29sdW1idXMxETAPBgNV
+BAoTCE9oaW9MSU5LMSIwIAYDVQQLFBlTZWN1cml0eSAmIEF1dGhlbnRpY2F0aW9u
+MRowGAYDVQQDExFvbGMzLm9oaW9saW5rLmVkdTEeMBwGCSqGSIb3DQEJARYPZXNo
+aWNrc0BvYXIubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6dxU
+G+zAUtfO54dS8Iqclv29I3bhJMlHPHTwMO6VnbDewmuV8IwBO04mE9Uuxi3LAqcK
+RFiWthnyFaedMqNTY5ArBE3chC0YihMZNj/MffuSKRLPIRLgGGAvISIywLLgj7nE
+25bGEdsqb1gtbB+i8D7mH6BMnGlpXYo/1poX7yosNOYWIVCjx4mEvq4kvtZFNMei
+fLuoaLW1LwXg5YlYBx8qPOuPq1H91tNxsQb0XwW5lMkw2iEOel4JBeuRJvqyorq1
+KVr8xSSBPFMepRAabTOc+93qSnvcw24BNgTuzHOIthKEOb14muefKe5BjpGjAy5M
+I97ZrTTo7qevkP/W5wIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA0onJqiMYoPJ5D
+uCrnec14CMChWooDAn3fd8WLEEOw/4d3TA7wtZoeTMB00o+QsIyk9XYqJvUDTKOz
+nAFNBcvUdM2dyEl05d/yW/c+VLMAZV1mwn5Q7pNBVy7fdTuEN3e8edCTWs93SY+W
+CkvQMbUQWMkGgahnrriE6RBbEo/gyGQFvbh3fhXLUfd7+yUNY8YFc1b/+tWzkB9U
+qgyFPMy/61XhooeAOeHrxa29nilRGr/HzjRFMZmT8DokInAAOX43TcaJ8EFPI+Mw
+zIVm2ugMavo8yXaf65fJBSE2AwMyn+jk/EsqOtmlUX58hjjp/uVrvF/PXTm7x3tL
+oP8NM63+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://olc3.ohiolink.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://olc3.ohiolink.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://proxy.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16117613487386621294, expires on Thu Jan 31 15:10:52 2013 GMT -->
+ <ds:X509Certificate>
+MIIDxDCCAqwCCQDfrUQSbrl1bjANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEbMBkG
+A1UEAxMScHJveHkub2hpb2xpbmsuZWR1MR4wHAYJKoZIhvcNAQkBFg9lc2hpY2tz
+QG9hci5uZXQwHhcNMTAwMjAxMTUxMDUyWhcNMTMwMTMxMTUxMDUyWjCBozELMAkG
+A1UEBhMCVVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYD
+VQQKEwhPaGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlv
+bjEbMBkGA1UEAxMScHJveHkub2hpb2xpbmsuZWR1MR4wHAYJKoZIhvcNAQkBFg9l
+c2hpY2tzQG9hci5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDS
+Uds+Cl+zzW1BKXDuwRptr/a0FSWJlY1mdNcS1qpJQwGZgUyzwuXKUgVo/Mmwkr5q
+4/1/Qlr9jApQNUaYbzujdFoCTYZ6TA4i4Wd3rfzbZkiLvMwbMTWi0YQfCu6Q1bkh
+7kkRBiFixA4HuESNTuZlpNTppAI6acUeMQQ69aNpbm5zvISI8NvKb42jKt2PHWjV
+FIPzOfzvhWs0M/x759wWMV+r6TsqfVkKjXKMB7hxEzdjTf0ttbpMfC8thDQbz5NZ
+zIeA3XE5GFoD19/tbEDBMs9FRZpi1pObjMYyZAuPX/6iYWmnDX5MGM/ZEaOUjwB+
+f1DMgEz4eWRFZiNpsqW/AgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAExMi9S825cz
+IQ1gf3p+PX4YkUrUhH92f3JeX/NldyA/7ZBWCdt4cWGZ2izUdJsq6W0LZZTJ9Qjr
+TEg/EtgEL/RMEIz52YDXxtM+o9+PDEqBk/BC46ULDo+sJ9szTlmmEP1z4BxTIIry
+LQV/SRz5GiW6cEMwwXvr8wx8U+polk+SduYSgtTO6mofkIWxKmSeL4LqPfbrIB6a
+12MP5H/OvtNSbqLTedRfJefxGqDmqn5Ias/pW/ZGYU1oY20bT1qL6LqjNSzCFxLO
+e7vWtJ3IHcu89hAkwkvKW4SKchucYu/DkyBwG2HaWohrwxOOlTgllrXDj3pZrQcG
+XlRmGG2r7d4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://proxy.ohiolink.edu:9100/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://proxy.ohiolink.edu:9100/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://streamer.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 9286774121189209013, expires on Thu Jan 31 15:10:58 2013 GMT -->
+ <ds:X509Certificate>
+MIIDyjCCArICCQCA4T/cGsXztTANBgkqhkiG9w0BAQUFADCBpjELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEeMBwG
+A1UEAxMVc3RyZWFtZXIub2hpb2xpbmsuZWR1MR4wHAYJKoZIhvcNAQkBFg9lc2hp
+Y2tzQG9hci5uZXQwHhcNMTAwMjAxMTUxMDU4WhcNMTMwMTMxMTUxMDU4WjCBpjEL
+MAkGA1UEBhMCVVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREw
+DwYDVQQKEwhPaGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNh
+dGlvbjEeMBwGA1UEAxMVc3RyZWFtZXIub2hpb2xpbmsuZWR1MR4wHAYJKoZIhvcN
+AQkBFg9lc2hpY2tzQG9hci5uZXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQCdfu8O/DkjvHV8p1PeE33FWgWcfjU+JqehHX3voGk2GjN1gTPxxtmPVapl
+OZHN4Bb+0WSDWuln7nH6BOfxinWqRtww09XrfQEQJLQ/gn5bWs9vfzmohUz12hTW
+dKH6x3T7+ub37/1a93p0gU+Q1MbJj9BzCSZBhi7K0QEbHNHiP1v+NzmDRCI3BNEM
+FtVtN+MouZr8ie1gJhwRzUJo+y6YsjErBoN6wBFYPgnwSVYhAR83n/NDyrXjiirY
+6SfNCu4LqE0yoCFvDIZFimbLa3ctZl+I7ffvg9IVomxc+7uX2qY9jkVUfhBnGPwu
+jtxpWPSq0aiqiww0AfPKQ2nzbC4RAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAHY5
+GQx/UPZ3Z/8t4O6sP6ZHSQpYZECtJpjp1SlyAGeBv0V+a1e6+NoFel3amvv4zJcY
+lj9wiH53KNgi+cGAEUo3cKDpw19SoVlJOH5I5rqS5FHlni/3M3J+pa3RaAzHuOg0
+//Zs2MTFT/TA5f1bHpFQJgLB0AeONBCSSz4K7UX0P+8OQVLgSFbh2+XTBiOvtz6S
+2mI8iLMTbq/zTaPL8Rg5b0JcpsA0NJ6UQHRCq+Pdw/xci7DNsttbFIRC1NGOuVYr
+GGed+6ekyQUBDXCbVzoZljCZW8BPgGbGUmzbEQyj9CAbx955G6Bh6pQIKwvWIzZR
+xB+X/eX4tWYNSU6eJR0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://streamer.ohiolink.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://streamer.ohiolink.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://streamer.ohiolink.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://streamer.ohiolink.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://streamer.ohiolink.edu/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://streamer.ohiolink.edu/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.ohiolink.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12147509867353943059, expires on Thu Jan 31 15:11:03 2013 GMT -->
+ <ds:X509Certificate>
+MIIDwDCCAqgCCQColJ/dNS8sEzANBgkqhkiG9w0BAQUFADCBoTELMAkGA1UEBhMC
+VVMxDTALBgNVBAgTBE9oaW8xETAPBgNVBAcTCENvbHVtYnVzMREwDwYDVQQKEwhP
+aGlvTElOSzEiMCAGA1UECxQZU2VjdXJpdHkgJiBBdXRoZW50aWNhdGlvbjEZMBcG
+A1UEAxMQd3d3Lm9oaW9saW5rLmVkdTEeMBwGCSqGSIb3DQEJARYPZXNoaWNrc0Bv
+YXIubmV0MB4XDTEwMDIwMTE1MTEwM1oXDTEzMDEzMTE1MTEwM1owgaExCzAJBgNV
+BAYTAlVTMQ0wCwYDVQQIEwRPaGlvMREwDwYDVQQHEwhDb2x1bWJ1czERMA8GA1UE
+ChMIT2hpb0xJTksxIjAgBgNVBAsUGVNlY3VyaXR5ICYgQXV0aGVudGljYXRpb24x
+GTAXBgNVBAMTEHd3dy5vaGlvbGluay5lZHUxHjAcBgkqhkiG9w0BCQEWD2VzaGlj
+a3NAb2FyLm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALB9352A
+cdmmWgNqkBegvio2Q2w5mnKkVJEu2cLazqK3F/gv5VSMfAYdbqjd6AipgUy+FUOj
+lQnCQyNQvLKo8j2nPHzcwEc0H9hdYDpMuhONsexyno85QiKBAipjNYUzjv/phfl9
+3TrIOVK6k6wajsAemUsM5KfYnkgrZUGwKNNTT3Y3mwTKM4sNidfAxb7ghAp9N8/C
+pwXWGpqysOMJM2nR9FAzHPYainY0nYobKceKp1aRf2TXSoXJekFgf+20ZUVK0yry
+4fXqqN6kCWerwGnV+y4yk5m8Np/sOi5XDjL95s6ycACuRaJQS9H/nlVGlo/MTwQ2
+lHEth6j84Y+KtW0CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAMCCi4x1PgQciQ8JH
+QMwqfOFJYp/0ebX+nC2mrcvGz0Y5Dk+nWNUSA1iSbwnyg1au+v9R5TaCCjhEtWUQ
+xjFBYYYCB5LpNv2vd7i30JL5a0/JmeEwyoDoxlVG19vgUO7dAATsZD29fKvDU7VA
+aVrjRjDMQFWcQSK6IixOl2bSM6JhjDurJw5xM4vHPi/VPwPFaD52wZhaSBsAtajs
+gqtsKOJJHpPTDssmzUxIYuviSjAM65/v4/OvpeSaVJD7hzKlChrjkXZT5ECs3WPX
+2t2+G9/3bhq/qwaOgsVVsG+F4g4t2cRi6Y27YcbWNUh1zDvCwhDidbKfcO7Kg464
+ddLjRw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.ohiolink.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.ohiolink.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.ohiolink.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.ohiolink.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.ohiolink.edu/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.ohiolink.edu/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">OhioLink</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">OhioLink</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohiolink.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>E. Stuart Hicks</GivenName>
+ <EmailAddress>eshicks@oar.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Celeste Feather</GivenName>
+ <EmailAddress>celeste@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OhioLINK Support</GivenName>
+ <EmailAddress>support@ohiolink.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Johns Hopkins University -->
+<EntityDescriptor entityID="urn:mace:incommon:johnshopkins.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">johnshopkins.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 328, expires on Fri May 28 19:28:49 2010 GMT -->
+ <ds:X509Certificate>
+MIIFKzCCBBOgAwIBAgICAUgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyNzE5Mjg0OVoXDTEwMDUy
+ODE5Mjg0OVowJjEkMCIGA1UEAxMbc2hpYmJvbGV0aC5qb2huc2hvcGtpbnMuZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4+bfyVwD2ZiXBdRJO2bA61Hz2
+QXKOZhkjXA2Jjt4erKOu62bhNonUa7pz8pHoCdSyvQFjJF0h2meFeNidRLRGq0ti
+d6rF8nX+/yxaBC1Cgerce+eHywscsgvWEJ7lqZX19aVj4vWjMpGRagTMX4LgfQh8
+jvejWFtW/7G2Nhc80wIDAQABo4ICtTCCArEwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBRw9kg/wA61UlIuiiWoJYYaiMIqgjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8v
+aW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25j
+YTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0
+cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMu
+cGRmMCYGA1UdEQQfMB2CG3NoaWJib2xldGguam9obnNob3BraW5zLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEAW2JN17rqDOMy37Yd38K1QsKA5qG3NPcZN90Qit6r/mxF
+PWqnfCL0hClOMvpDd4PmVCPzAfXSjSWetbZgbrdKXgPCorpukjRQF1lTP/0BM59s
+vyErO+HNhdjuIA7hO3OPy34hRyXBxf6G1nupQ0KXUTPHxPxpINPaqBtYkcAHX6iq
+pNPFbRTc1xZuWE79sTFpCiHewvGd5Qix5nIlnqpq6NwUMYHEby1ED+h9G66Kau7E
+pdGrgRIJZlQCwRT2zbOH/S0EDbC5QKwjtcIymMQ/YF+WTpBI75xnvWiAk/V4QZgz
++ICZXWjZ+4nTPfMM+ioBsGrWEzTt83rsSnylLAg4qg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.johnshopkins.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.johnshopkins.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">johnshopkins.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 168, expires on Thu Jun 12 19:39:09 2008 GMT -->
+ <ds:X509Certificate>
+MIIFXzCCBEegAwIBAgICAKgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDYxMzE5MzkwOVoXDTA4MDYx
+MjE5MzkwOVowWjELMAkGA1UEBhMCVVMxJTAjBgNVBAoTHFRoZSBKb2hucyBIb3Br
+aW5zIFVuaXZlcnNpdHkxJDAiBgNVBAMTG3NoaWJib2xldGguam9obnNob3BraW5z
+LmVkdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuPm38lcA9mYlwXUSTtmw
+OtR89kFyjmYZI1wNiY7eHqyjrutm4TaJ1Gu6c/KR6AnUsr0BYyRdIdpnhXjYnUS0
+RqtLYneqxfJ1/v8sWgQtQoHq3Hvnh8sLHLIL1hCe5amV9fWlY+L1ozKRkWoEzF+C
+4H0IfI73o1hbVv+xtjYXPNMCAwEAAaOCArUwggKxMA4GA1UdDwEB/wQEAwIFoDAM
+BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNV
+HQ4EFgQUcPZIP8AOtVJSLoolqCWGGojCKoIwfgYDVR0jBHcwdYAUky3IYRitY+Ob
+ZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1v
+biBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1
+dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0
+cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29t
+bW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwx
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEW
+Nmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3Rp
+Y2VzLnBkZjAmBgNVHREEHzAdghtzaGliYm9sZXRoLmpvaG5zaG9wa2lucy5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBAAXye6TAfWQjO3ksFW5uNrf6uJ1QcmPTZtAw7KyI
+OBDcdG/J0ZnWu3NwrgaYPl5TayNvY4AU9LYJ6C3lFgIhR/ONQogrCdacPCZa5YUc
+hWU8QTUL9IjgGuvxJtdGnEC1Gwmhq6HlG4IRKuhxY+4GyXBAlIBFrPmLDlk7Y/NT
+BuhT5Z+8QrKQ4Hfz45F8rT1euqibb4etyb6Ie3L0pXsLozPsbhc88veBPlWEmWjo
+PWYFah/YTAxrgNKYx8q0lNnzyQxhub3zXutoZNjugUJZSfynyjmpwC582LyjcJtN
+vuw4c7NpuIbb0UoKLw9KO5ql9WGNQkAaEJvlJ/i7WSDFqo0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 328, expires on Fri May 28 19:28:49 2010 GMT -->
+ <ds:X509Certificate>
+MIIFKzCCBBOgAwIBAgICAUgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyNzE5Mjg0OVoXDTEwMDUy
+ODE5Mjg0OVowJjEkMCIGA1UEAxMbc2hpYmJvbGV0aC5qb2huc2hvcGtpbnMuZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4+bfyVwD2ZiXBdRJO2bA61Hz2
+QXKOZhkjXA2Jjt4erKOu62bhNonUa7pz8pHoCdSyvQFjJF0h2meFeNidRLRGq0ti
+d6rF8nX+/yxaBC1Cgerce+eHywscsgvWEJ7lqZX19aVj4vWjMpGRagTMX4LgfQh8
+jvejWFtW/7G2Nhc80wIDAQABo4ICtTCCArEwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBRw9kg/wA61UlIuiiWoJYYaiMIqgjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8v
+aW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25j
+YTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0
+cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMu
+cGRmMCYGA1UdEQQfMB2CG3NoaWJib2xldGguam9obnNob3BraW5zLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEAW2JN17rqDOMy37Yd38K1QsKA5qG3NPcZN90Qit6r/mxF
+PWqnfCL0hClOMvpDd4PmVCPzAfXSjSWetbZgbrdKXgPCorpukjRQF1lTP/0BM59s
+vyErO+HNhdjuIA7hO3OPy34hRyXBxf6G1nupQ0KXUTPHxPxpINPaqBtYkcAHX6iq
+pNPFbRTc1xZuWE79sTFpCiHewvGd5Qix5nIlnqpq6NwUMYHEby1ED+h9G66Kau7E
+pdGrgRIJZlQCwRT2zbOH/S0EDbC5QKwjtcIymMQ/YF+WTpBI75xnvWiAk/V4QZgz
++ICZXWjZ+4nTPfMM+ioBsGrWEzTt83rsSnylLAg4qg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.johnshopkins.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Johns Hopkins University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Johns Hopkins</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.jhu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Andrew Baldwin</GivenName>
+ <EmailAddress>andrew.baldwin@jhu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Etan Weintraub</GivenName>
+ <EmailAddress>eweintra@jhmi.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Enterprise Authentication Team</GivenName>
+ <EmailAddress>enterpriseauth@jhmi.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://muse.jhu.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 447, expires on Mon Oct 18 19:23:18 2010 GMT -->
+ <ds:X509Certificate>
+MIIFBTCCA+2gAwIBAgICAb8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAxNzE5MjMxOFoXDTEwMTAx
+ODE5MjMxOFowFzEVMBMGA1UEAxMMbXVzZS5qaHUuZWR1MIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQCpwNi1v8zzl2d8q7GHDMywsAckpgOW9bobcvdRJX95PK17
+Dox3ISLVc/WqjOmnpDAm2kNjD8xsObojvN1Ae6eGAd2bvpMJ4/rriGWdv4ZXwl+B
+j3LCtwpGW2ufA7V9VP0B8GiUSC2eDIJ7fbdwBYaCBgUEAHBU2+tZLZeA9HwdOQID
+AQABo4ICnjCCApowDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS7nFggW7cUMdXuKp9H
+AZVTLsACKDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggxtdXNlLmpo
+dS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAAd/lCl4ikmSqP64YDFIphAOiYSSG/91
+HxuUeBtKqB4sE12HlfC1omQAAOES/2Y4IjR1Nkp+bLkvDWOqL0/ZWDNXWlRAbsAh
+016ua2U8Pa5KaEzmiWHa/S102LNsL3XozXwH/+YDAM4i21x7O9vD9A81Z6lVN24X
+qSAKyOEh8tfRBoKiqJDjaQrD0s1t1BsB3XgT5BtBfWGDsPAF7eM46JPSgCTfi/Ja
+UdJuse0zGU7XlPHw3TuqJV07S6X+7bRKC9KpbCaRbQoqcb3U4HNPhc0Bv0mrKMgS
+Qm5bbjHXqrYneaEhvt4iO5evZI16+m3HJ3e5p/zocftddMbXeIKYBeU=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://muse.jhu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://muse.jhu.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://muse.uq.edu.au/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://muse.uq.edu.au/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Johns Hopkins University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Johns Hopkins</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.jhu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Malloy</GivenName>
+ <EmailAddress>malloy@jhu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Wendy Queen</GivenName>
+ <EmailAddress>wqueen@press.jhu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- RefWorks, LLC -->
+<EntityDescriptor entityID="https://rwtm.refworks.com/shibboleth/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 179, expires on Fri Jul 11 20:10:36 2008 GMT -->
+ <ds:X509Certificate>
+MIIFOTCCBCGgAwIBAgICALMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDcxMjIwMTAzNloXDTA4MDcx
+MTIwMTAzNlowPzELMAkGA1UEBhMCVVMxFTATBgNVBAoTDFJlZldvcmtzIExMQzEZ
+MBcGA1UEAxMQd3d3LnJlZndvcmtzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEA2GcwYNZFJrDpGWopMC16wgtTJfWMhv66q+LkLYzS942wXLgXg28PrScu
+ZR9TvfFzjBDkWWSx/ONADLrtp2ZdTDJ15NDSX57fetIt404uhsl42y5PeTkXUPat
+wHb15R3KblvZPQRqTJNi+0jup7qLvLRAwGNUOXtSzeCOAJUgNDkCAwEAAaOCAqow
+ggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmo/O6sOke/PNyTz7HDZM0iiCZkow
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0w
+gaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3Vl
+cnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREEFDASghB3d3cucmVm
+d29ya3MuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQDA2FXXg/69MA3eq9/oCvUYg1DB
+p7UiUo4NgKn4hrdsYxSLugAoXA8yHzRn70AGIyxi3gfYRhXWl43MIKB4JGKP2T8r
+xWnd9pAs2rFfqL8bhGHSodm4PrJtAa+Y79qdl8pXgEOuN+2mQ1TPbaF8FTtaQGCE
+iDTt/LpI8GDi7kJIy1Fdv7wgkcPkD54rJeJ+TwbvdGyZZnpiOLV1dNn+rfvWiTiH
+dvd6p871dvhk3RYx8YEIsT82WwzNGcDwnH++JAVYSRU9/zJ1mJCXxn0JbCqGztK0
+cMbHf/4cZu6hP/S3lXnZ7zJN8ZLp0KKNwfpP784VbQYmEhzCUoI65/u/tGI2
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 371, expires on Sat Jul 3 18:27:18 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAXMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMjE4MjcxOFoXDTEwMDcw
+MzE4MjcxOFowGzEZMBcGA1UEAxMQd3d3LnJlZndvcmtzLmNvbTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA2GcwYNZFJrDpGWopMC16wgtTJfWMhv66q+LkLYzS
+942wXLgXg28PrScuZR9TvfFzjBDkWWSx/ONADLrtp2ZdTDJ15NDSX57fetIt404u
+hsl42y5PeTkXUPatwHb15R3KblvZPQRqTJNi+0jup7qLvLRAwGNUOXtSzeCOAJUg
+NDkCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmo/O6sOke/PN
+yTz7HDZM0iiCZkowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQd3d3
+LnJlZndvcmtzLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAwcELEENx7Wec5q3vMfKH
+WPXvYDlf8/IF+dbOacpab2OteOYihctswzP9oH+2pAngLmfeq7PWJ/nUCtgCjPvF
+C5XTJ9fDPu7dfe3clWPXsR5VjeOSNl07MUV+wDLKhHP0B+L7wtMvpQozWi9M7V+M
+gTxRn8o80mY8oVUu9odi4Qzuu7P6A0OBFvd2OWha5oyQVsKedcdiIyieT0xf9E2R
+eQGftWPOGZONrv8rG5wc6MwHrPvWJz1yGt45ZHZVVa7aGssG/dc0lBPipxqoMoMd
+0RhpU0iikjs782WYuXCglm6AMgNGEOepLLxnbcK8OdmUme/IlGfpmprT3kAdwgcb
+pQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://rwtm.refworks.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://rwtm.refworks.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">RefWorks, LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">RefWorks, LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://refworks.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Norman Kenney</GivenName>
+ <EmailAddress>nkenney@refworks.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://rwt.refworks.com/shibboleth/testshib/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 179, expires on Fri Jul 11 20:10:36 2008 GMT -->
+ <ds:X509Certificate>
+MIIFOTCCBCGgAwIBAgICALMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDcxMjIwMTAzNloXDTA4MDcx
+MTIwMTAzNlowPzELMAkGA1UEBhMCVVMxFTATBgNVBAoTDFJlZldvcmtzIExMQzEZ
+MBcGA1UEAxMQd3d3LnJlZndvcmtzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEA2GcwYNZFJrDpGWopMC16wgtTJfWMhv66q+LkLYzS942wXLgXg28PrScu
+ZR9TvfFzjBDkWWSx/ONADLrtp2ZdTDJ15NDSX57fetIt404uhsl42y5PeTkXUPat
+wHb15R3KblvZPQRqTJNi+0jup7qLvLRAwGNUOXtSzeCOAJUgNDkCAwEAAaOCAqow
+ggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmo/O6sOke/PNyTz7HDZM0iiCZkow
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0w
+gaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3Vl
+cnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREEFDASghB3d3cucmVm
+d29ya3MuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQDA2FXXg/69MA3eq9/oCvUYg1DB
+p7UiUo4NgKn4hrdsYxSLugAoXA8yHzRn70AGIyxi3gfYRhXWl43MIKB4JGKP2T8r
+xWnd9pAs2rFfqL8bhGHSodm4PrJtAa+Y79qdl8pXgEOuN+2mQ1TPbaF8FTtaQGCE
+iDTt/LpI8GDi7kJIy1Fdv7wgkcPkD54rJeJ+TwbvdGyZZnpiOLV1dNn+rfvWiTiH
+dvd6p871dvhk3RYx8YEIsT82WwzNGcDwnH++JAVYSRU9/zJ1mJCXxn0JbCqGztK0
+cMbHf/4cZu6hP/S3lXnZ7zJN8ZLp0KKNwfpP784VbQYmEhzCUoI65/u/tGI2
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 371, expires on Sat Jul 3 18:27:18 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAXMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMjE4MjcxOFoXDTEwMDcw
+MzE4MjcxOFowGzEZMBcGA1UEAxMQd3d3LnJlZndvcmtzLmNvbTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA2GcwYNZFJrDpGWopMC16wgtTJfWMhv66q+LkLYzS
+942wXLgXg28PrScuZR9TvfFzjBDkWWSx/ONADLrtp2ZdTDJ15NDSX57fetIt404u
+hsl42y5PeTkXUPatwHb15R3KblvZPQRqTJNi+0jup7qLvLRAwGNUOXtSzeCOAJUg
+NDkCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmo/O6sOke/PN
+yTz7HDZM0iiCZkowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQd3d3
+LnJlZndvcmtzLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAwcELEENx7Wec5q3vMfKH
+WPXvYDlf8/IF+dbOacpab2OteOYihctswzP9oH+2pAngLmfeq7PWJ/nUCtgCjPvF
+C5XTJ9fDPu7dfe3clWPXsR5VjeOSNl07MUV+wDLKhHP0B+L7wtMvpQozWi9M7V+M
+gTxRn8o80mY8oVUu9odi4Qzuu7P6A0OBFvd2OWha5oyQVsKedcdiIyieT0xf9E2R
+eQGftWPOGZONrv8rG5wc6MwHrPvWJz1yGt45ZHZVVa7aGssG/dc0lBPipxqoMoMd
+0RhpU0iikjs782WYuXCglm6AMgNGEOepLLxnbcK8OdmUme/IlGfpmprT3kAdwgcb
+pQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://rwt.refworks.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://rwt.refworks.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://rwt.refworks.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://rwt.refworks.com/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">RefWorks, LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">RefWorks, LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://refworks.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Norman Kenney</GivenName>
+ <EmailAddress>nkenney@refworks.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.refworks.com/shibboleth/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 179, expires on Fri Jul 11 20:10:36 2008 GMT -->
+ <ds:X509Certificate>
+MIIFOTCCBCGgAwIBAgICALMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDcxMjIwMTAzNloXDTA4MDcx
+MTIwMTAzNlowPzELMAkGA1UEBhMCVVMxFTATBgNVBAoTDFJlZldvcmtzIExMQzEZ
+MBcGA1UEAxMQd3d3LnJlZndvcmtzLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw
+gYkCgYEA2GcwYNZFJrDpGWopMC16wgtTJfWMhv66q+LkLYzS942wXLgXg28PrScu
+ZR9TvfFzjBDkWWSx/ONADLrtp2ZdTDJ15NDSX57fetIt404uhsl42y5PeTkXUPat
+wHb15R3KblvZPQRqTJNi+0jup7qLvLRAwGNUOXtSzeCOAJUgNDkCAwEAAaOCAqow
+ggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmo/O6sOke/PNyTz7HDZM0iiCZkow
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0w
+gaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3Vl
+cnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREEFDASghB3d3cucmVm
+d29ya3MuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQDA2FXXg/69MA3eq9/oCvUYg1DB
+p7UiUo4NgKn4hrdsYxSLugAoXA8yHzRn70AGIyxi3gfYRhXWl43MIKB4JGKP2T8r
+xWnd9pAs2rFfqL8bhGHSodm4PrJtAa+Y79qdl8pXgEOuN+2mQ1TPbaF8FTtaQGCE
+iDTt/LpI8GDi7kJIy1Fdv7wgkcPkD54rJeJ+TwbvdGyZZnpiOLV1dNn+rfvWiTiH
+dvd6p871dvhk3RYx8YEIsT82WwzNGcDwnH++JAVYSRU9/zJ1mJCXxn0JbCqGztK0
+cMbHf/4cZu6hP/S3lXnZ7zJN8ZLp0KKNwfpP784VbQYmEhzCUoI65/u/tGI2
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 371, expires on Sat Jul 3 18:27:18 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAXMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMjE4MjcxOFoXDTEwMDcw
+MzE4MjcxOFowGzEZMBcGA1UEAxMQd3d3LnJlZndvcmtzLmNvbTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA2GcwYNZFJrDpGWopMC16wgtTJfWMhv66q+LkLYzS
+942wXLgXg28PrScuZR9TvfFzjBDkWWSx/ONADLrtp2ZdTDJ15NDSX57fetIt404u
+hsl42y5PeTkXUPatwHb15R3KblvZPQRqTJNi+0jup7qLvLRAwGNUOXtSzeCOAJUg
+NDkCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUmo/O6sOke/PN
+yTz7HDZM0iiCZkowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQd3d3
+LnJlZndvcmtzLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAwcELEENx7Wec5q3vMfKH
+WPXvYDlf8/IF+dbOacpab2OteOYihctswzP9oH+2pAngLmfeq7PWJ/nUCtgCjPvF
+C5XTJ9fDPu7dfe3clWPXsR5VjeOSNl07MUV+wDLKhHP0B+L7wtMvpQozWi9M7V+M
+gTxRn8o80mY8oVUu9odi4Qzuu7P6A0OBFvd2OWha5oyQVsKedcdiIyieT0xf9E2R
+eQGftWPOGZONrv8rG5wc6MwHrPvWJz1yGt45ZHZVVa7aGssG/dc0lBPipxqoMoMd
+0RhpU0iikjs782WYuXCglm6AMgNGEOepLLxnbcK8OdmUme/IlGfpmprT3kAdwgcb
+pQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.refworks.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.refworks.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">RefWorks, LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">RefWorks, LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://refworks.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Norman Kenney</GivenName>
+ <EmailAddress>nkenney@refworks.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California, Davis -->
+<EntityDescriptor entityID="urn:mace:incommon:ucdavis.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucdavis.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 313, expires on Sun May 9 19:29:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICATkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUwODE5MjkyM1oXDTEwMDUw
+OTE5MjkyM1owITEfMB0GA1UEAxMWc2hpYmJvbGV0aC51Y2RhdmlzLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2xXztyjxg2CSp16UuRLZTJI1z9nWeP4w
+k7izZPqoPQXTu1lD3VLMPE3BNp+tAOLXZgsO+dlm+zNZwwBMpZ5IK+aJJbmcX626
+ab4VDbZLdYnqZqdA4zAlmzH7iEExCiPB+PzlaMUqktCv8hIWaY081gnawo2GtHdZ
+TIXdPKm+fIcCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUbphT
+aBLESaYl7XdU2mJ8uYj5l3cwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZzaGliYm9sZXRoLnVjZGF2aXMuZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQAbU8tNK18JbdR5ZR6fg59veCekKWUWg4eNxbLQfayM35omLuVXpJu4yuIu
+pJwoPExP3D3Vfrk8LPM1EP/guRzM1RRmsdcquC23/xAh3W+RpMS1ru0eRVnQcilP
+YXDFh2zYremRY5mPWowrS9XZYkdLd3MTBLJM22XlUZJhqkwlV3fPo5mzzCSBFiFl
+jaEKH2m/D08b7iJnj3/xSy+P3Mu8Un0hx3wu4bAvCm1Lg6zW5tFsVFm11WAPYUFQ
+LEFhqgZ+CRis8+XPrHBrr3SIHpIWH+cr9pXHlwwlTeb/n0ZHPUPNUDLrguy+7/tA
+GayinPu1tGbGo0e8aDpSJLj+E37P
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.ucdavis.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.ucdavis.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucdavis.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 313, expires on Sun May 9 19:29:23 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICATkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUwODE5MjkyM1oXDTEwMDUw
+OTE5MjkyM1owITEfMB0GA1UEAxMWc2hpYmJvbGV0aC51Y2RhdmlzLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2xXztyjxg2CSp16UuRLZTJI1z9nWeP4w
+k7izZPqoPQXTu1lD3VLMPE3BNp+tAOLXZgsO+dlm+zNZwwBMpZ5IK+aJJbmcX626
+ab4VDbZLdYnqZqdA4zAlmzH7iEExCiPB+PzlaMUqktCv8hIWaY081gnawo2GtHdZ
+TIXdPKm+fIcCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUbphT
+aBLESaYl7XdU2mJ8uYj5l3cwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZzaGliYm9sZXRoLnVjZGF2aXMuZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQAbU8tNK18JbdR5ZR6fg59veCekKWUWg4eNxbLQfayM35omLuVXpJu4yuIu
+pJwoPExP3D3Vfrk8LPM1EP/guRzM1RRmsdcquC23/xAh3W+RpMS1ru0eRVnQcilP
+YXDFh2zYremRY5mPWowrS9XZYkdLd3MTBLJM22XlUZJhqkwlV3fPo5mzzCSBFiFl
+jaEKH2m/D08b7iJnj3/xSy+P3Mu8Un0hx3wu4bAvCm1Lg6zW5tFsVFm11WAPYUFQ
+LEFhqgZ+CRis8+XPrHBrr3SIHpIWH+cr9pXHlwwlTeb/n0ZHPUPNUDLrguy+7/tA
+GayinPu1tGbGo0e8aDpSJLj+E37P
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.ucdavis.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Davis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Davis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucdavis.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Infrastructure Systems Management</GivenName>
+ <EmailAddress>sysadmin@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Middleware Shibboleth Group</GivenName>
+ <EmailAddress>shibadmin@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://dev.ucanr.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 461, expires on Fri Nov 5 20:00:12 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAc0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTEwNDIwMDAxMloXDTEwMTEw
+NTIwMDAxMlowGTEXMBUGA1UEAxMOc2hpYi51Y2Fuci5vcmcwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAJ1tz/FzFgzfE59AM+LS0KJ9c/x3931Vq5UBCzzeCrvT
+RUNrWxezlp+qnPG8w4Qq+Y8EfpHwzSbwj+rcAidLqH+Ns08vyRmQy+UOitK/nv9Z
+IihBpVao0vefsb+cXM7HwefFSRWuafwRIhiYGBaILbCgzYYTPHfhAI1/lmaszULn
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFD9wnKyH63bngIyk
+xfyO1wR5YTqBMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnNoaWIu
+dWNhbnIub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAvTeipl6YFq/VAp19KmzLmGT/c
+pa07C1wtMrrqu7DI2fv5XPyRLmXM5UQkA46OzBampuH9q8iFkm70tyemDzQPK8dQ
+YV8SlpR61mWl72LPKkXXf/nIqHwIKDfRTiVdpdjbd9o2M65oRHYaEvtDU0hO3mL6
+diWKuEESaYCQA9NUlN8xlMzDB0RjPrKFiq/6AvBRVUFWbY3LXIB//cYusyndrVMM
+ju44dYPkilrhAcId926nrmPwn9xfR8fmRIyGFvsHUYptHfSiDBO7BIKCTneiEtdZ
+pgNUfm7ViqZIhU0mVrNFBaGPWtSEI3l/a2H4dK/LPzNtIlgsxtU153F4hj9I
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev.ucanr.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dev.ucanr.org/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Davis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Davis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucdavis.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bryon Noel</GivenName>
+ <EmailAddress>bjnoel@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Karl Krist</GivenName>
+ <EmailAddress>kakrist@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://psl-230.ucdavis.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 158, expires on Tue Jun 3 13:38:56 2008 GMT -->
+ <ds:X509Certificate>
+MIIFVzCCBD+gAwIBAgICAJ4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDYwNDEzMzg1NloXDTA4MDYw
+MzEzMzg1NlowVzELMAkGA1UEBhMCVVMxJzAlBgNVBAoTHlVuaXZlcnNpdHkgb2Yg
+Q2FsaWZvcm5pYSBEYXZpczEfMB0GA1UEAxMWc2hpYmJvbGV0aC51Y2RhdmlzLmVk
+dTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2xXztyjxg2CSp16UuRLZTJI1
+z9nWeP4wk7izZPqoPQXTu1lD3VLMPE3BNp+tAOLXZgsO+dlm+zNZwwBMpZ5IK+aJ
+JbmcX626ab4VDbZLdYnqZqdA4zAlmzH7iEExCiPB+PzlaMUqktCv8hIWaY081gna
+wo2GtHdZTIXdPKm+fIcCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQUbphTaBLESaYl7XdU2mJ8uYj5l3cwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9u
+Y2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0
+dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2Vz
+LnBkZjAhBgNVHREEGjAYghZzaGliYm9sZXRoLnVjZGF2aXMuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQC7Zqw7I6ZcCkKSfa7U6ncSW9ceOIpLCNhfkJT06fcMBeXFQdtg
+2oqIXKKkNiyY6MRUgwO4a+rNIGpfLsYMq+9y5rVzlCpX13TVciCorApeVhiWFGoF
+yGSDhPUDVjsjQLLeokp7KHW685C3QNzY3RPTrcs2BGuMt7Slasc+ZMqpPbHR7PPU
+Y6r7ucdxiT8Imw9KmphMwFoA0UFbVb1Qta+H0K+JPDgAuHdAjlhDMQZ+T2ig4c4c
+D+gCKNXOY8v68soV0vMeCnMiB83frporNLAA9KFZKgxtOM3X0Rqj8equ2N/1qfSV
+p+OOofLQ7RYV9hMixPRXiBQCOWui4ofYm2Hp
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://psl-230.ucdavis.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Davis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Davis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucdavis.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Tom Poage</GivenName>
+ <EmailAddress>tfpoage@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shib.ucanr.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 461, expires on Fri Nov 5 20:00:12 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAc0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTEwNDIwMDAxMloXDTEwMTEw
+NTIwMDAxMlowGTEXMBUGA1UEAxMOc2hpYi51Y2Fuci5vcmcwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAJ1tz/FzFgzfE59AM+LS0KJ9c/x3931Vq5UBCzzeCrvT
+RUNrWxezlp+qnPG8w4Qq+Y8EfpHwzSbwj+rcAidLqH+Ns08vyRmQy+UOitK/nv9Z
+IihBpVao0vefsb+cXM7HwefFSRWuafwRIhiYGBaILbCgzYYTPHfhAI1/lmaszULn
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFD9wnKyH63bngIyk
+xfyO1wR5YTqBMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnNoaWIu
+dWNhbnIub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQAvTeipl6YFq/VAp19KmzLmGT/c
+pa07C1wtMrrqu7DI2fv5XPyRLmXM5UQkA46OzBampuH9q8iFkm70tyemDzQPK8dQ
+YV8SlpR61mWl72LPKkXXf/nIqHwIKDfRTiVdpdjbd9o2M65oRHYaEvtDU0hO3mL6
+diWKuEESaYCQA9NUlN8xlMzDB0RjPrKFiq/6AvBRVUFWbY3LXIB//cYusyndrVMM
+ju44dYPkilrhAcId926nrmPwn9xfR8fmRIyGFvsHUYptHfSiDBO7BIKCTneiEtdZ
+pgNUfm7ViqZIhU0mVrNFBaGPWtSEI3l/a2H4dK/LPzNtIlgsxtU153F4hj9I
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucanr.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ucanr.org/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Davis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Davis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucdavis.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bryon Noel</GivenName>
+ <EmailAddress>bjnoel@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Karl Krist</GivenName>
+ <EmailAddress>kakrist@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://sympa.ucdavis.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 9314445302011870248, expires on Fri Dec 13 00:30:29 2019 GMT -->
+ <ds:X509Certificate>
+MIIC3DCCAcSgAwIBAgIJAIFDjqbyOTwoMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
+BAMTB3Blbm55LTIwHhcNMDkxMjE1MDAzMDI5WhcNMTkxMjEzMDAzMDI5WjASMRAw
+DgYDVQQDEwdwZW5ueS0yMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+zNxqF3UUKgmojN35FGL9SdymCzuvFDPWLYT6ANryruKt2TDBdQsBje9ESggVlawX
+otwlOFQIf5Dt8IN0TLlVgG/cwxZptw35F4tL4oPAwuXoSuvKb6OQwMcZYOknghI1
+k9NcNZT4Tbps4XbR7d2kBGUdBWK3DjDkHNGZDGkL/SaJ/ARi73Va7zyjgcPJTQRS
+9tFto0Q7NdextAc89gixsp/HHSBV7fg1L/GbQ5BdmVajYru59oW2RsfNghAt6Ic9
+Vkl61YRK9zcfboE05N/Ie2Iwu6dgAB7J6+Vm/GiKGQEwrf4xbHZpFw9X/XDaN+5q
+HvmrUaVDOGYQdAYBWZYRvQIDAQABozUwMzASBgNVHREECzAJggdwZW5ueS0yMB0G
+A1UdDgQWBBTEi1+yHsUWMDEuWac4+4WArWO/HTANBgkqhkiG9w0BAQUFAAOCAQEA
+rO5x+64t/HANwfaFjt6Dv+EcWZF0z/aeZD9Qnxx7u70ZNOXSPhhbEPgcekR51X/y
+ARexOwNKmtDS7o2Q1bPDzeJYGDZpTl89Mlhsmu7T3kHFpr/kKV2p+SvDaJ77fCeE
+1lT06ExNLPmfR7h6yiXc+whCr7A0XM44X85RTSZyvTi31p2KBWnLxzahYElCYrl5
+zFYEesp/fHpkteyIbWQst4oLzXbDpHIwoodc5et66EWNVhGyb8bPnBT4I7cLfMtT
+K5HNoZKzYO6nGV2YTldPtW1AVwBjmVv0F/DRfLzUsUntf39szdXLCyiDrrEgjTMU
+lDYwEcuHlogzMEIVanR5HA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sympa.ucdavis.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sympa.ucdavis.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sympa.ucdavis.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sympa.ucdavis.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Davis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Davis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucdavis.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Data Center ISM</GivenName>
+ <EmailAddress>sysadmin@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucaction-test.ucdavis.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 17109927828907447815, expires on Sun Jan 26 18:00:39 2020 GMT -->
+ <ds:X509Certificate>
+MIIDKjCCAhKgAwIBAgIJAO1yrLVGmVYHMA0GCSqGSIb3DQEBBQUAMCwxKjAoBgNV
+BAMTIWF2aHItamF2YXRzdHZtLnRvdS50My51Y2RhdmlzLmVkdTAeFw0xMDAxMjgx
+ODAwMzlaFw0yMDAxMjYxODAwMzlaMCwxKjAoBgNVBAMTIWF2aHItamF2YXRzdHZt
+LnRvdS50My51Y2RhdmlzLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKwZ5YO6nYD7QpUaM5WOvGdK+2FvcAn3AwcjQacPe2y0RIzcEV91+2vYQlYF
+/pTNay0w4EfPskXvXm8Sb31eZ/ayd5KjrENKd8ddqVmJG8TFZu0mVf2tH1yFKrv5
+4AzGi3N2WvhMSQAVlvpIzbxr3WH1WqcfL3RDIQ/jkbe7lGlpw8WiZZ2KZG2C/kkf
+Z11Sd8zn/zRTEQD6bX59ZcrwhVMg8syh9OS+HZXVkBl4znhFAwLHYy3T0QzavN1f
++yuFiadKD391t5ExcxWPL/HyWWzLW8XCHds8aSzsfAw1LH55lcxDFmxCA5rDSopV
+I74Buf3GMzDyh7j3J8U+6hae+0MCAwEAAaNPME0wLAYDVR0RBCUwI4IhYXZoci1q
+YXZhdHN0dm0udG91LnQzLnVjZGF2aXMuZWR1MB0GA1UdDgQWBBTT8bK/EhEJ5ouz
+24vmHJQ4DXGjvzANBgkqhkiG9w0BAQUFAAOCAQEAc4RZQ/k5mvCP5F6or3cnQZFK
+5GBYYz/Q3UPZDUtNW/BIpNM2QOqhsHT8y/H/Ym3sIWxG7YjoqWsZDm1nOYjSWPGS
+tboX4LDVKZ+PwMFg3hj68D9Isl0lweRN3e/lNQkU4Uj5ydcI++6q1DznNzC83qkZ
+82iT1hSqznta6srE87r8oMR5WMvv7n4xvm/EpIBluM0E0KGu6QTnWGNgjm1B02fF
+qB+qxRwHYRZcZjVrZgqu+o4GZ0ufv82PL+DVfZX2jlX7i2Ad8EIuSqm2ZW2LKroz
++QYLkFsA2IFU5o3JVrEufLmMvREskUIIW8X00LJd2X0Y6PChpqQjL/uvfbcqGQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ucaction-test.ucdavis.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucaction-test.ucdavis.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ucaction-test.ucdavis.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ucaction-test.ucdavis.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Davis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Davis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucdavis.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Lowell Valiant</GivenName>
+ <EmailAddress>lavaliant@ucdavis.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Texas A & M University -->
+<EntityDescriptor entityID="urn:mace:incommon:tamu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">tamu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 382, expires on Sat Jul 17 18:10:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFiTCCBHGgAwIBAgICAX4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNjE4MTAwNloXDTEwMDcx
+NzE4MTAwNlowFzEVMBMGA1UEAxMMaWRwLnRhbXUuZWR1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAy1wPpa/omkKFhZT12f3aYFNNmDVcr6CsIRJpMWeM
+NdeYWFnfJTaVUmsu3Lolmg0S3sgzykXOOKVbHiOlUBH8Qw0727RWdcudPxG5rt4X
+foVygpzIX8dsnstwNcAT8lTzT418kc0ur50TtKoeYxfCx5bRwjtcyXJ2VVb4p0CQ
+sLGjt4Fa9Kni2Ys0cacz1LhtIy4KriMOah2iA4s1BlP48AV4RbY5QTXPOJxa9Tij
+rKz9bnhKKmETK17S6DCTvlFCpvXraIQeG/iDxrBZOkcXqxLbxZeYtaph4OGhfnCw
+Ki8NNZIQDAhfj9Wtz+0OMMZxSZQv2ZSNT9Q+QHlVLebCRQIDAQABo4ICnjCCApow
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSfnAZqaUuadGj4HzAppnUyO62NsTB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0
+cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYI
+KwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggxpZHAudGFtdS5lZHUwDQYJKoZI
+hvcNAQEFBQADggEBALPnsXq+tSorDccY7e6Vssg359ovYbiNU7wHg4Q5bwA2xpts
+4Q3Hja4smOltnvWI2w8AAlLcixLtUaVKLyyHVFSBevbJMro73dvD/bhvuTccHDxk
+Awau8w02cJHXcNXji8dzKKgWpfWoPSuCFnDbD50O1bpKezJ9sVkLGON9jjt3iMBd
+AHO5gk0oFfc08zXXr58FSmMVb1qarZ6Bt6GYzUa2KRFeWIdpJ4xe20aBmo11OO3x
+b9kyJVI1ifJKhBjgdZJf7kfJMOHILXJ2GYGwvg6kv7odIV1ofWrMOoQ9uuXhMDmp
+Jss05k0o3H6bpoMTyMQJ/3N8gaqhWnbna8JvDrs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.tamu.edu/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.tamu.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">tamu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 382, expires on Sat Jul 17 18:10:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFiTCCBHGgAwIBAgICAX4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNjE4MTAwNloXDTEwMDcx
+NzE4MTAwNlowFzEVMBMGA1UEAxMMaWRwLnRhbXUuZWR1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAy1wPpa/omkKFhZT12f3aYFNNmDVcr6CsIRJpMWeM
+NdeYWFnfJTaVUmsu3Lolmg0S3sgzykXOOKVbHiOlUBH8Qw0727RWdcudPxG5rt4X
+foVygpzIX8dsnstwNcAT8lTzT418kc0ur50TtKoeYxfCx5bRwjtcyXJ2VVb4p0CQ
+sLGjt4Fa9Kni2Ys0cacz1LhtIy4KriMOah2iA4s1BlP48AV4RbY5QTXPOJxa9Tij
+rKz9bnhKKmETK17S6DCTvlFCpvXraIQeG/iDxrBZOkcXqxLbxZeYtaph4OGhfnCw
+Ki8NNZIQDAhfj9Wtz+0OMMZxSZQv2ZSNT9Q+QHlVLebCRQIDAQABo4ICnjCCApow
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSfnAZqaUuadGj4HzAppnUyO62NsTB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0
+cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYI
+KwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggxpZHAudGFtdS5lZHUwDQYJKoZI
+hvcNAQEFBQADggEBALPnsXq+tSorDccY7e6Vssg359ovYbiNU7wHg4Q5bwA2xpts
+4Q3Hja4smOltnvWI2w8AAlLcixLtUaVKLyyHVFSBevbJMro73dvD/bhvuTccHDxk
+Awau8w02cJHXcNXji8dzKKgWpfWoPSuCFnDbD50O1bpKezJ9sVkLGON9jjt3iMBd
+AHO5gk0oFfc08zXXr58FSmMVb1qarZ6Bt6GYzUa2KRFeWIdpJ4xe20aBmo11OO3x
+b9kyJVI1ifJKhBjgdZJf7kfJMOHILXJ2GYGwvg6kv7odIV1ofWrMOoQ9uuXhMDmp
+Jss05k0o3H6bpoMTyMQJ/3N8gaqhWnbna8JvDrs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.tamu.edu:7443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Texas A &amp; M University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Texas A &amp; M University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.tamu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Xavier Chapa</GivenName>
+ <EmailAddress>xchapa@tamu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Xavier Chapa</GivenName>
+ <EmailAddress>xchapa@tamu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Indiana University -->
+<EntityDescriptor entityID="urn:mace:incommon:iu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">iu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 293, expires on Fri Apr 2 20:31:29 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICASUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwMTIwMzEyOVoXDTEwMDQw
+MjIwMzEyOVowFTETMBEGA1UEAxMKaWRwLml1LmVkdTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANh4Olm29tGUBcXW/ivei5WPrddfAEgi0aPxXg9QuOu1
+FvGCLpWFICcBrOcZVmxxpw6cl1qbz2YGWtUisA3HA72nVK8YYiZtIUbO/aOssV4t
+saUmIK1UT2U4wT7AxZOg7tbuh0zONaZNcQUlrKhGHLJr4KSs4M/o3CkXKoNg8HL1
+83rf4QjC51Wdejf9Wj4kAM1fiwC99XpdEecnSnUWfZwJH9fIwOZlX7qttRTYxFvD
+5uQ+MAu9AtRs3PDOtVrX2iYqNor6loFC+vVso50OrHcwWboZDGg0wlo3mapELlM7
+WC0bTYC42pSZxqwevWZZnDyKo8h3MG6cGiu/CKRZ0L0CAwEAAaOCAqQwggKgMA4G
+A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjAdBgNVHQ4EFgQUEleAdAbWMvTiPw2p+CVOhF0NGMcwfgYDVR0j
+BHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRww
+GgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBD
+ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacG
+CCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBV
+Ukk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAVBgNVHREEDjAMggppZHAuaXUuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQASfgOzT0jVeXXIKxeHFqxrZDHAM7LEbhkVD0FCPVtS
+hSRgUfqxbpiU1k2zOTMbPMb/fkdw+Co8kGJStK8HvybiH2FANV86pME9HXXD01nV
+o7sXUWxSMEjyQKkOtLUXQndD8KUJWa5VIOE+Xdeh9sjev5OxuvrL5VtiPvtx6VcT
+kh1xX1SZb6/pWDSr5Nfr7FxYZ8i35G0PDY45CcC9567/j29oH2+BDtarVWfTV2Nb
+t+O2ZHGxG4lt0aXP6ToWIiYuAC5CmgOsAq2sp/mkOG0xFcfXMYL5uIuGlnX5WC3f
+FOkZBAu9zYrWmegbO8zvawH0ySCYxPbQVXF7zUjRzqfG
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.iu.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.iu.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">iu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 293, expires on Fri Apr 2 20:31:29 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICASUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwMTIwMzEyOVoXDTEwMDQw
+MjIwMzEyOVowFTETMBEGA1UEAxMKaWRwLml1LmVkdTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANh4Olm29tGUBcXW/ivei5WPrddfAEgi0aPxXg9QuOu1
+FvGCLpWFICcBrOcZVmxxpw6cl1qbz2YGWtUisA3HA72nVK8YYiZtIUbO/aOssV4t
+saUmIK1UT2U4wT7AxZOg7tbuh0zONaZNcQUlrKhGHLJr4KSs4M/o3CkXKoNg8HL1
+83rf4QjC51Wdejf9Wj4kAM1fiwC99XpdEecnSnUWfZwJH9fIwOZlX7qttRTYxFvD
+5uQ+MAu9AtRs3PDOtVrX2iYqNor6loFC+vVso50OrHcwWboZDGg0wlo3mapELlM7
+WC0bTYC42pSZxqwevWZZnDyKo8h3MG6cGiu/CKRZ0L0CAwEAAaOCAqQwggKgMA4G
+A1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMB
+BggrBgEFBQcDAjAdBgNVHQ4EFgQUEleAdAbWMvTiPw2p+CVOhF0NGMcwfgYDVR0j
+BHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRww
+GgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBD
+ZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacG
+CCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBV
+Ukk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAVBgNVHREEDjAMggppZHAuaXUuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQASfgOzT0jVeXXIKxeHFqxrZDHAM7LEbhkVD0FCPVtS
+hSRgUfqxbpiU1k2zOTMbPMb/fkdw+Co8kGJStK8HvybiH2FANV86pME9HXXD01nV
+o7sXUWxSMEjyQKkOtLUXQndD8KUJWa5VIOE+Xdeh9sjev5OxuvrL5VtiPvtx6VcT
+kh1xX1SZb6/pWDSr5Nfr7FxYZ8i35G0PDY45CcC9567/j29oH2+BDtarVWfTV2Nb
+t+O2ZHGxG4lt0aXP6ToWIiYuAC5CmgOsAq2sp/mkOG0xFcfXMYL5uIuGlnX5WC3f
+FOkZBAu9zYrWmegbO8zvawH0ySCYxPbQVXF7zUjRzqfG
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.iu.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Indiana University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Indiana University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.indiana.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Alan Walsh</GivenName>
+ <EmailAddress>alwalsh@indiana.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Rahul Doshi</GivenName>
+ <EmailAddress>rdoshi@indiana.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://db-demo.grnoc.iu.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://db-demo.grnoc.iu.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 650, expires on Sun Sep 18 17:55:43 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAoowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkxNzE3NTU0M1oXDTExMDkx
+ODE3NTU0M1owHzEdMBsGA1UEAxMUZGItZGVtby5ncm5vYy5pdS5lZHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmBy3iYrw30sbc+gSpXa+oI8eXvcAU
+PDZD//Ol1Cvw4O4l1KXXiExLedD4qIV6wT+B7uFdZLcQxKxWZt/vy/JN+dy0JJEn
+ABGQd8F4kDf3pjalR+u7geJxFy8M2vhFRau5juGIk6/F43gGSlVT34cCQkhIKu1X
+U9hHt1iKPMXQdNDkM3wCrSW83DxuO/KC4KmG7raoInGg0l+fGvYN9eJfdauypH02
+F3nJjxwypyi2l5+k9wQs+W0cfLzvpXoVImsrkNvYtvl1arFAyrvUWpSKt6qyNphd
+TAMEn1R3ZTsAroX+TMO8NHT/U+rtimZ3Avd+x4jeRXHrjDZ5onfdf1IbAgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNNEQwzZPWei74H3c7wpJ1/G
++3rkMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFGRiLWRlbW8uZ3Ju
+b2MuaXUuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCe+2wSS97e9beAktKVe5JoFRXB
+zftLSxlsmw6MpTHoJfbKNDjl+4783uWiqzYZtYOw1vP1vxTEwX6MToGy160rgRzy
+pp7RLO9UFQYxLaT2/stpHO+Z5wMWKdGwbp7ERecFPwIgjCT8vNtj6AMmvWbNYrfF
+pMrwgHvNXMp9ZcI2uU5itCi56tcmYUvg+GS8ox+URHHQlAZWOgW8QzRjBYSlJvYB
+uxbBj7Qt9v0Hsty8koyDdudLXjsLdf0iLUe0oLi3iBLQTigjDwm/xg3bqT69OmcV
+FWVDqdEq+9onz3ny87iZNDe2ekEGGpKkNJYBx71WjvcGrqdrmBGjMNYz+5Xs
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://db-demo.grnoc.iu.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://db-demo.grnoc.iu.edu/Shibboleth.sso/SAML2/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://db-demo.grnoc.iu.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://db-demo.grnoc.iu.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Indiana University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Indiana University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.indiana.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>A.J. Ragusa</GivenName>
+ <EmailAddress>aragusa@grnoc.iu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shib-db.grnoc.iu.edu">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 448, expires on Mon Oct 18 19:23:28 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAcAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAxNzE5MjMyOFoXDTEwMTAx
+ODE5MjMyOFowHzEdMBsGA1UEAxMUc2hpYi1kYi5ncm5vYy5pdS5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAM6q7s5f2xUXd4Astfm/EW4v2ZhMGXdVHooE
+Zrl71VCBZ/gIRYOLKZk515TqwQ0a8FBKVU4idK/M14CkCRbabLPoZD7N8q5bY/eR
+W/yO/xUnegCjEZMu8wdIYrtInSlJ4wy2KAbm3SmYFeGv3qfW9wzJF4qRNIM1f+ms
+Wh4k+nMjAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFG2kkLVf
+D1+OEObfWjNRcux+IfSJMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FHNoaWItZGIuZ3Jub2MuaXUuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCDFKi9w7Vc
+N1q7kYw6jGwBCos6Mnt5y6DQdSg8TzTMO5vCjnScA1+EGYQs3+K1rRvejzixhiJf
+I/eCLWFiditZZnoFmEnPwLqeXCuuGDC9cR7E6Qwa9jrieu8XTaPih315YnoAATd0
+h3Tso3iuHffN+DSE1cNpVOhUfddSEclKbhp5fNqXzrhOr55LhINU6ZUIUDVO+NCG
+8wtQD5tsDBZ8edWphLNKbezyrV4Wn0UODQ83T8jOBvq9o+G8N0zoIc2FJUMQv8He
+5Bd+NivRlGD5AXbWA6ddtgHSgYTmwX7xtvjQ5Kzfw6ZWHw3/f+I4aZb35wd8710c
+nOC32OILeaqc
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib-db.grnoc.iu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shib-db.grnoc.iu.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Indiana University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Indiana University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.indiana.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>AJ Ragusa</GivenName>
+ <EmailAddress>aragusa@grnoc.iu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.indianactsi.org">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 477, expires on Mon Dec 20 19:36:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFlzCCBH+gAwIBAgICAd0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIxOTE5MzYxM1oXDTEwMTIy
+MDE5MzYxM1owHjEcMBoGA1UEAxMTd3d3LmluZGlhbmFjdHNpLm9yZzCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAMul91iK/w7aDZKx5qD5ncj2pEAsxl3a
+5xmeOjFwHrbDTiCq4wkuwDx32emekuz4oFgrdnzKqrCy/Kv72OeJkBdKVqj2kg8h
+BK/kC9+91+RidN7oGWphmt8ZdKvLv998rug0mdh+ES+IoaQymCNmRaKd0TuittMa
+qQfw1do+RG3/pLB1GLtZ9lOQFvi0Abl1ZM1861AHM0oEdCgSK/0SNkvIMedBhvKV
+Wx51t3SAzC7FMeNoYS/WdGET64n5JbgM/XHtDrygFJHlc5o5wqfcZpwTLRgc/VmW
+OmPgSsye/GuAPwyswBVOys4QgZAsO8UVU/ter9y7zmrwAIwIer0+CEsCAwEAAaOC
+AqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUVc0P5TC7RiG0B2kh6olh2Enr
+aZYwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEE
+gaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUH
+MAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYITd3d3LmluZGlhbmFj
+dHNpLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEABAetPsUTDh95xPIA3vh2uXKuoI0v
+njrqPfHBvwbZ+RRux13fM0+l7ng4s8Op0FULlC2RwQ7uUPU4u+qTA5t5jPZ3FzPA
+hGsgLga6w9YIFOBdkKCnQxdneh6HGnc/ZcG6rOPSUwCrnnqpJCjFylMEI5n/uxzZ
+vVMh7RYjumfslRomfbBoKERJnPGoOKTYXN8V6cOegd60PmHCqs8j2ouRPbO+tD+L
+eA/PFu3zfbO40EMfRuExQs0S8qjh//kr6hy/RAafJKpYXyNv6qC1W5XyiYpN5rly
+Pm8hfv13OrKqSIGFwX2uXd+aPQFntENO2+S9lTaIu1DMHAQPuFOiPUdBLw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.indianactsi.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.indianactsi.org/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://www.indianactsi.org/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://www.indianactsi.org/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Indiana University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Indiana University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.indiana.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Rahul Doshi</GivenName>
+ <EmailAddress>rdoshi@indiana.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Northwestern University -->
+<EntityDescriptor entityID="urn:mace:incommon:northwestern.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">northwestern.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 197, expires on Wed Aug 13 20:51:28 2008 GMT -->
+ <ds:X509Certificate>
+MIIFUjCCBDqgAwIBAgICAMUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDgxNDIwNTEyOFoXDTA4MDgx
+MzIwNTEyOFowUTELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF05vcnRod2VzdGVybiBV
+bml2ZXJzaXR5MSAwHgYDVQQDExdmZWQuaXQubm9ydGh3ZXN0ZXJuLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwdFG9W6W07bV34fsGA98SogJqKlBSX59
+qnASfTyd5bCFPghZZ0r8HCT3a8BkK06rKrtChPF8h+vfPfaVAat2D8JGYgie6drY
+rshhKkzPXtqDzA0Q9ZpZCLOwvpLt7HY1SN1eeTlvg0FmKUQrk1q49sCHomwToIrr
+CbD5cypdRGkCAwEAAaOCArEwggKtMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUySIv
+BraIXyoqgttX+Q418ujuNUUwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAi
+BgNVHREEGzAZghdmZWQuaXQubm9ydGh3ZXN0ZXJuLmVkdTANBgkqhkiG9w0BAQUF
+AAOCAQEAGP3ty5VziTJ5PhY4yoTbiyBCYYCnhYO7dEiGt608w4N9Ts5CJ7Fj7aQ0
+tjocHE3ZEfJq/o/rd8vC8zKRm8pDqKrV0WFc9QqDVGIlf+lzG4iJOVuAfO/tYeM1
+z6Zwls+hJf/Vkhqpfonn9ZodzEH4Qgh2cEN0UPLHgZ7eg5i7e2GbEw+kh/6q3Cnu
+fAv61N+UeO7UuDGSrFwDNo/MbzrMP7Wspd/sD6J0Y5UxzDRWhVS/hQ81OTA8gNoB
+QYzBfafChXi7CgmJxUACKqcWJLBw+LeitwNHlo4bbJk/3Fy8DMhLSl2sLH1QHGNy
+J8T44pjHay36sZtynT+UyIsSGXKEww==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 381, expires on Sat Jul 17 18:10:00 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAX0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNjE4MTAwMFoXDTEwMDcx
+NzE4MTAwMFowIjEgMB4GA1UEAxMXZmVkLml0Lm5vcnRod2VzdGVybi5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMHRRvVultO21d+H7BgPfEqICaipQUl+
+fapwEn08neWwhT4IWWdK/Bwk92vAZCtOqyq7QoTxfIfr3z32lQGrdg/CRmIInuna
+2K7IYSpMz17ag8wNEPWaWQizsL6S7ex2NUjdXnk5b4NBZilEK5NauPbAh6JsE6CK
+6wmw+XMqXURpAgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFMki
+Lwa2iF8qKoLbV/kONfLo7jVFMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF2ZlZC5pdC5ub3J0aHdlc3Rlcm4uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAD
++XfGEUJhL8dl8Cc8Ea4VuFXn1t2EMdWsoXgPz3zXEVkCkAoO02fVjlM+AAkfpP+f
+REvGSbJrsD9++0PYMc1smhkus0fSDrl3AMSEXZFtYab8uetnMJ3C3SsIqXamr7CI
+pPXQLdSbbgpLifLZR4jWUoSEGGP+EmyuYtlGMQW5r8eykO2svs6KXhy4wmhTf+nx
+zlaH3ON/gNOsA9MUTijspzKqd/gWvhXwxyfMu5ogVwnKFgl3VlCJNkzKg3sKqVpy
+9+GCDmiWsOgJm4XAs6K09FfnfczqtqUzfCgNj4jCzeom4I3smjTnok0t14E9EGmH
+Aj+YkGZVtNBY7jFW/1ET
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://fed.it.northwestern.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">northwestern.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 197, expires on Wed Aug 13 20:51:28 2008 GMT -->
+ <ds:X509Certificate>
+MIIFUjCCBDqgAwIBAgICAMUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDgxNDIwNTEyOFoXDTA4MDgx
+MzIwNTEyOFowUTELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF05vcnRod2VzdGVybiBV
+bml2ZXJzaXR5MSAwHgYDVQQDExdmZWQuaXQubm9ydGh3ZXN0ZXJuLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwdFG9W6W07bV34fsGA98SogJqKlBSX59
+qnASfTyd5bCFPghZZ0r8HCT3a8BkK06rKrtChPF8h+vfPfaVAat2D8JGYgie6drY
+rshhKkzPXtqDzA0Q9ZpZCLOwvpLt7HY1SN1eeTlvg0FmKUQrk1q49sCHomwToIrr
+CbD5cypdRGkCAwEAAaOCArEwggKtMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUySIv
+BraIXyoqgttX+Q418ujuNUUwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAi
+BgNVHREEGzAZghdmZWQuaXQubm9ydGh3ZXN0ZXJuLmVkdTANBgkqhkiG9w0BAQUF
+AAOCAQEAGP3ty5VziTJ5PhY4yoTbiyBCYYCnhYO7dEiGt608w4N9Ts5CJ7Fj7aQ0
+tjocHE3ZEfJq/o/rd8vC8zKRm8pDqKrV0WFc9QqDVGIlf+lzG4iJOVuAfO/tYeM1
+z6Zwls+hJf/Vkhqpfonn9ZodzEH4Qgh2cEN0UPLHgZ7eg5i7e2GbEw+kh/6q3Cnu
+fAv61N+UeO7UuDGSrFwDNo/MbzrMP7Wspd/sD6J0Y5UxzDRWhVS/hQ81OTA8gNoB
+QYzBfafChXi7CgmJxUACKqcWJLBw+LeitwNHlo4bbJk/3Fy8DMhLSl2sLH1QHGNy
+J8T44pjHay36sZtynT+UyIsSGXKEww==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 381, expires on Sat Jul 17 18:10:00 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAX0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNjE4MTAwMFoXDTEwMDcx
+NzE4MTAwMFowIjEgMB4GA1UEAxMXZmVkLml0Lm5vcnRod2VzdGVybi5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMHRRvVultO21d+H7BgPfEqICaipQUl+
+fapwEn08neWwhT4IWWdK/Bwk92vAZCtOqyq7QoTxfIfr3z32lQGrdg/CRmIInuna
+2K7IYSpMz17ag8wNEPWaWQizsL6S7ex2NUjdXnk5b4NBZilEK5NauPbAh6JsE6CK
+6wmw+XMqXURpAgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFMki
+Lwa2iF8qKoLbV/kONfLo7jVFMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF2ZlZC5pdC5ub3J0aHdlc3Rlcm4uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAD
++XfGEUJhL8dl8Cc8Ea4VuFXn1t2EMdWsoXgPz3zXEVkCkAoO02fVjlM+AAkfpP+f
+REvGSbJrsD9++0PYMc1smhkus0fSDrl3AMSEXZFtYab8uetnMJ3C3SsIqXamr7CI
+pPXQLdSbbgpLifLZR4jWUoSEGGP+EmyuYtlGMQW5r8eykO2svs6KXhy4wmhTf+nx
+zlaH3ON/gNOsA9MUTijspzKqd/gWvhXwxyfMu5ogVwnKFgl3VlCJNkzKg3sKqVpy
+9+GCDmiWsOgJm4XAs6K09FfnfczqtqUzfCgNj4jCzeom4I3smjTnok0t14E9EGmH
+Aj+YkGZVtNBY7jFW/1ET
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://fed.it.northwestern.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Northwestern University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Northwestern University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.northwestern.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Xiaoxia Dong</GivenName>
+ <EmailAddress>x-dong@northwestern.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Phil Tracy</GivenName>
+ <EmailAddress>ptracy@northwestern.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University At Buffalo, The State University of New York -->
+<EntityDescriptor entityID="urn:mace:incommon:buffalo.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">buffalo.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 330, expires on Sat May 29 19:32:21 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAUowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyODE5MzIyMVoXDTEwMDUy
+OTE5MzIyMVowITEfMB0GA1UEAxMWc2hpYmJvbGV0aC5idWZmYWxvLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyudY4gMFANHEzm8QVm9JMVgQkEPApOC7
+zeHpSBDxBPkMxtbaui3wy9zu4qvtA3LUkZ5Qj80NeVhLz/d8wTZNN38qn1C27tZ+
+dXprEZegbDKHgqfK36pJj/CcxXuq2DzFdV4/ALXmpVp5pf8OUkvPXOJeBR7VlyAL
+Ossd6Es9HBECAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU4u0w
+GY/Kd1/1k8PTUGBwkm7NhdIwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZzaGliYm9sZXRoLmJ1ZmZhbG8uZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBUa5FA4QGce26UFeuoM2115n70w2oeuRW1pTJfYFUhH1ffnd1S59ShKooJ
+EqUcPG8A5NhbTUnOXWcMLgm7NLMx8MIRKL5/6Krjm5c290/XwdLpPxkB+osaLAFA
+/XA11Vdrhk3wizWzrhPkgrRUZBjIaf+e6XXk7owSSqeumrXrvC7yvn6ybNTpEtiH
+3HiPhqt2Zc2kWSVCIheollXPrK1++mbFnCljS1rV6lfsgIWRHOknC6zdeEn04Owk
+6sGE9Xu3bZO4pn99apCZLWcGoPR7wfSRxUPEftHeIP6U6Wm19EcGR1Gdf3Hk3cYi
+Z7NAhSF4wNHqfKvri6b/7En3TEWW
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.buffalo.edu/shibboleth-ext/HS"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">buffalo.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 330, expires on Sat May 29 19:32:21 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAUowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyODE5MzIyMVoXDTEwMDUy
+OTE5MzIyMVowITEfMB0GA1UEAxMWc2hpYmJvbGV0aC5idWZmYWxvLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyudY4gMFANHEzm8QVm9JMVgQkEPApOC7
+zeHpSBDxBPkMxtbaui3wy9zu4qvtA3LUkZ5Qj80NeVhLz/d8wTZNN38qn1C27tZ+
+dXprEZegbDKHgqfK36pJj/CcxXuq2DzFdV4/ALXmpVp5pf8OUkvPXOJeBR7VlyAL
+Ossd6Es9HBECAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU4u0w
+GY/Kd1/1k8PTUGBwkm7NhdIwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZzaGliYm9sZXRoLmJ1ZmZhbG8uZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBUa5FA4QGce26UFeuoM2115n70w2oeuRW1pTJfYFUhH1ffnd1S59ShKooJ
+EqUcPG8A5NhbTUnOXWcMLgm7NLMx8MIRKL5/6Krjm5c290/XwdLpPxkB+osaLAFA
+/XA11Vdrhk3wizWzrhPkgrRUZBjIaf+e6XXk7owSSqeumrXrvC7yvn6ybNTpEtiH
+3HiPhqt2Zc2kWSVCIheollXPrK1++mbFnCljS1rV6lfsgIWRHOknC6zdeEn04Owk
+6sGE9Xu3bZO4pn99apCZLWcGoPR7wfSRxUPEftHeIP6U6Wm19EcGR1Gdf3Hk3cYi
+Z7NAhSF4wNHqfKvri6b/7En3TEWW
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.buffalo.edu:7443/shibboleth-ext/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University At Buffalo, The State University of New York</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The State University of New York at Buffalo</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.buffalo.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Joel W. Murphy</GivenName>
+ <EmailAddress>jmurphy@buffalo.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>EIS Auth Support</GivenName>
+ <EmailAddress>auth-support@buffalo.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Charles Dunn</GivenName>
+ <EmailAddress>chuck@buffalo.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>EIS Auth Support</GivenName>
+ <EmailAddress>auth-support@buffalo.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>UB/CIT Web Login Support</GivenName>
+ <EmailAddress>weblogin-support@buffalo.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Michigan State University -->
+<EntityDescriptor entityID="urn:mace:incommon:msu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">msu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 565, expires on Thu Jun 30 18:06:01 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAjUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYyOTE4MDYwMVoXDTExMDYz
+MDE4MDYwMVowIDEeMBwGA1UEAxMVaWRwMC1wcm9kLmlkbS5tc3UuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLCy55cGfn8/+GCzMNnKRIv9NVzK
+uPLjB/9Sl8up3hFPV1pUQ+wttfeddIiErj7dUXoDThBjTOQXsI+0NulcZsogBESt
+7BclAeoysXxOoB1k6wrWLTQRbIa3RXfGqlrgHOWY+idRto/09ZOHjHxjOjBpG3hg
+Guv2Bxe6KPYbAD7J/f5gu2PrDCtd2kcsRo1VCZZxsMujCSiwj8LiPkJZTCRCI7ef
+7Feo4KKDVrdljog/+kBZfznGw6L/Fh+t7hUb+Fzp9jX8n5O5LeBpoctGUNNPSArL
+UYUJQpWiYZ50UV0ttLPQOBNdXYCR2WQ+5vUmMrFhO5PK0G1Ltg1S9PJoHwIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRyYg6c0T+9Eq6tJhIWoYoX
+SkVrqzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVpZHAwLXByb2Qu
+aWRtLm1zdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAFdEX+ml27b3Fv1WMxw4IavW
+pTgaYEO2BcSS45H9tSQ598AfyMSnFO3SO6jMetR+BFyUlEm06Ek8B+UxFK1rr2m7
+uxcATj2FAMjjhQQetHDYFeG51vW+bj1cfbKnK8FpQyhcYnJsBmE1mm5/jyt7ku3C
++jZey9mKghdibGCyNcHpWlUtOmEFWAfrb2XJD2RqQhNM16SaUO3zqLyRFJDI2W36
+RM+WAcx1ooFjuUQ7wCF4o4/OQ+jTuCW3kUMp4t1DNSWbCL3ZBecrXfD5KHGhE0mR
+9IW7SUZrFPUMDujesLB3fjpDznZ3BAPYG/Ym+En7gKjA9wX+KfMGwHhdAF/nK2I=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp0-prod.idm.msu.edu/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp0-prod.idm.msu.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">msu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 565, expires on Thu Jun 30 18:06:01 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAjUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYyOTE4MDYwMVoXDTExMDYz
+MDE4MDYwMVowIDEeMBwGA1UEAxMVaWRwMC1wcm9kLmlkbS5tc3UuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyLCy55cGfn8/+GCzMNnKRIv9NVzK
+uPLjB/9Sl8up3hFPV1pUQ+wttfeddIiErj7dUXoDThBjTOQXsI+0NulcZsogBESt
+7BclAeoysXxOoB1k6wrWLTQRbIa3RXfGqlrgHOWY+idRto/09ZOHjHxjOjBpG3hg
+Guv2Bxe6KPYbAD7J/f5gu2PrDCtd2kcsRo1VCZZxsMujCSiwj8LiPkJZTCRCI7ef
+7Feo4KKDVrdljog/+kBZfznGw6L/Fh+t7hUb+Fzp9jX8n5O5LeBpoctGUNNPSArL
+UYUJQpWiYZ50UV0ttLPQOBNdXYCR2WQ+5vUmMrFhO5PK0G1Ltg1S9PJoHwIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRyYg6c0T+9Eq6tJhIWoYoX
+SkVrqzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVpZHAwLXByb2Qu
+aWRtLm1zdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAFdEX+ml27b3Fv1WMxw4IavW
+pTgaYEO2BcSS45H9tSQ598AfyMSnFO3SO6jMetR+BFyUlEm06Ek8B+UxFK1rr2m7
+uxcATj2FAMjjhQQetHDYFeG51vW+bj1cfbKnK8FpQyhcYnJsBmE1mm5/jyt7ku3C
++jZey9mKghdibGCyNcHpWlUtOmEFWAfrb2XJD2RqQhNM16SaUO3zqLyRFJDI2W36
+RM+WAcx1ooFjuUQ7wCF4o4/OQ+jTuCW3kUMp4t1DNSWbCL3ZBecrXfD5KHGhE0mR
+9IW7SUZrFPUMDujesLB3fjpDznZ3BAPYG/Ym+En7gKjA9wX+KfMGwHhdAF/nK2I=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp0-prod.idm.msu.edu:8444/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Michigan State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Michigan State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.msu.edu/home/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Matt Kolb</GivenName>
+ <EmailAddress>mk@msu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Matt Kolb</GivenName>
+ <EmailAddress>mk@msu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>John Callaghan</GivenName>
+ <EmailAddress>jpc@msu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jim Green</GivenName>
+ <EmailAddress>jfgreen@msu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Lafayette College -->
+<EntityDescriptor entityID="urn:mace:incommon:lafayette.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">lafayette.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 355, expires on Fri Jun 18 18:05:37 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAWMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYxNzE4MDUzN1oXDTEwMDYx
+ODE4MDUzN1owHTEbMBkGA1UEAxMSaWRwMC5sYWZheWV0dGUuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI/W1xD4c4RJZSi7cC42uO+Q3cQFXL0l
+SAEzC2hNkfrYsqsW9n4+YozT2+9b6n0uGUfzNM81Liszow45/787X6KzG/yc9sVT
+OgW+5w5BmNfnTHrdXPK6wVNyPwXqFDmhdpdr+ye+QSZJ1pvfo9K/jSL5i6JYa8x9
+SiTGM34TRtzSN10gnGMJp7v7zDbm45Usi/6L7pj3k0f6+0mTh1eE5rrQa5sY25Ad
+z4kdZGz90EAdl8/JMKGwh7e6DO2FF0N/SAQbyqHALFkdXbf0ynag2Rrms64iFd7O
+2c0C1rulLF9xaQs0Pp/jLmso6H/9/5/9+S+oj2/gVno1DhKXzOXR/wIDAQABo4IC
+rDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBT6yrfcm+QuJE07k65XXgexyT8E
+PTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSB
+rTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNz
+dWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1UdEQQWMBSCEmlkcDAu
+bGFmYXlldHRlLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAMleULlWZaMNRqxAf2mft
+m1//bAJkH+CYqc0IcwjwmrC0G99zyC1PD+9rUsNrNnbegJdWFu9sSqVq17X7DsyK
+aKV8jXpKp+njpN+IA3bVjfp+DeDGIGQdc8QTzbmGemj6FqB16FsY+z3PkvZ4ww/A
+RnZOJFcKcQ7ng5uH/OqPh/ooiUuFYoe8r45TOj4pQBfsxoGZHNxq42kSYYl7qF6U
+LAgu/pbhTu49sNvaD36NIlYkNNk+wFrJ5hTEl9Ejpw+izVSljoX70xfOewE8oafD
+zK+49+I28Y7Vrj9nT8TOQ4Ma0EN1yjY0njGxDPCP4GGyU0kLJD5EN5I34JPtRo77
+NA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp0.lafayette.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp0.lafayette.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">lafayette.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 355, expires on Fri Jun 18 18:05:37 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAWMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYxNzE4MDUzN1oXDTEwMDYx
+ODE4MDUzN1owHTEbMBkGA1UEAxMSaWRwMC5sYWZheWV0dGUuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvI/W1xD4c4RJZSi7cC42uO+Q3cQFXL0l
+SAEzC2hNkfrYsqsW9n4+YozT2+9b6n0uGUfzNM81Liszow45/787X6KzG/yc9sVT
+OgW+5w5BmNfnTHrdXPK6wVNyPwXqFDmhdpdr+ye+QSZJ1pvfo9K/jSL5i6JYa8x9
+SiTGM34TRtzSN10gnGMJp7v7zDbm45Usi/6L7pj3k0f6+0mTh1eE5rrQa5sY25Ad
+z4kdZGz90EAdl8/JMKGwh7e6DO2FF0N/SAQbyqHALFkdXbf0ynag2Rrms64iFd7O
+2c0C1rulLF9xaQs0Pp/jLmso6H/9/5/9+S+oj2/gVno1DhKXzOXR/wIDAQABo4IC
+rDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBT6yrfcm+QuJE07k65XXgexyT8E
+PTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSB
+rTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNz
+dWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1UdEQQWMBSCEmlkcDAu
+bGFmYXlldHRlLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAMleULlWZaMNRqxAf2mft
+m1//bAJkH+CYqc0IcwjwmrC0G99zyC1PD+9rUsNrNnbegJdWFu9sSqVq17X7DsyK
+aKV8jXpKp+njpN+IA3bVjfp+DeDGIGQdc8QTzbmGemj6FqB16FsY+z3PkvZ4ww/A
+RnZOJFcKcQ7ng5uH/OqPh/ooiUuFYoe8r45TOj4pQBfsxoGZHNxq42kSYYl7qF6U
+LAgu/pbhTu49sNvaD36NIlYkNNk+wFrJ5hTEl9Ejpw+izVSljoX70xfOewE8oafD
+zK+49+I28Y7Vrj9nT8TOQ4Ma0EN1yjY0njGxDPCP4GGyU0kLJD5EN5I34JPtRo77
+NA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp0.lafayette.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Lafayette College</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lafayette College</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lafayette.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bob Bailey</GivenName>
+ <EmailAddress>baileyb@lafayette.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://moodle4.lafayette.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 430, expires on Fri Sep 10 18:14:11 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAa4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkwOTE4MTQxMVoXDTEwMDkx
+MDE4MTQxMVowIDEeMBwGA1UEAxMVbW9vZGxlNC5sYWZheWV0dGUuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUTqwRN6wEQrEec/91PZqmUQ0jpa
+qITkKEk2kT635TEwfg5ta43Ay3sV2vRZuiNYQsNic5nR+n/390Lu9fDxcP5Svq+D
+iqN0BccFB2To7qobzHUsAXK6yD7zGYB79XQlnxqproAko+oDu8/Q6xIw/qQ2lPVP
+xqgUcyhpTn10mGDOh0Xb2FegD+GObm6gJEf9ba2QNThsjXlNgiNyVuG9oX3nPyrl
+VjzoOBrRioLQDLokZRfSJGyWrFfc4Rakb4B67MdpWz13weUakIQFKMu4EdNG7Y5z
+3/NQuMiD/hkerGlc4krSVGH6tuhV7a/MSuxJXwmhrORfhFMX6OnxLkmJpQIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQpA3QrdMrIvN1TveSfGOup
+Cj8X0jB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVtb29kbGU0Lmxh
+ZmF5ZXR0ZS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAG1kPM4Y3fSfdznUDz8XWGBm
+qSXHZPD1qm7khoC1mJFps9Z7FennvM/Gy3ikK3vhxXcnLSZvF1LXApI2ZGWm5Fxs
+QLWwwS342OA0h3dfqXwx0+WfTTcR+Df3uRPtpbcvGJ0ixeLWVRN/lA7AyoTa/RZz
+jY1gJXwbunU0StkBzuwlZFVKDfnaGzNiGN57chag1ZLZHmLCs4r6KHViSj60ujJm
+LC46+F4B9ODFs9ygK0hc3SKcuOcXD9Nq5WOn8ekbPQvlvdU45t86vuTYmRFZ2f9W
+KQCCpYEZe2OtVXYepnN6SVdmM5YDsYx62zEDNJYgOeEGRPJzhnwPBrxdDHJBK4g=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://moodle4.lafayette.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Lafayette College</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lafayette College</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lafayette.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bob Bailey</GivenName>
+ <EmailAddress>baileyb@lafayette.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://spaces.lafayette.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 443, expires on Sat Oct 2 18:10:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAbswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAwMTE4MTA1MloXDTEwMTAw
+MjE4MTA1MlowHzEdMBsGA1UEAxMUc3BhY2VzLmxhZmF5ZXR0ZS5lZHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCig9/ih5IqjULxB1DFX1YzVwRQM5GC
+2b7P99FA6MOMvLIu0/45HuEIuGu+61wyTqMBhF/Z3bnR3cacBnFfx0A8BFj0vZOa
+TCO5+T6moxKAyXwvC0kF6NemR5wi5GlwL2gTd1+ABZL6/oK7qFB0Y3YDY3RSOzOk
+I0noblEuL+WqQMk3p0CmTbuUPmjs3eG9O60NRmVXqkaYkbN3tw8arPeKHOYqFQ/v
+2ncWwM7uTlPyP2L0kYYew1/bOis0dzvIsRd9syIXl+OcnteKlumSW/Abh327nZKX
+0qANRP9pcKd9AsyO6A2svGtZ4PknEZrywcsWtPrJvTCFm4iSNRdcK5P1AgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFGuyJmofODvM7OyyJaOtVQ56
+yRfNMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFHNwYWNlcy5sYWZh
+eWV0dGUuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAhRfov9XSQ+IFGzAk0deaBntpE
+tl5pTJTpteS33XHNyTlkRbnwgoCaqbU9MePBVzSYkzzSThIq7omz5Qr6wSwXz8c7
+6wSEG+6oplcGzrXTyLBypmVZc/CDeWqm9POYUzf4bTOs+kDRnZ2XYl04FbK9fhfw
+Ru8790RKt4AzRc2QO79+lhRg9ZusUn6L+qxKUNW9nbkCMO2rYuYAlI7LRagjeQ4K
+gm32bBoS0gbvjvtwv9QIFKkYHubD8QMf5HxnUaCWx+JgJGzqBeEm5Xg64GsuAOGZ
+upfGH4Ie65vICdRJSuG8DmEU6ohxu11MFF2G/HUu8IyLvhzXirgu5Z8PxapB
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://spaces.lafayette.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Lafayette College</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lafayette College</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lafayette.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>John O'Keefe</GivenName>
+ <EmailAddress>okeefej@lafayette.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Bob Bailey</GivenName>
+ <EmailAddress>baileyb@lafayette.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Symplicity Corporation -->
+<EntityDescriptor entityID="https://shibboleth-buffalo.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 550, expires on Thu Jun 2 17:54:42 2011 GMT -->
+ <ds:X509Certificate>
+MIIFszCCBJugAwIBAgICAiYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYwMTE3NTQ0MloXDTExMDYw
+MjE3NTQ0MlowLDEqMCgGA1UEAxMhc2hpYmJvbGV0aC1idWZmYWxvLnN5bXBsaWNp
+dHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSDOmbM
+GW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkEX2+y
+dsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5OeGN3
+uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfORSR1X
+Gq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV0c7X
+QXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzGSSIq
+SZyn6Ucd9QIDAQABo4ICszCCAq8wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5OQID
+2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAsBgNVHREEJTAj
+giFzaGliYm9sZXRoLWJ1ZmZhbG8uc3ltcGxpY2l0eS5jb20wDQYJKoZIhvcNAQEF
+BQADggEBAIUCqlKgX+B0cSa0lUSeR1EufSKuDbciV34OnAZ6rPvYQllYssKC+Beu
+2lKuelezZc0ceALldML0fNcHeBd0lz9YGeNlCSApB9HCQe19JfzWdI8nyYTY5Otd
+7RBh04hAsVjlK0LsJByUo2t5yqdSxq6x+4qmdz+9MUk7FaTHq8GHOGsszobU3ahY
+qNiTqc+B9Zse34AkZ/pobRZJAMxpLuiEMxzxbojswzhHTFik/fVIw64wPeOIJDvf
+iu2VgtF+Mb/hjPxJfnVQWMIN3SjXq56P4SIORC0rpmhZ5unkaFLXRnzSj3MufSoD
+qdXjRRAIhuwlnRYdr6eKRhpEkP2d6qA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-buffalo.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-business-buffalo.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 590, expires on Thu Jul 14 18:07:48 2011 GMT -->
+ <ds:X509Certificate>
+MIIFxTCCBK2gAwIBAgICAk4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxMzE4MDc0OFoXDTExMDcx
+NDE4MDc0OFowNTEzMDEGA1UEAxMqc2hpYmJvbGV0aC1idXNpbmVzcy1idWZmYWxv
+LnN5bXBsaWNpdHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+phrTqfSDOmbMGW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qi
+H1seSJkEX2+ydsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqisl
+u11H/S5OeGN3uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsA
+pescwfORSR1XGq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0
+oEtmybLV0c7XQXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTev
+PiW76dzGSSIqSZyn6Ucd9QIDAQABo4ICvDCCArgwDgYDVR0PAQH/BAQDAgWgMAwG
+A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud
+DgQWBBS5OQID2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tl
+s53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9u
+IEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjA1
+BgNVHREELjAsgipzaGliYm9sZXRoLWJ1c2luZXNzLWJ1ZmZhbG8uc3ltcGxpY2l0
+eS5jb20wDQYJKoZIhvcNAQEFBQADggEBAFYiDHUDcIZmOMSc09Ap6GKeoJo3dPZ6
+NAveyBaeLnlgHS9zmjKBKu+RtHivevmV0Rn7bjreDmk7LvRWEt29uj1EpNqTQYCn
+8lLsuB0tPlFT7EBj2FpT7pvIUTm0JL9/CYelx2Hp5hdLxXMT+8ZPPLGRxt6pEFaj
+yb0oN0qLaHTlQlUop9GjXcjWphHKyRdGcwtMX7czAmKgrqwBQ4T6Tkf70dbJ8dvi
+pvOc/BuyWXAOtcI/nexi1WR/zrUb9Eq4/K3VOWQ0Gxqg1vgxmwAJ4yT4fElRqclp
+rV7/h20/0tnnlxZ6gbyLJ289iZ1C7QbaCXJY3LEv8XUZLizu5tyyfyA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-business-buffalo.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-carleton-jams.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 655, expires on Sat Sep 24 17:58:18 2011 GMT -->
+ <ds:X509Certificate>
+MIIFvzCCBKegAwIBAgICAo8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkyMzE3NTgxOFoXDTExMDky
+NDE3NTgxOFowMjEwMC4GA1UEAxMnc2hpYmJvbGV0aC1jYXJsZXRvbi1qYW1zLnN5
+bXBsaWNpdHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrT
+qfSDOmbMGW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1se
+SJkEX2+ydsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H
+/S5OeGN3uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApesc
+wfORSR1XGq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtm
+ybLV0c7XQXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW7
+6dzGSSIqSZyn6Ucd9QIDAQABo4ICuTCCArUwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBS5OQID2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAyBgNV
+HREEKzApgidzaGliYm9sZXRoLWNhcmxldG9uLWphbXMuc3ltcGxpY2l0eS5jb20w
+DQYJKoZIhvcNAQEFBQADggEBAADdTWX3L/kTIeEAjY1I4qlu2Mw2GG+Wx+HMKDY6
+AP8UdsDokVsV5iL0IkD/MLsWVQMw/lv7CSZgdbbpULQEx6zQhCufmU0gDHGfGsHb
+sEJ1r++KikZF2fdV2RTvMOYadjFgZQZky0qExA1sRIXNAuttSvD/jWwivdo+uONg
+HUazDRBj86esMN5kD7P1TCCK2dzMS5Z7g+wX4mdDwdr/kXeZO3L8ci5XuLCx10z+
+j/viERjcwBlvgxBKNprRI6f44644OJomaDNwBlMzLM2K2tYarowLwtt/FVM++Knl
+acqwXqZxL7OeaiARZQ9GYCNT/IyZX4th7wtjWmtOiFPqGDM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-carleton-jams.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-carleton.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 342, expires on Sat Jun 5 18:43:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFOTCCBCGgAwIBAgICAVYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYwNDE4NDM1MloXDTEwMDYw
+NTE4NDM1MlowLTErMCkGA1UEAxMic2hpYmJvbGV0aC1jYXJsZXRvbi5zeW1wbGlj
+aXR5LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA1/kbBtMy7SuEPTnr
+frfGstwWmWAaa0aXyvhdtBviqBa2NlcwZwFhWpdJXYfGbgEo1XYbtC5UxQn81vfc
+IEoIe/9b6WkCr6jw5p0LkgNHFYdMuoXVwkRg8imynuoK5ccNzfOHm0AfTePsKbwz
+m41QSge1FZ1vkpbJugfD+0svfocCAwEAAaOCArwwggK4MA4GA1UdDwEB/wQEAwIF
+oDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAd
+BgNVHQ4EFgQUKEq2CwEOEmWcxt31E+LMdeD5q3EwfgYDVR0jBHcwdYAUky3IYRit
+Y+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNv
+bW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9u
+IEF1dGhvcml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGa
+aHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdl
+L2NlcnRzL2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2lu
+Y29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUH
+AgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJh
+Y3RpY2VzLnBkZjAtBgNVHREEJjAkgiJzaGliYm9sZXRoLWNhcmxldG9uLnN5bXBs
+aWNpdHkuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQC1bvf4rEhO2jQ8aDc+dGofLAFI
+QTDDR7lVvcGSc9ZHhccjrF/h+kzBtROvbbeIV6kMPKYJ3dBZj8LG/LOsXyooNIZT
+LKK5rDkmHxtQVKFiNDk2jlQnslTG+TqtpJDgYKzrLu2Qg4zoHV7ooYS6CLeVydFT
+JhWjGXtWIF72kUk3EfB0SUM8EePr9e/xh1W5RrLerAQcuk6XCUNQqy8zATDe+phD
+V+Wd0bcajrxKyRKqoCm2BAsegryqooPhT9HjPxS0KmV063U3ha7wCdVez9/oj08m
+JbBEt5aZvzCb2ycaiSnk8MiZaGvtmtRyGqu6HXw5AVdd1enrACTfiirLi7Kl
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-carleton.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-columbia.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 609, expires on Mon Aug 1 17:55:03 2011 GMT -->
+ <ds:X509Certificate>
+MIIFtTCCBJ2gAwIBAgICAmEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDczMTE3NTUwM1oXDTExMDgw
+MTE3NTUwM1owLTErMCkGA1UEAxMic2hpYmJvbGV0aC1jb2x1bWJpYS5zeW1wbGlj
+aXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKYa06n0gzpm
+zBltjfaaIIUzdmd4Xu3XLqW05KHmtOF2bKz991UteuYl65ftmNfqoh9bHkiZBF9v
+snbJoR8KoK5c8UXh8cHN7sPiAtioD83jIg6W5WdMWMp6SrwVoaorJbtdR/0uTnhj
+d7mkzpp1OFjFPy/UKv3YHUeHNOL34LqEWF/xHfn6oJNrrZsl4sFrAKXrHMHzkUkd
+VxquM5ygdtObe76Nn1hFbEjJNMiAfLXWNXTQuk+5rakOkn88qesYdKBLZsmy1dHO
+10F7GPUfz+VZo8aa7VsSKdfl792+qX8iygM6mF/G1wXtU+m4Z5E3rz4lu+ncxkki
+Kkmcp+lHHfUCAwEAAaOCArQwggKwMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUuTkC
+A9gQFwPdLlWgBDipAraouGkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwLQYDVR0RBCYw
+JIIic2hpYmJvbGV0aC1jb2x1bWJpYS5zeW1wbGljaXR5LmNvbTANBgkqhkiG9w0B
+AQUFAAOCAQEAVglNpYYJ3c0/TyEkeuAhDMSWTZUgvNEzmxnNCFb+wKci92dzQ9Et
+TDwHvKv3ABgkBeoIxpco2s1ZyL8zLm1Zb2DQQmboipefAYZVjaxj7bIymedICGbM
+v9g7eXznW3Uj9NiZt2bEFNdTe22QqWWYWhNcCoSlsl27WqOPMfL/+JWuGZUddJiY
+uAOZBPUjVPNwuQjFDM8cib5NixVNOjpQFpB4nKfsTc9yzvm7QICVd0sfmvIrH7OU
+Z0HLvlIaZjOyvGBKGN8oP1HRRFzsmdQo9Ubijq4uRhI+pxZrejYg4yF/YR81jMAf
+5cbliSBbhKFuw+VsxXjILW07jEVBgjoOuw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-columbia.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-duke.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 527, expires on Thu May 5 18:20:58 2011 GMT -->
+ <ds:X509Certificate>
+MIIFrTCCBJWgAwIBAgICAg8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwNDE4MjA1OFoXDTExMDUw
+NTE4MjA1OFowKTEnMCUGA1UEAxMec2hpYmJvbGV0aC1kdWtlLnN5bXBsaWNpdHku
+Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSDOmbMGW2N
+9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkEX2+ydsmh
+HwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5OeGN3uaTO
+mnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfORSR1XGq4z
+nKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV0c7XQXsY
+9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzGSSIqSZyn
+6Ucd9QIDAQABo4ICsDCCAqwwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5OQID2BAX
+A90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjApBgNVHREEIjAggh5z
+aGliYm9sZXRoLWR1a2Uuc3ltcGxpY2l0eS5jb20wDQYJKoZIhvcNAQEFBQADggEB
+AIgS3eYqwsgdJ9TGT4Fq4G++9bJpdrG5T1etwQpVjw2uXBviPChB+/Z/rJCTFwa4
+cyq94HNSSm0AwTJCM/lWwmfMCuAPWDGbsCeKvvY+deXloQec7KtyqWgv/LgEhVUL
+fGwfq9icri4TPvh1yH374AVIKb0mn0Y/wTJt1nu0iut+LmhH2lcBDBQFwkWrehkx
+ULYL2FomYJORxdp08SeT+zpCa7Bg6dEcF3joQg+0GgEFp00EQREfW5GiGEZHX1zd
+VipT3qQTE6/1XiL1VlWiv74h20vCPr6uN06xuIFZS9B/orsxXrm1v8tC5JbZHG5i
+D2HhlQz6xicGjthv3/MOOmo=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-duke.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-jmu.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 610, expires on Mon Aug 1 17:55:09 2011 GMT -->
+ <ds:X509Certificate>
+MIIFqzCCBJOgAwIBAgICAmIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDczMTE3NTUwOVoXDTExMDgw
+MTE3NTUwOVowKDEmMCQGA1UEAxMdc2hpYmJvbGV0aC1qbXUuc3ltcGxpY2l0eS5j
+b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmGtOp9IM6ZswZbY32
+miCFM3ZneF7t1y6ltOSh5rThdmys/fdVLXrmJeuX7ZjX6qIfWx5ImQRfb7J2yaEf
+CqCuXPFF4fHBze7D4gLYqA/N4yIOluVnTFjKekq8FaGqKyW7XUf9Lk54Y3e5pM6a
+dThYxT8v1Cr92B1HhzTi9+C6hFhf8R35+qCTa62bJeLBawCl6xzB85FJHVcarjOc
+oHbTm3u+jZ9YRWxIyTTIgHy11jV00LpPua2pDpJ/PKnrGHSgS2bJstXRztdBexj1
+H8/lWaPGmu1bEinX5e/dvql/IsoDOphfxtcF7VPpuGeRN68+Jbvp3MZJIipJnKfp
+Rx31AgMBAAGjggKvMIICqzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLk5AgPYEBcD
+3S5VoAQ4qQK2qLhpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCgGA1UdEQQhMB+CHXNo
+aWJib2xldGgtam11LnN5bXBsaWNpdHkuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQDQ
+3JQ9jWh64u8l5+3kH7vZ+O0ZV7zGAhHGu2u2QVv9RkYegJqtlVyV3XgZ/WOq+uyw
+792hWffqCv6KX4uOhYb7ehYE87lxctah+8c4stQqQVxA0fED2JRCRZalxAgOpKG4
+FkQVwhqdMc7tdVxTL+E8b5aMUnfbBY7hZg2qmQet/5pNkW0/earxB3kmxDqqrUJ0
+hPfk/5hxGvwIVbF9n1QALhBuoLWSnzMMskgOFu9HG2Kgl/R1R65a7L5SQwcPRCyv
+BilZSeVeltQwCnhCDHtbhtHND7LmV8oC6uuPNzvy202xN6HekK/0IaifpQk1KAle
+GRy6YrpX/iRDSOI4LbCo
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-jmu.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-mba-olin-csm.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 626, expires on Mon Aug 15 18:24:05 2011 GMT -->
+ <ds:X509Certificate>
+MIIFvTCCBKWgAwIBAgICAnIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxNDE4MjQwNVoXDTExMDgx
+NTE4MjQwNVowMTEvMC0GA1UEAxMmc2hpYmJvbGV0aC1tYmEtb2xpbi1jc20uc3lt
+cGxpY2l0eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmGtOp
+9IM6ZswZbY32miCFM3ZneF7t1y6ltOSh5rThdmys/fdVLXrmJeuX7ZjX6qIfWx5I
+mQRfb7J2yaEfCqCuXPFF4fHBze7D4gLYqA/N4yIOluVnTFjKekq8FaGqKyW7XUf9
+Lk54Y3e5pM6adThYxT8v1Cr92B1HhzTi9+C6hFhf8R35+qCTa62bJeLBawCl6xzB
+85FJHVcarjOcoHbTm3u+jZ9YRWxIyTTIgHy11jV00LpPua2pDpJ/PKnrGHSgS2bJ
+stXRztdBexj1H8/lWaPGmu1bEinX5e/dvql/IsoDOphfxtcF7VPpuGeRN68+Jbvp
+3MZJIipJnKfpRx31AgMBAAGjggK4MIICtDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FLk5AgPYEBcD3S5VoAQ4qQK2qLhpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMDEGA1Ud
+EQQqMCiCJnNoaWJib2xldGgtbWJhLW9saW4tY3NtLnN5bXBsaWNpdHkuY29tMA0G
+CSqGSIb3DQEBBQUAA4IBAQAWJy8TH5VqVsK/1HpCxcPnLFdaJtqEaiE0p5GB6cLI
+ggKacv2L2ORxNI1comsUmiolpKKNAO0iP7XS8F0tIHIgMsM35KOPHRKyCrXWWfiQ
+LGt7yxCBaQ+TXxv0MMnFNVamflQoyjfrgCgP1GdyP4km0GynRTML4eUT+h/Tuwj2
+WzQobz8FhoufyKeFVFBBegdyaI96zG3fUy9V+bmD/XPsAJH7gIbGXK0L3ynHV9Iv
+CtZ2CymgWY5hpdHdI/87TckfJNaVbHTd6VSaW2Gb/M/cLu1CExpwTs7OdEAoTIg5
++9Ja6WII2mb3JWkpdSkgbF2VWxfgnnGU2mxKvrayVrgH
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-mba-olin-csm.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-nw.symplicity.com/sso">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 403, expires on Sun Aug 8 18:47:03 2010 GMT -->
+ <ds:X509Certificate>
+MIIFqTCCBJGgAwIBAgICAZMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgwNzE4NDcwM1oXDTEwMDgw
+ODE4NDcwM1owJzElMCMGA1UEAxMcc2hpYmJvbGV0aC1udy5zeW1wbGljaXR5LmNv
+bTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKYa06n0gzpmzBltjfaa
+IIUzdmd4Xu3XLqW05KHmtOF2bKz991UteuYl65ftmNfqoh9bHkiZBF9vsnbJoR8K
+oK5c8UXh8cHN7sPiAtioD83jIg6W5WdMWMp6SrwVoaorJbtdR/0uTnhjd7mkzpp1
+OFjFPy/UKv3YHUeHNOL34LqEWF/xHfn6oJNrrZsl4sFrAKXrHMHzkUkdVxquM5yg
+dtObe76Nn1hFbEjJNMiAfLXWNXTQuk+5rakOkn88qesYdKBLZsmy1dHO10F7GPUf
+z+VZo8aa7VsSKdfl792+qX8iygM6mF/G1wXtU+m4Z5E3rz4lu+ncxkkiKkmcp+lH
+HfUCAwEAAaOCAq4wggKqMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUuTkCA9gQFwPd
+LlWgBDipAraouGkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJwYDVR0RBCAwHoIcc2hp
+YmJvbGV0aC1udy5zeW1wbGljaXR5LmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAHcNY
+daGswiTU0q9GzVW6Q7hqTy2YDHKc9R3V6b+U2WUwJVKmf7IpBIq7hKgsktuiGNYN
+FX9fTKMNpEtEFDeM6UadGf6iVMbEDYCpbETbjX1rs1gEW9ctZiU7h7+EihgkkKL9
+01TivPLwBbuf4enrKw4NRVMfMro3NpeshgLkyORkyMauP4fMRuDjwLwm8W8QWG2r
+fIIBKR8iEu0m40f+2aEQWvRA8CGm6RJwmkpH2hwl7wszuqneLhyxn7FwvlX+2pI+
+pk+/mf0UhW87L6+rk1TERGHD/G/Fg5FAsECqgFdqPJYFIBE68NqIzVQxk7OO3sfr
+KCFMRbMWTBAQwI962Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-nw.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-nyu-sgms.symplicity.com/sso">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 657, expires on Sun Sep 25 17:57:51 2011 GMT -->
+ <ds:X509Certificate>
+MIIFtTCCBJ2gAwIBAgICApEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkyNDE3NTc1MVoXDTExMDky
+NTE3NTc1MVowLTErMCkGA1UEAxMic2hpYmJvbGV0aC1ueXUtc2dtcy5zeW1wbGlj
+aXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKYa06n0gzpm
+zBltjfaaIIUzdmd4Xu3XLqW05KHmtOF2bKz991UteuYl65ftmNfqoh9bHkiZBF9v
+snbJoR8KoK5c8UXh8cHN7sPiAtioD83jIg6W5WdMWMp6SrwVoaorJbtdR/0uTnhj
+d7mkzpp1OFjFPy/UKv3YHUeHNOL34LqEWF/xHfn6oJNrrZsl4sFrAKXrHMHzkUkd
+VxquM5ygdtObe76Nn1hFbEjJNMiAfLXWNXTQuk+5rakOkn88qesYdKBLZsmy1dHO
+10F7GPUfz+VZo8aa7VsSKdfl792+qX8iygM6mF/G1wXtU+m4Z5E3rz4lu+ncxkki
+Kkmcp+lHHfUCAwEAAaOCArQwggKwMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUuTkC
+A9gQFwPdLlWgBDipAraouGkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwLQYDVR0RBCYw
+JIIic2hpYmJvbGV0aC1ueXUtc2dtcy5zeW1wbGljaXR5LmNvbTANBgkqhkiG9w0B
+AQUFAAOCAQEAsCLmTUGp6bZJrTmlo3Xyg4+vKds09QaOYZXvrMPCfrJ+qq4pPyGG
+28O4jLfQrvTA0d7J5xU2kO4JnY6JahGcHfmZdM6XzuSj8JfMyShwgyLM7z6RQZ05
+NHBPMHrNJHL9H7OFXawnqglzt5IA64p1evTxJwsL7Ehwmp5W8Zfnrp5osZUiXqr4
+muRZ+73ugFxop0cdt9kv7pOF8WOQstnBZHWnrC8bwd5sSnVwwojHQ+gIf7RuzuGS
+NDTk49FsNNXiFdyGkT54tDPB5r4+OGmb+se6rQOtQnI6pOB7MsXhuakMOp1ToaB5
+HbXJb+1IJV8ztLTPR7T/w5J+C/gb6KyM2g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-nyu-sgms.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-nyu.symplicity.com/sso">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 419, expires on Sat Aug 28 18:24:18 2010 GMT -->
+ <ds:X509Certificate>
+MIIFqzCCBJOgAwIBAgICAaMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyNzE4MjQxOFoXDTEwMDgy
+ODE4MjQxOFowKDEmMCQGA1UEAxMdc2hpYmJvbGV0aC1ueXUuc3ltcGxpY2l0eS5j
+b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmGtOp9IM6ZswZbY32
+miCFM3ZneF7t1y6ltOSh5rThdmys/fdVLXrmJeuX7ZjX6qIfWx5ImQRfb7J2yaEf
+CqCuXPFF4fHBze7D4gLYqA/N4yIOluVnTFjKekq8FaGqKyW7XUf9Lk54Y3e5pM6a
+dThYxT8v1Cr92B1HhzTi9+C6hFhf8R35+qCTa62bJeLBawCl6xzB85FJHVcarjOc
+oHbTm3u+jZ9YRWxIyTTIgHy11jV00LpPua2pDpJ/PKnrGHSgS2bJstXRztdBexj1
+H8/lWaPGmu1bEinX5e/dvql/IsoDOphfxtcF7VPpuGeRN68+Jbvp3MZJIipJnKfp
+Rx31AgMBAAGjggKvMIICqzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLk5AgPYEBcD
+3S5VoAQ4qQK2qLhpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCgGA1UdEQQhMB+CHXNo
+aWJib2xldGgtbnl1LnN5bXBsaWNpdHkuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQAp
+CSWTfZ7OlkVtwmUIcP4ufLXr+wQukm8fyRnPzz9lCK2MW8g4DZaDFa6zqUvjQRnL
+tEI5goaVOG157nC0D8SgYrAwMwbuxhHio//zZqLT4MjeYZqAKxuCfx4vYS8n6uj/
+FgioUgMApymoQOydUrvGHlZ3qbC4U+G5wb9AwWZp/JpSgk+waffQzBtZRnrIIfsw
+VOvveyQ9JLgGx+WaZHjqObzwOexCAlch2oT4BKa9lVcn+5i9hggphjrhCaNpXJ17
+tfrMqQ/hRYgSJWQahOspgWpO7MQDrs7Bwg75764JQ1IiVQujtsm2PMAAmoIqZJpK
+6PT0ZDweMiPkMQ/H/1QO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-nyu.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>noc@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-olin-wustl-csm.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 625, expires on Mon Aug 15 18:17:30 2011 GMT -->
+ <ds:X509Certificate>
+MIIFwTCCBKmgAwIBAgICAnEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxNDE4MTczMFoXDTExMDgx
+NTE4MTczMFowMzExMC8GA1UEAxMoc2hpYmJvbGV0aC1vbGluLXd1c3RsLWNzbS5z
+eW1wbGljaXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKYa
+06n0gzpmzBltjfaaIIUzdmd4Xu3XLqW05KHmtOF2bKz991UteuYl65ftmNfqoh9b
+HkiZBF9vsnbJoR8KoK5c8UXh8cHN7sPiAtioD83jIg6W5WdMWMp6SrwVoaorJbtd
+R/0uTnhjd7mkzpp1OFjFPy/UKv3YHUeHNOL34LqEWF/xHfn6oJNrrZsl4sFrAKXr
+HMHzkUkdVxquM5ygdtObe76Nn1hFbEjJNMiAfLXWNXTQuk+5rakOkn88qesYdKBL
+Zsmy1dHO10F7GPUfz+VZo8aa7VsSKdfl792+qX8iygM6mF/G1wXtU+m4Z5E3rz4l
+u+ncxkkiKkmcp+lHHfUCAwEAAaOCArowggK2MA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQUuTkCA9gQFwPdLlWgBDipAraouGkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9p
+bmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9j
+YS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwMwYD
+VR0RBCwwKoIoc2hpYmJvbGV0aC1vbGluLXd1c3RsLWNzbS5zeW1wbGljaXR5LmNv
+bTANBgkqhkiG9w0BAQUFAAOCAQEAZt7pGh0ORRC4SD9nL/XZgzTyieONi/EQVnk6
+Fm6pX7bk5RzW7PW52niWjHQjDSEUQEKaDykW8MYbyFtG6DFwl6ClE07PA6K8Enus
+YR3EGHG5Aqfyf7NQePq8iljkOUvxKunTcEFRlQQAXH9rM2zWrt58YGrkBpKPnONP
+S1zmBSOaSMGV0LHd7JEoKuUrOaxACVQf9ZHysIcZwGzLopr8lSBANb4OfFf1PSJ8
+7BXc2q6PeVl+O4rwkNvsrEt0mPP8/Qn4iCn5Fa4TEufdRPvsiQfkINjxuunRGSk0
+JVKTaelJst7wXX6XwfLsvtNc14yY6/EdHrTjOUfNqBBedDPf8A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-olin-wustl-csm.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-richmond.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 418, expires on Mon Aug 23 12:03:16 2010 GMT -->
+ <ds:X509Certificate>
+MIIFtTCCBJ2gAwIBAgICAaIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyMjEyMDMxNloXDTEwMDgy
+MzEyMDMxNlowLTErMCkGA1UEAxMic2hpYmJvbGV0aC1yaWNobW9uZC5zeW1wbGlj
+aXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKYa06n0gzpm
+zBltjfaaIIUzdmd4Xu3XLqW05KHmtOF2bKz991UteuYl65ftmNfqoh9bHkiZBF9v
+snbJoR8KoK5c8UXh8cHN7sPiAtioD83jIg6W5WdMWMp6SrwVoaorJbtdR/0uTnhj
+d7mkzpp1OFjFPy/UKv3YHUeHNOL34LqEWF/xHfn6oJNrrZsl4sFrAKXrHMHzkUkd
+VxquM5ygdtObe76Nn1hFbEjJNMiAfLXWNXTQuk+5rakOkn88qesYdKBLZsmy1dHO
+10F7GPUfz+VZo8aa7VsSKdfl792+qX8iygM6mF/G1wXtU+m4Z5E3rz4lu+ncxkki
+Kkmcp+lHHfUCAwEAAaOCArQwggKwMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUuTkC
+A9gQFwPdLlWgBDipAraouGkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwLQYDVR0RBCYw
+JIIic2hpYmJvbGV0aC1yaWNobW9uZC5zeW1wbGljaXR5LmNvbTANBgkqhkiG9w0B
+AQUFAAOCAQEAlpnl3eNc62nABzLh2Cl1CpvzyL9MFzUBvhKnnyp13vwef+PdINla
+rMjc5MlBc9dzljakNjn5Rr5AQWzGB/wJrO1HcU+gFylBqw/e0TX8hlJ0LQddF0X0
+9rCcCP1eTAR8nKslw01erSvEci1n6MjOqLX43tDpazKReD4ohwUaohi4BsjhAnyY
+eMnF+4NpwbBkb5xkMoKKRofz1hti+0DnDu5ZHmy3k1eXj8BY2BR8EPu3xvm+xLSg
++1xnbwNzi8PV2JBG7/Hab2U+KjoohJr5NvcdYIGthfE4lHpnCq2pMM+ilv12EW8R
+k4UgGWa1UlP8TjGpYbYnjs5Z7oD/NSgq+A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-richmond.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>noc@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth.symplicity.com/sso">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 316, expires on Mon May 10 20:10:21 2010 GMT -->
+ <ds:X509Certificate>
+MIIFqzCCBJOgAwIBAgICATwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUwOTIwMTAyMVoXDTEwMDUx
+MDIwMTAyMVowJDEiMCAGA1UEAxMZc2hpYmJvbGV0aC5zeW1wbGljaXR5LmNvbTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKYa06n0gzpmzBltjfaaIIUz
+dmd4Xu3XLqW05KHmtOF2bKz991UteuYl65ftmNfqoh9bHkiZBF9vsnbJoR8KoK5c
+8UXh8cHN7sPiAtioD83jIg6W5WdMWMp6SrwVoaorJbtdR/0uTnhjd7mkzpp1OFjF
+Py/UKv3YHUeHNOL34LqEWF/xHfn6oJNrrZsl4sFrAKXrHMHzkUkdVxquM5ygdtOb
+e76Nn1hFbEjJNMiAfLXWNXTQuk+5rakOkn88qesYdKBLZsmy1dHO10F7GPUfz+VZ
+o8aa7VsSKdfl792+qX8iygM6mF/G1wXtU+m4Z5E3rz4lu+ncxkkiKkmcp+lHHfUC
+AwEAAaOCArMwggKvMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUuTkCA9gQFwPdLlWg
+BDipAraouGkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJ
+CUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAkBgNVHREEHTAb
+ghlzaGliYm9sZXRoLnN5bXBsaWNpdHkuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQAL
+9h1LC/z9bc0o8IN9Qhf3EkXHzHD2IBWrqgDucx+qWYMh5/OuNpZSdRzIy8K4Vy5R
+wf4NYDPTNeNHM9k5LxvqWMji7XQ9FepY/26BnIOYNIJb6ZBgJOOGCRcsPgS6Ma8u
+lNa8qgw2tpPoeRVeUrvfgh85m7yBfItidcsPUG+WmKsvjYu+Tqj4XdQXYGzupKRE
+XMD584Ka2fhpoJ5WUaX17zSP4TLT3L5HMR2nZRCqtDAkf05u3S0D9SaZsQ9ZCGYu
+FApiU1SweMjUVHtCoOmGR5xLEZJ3DGG2+axrqVLtnDICxpPt+JbU5hkSP21pFKA1
+B4pKqqaY9EEZmfruRmFJ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>noc@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-uchicago.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 302, expires on Mon Apr 19 19:51:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFvTCCBKWgAwIBAgICAS4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQxODE5NTE0M1oXDTEwMDQx
+OTE5NTE0M1owLTErMCkGA1UEAxMic2hpYmJvbGV0aC11Y2hpY2Fnby5zeW1wbGlj
+aXR5LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKYa06n0gzpm
+zBltjfaaIIUzdmd4Xu3XLqW05KHmtOF2bKz991UteuYl65ftmNfqoh9bHkiZBF9v
+snbJoR8KoK5c8UXh8cHN7sPiAtioD83jIg6W5WdMWMp6SrwVoaorJbtdR/0uTnhj
+d7mkzpp1OFjFPy/UKv3YHUeHNOL34LqEWF/xHfn6oJNrrZsl4sFrAKXrHMHzkUkd
+VxquM5ygdtObe76Nn1hFbEjJNMiAfLXWNXTQuk+5rakOkn88qesYdKBLZsmy1dHO
+10F7GPUfz+VZo8aa7VsSKdfl792+qX8iygM6mF/G1wXtU+m4Z5E3rz4lu+ncxkki
+Kkmcp+lHHfUCAwEAAaOCArwwggK4MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUuTkC
+A9gQFwPdLlWgBDipAraouGkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAt
+BgNVHREEJjAkgiJzaGliYm9sZXRoLXVjaGljYWdvLnN5bXBsaWNpdHkuY29tMA0G
+CSqGSIb3DQEBBQUAA4IBAQAF5elobDNbzxu7QimUJjDdYSDjV9hVZWufF8tTG8IX
+7cywclKp0yC+N/rMiI313vi8IGdVSQO2IuI5XOnAUKNs365ukm4fIcxgVRepyiAa
+hbz+uchGwObRp0PUBoU51xNSOp+HL9TCPRI4Oqt0EG/X8leWVu14OMSb2UBRznKQ
+I0kYpeZny3gmKkeg+7uC5uti1UJi7bEWmNKjEaTZz2CCIDfVdqr9t5IhmymHkoqt
+weoQ7WDfDHooIgZXgMKxYzGtFZfaZWGLpV9UymYR0Ez3xaFQgGB+JlgNhcw40opN
+nEIr8TBpqpDuNWzSKioVEi+eQ9vKbnfmsm+v0hfqdwRJ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-uchicago.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>noc@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-uci.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 611, expires on Mon Aug 1 17:55:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFqzCCBJOgAwIBAgICAmMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDczMTE3NTUxNFoXDTExMDgw
+MTE3NTUxNFowKDEmMCQGA1UEAxMdc2hpYmJvbGV0aC11Y2kuc3ltcGxpY2l0eS5j
+b20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmGtOp9IM6ZswZbY32
+miCFM3ZneF7t1y6ltOSh5rThdmys/fdVLXrmJeuX7ZjX6qIfWx5ImQRfb7J2yaEf
+CqCuXPFF4fHBze7D4gLYqA/N4yIOluVnTFjKekq8FaGqKyW7XUf9Lk54Y3e5pM6a
+dThYxT8v1Cr92B1HhzTi9+C6hFhf8R35+qCTa62bJeLBawCl6xzB85FJHVcarjOc
+oHbTm3u+jZ9YRWxIyTTIgHy11jV00LpPua2pDpJ/PKnrGHSgS2bJstXRztdBexj1
+H8/lWaPGmu1bEinX5e/dvql/IsoDOphfxtcF7VPpuGeRN68+Jbvp3MZJIipJnKfp
+Rx31AgMBAAGjggKvMIICqzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLk5AgPYEBcD
+3S5VoAQ4qQK2qLhpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCgGA1UdEQQhMB+CHXNo
+aWJib2xldGgtdWNpLnN5bXBsaWNpdHkuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQBD
+3gg4i5N3wR/KjxSXhk6FkTunBTSiVTrJ953cgzcHuqG1ihyyu9oxJXLJzZzYRQTc
+oE0cUaIybZKxj2lHcYfEgdUrcAYEiAQifJK75PRjW1ljbAGL7uaZpA/GX3NSY32l
+ByIQlO2SpUj6iXG6wPW5t195MQW6QQ4jj6Biu3jJ1Va2dUqN4H9nHVAvLFIjnz2M
+SIK2qN1LNIQjxhAgNXkh1KtTMNSK3iVZF0WogSQEpqz08HKsLPbewv9WwpEz5Jss
+vvMoEGgfRhMM4OnRtqYWPKKhkBmK89PhU8Ac1rHsvuLBQjUMireD00IM3OXH1vxe
+qr3GdK+ukCwPxeN22VQ0
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-uci.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-ucsd-jams.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 658, expires on Sun Sep 25 17:57:53 2011 GMT -->
+ <ds:X509Certificate>
+MIIFtzCCBJ+gAwIBAgICApIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkyNDE3NTc1M1oXDTExMDky
+NTE3NTc1M1owLjEsMCoGA1UEAxMjc2hpYmJvbGV0aC11Y3NkLWphbXMuc3ltcGxp
+Y2l0eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmGtOp9IM6
+ZswZbY32miCFM3ZneF7t1y6ltOSh5rThdmys/fdVLXrmJeuX7ZjX6qIfWx5ImQRf
+b7J2yaEfCqCuXPFF4fHBze7D4gLYqA/N4yIOluVnTFjKekq8FaGqKyW7XUf9Lk54
+Y3e5pM6adThYxT8v1Cr92B1HhzTi9+C6hFhf8R35+qCTa62bJeLBawCl6xzB85FJ
+HVcarjOcoHbTm3u+jZ9YRWxIyTTIgHy11jV00LpPua2pDpJ/PKnrGHSgS2bJstXR
+ztdBexj1H8/lWaPGmu1bEinX5e/dvql/IsoDOphfxtcF7VPpuGeRN68+Jbvp3MZJ
+IipJnKfpRx31AgMBAAGjggK1MIICsTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLk5
+AgPYEBcD3S5VoAQ4qQK2qLhpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMC4GA1UdEQQn
+MCWCI3NoaWJib2xldGgtdWNzZC1qYW1zLnN5bXBsaWNpdHkuY29tMA0GCSqGSIb3
+DQEBBQUAA4IBAQBYL6nl0YUjNqDuT2JflcRQN2vDWfkV0UnPAocIEBxbhXzZZTry
+IQ0Ey+ewQpCCFdv4/UBbll26AM3QuV5gMolTZ3fs4naT9Yx15JtGsZVdmqDxDHn5
+DUKsH/sp3Jr0GKBVqqbWIG6p3qN7GWGIrd1nN0bh30N8VGyBtKTnf/zmuGJLjWjH
+3P/ZjZTAJWRCHqHdbjG+PCMq9eH7AdvFa7u3duAocorSNW6w6DXoCUOB+W7KbraM
+/EXEmSpMCBygwd6MD5Vr+xaIyTBB2boNqEkrs4rTDWDAJjiiU/3cKMp8Fr8984HC
+EDRn5tef+uuaO8hsaaKZoIGQpUA1q9Ce9gQh
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-ucsd-jams.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-ufl-csm.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 624, expires on Sat Aug 13 17:54:40 2011 GMT -->
+ <ds:X509Certificate>
+MIIFszCCBJugAwIBAgICAnAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxMjE3NTQ0MFoXDTExMDgx
+MzE3NTQ0MFowLDEqMCgGA1UEAxMhc2hpYmJvbGV0aC11ZmwtY3NtLnN5bXBsaWNp
+dHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSDOmbM
+GW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkEX2+y
+dsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5OeGN3
+uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfORSR1X
+Gq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV0c7X
+QXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzGSSIq
+SZyn6Ucd9QIDAQABo4ICszCCAq8wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5OQID
+2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAsBgNVHREEJTAj
+giFzaGliYm9sZXRoLXVmbC1jc20uc3ltcGxpY2l0eS5jb20wDQYJKoZIhvcNAQEF
+BQADggEBAK9ADnWge/Z3zywqsYyilMeg0loq03cEhwPtHGdCyBO734bKUwB7ekTr
+5DLiMXtuB4iJv+E9A/j/Um6qAv7HFyrHR6bst0A7F1zHTQa0IgQrM6r+N7R5OHEv
+RfclZUIP4eYQwnwDyfEKaXTym5cE2k/JC6a9wygFi8CUBss230RmVUWBFFadEng6
+bvUtKlQDJUzl7Zzr1aiHZpdNaTU9haxMT8U5HmcMrJzGN+pBi8G2Zia1/Jt32EY6
+xNXXlNqPcsJlT1Gk6mK23TgkYXpvzugkAAxv/xnLtKnwgLzWT9icLnIl21iR871i
+8VOL2mTyYxnqX2xPL1hYgsxvPBr256M=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-ufl-csm.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth-ufl-csm.symplicity.com/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-umbc.symplicity.com/sso">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 299, expires on Fri Apr 16 18:56:54 2010 GMT -->
+ <ds:X509Certificate>
+MIIFtTCCBJ2gAwIBAgICASswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQxNTE4NTY1NFoXDTEwMDQx
+NjE4NTY1NFowKTEnMCUGA1UEAxMec2hpYmJvbGV0aC11bWJjLnN5bXBsaWNpdHku
+Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSDOmbMGW2N
+9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkEX2+ydsmh
+HwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5OeGN3uaTO
+mnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfORSR1XGq4z
+nKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV0c7XQXsY
+9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzGSSIqSZyn
+6Ucd9QIDAQABo4ICuDCCArQwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5OQID2BAX
+A90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6
+BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCkGA1Ud
+EQQiMCCCHnNoaWJib2xldGgtdW1iYy5zeW1wbGljaXR5LmNvbTANBgkqhkiG9w0B
+AQUFAAOCAQEAg2O2lSE7vSUli3Ww2uVeknN4wa57o9izqjZ7OtQ/aM6RbULFDYDP
+UYFeMC2A8MglbRoKiwsjeFjuv3JRUm0k8RDsUJ3E2DVmmsr5Fafid973BTl0wMU+
+j3GmhqRFmT6+aq5T5Xsndq36Hbox+Rm4ukoSm+DHMOU2R7um6nBtP+DFGnJ9PEin
+mC9FC9t0woT9/ALLDibL5Vi+/IKLscx60HlfChC/qpSlab710sV5yLavhz4ZKFLX
+YptShAepB0+rWLwIyEFg7i7dgKRjWN1AjXgXBxtkucv9yG6s0foBsjQ6OARCxMWP
+wmBEwkWvWgOSzlSr3nWqAy8SJKqzXmnZwQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-umbc.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>noc@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-upenn-csm.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 664, expires on Mon Oct 10 17:08:13 2011 GMT -->
+ <ds:X509Certificate>
+MIIFtzCCBJ+gAwIBAgICApgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwOTE3MDgxM1oXDTExMTAx
+MDE3MDgxM1owLjEsMCoGA1UEAxMjc2hpYmJvbGV0aC11cGVubi1jc20uc3ltcGxp
+Y2l0eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmGtOp9IM6
+ZswZbY32miCFM3ZneF7t1y6ltOSh5rThdmys/fdVLXrmJeuX7ZjX6qIfWx5ImQRf
+b7J2yaEfCqCuXPFF4fHBze7D4gLYqA/N4yIOluVnTFjKekq8FaGqKyW7XUf9Lk54
+Y3e5pM6adThYxT8v1Cr92B1HhzTi9+C6hFhf8R35+qCTa62bJeLBawCl6xzB85FJ
+HVcarjOcoHbTm3u+jZ9YRWxIyTTIgHy11jV00LpPua2pDpJ/PKnrGHSgS2bJstXR
+ztdBexj1H8/lWaPGmu1bEinX5e/dvql/IsoDOphfxtcF7VPpuGeRN68+Jbvp3MZJ
+IipJnKfpRx31AgMBAAGjggK1MIICsTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLk5
+AgPYEBcD3S5VoAQ4qQK2qLhpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMC4GA1UdEQQn
+MCWCI3NoaWJib2xldGgtdXBlbm4tY3NtLnN5bXBsaWNpdHkuY29tMA0GCSqGSIb3
+DQEBBQUAA4IBAQBBndVNV9hSHTr1G1ZxXxMM+kYoa4W2Jyz2Fe5r/FAFLACDWnJ4
+RrnoFaNrEubKixsxnUR+i39vWMINEWquUGwGa08W4m0pRqHaSlYJPlsm2Qz6eI28
+8DgneRELVgjJ57iEN7REuTYn4qfwyEqGL6CEsFCPXK41Py9zrw6CLSHnesw87G3d
+K3ZX51M13MG6YEg9/dQ0qUhfgnukxb75qj8kqg+bxMDHPcm8kZwpvv+nfLdUyZfh
+lbQMYVMXPidry+fC1P9g/g8FDYc0rP2vyIiD4/uC/dILtPQSG2x0xs3vRJIf0bp3
+bK1ZZ/rHyk4KZuwIxU0RLGoRoY8x3apkLpm8
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-upenn-csm.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-upenn-jams.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 665, expires on Mon Oct 10 17:08:21 2011 GMT -->
+ <ds:X509Certificate>
+MIIFuTCCBKGgAwIBAgICApkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwOTE3MDgyMVoXDTExMTAx
+MDE3MDgyMVowLzEtMCsGA1UEAxMkc2hpYmJvbGV0aC11cGVubi1qYW1zLnN5bXBs
+aWNpdHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSD
+OmbMGW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkE
+X2+ydsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5O
+eGN3uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfOR
+SR1XGq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV
+0c7XQXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzG
+SSIqSZyn6Ucd9QIDAQABo4ICtjCCArIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5
+OQID2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAvBgNVHREE
+KDAmgiRzaGliYm9sZXRoLXVwZW5uLWphbXMuc3ltcGxpY2l0eS5jb20wDQYJKoZI
+hvcNAQEFBQADggEBAAtoEteseoFgwCm6GD0EFbeO7qr5N3hvbiQmi/+43F6lkzK0
+/TZYg5vUQ8MHj/lwFcNiXOEn52zZlBwS4lX2974VIrOGxp9cHu7O+rOfYIQw2ryB
+kxDrqi1X3UQdfg0nhEH3V+b0vT3yyOwrr3ZbpJq902RBFRQS68LdC2WH0Yyx/NDd
+Vy3Ek37INKl8GKDZTK926QZWmPdz1c831n91/RkTRlrfe+B9szEs07VEKtrDW2RF
++tJDpReOybNvE7iQBuzZIaKhOCZ7C5s5wS50D5wEBYqD4LoMFY0UMvosfi0JNYXD
+t7ycjQ2yq9Pmn+Vi0AwpBX2AIviEGnhRMnlwqwk=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-upenn-jams.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-upenn-sgms.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 666, expires on Mon Oct 10 17:08:27 2011 GMT -->
+ <ds:X509Certificate>
+MIIFuTCCBKGgAwIBAgICApowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwOTE3MDgyN1oXDTExMTAx
+MDE3MDgyN1owLzEtMCsGA1UEAxMkc2hpYmJvbGV0aC11cGVubi1zZ21zLnN5bXBs
+aWNpdHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSD
+OmbMGW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkE
+X2+ydsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5O
+eGN3uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfOR
+SR1XGq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV
+0c7XQXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzG
+SSIqSZyn6Ucd9QIDAQABo4ICtjCCArIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5
+OQID2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAvBgNVHREE
+KDAmgiRzaGliYm9sZXRoLXVwZW5uLXNnbXMuc3ltcGxpY2l0eS5jb20wDQYJKoZI
+hvcNAQEFBQADggEBAAczk8PfPasQZuUgY6QxTqaCeUP2kWPPYPFUj+aasr5jIv2H
+Ugzlfm7xPMERZ3FRhLt5bWds0dYpqzs1W5j9VxX/WbCKik2vv41nuVYU5figIZ1v
+PD/1jtoQWZVrWZ9LqvFJf5amxk3bpOItyJOzfe0mOuMnPRCF9ATzImJ5hyVQQbrb
+xKYv1Zxpq2WGVW1DqeR3QcYTq65HLdj2Tx75v0/Dk6D6cNmd8xXS2pDiornM9pMe
+qAhlsNGnjJWcHT8Jr8JJ6/jW7f5BDN5Q79rqoJVk4lsivz646iZ716rcfbbEKl3x
+G8W+VplD23MAc4yV484OIW7gSeJxePQnPHX9Hjo=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-upenn-sgms.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-uww-sgms.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16199042010940689421, expires on Thu Jan 24 02:59:05 2013 GMT -->
+ <ds:X509Certificate>
+MIIDyjCCArICCQDgzo7h+7/MDTANBgkqhkiG9w0BAQUFADCBpjELMAkGA1UEBhMC
+VVMxETAPBgNVBAgTCFZpcmdpbmlhMRIwEAYDVQQHEwlBcmxpbmd0b24xHzAdBgNV
+BAoTFlN5bXBsaWNpdHkgQ29ycG9yYXRpb24xKzApBgNVBAMTInNoaWJib2xldGgt
+dXd3LXNnbXMuc3ltcGxpY2l0eS5jb20xIjAgBgkqhkiG9w0BCQEWE3NoaWJAc3lt
+cGxpY2l0eS5jb20wHhcNMTAwMTI1MDI1OTA1WhcNMTMwMTI0MDI1OTA1WjCBpjEL
+MAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRIwEAYDVQQHEwlBcmxpbmd0
+b24xHzAdBgNVBAoTFlN5bXBsaWNpdHkgQ29ycG9yYXRpb24xKzApBgNVBAMTInNo
+aWJib2xldGgtdXd3LXNnbXMuc3ltcGxpY2l0eS5jb20xIjAgBgkqhkiG9w0BCQEW
+E3NoaWJAc3ltcGxpY2l0eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDEPY/lxUA7UwOsBasP2T6Bl03kuv/TzDWSUQmogWYbuDgcluEwgJ7yQduZ
++rC3Q3NDLJxOnUSu5ra5MG4FNRsbKhQqX4SOPcVbCd3xcVPlpuLwN48rFz2H5Fbf
+Y/2xTCQ0cz/7FenqYcPypYFDkVLWOQH/6iK6LhlykUPPoVnvYoqKCiPgM8kUzEGr
+hSFZw5KpPuAwfvkZMTg29LjvgQzFlxt7SrJ/gVwL2M3eorJZkYJwqA8He8KNBRsP
+wWOdRgbqq4Z8+B3z/4eITwaSir6M9ppEqcZOWrpRg34BEDz1U8f6aQhkbJBPIbyT
+H8uR4AaxdZyTDnMniMfKi50ScvkVAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBABzV
+4b3Ctf3AkY/Sbm/UuLx0mX6sBsq1epJy2v9l5t1payT9RMyTXcdaZigYRD0IXaen
+cKe+o4dl3QzmWknvp3vPjifuaEWRzOGjJun7VdVKlso1R56iWqPEx0/jTFYB57t/
+SKPsQdfgHbGdLPWysAY7tHJ9FqrICO7g0DFQMp6fTQkbGOhR84GJw0JSdanuLPvk
+NKH80KWW28DXjKMljzbDt1m3XSjhqZNEVI22iFpAHcTo2DH/KgNIwZreejh1vqiW
+jLt2ehl+p+kPJhBRGwnyKr2woRlvoCqz5/duufdJOYtccDL+IG+Q1oBUx/WLrpyQ
+ypozL17+B1ezgi4sTBU=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-uww-sgms.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-washington.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 591, expires on Thu Jul 14 18:07:49 2011 GMT -->
+ <ds:X509Certificate>
+MIIFuTCCBKGgAwIBAgICAk8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxMzE4MDc0OVoXDTExMDcx
+NDE4MDc0OVowLzEtMCsGA1UEAxMkc2hpYmJvbGV0aC13YXNoaW5ndG9uLnN5bXBs
+aWNpdHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSD
+OmbMGW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkE
+X2+ydsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5O
+eGN3uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfOR
+SR1XGq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV
+0c7XQXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzG
+SSIqSZyn6Ucd9QIDAQABo4ICtjCCArIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5
+OQID2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAvBgNVHREE
+KDAmgiRzaGliYm9sZXRoLXdhc2hpbmd0b24uc3ltcGxpY2l0eS5jb20wDQYJKoZI
+hvcNAQEFBQADggEBAKns3xVKe2TH5883EcXlPfeU0ToYR2KvNK08znzd6w+5+5SP
+MG8Wo3HoedmWyOlv9B+MSzNlNw4Y8w4qZxv24C1sNG8y7xDepITa6gYJyeIJU/en
+IOrDVxUyIW+7R5stsZCBszIIlnzW0eWa96ikDIkh5SCzRzTWffscFPF797UX/GvK
+w6R/wL2/c8xKBg04Zc4n2lOL4GsZlbhGNbpPAMnGF4xD/7ksJJ4Z0mR5nt+ieln+
+zUUjSVCbOU1F7NdHoMZrlfVEcY9PqTtSMqBk3CNLy6V3/k17lRFWTiwgSRlFhl0O
+KDJjLdPI1n76rXf3aGQNqwBYJ23VShZLoaZMo1s=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-washington.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-wustl-csm.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 616, expires on Sat Aug 6 17:56:38 2011 GMT -->
+ <ds:X509Certificate>
+MIIFtzCCBJ+gAwIBAgICAmgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgwNTE3NTYzOFoXDTExMDgw
+NjE3NTYzOFowLjEsMCoGA1UEAxMjc2hpYmJvbGV0aC13dXN0bC1jc20uc3ltcGxp
+Y2l0eS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCmGtOp9IM6
+ZswZbY32miCFM3ZneF7t1y6ltOSh5rThdmys/fdVLXrmJeuX7ZjX6qIfWx5ImQRf
+b7J2yaEfCqCuXPFF4fHBze7D4gLYqA/N4yIOluVnTFjKekq8FaGqKyW7XUf9Lk54
+Y3e5pM6adThYxT8v1Cr92B1HhzTi9+C6hFhf8R35+qCTa62bJeLBawCl6xzB85FJ
+HVcarjOcoHbTm3u+jZ9YRWxIyTTIgHy11jV00LpPua2pDpJ/PKnrGHSgS2bJstXR
+ztdBexj1H8/lWaPGmu1bEinX5e/dvql/IsoDOphfxtcF7VPpuGeRN68+Jbvp3MZJ
+IipJnKfpRx31AgMBAAGjggK1MIICsTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLk5
+AgPYEBcD3S5VoAQ4qQK2qLhpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMC4GA1UdEQQn
+MCWCI3NoaWJib2xldGgtd3VzdGwtY3NtLnN5bXBsaWNpdHkuY29tMA0GCSqGSIb3
+DQEBBQUAA4IBAQA5tk1tgWCW61TgPaqDKA2vyMtV33xY3YTpUmCfg/qBJreXKJ4N
+pGGu66ZE1dIxPjnJdYSb3cjfN5gjVFDe6f87nwEa48e4i/7EqCDQGwlbRyJrQdKR
+Vn+2WyXhUSE9j/TOMutK9GUfazv4ZQabEDOcQWIwgdtSvFMDEVAs9iMDRAXPjhKX
+iv/9WRA3n9sCOebinOrGCVIJlQG761u3GgOHMTUROs3x80jetrYThboJKnDRQyjt
+0Tn1dckQzJpkZELuDerD9SfQGZbrw9mD6Q1m+kzYzWGzkYoCmHW4eleARgIpnZc8
+JdLlMx1hDCSTZ7aqhbD6TlkxNSg6Jd3b1lrK
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-wustl-csm.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-wustl-jams.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 617, expires on Sat Aug 6 17:56:40 2011 GMT -->
+ <ds:X509Certificate>
+MIIFuTCCBKGgAwIBAgICAmkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgwNTE3NTY0MFoXDTExMDgw
+NjE3NTY0MFowLzEtMCsGA1UEAxMkc2hpYmJvbGV0aC13dXN0bC1qYW1zLnN5bXBs
+aWNpdHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSD
+OmbMGW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkE
+X2+ydsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5O
+eGN3uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfOR
+SR1XGq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV
+0c7XQXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzG
+SSIqSZyn6Ucd9QIDAQABo4ICtjCCArIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5
+OQID2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAvBgNVHREE
+KDAmgiRzaGliYm9sZXRoLXd1c3RsLWphbXMuc3ltcGxpY2l0eS5jb20wDQYJKoZI
+hvcNAQEFBQADggEBAIhZh84nlap7d4bzCQTPlPGAVZzssY8LWrPHuBC+k76DSSXG
+AelpunSXCozrsHQIq4lwQiRNOIU75D8CalWkTrf3cpPo/ZcS0gdBSV043aar4EXy
+b7OTyRjdYPryDj/CXQGQC2YDN/ziwUZzO2qD4Fgczpmd6WqOalwWgt8Rle3GgzWw
+fTS9yTgm9b/fVh5l/vwPWRogEOSl0L2yMpiIb0IEfRJAo7pINH/CRu46H/qqD5R9
+wB3q7lDfeeLxSDN5JkdJuzD6RpR6nrfURrTkqksvBsQFAxbyjLmZ/94PyiYjsGdM
+8QCBeFPmJlCIiWe2/sNpD0huZuluENwQXiKlaBY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-wustl-jams.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth-wustl-sgms.symplicity.com/sso/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 618, expires on Sat Aug 6 17:56:41 2011 GMT -->
+ <ds:X509Certificate>
+MIIFuTCCBKGgAwIBAgICAmowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgwNTE3NTY0MVoXDTExMDgw
+NjE3NTY0MVowLzEtMCsGA1UEAxMkc2hpYmJvbGV0aC13dXN0bC1zZ21zLnN5bXBs
+aWNpdHkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAphrTqfSD
+OmbMGW2N9poghTN2Z3he7dcupbTkoea04XZsrP33VS165iXrl+2Y1+qiH1seSJkE
+X2+ydsmhHwqgrlzxReHxwc3uw+IC2KgPzeMiDpblZ0xYynpKvBWhqislu11H/S5O
+eGN3uaTOmnU4WMU/L9Qq/dgdR4c04vfguoRYX/Ed+fqgk2utmyXiwWsApescwfOR
+SR1XGq4znKB205t7vo2fWEVsSMk0yIB8tdY1dNC6T7mtqQ6Sfzyp6xh0oEtmybLV
+0c7XQXsY9R/P5VmjxprtWxIp1+Xv3b6pfyLKAzqYX8bXBe1T6bhnkTevPiW76dzG
+SSIqSZyn6Ucd9QIDAQABo4ICtjCCArIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS5
+OQID2BAXA90uVaAEOKkCtqi4aTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAvBgNVHREE
+KDAmgiRzaGliYm9sZXRoLXd1c3RsLXNnbXMuc3ltcGxpY2l0eS5jb20wDQYJKoZI
+hvcNAQEFBQADggEBAKUyPAAp4zTP/xIofMoKqk09fw4SLFKFOIuXuRtsOkgXnOpp
+L1RJOqFBqe3aleqD5wPEDXKuL6w3dpH/mRF5ll4dxMST8LXpUCD6UrzjCwARy9n5
+8od9fLVKTiyUQkpA7JoxVdEjmArMPa5WHu9fEz8Hs4cZ8yLpm0ZyTFN8kteKBpS2
+sHuXa/pAQcC9ydbRbPm3pPK1BFpl8sEdOOXqz1JsEV5rl5auNSKGURsSUWbHs8l5
+TW94E1imuRGw+p8UHYxe6I37WpeyoNMPAB/dE4AxpJyAyJzSvLDw3TrxYRprKJ1r
+L6ZYp9hxb4+DcO7wKkU+wUpic3z5Me9Mt8sAv/I=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth-wustl-sgms.symplicity.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Symplicity Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Symplicity Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.symplicity.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Symplicity NOC</GivenName>
+ <EmailAddress>shib@symplicity.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Richmond -->
+<EntityDescriptor entityID="urn:mace:incommon:richmond.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">richmond.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 369, expires on Fri Jul 2 17:15:51 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAXEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMTE3MTU1MVoXDTEwMDcw
+MjE3MTU1MVowHDEaMBgGA1UEAxMRd3d3cy5yaWNobW9uZC5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAJoUI6tzeNe1v/Z02hxlrucEgkpd2miRhNsefj0o
+rFU6F314FZ6CE7JHHvA+iciDyOZwC1gBGjiqXn/4azVCRkysDxoRHcH2DfWD7vBB
+1kIb/obXfGDQRUCQb6Cxheods0I9vYWg1qz8XInN1m9R6a2kCUdvImZFMa7eKacb
+imovAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFFkrRnHYcJBy
+RqAR3ljF8hWkQy/0MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXd3
+d3MucmljaG1vbmQuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCCIHYpOqVIfUCqEwKJ
+BL99Jun8F4QjHtvORw1cHj+u5u4u6WitllYmdgiMQO6XLFQuGAwJK82ldpI4AlQK
+5BSvGp7lYIwIlalvIaM6qyFQLiczhRv7ZpkdphIp6hUAzlXXlyKVBSYVl8vgXpHF
+KseSBeTagQ1v82ViY+9p0OVOLgGvKWBWNRgiW9WcF7YkU+8OE0HDZAreENt3n/IZ
+EMVj9oW8498POQC4y1D9I0SMB2VgIlKW+QjmH7PiKdRlXN6yUkpI+VSfnA29Lvt0
+mVClkrXyQ4IIgUvcDrZhkFwyRL0i7tSLsRDLY/NGfxzDG87vVWNt99wciReEmEmH
+W7Pl
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://wwws.richmond.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">richmond.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 369, expires on Fri Jul 2 17:15:51 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAXEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMTE3MTU1MVoXDTEwMDcw
+MjE3MTU1MVowHDEaMBgGA1UEAxMRd3d3cy5yaWNobW9uZC5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAJoUI6tzeNe1v/Z02hxlrucEgkpd2miRhNsefj0o
+rFU6F314FZ6CE7JHHvA+iciDyOZwC1gBGjiqXn/4azVCRkysDxoRHcH2DfWD7vBB
+1kIb/obXfGDQRUCQb6Cxheods0I9vYWg1qz8XInN1m9R6a2kCUdvImZFMa7eKacb
+imovAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFFkrRnHYcJBy
+RqAR3ljF8hWkQy/0MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXd3
+d3MucmljaG1vbmQuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCCIHYpOqVIfUCqEwKJ
+BL99Jun8F4QjHtvORw1cHj+u5u4u6WitllYmdgiMQO6XLFQuGAwJK82ldpI4AlQK
+5BSvGp7lYIwIlalvIaM6qyFQLiczhRv7ZpkdphIp6hUAzlXXlyKVBSYVl8vgXpHF
+KseSBeTagQ1v82ViY+9p0OVOLgGvKWBWNRgiW9WcF7YkU+8OE0HDZAreENt3n/IZ
+EMVj9oW8498POQC4y1D9I0SMB2VgIlKW+QjmH7PiKdRlXN6yUkpI+VSfnA29Lvt0
+mVClkrXyQ4IIgUvcDrZhkFwyRL0i7tSLsRDLY/NGfxzDG87vVWNt99wciReEmEmH
+W7Pl
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://wwws.richmond.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Richmond</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Richmond</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.richmond.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Greg Miller</GivenName>
+ <EmailAddress>gmiller@richmond.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Steve Zinski</GivenName>
+ <EmailAddress>szinski@richmond.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Medical University of South Carolina -->
+<EntityDescriptor entityID="urn:mace:incommon:musc.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">musc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 243, expires on Thu Jan 7 22:13:30 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAPMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEwNzIyMTMzMFoXDTEwMDEw
+NzIyMTMzMFowHjEcMBoGA1UEAxMTc2hpYmJvbGV0aC5tdXNjLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAwR6gd7Rpw/JhnIGzzhNgQVK4n4w+P9jrf5Jz
+8uPM4lPE9mB35NnHcdskiqJwQWsHWz/WoseowuIuttgWeYG0uPwxCea6rfkhC//j
+NjYV20HKPWs7pv071s/NXXdYFbXy/oYR70T2m889f+9vCUdzmORAy/W5Zw9Dz77E
+Gu8mMVMCAwEAAaOCAq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUtkz9s2xJ
+4IQnKx9KM71Qyodp1vcwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+ugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNV
+HREEFzAVghNzaGliYm9sZXRoLm11c2MuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAJ
+2waGoRT3j1uscdAA5RZYv/CXJTcBIvwDm6oiP4AsUvj6uHHqfvJxbO0Upl3XTHhv
+lxwGwnuZEkXZhsguqxcZupwae0Jp+gSPRzBOgutx4+NoOXM+C/UfWIao63AQhWsq
+EiaUAWTuTdWCCgAYdXrxJJcZdVmCX71D+68CMj7hIreSPUwQuruNml09tHdvvrTt
+PoDx3II1XkmHtH6sd4C0t87JQZhtvygCphAmneOmhWHUsEh/oDTkCqZNQXz4uA53
+Aw5kpWiAOuWuMqH7nK/VMYdxoQDkmXmOL9Jd7LVv62wf9g6GY1vvuwltTGWRyIMC
+UmG1G20eV87I65L9YVpx
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 0, expires on Thu Jan 10 20:41:56 2013 GMT -->
+ <ds:X509Certificate>
+MIIDLjCCAhagAwIBAgIBADANBgkqhkiG9w0BAQQFADAeMRwwGgYDVQQDExNzaGli
+Ym9sZXRoLm11c2MuZWR1MB4XDTEwMDExMTIwNDE1NloXDTEzMDExMDIwNDE1Nlow
+HjEcMBoGA1UEAxMTc2hpYmJvbGV0aC5tdXNjLmVkdTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANKRHX3ujatLQ2Z7lVSEAVYtfy6Ry0pj44AMb0qfhtcn
+mf8b68ZkPkEy1lmlSQAW/kDMjvY8TPbbUDpC2bopX49blMLXbcO3isiETezFcAbp
+qtuiBth/gLPR9kXp+ynAQRm1vMNPQ3mAUtBbjT7yBwOrmUJ4VRxNx+9XpKRs2RWd
+akA+EcHglCWxiQdZLjiMgH5An1yyT6yRIfeABR9NEw8e2yuol5qLxdcXp57Gn4an
+ngMeO8XdbcmrjN//BdN1tCXd0Lx64czt+b/PqHCjkSzUg5RTJWN0+RUrr2SkiK2D
+KdFZtkN8I8fCdX8Wh0eq04p+n2UC9STO2L1AeE89r/sCAwEAAaN3MHUwHQYDVR0O
+BBYEFNL2RJENvstMjr1aC/5BreDZP0VEMEYGA1UdIwQ/MD2AFNL2RJENvstMjr1a
+C/5BreDZP0VEoSKkIDAeMRwwGgYDVQQDExNzaGliYm9sZXRoLm11c2MuZWR1ggEA
+MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAMBEoqhtYuyTX9yj1E6c
+kBfvyi1d0RKKunYOZVoJBuwD0+pj8EcSdbD6JP9CSJx47m04C8jVuZAGOdLQBA2z
+egAOgv7ZtpWoHaSsQYJUA/Kdi4ATq+GY1yQP5cdFaM/KEm94TfleN/g1v+pHv0rl
+/W733U+/NlXnQheHmrwMDhCSE2WSNfLk3dzJHtvYAmAIT82+8I64ZFN/PHU6tWPO
+GSZQkKt352FOFMzkq2CojWUlA7FmnYiJ/K+uTqoA3EsflAUZ5DNGsQ8/nuVHSOjK
+PN7TUA7/v66uWO3GNA84acel2TtH0tul4ZWySjSxWPIdsN6jgUkbhmLVMWNCRK8v
+RNY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.musc.edu/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.musc.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">musc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 243, expires on Thu Jan 7 22:13:30 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAPMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEwNzIyMTMzMFoXDTEwMDEw
+NzIyMTMzMFowHjEcMBoGA1UEAxMTc2hpYmJvbGV0aC5tdXNjLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAwR6gd7Rpw/JhnIGzzhNgQVK4n4w+P9jrf5Jz
+8uPM4lPE9mB35NnHcdskiqJwQWsHWz/WoseowuIuttgWeYG0uPwxCea6rfkhC//j
+NjYV20HKPWs7pv071s/NXXdYFbXy/oYR70T2m889f+9vCUdzmORAy/W5Zw9Dz77E
+Gu8mMVMCAwEAAaOCAq0wggKpMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUtkz9s2xJ
+4IQnKx9KM71Qyodp1vcwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+ugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAeBgNV
+HREEFzAVghNzaGliYm9sZXRoLm11c2MuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAJ
+2waGoRT3j1uscdAA5RZYv/CXJTcBIvwDm6oiP4AsUvj6uHHqfvJxbO0Upl3XTHhv
+lxwGwnuZEkXZhsguqxcZupwae0Jp+gSPRzBOgutx4+NoOXM+C/UfWIao63AQhWsq
+EiaUAWTuTdWCCgAYdXrxJJcZdVmCX71D+68CMj7hIreSPUwQuruNml09tHdvvrTt
+PoDx3II1XkmHtH6sd4C0t87JQZhtvygCphAmneOmhWHUsEh/oDTkCqZNQXz4uA53
+Aw5kpWiAOuWuMqH7nK/VMYdxoQDkmXmOL9Jd7LVv62wf9g6GY1vvuwltTGWRyIMC
+UmG1G20eV87I65L9YVpx
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 0, expires on Thu Jan 10 20:41:56 2013 GMT -->
+ <ds:X509Certificate>
+MIIDLjCCAhagAwIBAgIBADANBgkqhkiG9w0BAQQFADAeMRwwGgYDVQQDExNzaGli
+Ym9sZXRoLm11c2MuZWR1MB4XDTEwMDExMTIwNDE1NloXDTEzMDExMDIwNDE1Nlow
+HjEcMBoGA1UEAxMTc2hpYmJvbGV0aC5tdXNjLmVkdTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANKRHX3ujatLQ2Z7lVSEAVYtfy6Ry0pj44AMb0qfhtcn
+mf8b68ZkPkEy1lmlSQAW/kDMjvY8TPbbUDpC2bopX49blMLXbcO3isiETezFcAbp
+qtuiBth/gLPR9kXp+ynAQRm1vMNPQ3mAUtBbjT7yBwOrmUJ4VRxNx+9XpKRs2RWd
+akA+EcHglCWxiQdZLjiMgH5An1yyT6yRIfeABR9NEw8e2yuol5qLxdcXp57Gn4an
+ngMeO8XdbcmrjN//BdN1tCXd0Lx64czt+b/PqHCjkSzUg5RTJWN0+RUrr2SkiK2D
+KdFZtkN8I8fCdX8Wh0eq04p+n2UC9STO2L1AeE89r/sCAwEAAaN3MHUwHQYDVR0O
+BBYEFNL2RJENvstMjr1aC/5BreDZP0VEMEYGA1UdIwQ/MD2AFNL2RJENvstMjr1a
+C/5BreDZP0VEoSKkIDAeMRwwGgYDVQQDExNzaGliYm9sZXRoLm11c2MuZWR1ggEA
+MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEEBQADggEBAMBEoqhtYuyTX9yj1E6c
+kBfvyi1d0RKKunYOZVoJBuwD0+pj8EcSdbD6JP9CSJx47m04C8jVuZAGOdLQBA2z
+egAOgv7ZtpWoHaSsQYJUA/Kdi4ATq+GY1yQP5cdFaM/KEm94TfleN/g1v+pHv0rl
+/W733U+/NlXnQheHmrwMDhCSE2WSNfLk3dzJHtvYAmAIT82+8I64ZFN/PHU6tWPO
+GSZQkKt352FOFMzkq2CojWUlA7FmnYiJ/K+uTqoA3EsflAUZ5DNGsQ8/nuVHSOjK
+PN7TUA7/v66uWO3GNA84acel2TtH0tul4ZWySjSxWPIdsN6jgUkbhmLVMWNCRK8v
+RNY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.musc.edu:7443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Medical University of South Carolina</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Medical University of South Carolina</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.musc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Richard Gadsden</GivenName>
+ <EmailAddress>gadsden@musc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Joshua Staples</GivenName>
+ <EmailAddress>staplesj@musc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ezproxy.musc.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 337, expires on Thu Jun 3 18:15:24 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAVEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYwMjE4MTUyNFoXDTEwMDYw
+MzE4MTUyNFowGzEZMBcGA1UEAxMQZXpwcm94eS5tdXNjLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA2jpJ+zxREhO1xIxDBVTKxp+F7ZfTj5kRNO1/+Ma5
+Sys1rOgAmBmyolORhjJf6rNj915NkEWymZxmoMrp/Wm8lOabFWveorSvBwCdTIHA
+/+2RvmXrJ1CuGAzjP4JiTyCWWLU+ltqCkHXXUv1lZipnxmSPjEAtAxkb2d8YA07y
+6zkCAwEAAaOCAqowggKmMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUyPcQx9L4lmOd
+K8WbZtBXA2njeWowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYI
+KwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAbBgNVHREE
+FDASghBlenByb3h5Lm11c2MuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAQIicxMSdb
+LAy86bYhSaEzdYnahqT0F0vdVt5cWKEI8EDosWNsjOV6cf+kZoxTB23ZTVw6jntE
+ENd6dMq3r3qUfaK6hVdhZWL2gqCnSWqzZVa/YNkf0rVHexydvUCCs45oiuMIZtT1
+DFWzTs1sGYte6UwN7+hejU/pRfwgLE1DJPJsA/7Yqcrrow+Gi5gDMza9B1Fm7Xjj
+7IpW9Vjlv9pYlfv4eHqjrqVElx3l/0WUBN7Vnu+KnWKcQ0SD8wsLJshYVbHhjw6f
+PL00nCi5mYaZlbW/KlMetKZDrDh7p8DPavNFQCbceTrwFDU2Hl6K4QjIqu0BQRb5
+cXMadKDAn3dH
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ezproxy.musc.edu/Shibboleth.shire" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ezproxy.musc.edu/Shibboleth.shire" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Medical University of South Carolina</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Medical University of South Carolina</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.musc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Matthew Gregg</GivenName>
+ <EmailAddress>webmaster@musc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Wisconsin-Madison -->
+<EntityDescriptor entityID="urn:mace:incommon:wisc.edu">
+ <IDPSSODescriptor errorURL="https://idp.login.wisc.edu/support.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">wisc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 277, expires on Mon Mar 8 21:26:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICARUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMwNzIxMjY1MloXDTEwMDMw
+ODIxMjY1MlowHTEbMBkGA1UEAxMSaWRwLmxvZ2luLndpc2MuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0t3teLrTZBz91MJ6nQizUeSp1W92ijOT
+F+1jk+tTSKSerEneVsaMftouSiGsu8p5r1cKvNe6hR5ujoN8TtMbIp8/JAVIO1Il
+JBCDUhVIUgMMmlSAkp3bvk7flri1QBC2AgLSbsWOizn6S1zh69gX+gflcs8Hx6Ig
+6zPU8LOvgtPWZI3QtOEY8qXkdtmIeAX2SWDXBsRj8ss720omZGuTArXZiX+CvK3l
+Pw8k+hl8+0dHh1m1xhWc8yq8ty+H5tEg8u+ZzZ3hX7SAkuVuoo8JdJhzFfWsY7aq
+DIJ4a8VaL3Fd+khy3maNLPXyNsnOZ486TQrSaWrz1wYh/IA2ZyH+pQIDAQABo4IC
+rDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSSuIqaG0sB7+IlCBJ1BJAWbJMq
+SjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSB
+rTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNz
+dWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1UdEQQWMBSCEmlkcC5s
+b2dpbi53aXNjLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAxnSAGcnqeaIZiWpvhsq3
+6PJ/38scUyqoIuqDs1YHU6U2/fe1477BXMO5Ly0WtnYno4mmYGp+7njNg1UxJwV7
+VV0IEdDdBeRx7sUlfIgDAWTJwgY3BOSBmMwAXksiEulUB/iKyQJOoOHnfOBWWQz1
+SRwoW0O3H2AjxJ4SJvR0LRZN5Ijym4wZ9iwdiBFv76U/nZGJA9kLQG4RoYpchME7
+5D3xLqq5Qpr4TaFKl1eXZSvYXJMgEN5D+8+sGA70I1fznakhxs0ToReTE0fU06AD
+qSsXej8DgGfM7Kajx2IuSQl8YDwmMUl+DVhh1HPtQxJGypPlm9FikTCqoZl01Rgt
+RA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.login.wisc.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">wisc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 189, expires on Thu Jul 24 15:08:03 2008 GMT -->
+ <ds:X509Certificate>
+MIIF0jCCBLqgAwIBAgICAL0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDcyNTE1MDgwM1oXDTA4MDcy
+NDE1MDgwM1owUzELMAkGA1UEBhMCVVMxKDAmBgNVBAoTH1VuaXZlcnNpdHkgb2Yg
+V2lzY29uc2luLU1hZGlzb24xGjAYBgNVBAMTEWFhLmxvZ2luLndpc2MuZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Z3qZGtDKhkrPcvUSFbf7ImW
+/wbkbQR3NQG8g3U/JC1pciwBLI8vE+IKzinw2/1m9YEJIWJqPfiRb+Ew+hheXcLF
+dXPgXw3cIv8KUhuyGQSOovmhMkn3ZqceCfNfclE4GFqbXy9UZPG4PRbBGhNWd8Tn
+a+nkQ2+lJygHFQdVOGztGjtTl0HvEFedAsqKYz3gMcU54oyxtEK5n/lGpCzeE/Nr
+MjckAzFHtf6/RNzM7yDy2DvcLUm2JjybLe3OWLlf4kZe3zaS01oEfeR6CheDgTUk
+tltqabDBYXPvqAUTZHXoTznmD5S/zExYbaJwXuqW6w2qW+LFtOSjc8r3UNtUIwID
+AQABo4ICqzCCAqcwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSXS/zT1t+YVI2ztO20
+xHrSYZHZADB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEF
+BQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJ
+Q0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOC
+EWFhLmxvZ2luLndpc2MuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAQPHYqdm/giHdp
+Asr17msfJN6TOQKhfcmwXf9sfN7NP3DPXPyprJRrG9JhOYUTLcOyBfh/wrpBsygs
+Pd0otc5FjWmWxa4o8kP88kH6uMfjyhmGn6iJ4mG9607oGJT50Zid+RGYHBC2rjyF
+El2lBUNcFw1sVlv2VztnROTmcMvRJgKWQXVmQrEDsxOcz9iyZ+doGTdXzry+HVc4
+Jt9BEo9GUYkneJIqVnacQq7W7jmjj5BrrZYaYKWjCG0byRhroY8pKlU2Ofoh0DMN
+snzFfdr9JEcVESxgDxhoVXyJ7ssPz1zNrSKY4Hu8TJLJmcHmcYy4dKj0B9cljIN3
+AOXk/SKr
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 376, expires on Fri Jul 16 14:57:31 2010 GMT -->
+ <ds:X509Certificate>
+MIIFkzCCBHugAwIBAgICAXgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNTE0NTczMVoXDTEwMDcx
+NjE0NTczMVowHDEaMBgGA1UEAxMRYWEubG9naW4ud2lzYy5lZHUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVnepka0MqGSs9y9RIVt/siZb/BuRtBHc1
+AbyDdT8kLWlyLAEsjy8T4grOKfDb/Wb1gQkhYmo9+JFv4TD6GF5dwsV1c+BfDdwi
+/wpSG7IZBI6i+aEySfdmpx4J819yUTgYWptfL1Rk8bg9FsEaE1Z3xOdr6eRDb6Un
+KAcVB1U4bO0aO1OXQe8QV50CyopjPeAxxTnijLG0Qrmf+UakLN4T82syNyQDMUe1
+/r9E3MzvIPLYO9wtSbYmPJst7c5YuV/iRl7fNpLTWgR95HoKF4OBNSS2W2ppsMFh
+c++oBRNkdehPOeYPlL/MTFhtonBe6pbrDapb4sW05KNzyvdQ21QjAgMBAAGjggKj
+MIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJdL/NPW35hUjbO07bTEetJhkdkA
+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQG
+EwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5D
+b21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGl
+MIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAC
+hkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEWFhLmxvZ2luLndpc2Mu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQA7DDZm8KLCPA3BfniYLOPl78t6Ke+y7u+h
+Nk4XBLY3nGsnBeKpRdWo2cvn9KjGZ5aw3UfsKyUdnqI8C7jT+sHHbQs4AwBBwDIi
+FDZVKIGkJ4b2PdRNCMVmVXQDXnwhIvI2uyyebUKygMzePWD2gQkGCdDjuEtaUE0Y
+ZiCcTRYmrOsmKvqS0MjmMzT+uC0OTQVH6YNUIMWQIkCwB8FZPo6R1wq/Xc69O4GE
+kbvxEX9W47Oy6vdGEXUUm8EXpLTjw69/ksZh4CSSstRau65TPLJoXluWNLgrV/6M
+sf57E0k4jusIiqiztntiHaU8HVseFXYNiEEezXHB4JAT74NEYA3P
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aa.login.wisc.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Wisconsin-Madison</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Wisconsin-Madison</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wisc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mike Roszkowski</GivenName>
+ <EmailAddress>roszkowski@wisc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Chris Holsman</GivenName>
+ <EmailAddress>cholsman@doit.wisc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Keith Hazelton</GivenName>
+ <EmailAddress>hazelton@wisc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- National Institutes of Health -->
+<EntityDescriptor entityID="urn:mace:incommon:nih.gov">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nih.gov</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 436, expires on Sun Sep 26 18:30:39 2010 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAbQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkyNTE4MzAzOVoXDTEwMDky
+NjE4MzAzOVowHTEbMBkGA1UEAxMSZmVkZXJhdGlvbi5uaWguZ292MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVVg9HrulkVEaYVsCodWCbEc1xYXio7Z
+35slZQtC/ngFcVGM/ZcshjFHtlxh680dwsha9WPpZwPG7mYfQrqtnS7nzhJ/d2+P
+cd8COZNHgiEnP5nniIJgkLZqUjaCuwjv5Ypko5ey55Ba2jbfsYDEENZtXwFKonkK
+iNFUi7EPXfR732QJUx2hpBv7VsZ/YEO9EKz6Q8Lctu/3ROlhw962Zj37ohwDdJqC
+Nkhc7ORmeXWQWvXAN2WThhVrU2nQKHtG0o8zE3qTknMPoDZ80o8WLAbvd2d0J8Tx
+6GpZBwIhUMWCJLRZTNzcn9S0pLCe6qh/VYoFiRGmVs5IWr7JtVeIJwIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQieEoa/bbq8NKpZKmHzVIe4Wy3
+6jB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJmZWRlcmF0aW9uLm5p
+aC5nb3YwDQYJKoZIhvcNAQEFBQADggEBACi0JhHn6pcQ66cxJTjqywct5h9wo6NK
+/1By3IT2eCHsRa1gDcdLMwub5CwZDQwVYYhEdyW2X2SEgre8FjI/hOTvbTfQe3NZ
+gBjBD9XFqoRC1Ow9CQwkVg1wEQCX1r00ET6qKVLOzLqQwIopeqno7Jwy8CuU81hz
+wlUbjZteP4uftuMOF8N18SVaLQ2j8toaklcq4092MmVSecfKSaayEU8bGlmSRUL8
+382dY7FdAMuLY9cJ9TpUrzjWEb4MucDDNOPqMLbEevasYGQ009Wi070LpAZZytQI
+4yPdDyqAZpCon9lLLxQGSluwfWI1DEbAjM/HZeK6pMtMJl24pRdW4oY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://citdecadssolog.nih.gov/NIHSSO/sso.asp"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://nihlogin.nih.gov/NIHSSO/sso.asp "></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nih.gov</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 436, expires on Sun Sep 26 18:30:39 2010 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAbQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkyNTE4MzAzOVoXDTEwMDky
+NjE4MzAzOVowHTEbMBkGA1UEAxMSZmVkZXJhdGlvbi5uaWguZ292MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVVg9HrulkVEaYVsCodWCbEc1xYXio7Z
+35slZQtC/ngFcVGM/ZcshjFHtlxh680dwsha9WPpZwPG7mYfQrqtnS7nzhJ/d2+P
+cd8COZNHgiEnP5nniIJgkLZqUjaCuwjv5Ypko5ey55Ba2jbfsYDEENZtXwFKonkK
+iNFUi7EPXfR732QJUx2hpBv7VsZ/YEO9EKz6Q8Lctu/3ROlhw962Zj37ohwDdJqC
+Nkhc7ORmeXWQWvXAN2WThhVrU2nQKHtG0o8zE3qTknMPoDZ80o8WLAbvd2d0J8Tx
+6GpZBwIhUMWCJLRZTNzcn9S0pLCe6qh/VYoFiRGmVs5IWr7JtVeIJwIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQieEoa/bbq8NKpZKmHzVIe4Wy3
+6jB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJmZWRlcmF0aW9uLm5p
+aC5nb3YwDQYJKoZIhvcNAQEFBQADggEBACi0JhHn6pcQ66cxJTjqywct5h9wo6NK
+/1By3IT2eCHsRa1gDcdLMwub5CwZDQwVYYhEdyW2X2SEgre8FjI/hOTvbTfQe3NZ
+gBjBD9XFqoRC1Ow9CQwkVg1wEQCX1r00ET6qKVLOzLqQwIopeqno7Jwy8CuU81hz
+wlUbjZteP4uftuMOF8N18SVaLQ2j8toaklcq4092MmVSecfKSaayEU8bGlmSRUL8
+382dY7FdAMuLY9cJ9TpUrzjWEb4MucDDNOPqMLbEevasYGQ009Wi070LpAZZytQI
+4yPdDyqAZpCon9lLLxQGSluwfWI1DEbAjM/HZeK6pMtMJl24pRdW4oY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://nihlogin.nih.gov/notsupported/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">National Institutes of Health</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">National Institutes of Health</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nih.gov/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Debbie Bucci</GivenName>
+ <EmailAddress>bucci@mail.nih.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>NIH ISC Support</GivenName>
+ <EmailAddress>NIHISCSupport@mail.nih.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>NIH Federation Technical Support</GivenName>
+ <EmailAddress>NIHFederationTechnicalSupport@mail.nih.gov</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://federation.nih.gov/FederationGateway">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 341, expires on Sat Jun 5 18:43:47 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAVUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYwNDE4NDM0N1oXDTEwMDYw
+NTE4NDM0N1owHTEbMBkGA1UEAxMSZmVkZXJhdGlvbi5uaWguZ292MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQD2O3B7DF8dTD6xXfOrZCfQ2cxDkweZ9UzCvQ+b
+pg1uPxHw4YUEuGIRpoXYwinJDRvQLZq4tPxFGxFgiasfex+0LTtmvVRTjoIBzv28
+dLxwIj38+moQdK50NeaAZuWUvFNsEDiBNAwuhpA/DYbNqWpgUwfVh8Xjgk1eQ6Os
+i00RAwIDAQABo4ICrDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTjTcBG/Xyv
+Qr7/OggF/RyCRZJsdDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6
+BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1Ud
+EQQWMBSCEmZlZGVyYXRpb24ubmloLmdvdjANBgkqhkiG9w0BAQUFAAOCAQEALiW1
+cC4Xoo0Cu9VBwArBBEqiu8eUBU7EEMg9mDy9KWglxonPTJN87PC2NebXLl11fDvr
+wRqvXKTB5KuesJzkFyxzxeACl5px9IUtvz02JRrbyfhcatFzdLto1Wo31FnxNSco
+552tddmPsG4BjHP5iHBXSnLmmXWltIzCouPbed4SUsJqQkK4sU5BS9pJSDw8MJ7P
+imVDK3H8NjJqdN7pOMS7obM32pgQzP797LUwAPtd+RnMqY83rCvBYKU7dpW/qjKN
+6KzAj3xP/toQVIiBYBOLCRi9XM5s1cLdxYn1XLLGnn/drhBDGPOMcTQTKjLaX/V7
+Lwwq0tbtOuItSvLF+A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://nihlogin.nih.gov/affwebservices/public/samlcc " index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">National Institutes of Health</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">National Institutes of Health</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nih.gov/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Debbie Bucci@mail.nih.gov</GivenName>
+ <EmailAddress>bucci@mail.nih.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>NIH ISC Support</GivenName>
+ <EmailAddress>NIHISCSupport@mail.nih.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>NIH Federation Technical Support</GivenName>
+ <EmailAddress>NIHFederationTechnicalSupport@mail.nih.gov</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://soadev.nih.gov/FederationGateway">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 18335908321199615686, expires on Sat Feb 15 21:45:02 2020 GMT -->
+ <ds:X509Certificate>
+MIIDTDCCAjQCCQD+djt4ZztuxjANBgkqhkiG9w0BAQUFADBoMQswCQYDVQQGEwJV
+UzERMA8GA1UECBMITWFyeWxhbmQxETAPBgNVBAcTCEJldGhlc2RhMQwwCgYDVQQK
+EwNISFMxDDAKBgNVBAsTA05JSDEXMBUGA1UEAxMOc29hZGV2Lm5paC5nb3YwHhcN
+MTAwMjE3MjE0NTAyWhcNMjAwMjE1MjE0NTAyWjBoMQswCQYDVQQGEwJVUzERMA8G
+A1UECBMITWFyeWxhbmQxETAPBgNVBAcTCEJldGhlc2RhMQwwCgYDVQQKEwNISFMx
+DDAKBgNVBAsTA05JSDEXMBUGA1UEAxMOc29hZGV2Lm5paC5nb3YwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDo7d7f7hFFrhRyuyW0bF8lW8RCt9XhiSdK
+6nFKSPWlx/1WK5p53k2mOhYxZmCPjwO/+i5BbWvw/MVnTlhdCtg6ihzJtQPcNpnQ
+nvmn8qPTwfGJpVvoQKmEJpsQGAGtmYwmpn3WB91kIFz1N/NL7q9c7/oVpmCI4OSM
+K7fkd0UIHYWcADuQcnaRgl7GJy8L3zMcH3jdYBX2KnBth6e9OHDdSdEkiHk8qA2O
+MD6FZJN+YoWxvrFm9Yd8JPKIp5V2gJJZfKSA4YI+rv0mf69/Kgf7mMLpoBm8ztD5
+vTHpzqq/bgEtfn4Foafwke3Hyg1KEfDRFzA3WWTbu4R9k+EObVavAgMBAAEwDQYJ
+KoZIhvcNAQEFBQADggEBAMg50fwoqMPGCFNxjdewW8nBz+cu0BVhmbe2LkEYqIBz
+TwQ9GqB8Fzx/+JdoIqmfoUnxhO7jS+i6mfiASNzYvvIFZGV557ZWxm2SGaSkMPTz
+ffQ93QFr/+65vW4OUtNX69+hkYpj5GpO1InFbAU6gdTSr8bh1zN/AsqdoSUVFHX5
+ZkdeI2AVzvjFqu4fXYw5QztnTS6IJGSXqzqgXoVaJfUUlPZUV/VRdyYkZ5a/YitU
+cuhcvo2UhbCm49Gkw5DcYMwNQauOZkcOP0GL8XQsgOINODhqBD4WPFihGpkfWjHz
+jwcVzi0fMGcTko6coa0RlXSfFRruZ8ZZXK7o2qzsI94=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://citdecadssolog.nih.gov/affwebservices/public/samlcc " index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://citdecadssolog.nih.gov/affwebservices/public/saml2assertionconsumer" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">National Institutes of Health</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">National Institutes of Health</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nih.gov/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>NIH Federation Technical Support</GivenName>
+ <EmailAddress>NIHFederationTechnicalSupport@mail.nih.gov</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- 9Star Research Inc. -->
+<EntityDescriptor entityID="urn:mace:incommon:idp.protectnetwork.org">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">idp.protectnetwork.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 377, expires on Fri Jul 16 14:58:05 2010 GMT -->
+ <ds:X509Certificate>
+MIIFKTCCBBGgAwIBAgICAXkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNTE0NTgwNVoXDTEwMDcx
+NjE0NTgwNVowKTEnMCUGA1UEAxMeaW5jb21tb24tYWEucHJvdGVjdG5ldHdvcmsu
+b3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2Ymh3z58gH2IR7na6dVdj
+oJnuMoB1OreRl6Sv9OZTHQv5PMV30mZrlFMU4feiF4UINhBkgaBrLGXC0hDNNodI
+91hhY9gpiJZPjLlxvCT9zUCBAVvoKzJujev098kBgm8l44LLpFKRB+8DGeGV2n9Q
+o6qERUXLlQ8oR82ZgEqQJQIDAQABo4ICsDCCAqwwDgYDVR0PAQH/BAQDAgWgMAwG
+A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud
+DgQWBBQb9vrc/mK8Cux5u9KLvGjqjBywPjB+BgNVHSMEdzB1gBSTLchhGK1j45tl
+s53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9u
+IEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAp
+BgNVHREEIjAggh5pbmNvbW1vbi1hYS5wcm90ZWN0bmV0d29yay5vcmcwDQYJKoZI
+hvcNAQEFBQADggEBAFQCRL5jJpjF7ygte2umrmumCMHXh2KTKmQveucj6Vbkyv6X
+hj/3ormC1RTgPTTaN7rfTCt5Yxa/JJ/La9BVLryNuMU4L6RdQREZKPLuVPq55ELg
+cC1Br9juDk7p57cSuoNxCYce2q9eu7lO/mNyutwcg6n0PCSQGOQYxfnL7gQczUdm
+CBsV96+ymXh6CF5uaKbc+elQAugKcmxkFvtH7fOG7zZYmlGbZ08V+vGoWWqVAN82
+0Aj/gT0dpO4eF03FBl/VkRWGpnXCEZcIP6kXYxfYFP7kDEDg7DzX39G2YyjWBLip
+57x1+qQ10dWSVo0rl0Ep2leRhwhcWf1lzadqD0k=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://incommon-aa.protectnetwork.org/protectnetwork-idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.protectnetwork.org/protectnetwork-idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.protectnetwork.org/protectnetwork-idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">idp.protectnetwork.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 377, expires on Fri Jul 16 14:58:05 2010 GMT -->
+ <ds:X509Certificate>
+MIIFKTCCBBGgAwIBAgICAXkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNTE0NTgwNVoXDTEwMDcx
+NjE0NTgwNVowKTEnMCUGA1UEAxMeaW5jb21tb24tYWEucHJvdGVjdG5ldHdvcmsu
+b3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2Ymh3z58gH2IR7na6dVdj
+oJnuMoB1OreRl6Sv9OZTHQv5PMV30mZrlFMU4feiF4UINhBkgaBrLGXC0hDNNodI
+91hhY9gpiJZPjLlxvCT9zUCBAVvoKzJujev098kBgm8l44LLpFKRB+8DGeGV2n9Q
+o6qERUXLlQ8oR82ZgEqQJQIDAQABo4ICsDCCAqwwDgYDVR0PAQH/BAQDAgWgMAwG
+A1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1Ud
+DgQWBBQb9vrc/mK8Cux5u9KLvGjqjBywPjB+BgNVHSMEdzB1gBSTLchhGK1j45tl
+s53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9u
+IEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0
+aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAp
+BgNVHREEIjAggh5pbmNvbW1vbi1hYS5wcm90ZWN0bmV0d29yay5vcmcwDQYJKoZI
+hvcNAQEFBQADggEBAFQCRL5jJpjF7ygte2umrmumCMHXh2KTKmQveucj6Vbkyv6X
+hj/3ormC1RTgPTTaN7rfTCt5Yxa/JJ/La9BVLryNuMU4L6RdQREZKPLuVPq55ELg
+cC1Br9juDk7p57cSuoNxCYce2q9eu7lO/mNyutwcg6n0PCSQGOQYxfnL7gQczUdm
+CBsV96+ymXh6CF5uaKbc+elQAugKcmxkFvtH7fOG7zZYmlGbZ08V+vGoWWqVAN82
+0Aj/gT0dpO4eF03FBl/VkRWGpnXCEZcIP6kXYxfYFP7kDEDg7DzX39G2YyjWBLip
+57x1+qQ10dWSVo0rl0Ep2leRhwhcWf1lzadqD0k=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://incommon-aa.protectnetwork.org/protectnetwork-idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">9Star Research Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ProtectNetwork</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.protectnetwork.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Tech Support</GivenName>
+ <EmailAddress>incommon@protectnetwork.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Kaustav Ghoshal</GivenName>
+ <EmailAddress>kaustav@9starresearch.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Simon Lee</GivenName>
+ <EmailAddress>simon.lee@9starresearch.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Apple Computer, Inc. -->
+<EntityDescriptor entityID="urn:mace:incommon:apple.com">
+ <IDPSSODescriptor errorURL="http://discussions.apple.com/category.jspa?categoryID=211" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">apple.com</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 295, expires on Mon Apr 5 15:09:19 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAScwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwNDE1MDkxOVoXDTEwMDQw
+NTE1MDkxOVowGDEWMBQGA1UEAxMNcGJzLmFwcGxlLmNvbTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAsiN9v7BgwFjpwCTaX8RuTIySKU4W6/u2cXlQhrDDJxyh
+ijiq5k05UV9feE4vuQtX3ay2FZRfIo1JwcmhuL5Kq+DKKfDPrIxvdlOzCb34eo66
+H4IJ56ljPJComx/ursgB+7l29/69B3rlJJDCLAjjhiLcW7ty+VIPSk1rxaw8iRsC
+AwEAAaOCAqcwggKjMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUyNYlBFkqeZ8XdxPU
+WANUiutUPv8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJ
+CUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAYBgNVHREEETAP
+gg1wYnMuYXBwbGUuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCgYh/5mVYynrX+sdke
+iocb10d761/9gmiPYJRMJ+ggyuM4DLWFayQZ4MPmnadBqcZk3GT5BxGYZndTRDCq
+nfK+xEec8yLb0jxt4IkNIPUJpDa7OYUOBBVySV9tan4AtuvqVF12iBfTWK4+LeOU
+SNhRQgsImmoLc3dfaek9kkQy2Y3ziD1Eg1ZfGcg7Ak26OwNbsv3DjV0MI3iCdvN0
+w/IeK8r3VXIubB2ipQsJYswVk+rnzMO7VzUb36kGB998C0BPPqLaY/woavM/v5La
+w7rbBSSI+xrcsReVOZGS0SwLBBT/vm1iRDeEX0L8hlZEkL4LtrRwEs0GlaHaaHAS
+7Tv6
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://pbs.apple.com/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">apple.com</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 295, expires on Mon Apr 5 15:09:19 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAScwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQwNDE1MDkxOVoXDTEwMDQw
+NTE1MDkxOVowGDEWMBQGA1UEAxMNcGJzLmFwcGxlLmNvbTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAsiN9v7BgwFjpwCTaX8RuTIySKU4W6/u2cXlQhrDDJxyh
+ijiq5k05UV9feE4vuQtX3ay2FZRfIo1JwcmhuL5Kq+DKKfDPrIxvdlOzCb34eo66
+H4IJ56ljPJComx/ursgB+7l29/69B3rlJJDCLAjjhiLcW7ty+VIPSk1rxaw8iRsC
+AwEAAaOCAqcwggKjMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUyNYlBFkqeZ8XdxPU
+WANUiutUPv8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJ
+CUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAYBgNVHREEETAP
+gg1wYnMuYXBwbGUuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCgYh/5mVYynrX+sdke
+iocb10d761/9gmiPYJRMJ+ggyuM4DLWFayQZ4MPmnadBqcZk3GT5BxGYZndTRDCq
+nfK+xEec8yLb0jxt4IkNIPUJpDa7OYUOBBVySV9tan4AtuvqVF12iBfTWK4+LeOU
+SNhRQgsImmoLc3dfaek9kkQy2Y3ziD1Eg1ZfGcg7Ak26OwNbsv3DjV0MI3iCdvN0
+w/IeK8r3VXIubB2ipQsJYswVk+rnzMO7VzUb36kGB998C0BPPqLaY/woavM/v5La
+w7rbBSSI+xrcsReVOZGS0SwLBBT/vm1iRDeEX0L8hlZEkL4LtrRwEs0GlaHaaHAS
+7Tv6
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://pbs.apple.com/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Apple Computer, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Apple Computer, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.apple.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Yuemin Yu</GivenName>
+ <EmailAddress>itunesu-shib@group.apple.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://aquamarine.apple.com/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 247, expires on Thu Jan 14 20:38:59 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAPcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDExNDIwMzg1OVoXDTEwMDEx
+NDIwMzg1OVowHzEdMBsGA1UEAxMUYXF1YW1hcmluZS5hcHBsZS5jb20wgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAPAeluCampn3eVyCb34O7Ga0kWek95rM+1s1
+5LiisKuEB9l4oFNeiMXJzZHSX5AMch7ATbvKdInC+tPl4PM4GxcVS/16PvYQlu1w
+K2tsMAcAK8IPAYSXJ0nj8iQPx8mrxsEVpUFSYQUqcVTeFuY0e2FiTsjD5Z6MKaa9
+3wFc5kHhAgMBAAGjggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFKcbgfnW
+PxbllhcywqEmpXxzb232MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYD
+VR0RBBgwFoIUYXF1YW1hcmluZS5hcHBsZS5jb20wDQYJKoZIhvcNAQEFBQADggEB
+AFm5bwSbinhb2CXghMT79IFUDMsS9tagtvWgl22x2TY85T6k2QzZSCqwM3nPgw/x
+C2UTIow7/HVmKMaIIrd88ZJST22LnI6c6FKIFdsAwslS8SH2CN/yKmgIPenuhj2Y
+h6q+qvCafpp4SmhI1RZQyoyzPJ94X5JXjtvspBU1T1dhqcbkRkMtrDlVwjaFgAy3
+z0CAjMBv32kXO2Hytht70yJX0LHikO/IV7ahq5n0ICjweZSHC0Vo0I7Q7BokVQsO
+RRFfO5T6x3t1ytqOaL+wi9fK7AYe4GSLybsc0r/TVexuHRUes6ijY9AXf503WqvY
+9iFSsTg34geJoKlmL5GHYB8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 397, expires on Thu Aug 5 18:39:05 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAY0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgwNDE4MzkwNVoXDTEwMDgw
+NTE4MzkwNVowHzEdMBsGA1UEAxMUYXF1YW1hcmluZS5hcHBsZS5jb20wgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBALlUIn8pF7ba4HLFPSMdL5UCHuZzt+TdhTUe
+3Igqco/lRRrNTBFJ1+XY0lvsHRgYNK1fB0aktO0g4PK9oIzpjbOrcGN2DIlXIMIL
+YKGtPPTcMlCE+6GEMqVKReZ2EWgUDwyf4U32/MyLgu2tIgg9wzXY2VITtMEYdf9L
+KKx6ZqOjAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFOMx3v6E
+6TT0M9KSK09Cf9/WM11ZMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FGFxdWFtYXJpbmUuYXBwbGUuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCFQ24F2+kD
+RJtRTv5P/iyJFUlHjUUBixdmEYKnYKz/qaTdjXFwOQWuuUrecHsWkAIF07ATsGzh
+XXzBXHYUgtKpFjNU5WPUjjGy9/1tgvUjtuAloyOBaxYQw4fsVuU3HHvDN+Rl7a9z
+qrMwhT07bNWQXsbRwfQfOu4JVXq2/FjyqEjdYr8Sb9QmfpmpndQuSSJZurGARO+H
+GuwQD5kwpbEq2EfaR+eBKSs4ngkkd+EweYWQx/KiaoWyLhPCnpySIcZhnZTP8nMa
+La22y/IT5qD2gYrK1rvfiycqbRAE4IyJD6iYIfVTnv/upzOJHrH7+Ybrk6SFGuze
+2pmDYqPDqa8+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aquamarine.apple.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://aquamarine.apple.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Apple Computer, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Apple Computer, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.apple.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Yuemin Yu</GivenName>
+ <EmailAddress>itunesu-shib@group.apple.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://deimos.apple.com/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 201, expires on Fri Aug 15 13:35:11 2008 GMT -->
+ <ds:X509Certificate>
+MIIFMjCCBBqgAwIBAgICAMkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDgxNjEzMzUxMVoXDTA4MDgx
+NTEzMzUxMVowODELMAkGA1UEBhMCVVMxDjAMBgNVBAoTBUFwcGxlMRkwFwYDVQQD
+ExBkZWltb3MuYXBwbGUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCu
+lSa4gMZnGjVoZRqks6rUicoQrdsmJz4XwGsCUmEXbIFRDWF7RWCVHY5vtX2yWuND
+vgfNkLcQjDbQVWKBBUhyxlv2R5vRZq0BAnaZP54Bv1IsAVf7947DR+LLNE4PG8xT
+noALyIHfyetrKpBQJZeIDvrbUQBT1DrErLbURMBQlwIDAQABo4ICqjCCAqYwDgYD
+VR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEG
+CCsGAQUFBwMCMB0GA1UdDgQWBBT+oc6ztht5KHZDKq3KG4crL7NZsjB+BgNVHSME
+dzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAa
+BgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENl
+cnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYI
+KwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVS
+STpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMBsGA1UdEQQUMBKCEGRlaW1vcy5hcHBsZS5j
+b20wDQYJKoZIhvcNAQEFBQADggEBADwaWshSoan8QcAiHuaCGfK5BY44z9BW003S
+GNMS+XHxmu1woMDwCw7uXXyaM39QlVDVDLSILERoaXcKky/6P4cs6E7X23PvDHM2
+HHR5hm+iDQNQgtA2Fx+EP4Oqm3Mub3rmqC2j7Ei8qDT3NEXfS97i3ZmElAws48cx
+6BWLUD118SyO2NxCtIY+gR0Tnf930QHIdabdcj9o+CNWaVMBzYHtDG30l+y2mcko
+bvKXHg7Xx1PM3KXkKIn4ZUKnz7/v1HNHNeE9n+//Mb8etUxcePiBwj46A9+6PAUp
+9wMNcdY6kssR6ZPPyiiq8jGwm0qBgTtjGVYuMrKpCRgy5LZdP0k=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 398, expires on Thu Aug 5 18:40:42 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAY4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgwNDE4NDA0MloXDTEwMDgw
+NTE4NDA0MlowGzEZMBcGA1UEAxMQZGVpbW9zLmFwcGxlLmNvbTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA7oxJrzZBRpo74TG0IQvnloS+qRpQIW2mCJDjIl2B
+el2GLjBZdjNvcTH66T5U+LRGWBuzgSxpT6DSEb9HUkJTfFJVGeSTCxizhT8nxbJC
+mpPQVeZ9+kiaJzHQFEmLz1nYXT8yIuawFrJsERvAZFuTVKKtFlUhT3PWzJOZQa0e
+ZN0CAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUIcoR2Cu35Xfs
+8XQ6ks7gDd5+MAIwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQZGVp
+bW9zLmFwcGxlLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEArUfaqE4KRt/0dWlE2FM0
+JXR6XsxqiI/fbZWcZBnc/7Gay0+RhXz99YSwGr6JgEP7kgEOXlbWIKNYhOoGzpc0
+YTDsGDU1RdUxgbq2W1HiQxIDH8joSd1zeeYTzcj/oYgDpSWOKdUcZge7ramnqDZC
+tkL7ggnwjNpIShBnErfYOfdWw6ekJqWPnMy37b3XcsI7Cykzpzn0ivE4i6dRVTaX
+pXBwj2REdPX6eSO14UVzAebBLgJs61lHBFAGRmoQHBxYgN0JtRUgK8ZI2d98z38r
+v3KLnSOjP1HZxQgVwcKoZdlXvFBgJ2tKuBtL9iBhvkyXYWAaQ49iFzLMv5oq2Y2i
+7A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://deimos.apple.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://deimos.apple.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Apple Computer, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Apple Computer, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.apple.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Yuemin Yu</GivenName>
+ <EmailAddress>itunesu-shib@group.apple.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://indigo01.apple.com/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 203, expires on Fri Aug 15 13:35:22 2008 GMT -->
+ <ds:X509Certificate>
+MIIFNjCCBB6gAwIBAgICAMswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDgxNjEzMzUyMloXDTA4MDgx
+NTEzMzUyMlowOjELMAkGA1UEBhMCVVMxDjAMBgNVBAoTBUFwcGxlMRswGQYDVQQD
+ExJpbmRpZ28wMS5hcHBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+AMJfscvoDN1vzSZ7rFuJfGuq/Demep+mPocj9TPlLiV+ciZETwmoq0CYsUWpJk/0
+RLFKYkSRJ3FuWYvOY7S8HLDu8XVdaNHIAvaGomBHi/KpHRPda9FI312i9+cgaoQd
+b4mXRq1lTeuX4ySYu6ZD37/Kp5KQBmX0JbE3rTIWqqwnAgMBAAGjggKsMIICqDAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFDHNMAoOyEca9Ia4YBV2PoAG42rVMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGn
+BggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0g
+VVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHQYDVR0RBBYwFIISaW5kaWdvMDEuYXBw
+bGUuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCFNwH/pPsUw8ES9j/IpzNiefDpmAqr
+f/CyAbiO2ejcO7wQW2q95q9xmESNp0QjAuljNZ03w0lna2elgf6IFyWMf0LgT3ZE
+YyJWhuVAeoI/UlcDMvfwRhvlouNE/kZlvq6AznI/ljuJv9pXCu5rURwr1evrrORj
+Ce5VkYy3OJpxrxzdUODXXGFscTQ2+5mHaQQWIpxFEahk/lyM2TzGCGtSGD1+cIm8
+9Z47Si9HgtVzLkzkacfWuOLykWIZZVzdiBVfTKqT7JCHFRxd1piUqcHcJP1AbohW
+5zLK5nF8GTA8+wg+wpIxAVttORCHYR2sCs3iZOWS0M7xsRpTAtGs8v/E
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 399, expires on Thu Aug 5 18:40:48 2010 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAY8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgwNDE4NDA0OFoXDTEwMDgw
+NTE4NDA0OFowHTEbMBkGA1UEAxMSaW5kaWdvMDEuYXBwbGUuY29tMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDNIcS3LXh0dh6OhjQh9cmO4CPcTwhQ+gD0VrsI
+uMrDye0xwc83gSAa/nUPvhJGCNzlxHoXgizfTYp2IOI4l/YUAldTSAvwV+hiafyn
+VGdPsn/AicdV2d+2/Xn8yq38uo5XQAx53sIIiWsfvZmZQheGig6HOxIHYyXgRLmU
+dagjdwIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS09NZ/HVsP
+JO1He+ztV6nbJY3evDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJp
+bmRpZ28wMS5hcHBsZS5jb20wDQYJKoZIhvcNAQEFBQADggEBADzZkLR1hVHvfobQ
+K+8EjUoUfkvPB6fvcppxioV6e5E0fh3Lh3LCfIVhpK75xGsswPtZGhwFCjkpqyif
+2meOtfBiUaPEP9B3ur7HJ+OyfJkOIc7BBlBjLHzdotkn7xIX4SfsMWWRukq1aife
+bvEBpg8k7R2tjn/t2OZyyqcIxW7TmXba/x+1uScCdTf5M4FFMaJMgP3tc66JXqV4
+DrixcfSMPo2A831o3RpGA8Ovcqs8foYhxYdQrk5De2wr71gA/mZdOymoCYZFFxAk
+WGTwIjIdbIp1Vh3gNxkDvDbwWJFWgNXHFBxAgU+wHDbXF6IR/Rsc+HsKpjGKxetJ
+l9cwoQA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://indigo01.apple.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://indigo01.apple.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Apple Computer, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Apple Computer, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.apple.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Yuemin Yu</GivenName>
+ <EmailAddress>itunesu-shib@group.apple.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Students Only Inc. -->
+<EntityDescriptor entityID="https://shib.studentsonly.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 290, expires on Mon Mar 29 20:22:31 2010 GMT -->
+ <ds:X509Certificate>
+MIIFozCCBIugAwIBAgICASIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMyODIwMjIzMVoXDTEwMDMy
+OTIwMjIzMVowIDEeMBwGA1UEAxMVc2hpYi5zdHVkZW50c29ubHkuY29tMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9M8bA2E+JURcPRpPAUQcSCtWC/jE
+X7sHEnGpIVJ2qKeO5H2VDfuQvY4TGNSi+1pSgmzSjl49hH69YjXzMszL4aVrYnsj
+9oxybXercaGnNX6/IGjS8dlr6zN0XrJKYPwlxQ3XBR1vmXP36HhhVPAr5zjMdCaC
+keIqRAqxvJtPaAr2Ufi6xau+PHH3N5qiT7RMfFmWpAukT67kGQRPS4U0inUH5Mvr
+9GvVdFXi15cZyVmM2FygeI0dFinFDfZOEHokS9uLS7OwRAU2ITiJvo7JNs0Nd93i
+slnnIpW6oGwg5pXWsHF6x5WdMxnz7Y31ABHWGSB2PcS0+PSZB5onAo9tnwIDAQAB
+o4ICrzCCAqswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSqkGunhBSe3fItezny+Orm
+pulCtTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcB
+AQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0Eg
+SXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCAGA1UdEQQZMBeCFXNo
+aWIuc3R1ZGVudHNvbmx5LmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAI9MckIesS2/a
+H/cwcnLBZAmOdLdaMh5048PtisBxXuQw2R+gfnHJfUGZOKw8xisMhIuVy5VJWsmC
+4Ox6GzYQMzSb1Ihce7PldIADAJ22qZ7pokL9v+lxk+hEt5qwXH7CZGlkEfEgHsmq
+cx9kYEeNXqDrbwt3BYyOncy2sISY3bVbyZAknmKIPUaZjJKgPqlSln8kIWQ9lJ0H
+Elya5/6jZIt89yoacaMKxGptp13EKWATHaWJQ3o9U+KgSXq7K22jGs/9sShv0SBf
+oZ1kOme78YmtJwxvxSc3Do43GEWEfrOJhcdVrOHHvci1QK0wuKsDaVLjoKx3m/LA
+3TLSxm0lmg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.studentsonly.com:9443/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shib.studentsonly.com:9443/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Students Only Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Students Only Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://studentsonly.com/web/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Incommon Admin</GivenName>
+ <EmailAddress>Incommon.Admin@studentsonly.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Incommon Admin</GivenName>
+ <EmailAddress>Incommon.Admin@studentsonly.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Incommon Admin</GivenName>
+ <EmailAddress>Incommon.Admin@studentsonly.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Columbia University -->
+<EntityDescriptor entityID="urn:mace:incommon:columbia.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">columbia.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 471, expires on Sun Dec 5 20:08:56 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAdcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIwNDIwMDg1NloXDTEwMTIw
+NTIwMDg1NlowIjEgMB4GA1UEAxMXc2hpYmJvbGV0aC5jb2x1bWJpYS5lZHUwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6CDgdxIKO5czgY43NYwy3wJhf
+DqZZKWZ0u9nHkuonZbB6n6MY3ys9TJP3FIr23l82m6thrPK0YCtoUFW9PVmQ2zX9
+6T2MQ2y30P/a9d62hJIhcjZ4FTEkNJsN+XMfFYW7VYUIK41vj2fd0GGmZtbJKjvV
+9l8SU6PVKh7gr7lDbEbuRMNlfUTdlWx9KkDeyYQ5fXvMJuIEiZtHY91cgreeVce8
+ZDPahqjWGcqbtxm5OywaaXnPIOovyJjHNTOFan0ZYNBf8xypCd/rWdu3gHELCBrT
+Zp1jeYZQa4c4YYyCUyUQzqbl4GDudZYlJimHMkbRJZRkz5i6OZ7mB+vI3cwVAgMB
+AAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFG3D3H4vNbf3KaFDl45z
+zwK2bLKwMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQbMBmCF3NoaWJib2xl
+dGguY29sdW1iaWEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAYwZiO5sVJpxE2T5TD
+J8eMY1vtaf3vjQQHfthy1J6FN1L4NC1ifGuH1n+RnSoP2QkOFOKi5YY+nFl/dZaA
+4lwZk/azjmb1IsX1iYJIwRbz2ovGNidc8agWC5WVFoVjgC1DSt/lF9qkqsxwfr7K
++r+rWorHcWZ/GNKo/u9AUnoARt7eWzax1zffW5GI5AZ7tfC6yZkMKqnrtFWlxmOy
+GcH+l8/Io2KIp4MKCZKLUK2rerwtHjORHSwQMh5IH00KoPxC7kZn8wcvwxsIW0YD
+bRV9TrbQ6U4LaVddyijduVNbmveX2UtlxSga4YMPXVAHuROveNunureeR9LYr602
+YVcA
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.columbia.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.columbia.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">columbia.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 471, expires on Sun Dec 5 20:08:56 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAdcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIwNDIwMDg1NloXDTEwMTIw
+NTIwMDg1NlowIjEgMB4GA1UEAxMXc2hpYmJvbGV0aC5jb2x1bWJpYS5lZHUwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6CDgdxIKO5czgY43NYwy3wJhf
+DqZZKWZ0u9nHkuonZbB6n6MY3ys9TJP3FIr23l82m6thrPK0YCtoUFW9PVmQ2zX9
+6T2MQ2y30P/a9d62hJIhcjZ4FTEkNJsN+XMfFYW7VYUIK41vj2fd0GGmZtbJKjvV
+9l8SU6PVKh7gr7lDbEbuRMNlfUTdlWx9KkDeyYQ5fXvMJuIEiZtHY91cgreeVce8
+ZDPahqjWGcqbtxm5OywaaXnPIOovyJjHNTOFan0ZYNBf8xypCd/rWdu3gHELCBrT
+Zp1jeYZQa4c4YYyCUyUQzqbl4GDudZYlJimHMkbRJZRkz5i6OZ7mB+vI3cwVAgMB
+AAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFG3D3H4vNbf3KaFDl45z
+zwK2bLKwMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQbMBmCF3NoaWJib2xl
+dGguY29sdW1iaWEuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAYwZiO5sVJpxE2T5TD
+J8eMY1vtaf3vjQQHfthy1J6FN1L4NC1ifGuH1n+RnSoP2QkOFOKi5YY+nFl/dZaA
+4lwZk/azjmb1IsX1iYJIwRbz2ovGNidc8agWC5WVFoVjgC1DSt/lF9qkqsxwfr7K
++r+rWorHcWZ/GNKo/u9AUnoARt7eWzax1zffW5GI5AZ7tfC6yZkMKqnrtFWlxmOy
+GcH+l8/Io2KIp4MKCZKLUK2rerwtHjORHSwQMh5IH00KoPxC7kZn8wcvwxsIW0YD
+bRV9TrbQ6U4LaVddyijduVNbmveX2UtlxSga4YMPXVAHuROveNunureeR9LYr602
+YVcA
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.columbia.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Columbia University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Columbia University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.columbia.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Andrew Johnston</GivenName>
+ <EmailAddress>andrew@columbia.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Rama Balasubramanian</GivenName>
+ <EmailAddress>rb2684@columbia.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Office of the Chancellor -->
+<EntityDescriptor entityID="https://idp-co.calstate.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">co.calstate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 511, expires on Thu Apr 7 18:28:26 2011 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAf8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQwNjE4MjgyNloXDTExMDQw
+NzE4MjgyNlowHjEcMBoGA1UEAxMTaWRwLWNvLmNhbHN0YXRlLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAuy+fwv7OtWGroXO9H0swiurieqE0XD03vUC9
+f3GigYm52pY47Ho/w55GJ7M0YnQz1k4aFLh73vW4XHsj61fI7+kb82437Ks7zAx/
+M/FlnGkD2QYMuPMgYNt2ADYNFTV4gJdPAewWf8P5IktEQyJxK7g71vS1T7dxsyXW
+r931qdkCAwEAAaOCAqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUq1I8he6L
+bvui+QT7JeHKXGjbsdAwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYIT
+aWRwLWNvLmNhbHN0YXRlLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAUlkeW7xwrJrU
+Iq+A/LUUYfZvH+sxquwOM1mhUq+v3ocFt5CzAzwzPu4AOsLqL7fQV3ZmVANKgi7f
+ueOWjTQl29CcXCdYVVmd6FEhtaKpyCdFpZ9MfVo41JGtUuMnDMtUvWGYpPC2Qj1g
+VISnhkaLdDW+/MsA4D2maduqAig5vR7Y3pLyl/gA2StPZBN4oVunoqfymxFbn2kg
+2SMtFnYfj3Ub/+JxXW9zz0FHfYnSs7WqfdgtgTQjTa4fkXA/4RmsVARgVmp6AGQk
+n5LKSiSQRXmgDh6zsIXH6xx6LaZxsDwUE/tE3HFXwp3aGlzLj93Jhj2bfHSMEML/
+kWa26sfvbw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp-co.calstate.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-co.calstate.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp-co.calstate.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-co.calstate.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp-co.calstate.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-co.calstate.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">co.calstate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 511, expires on Thu Apr 7 18:28:26 2011 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAf8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQwNjE4MjgyNloXDTExMDQw
+NzE4MjgyNlowHjEcMBoGA1UEAxMTaWRwLWNvLmNhbHN0YXRlLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEAuy+fwv7OtWGroXO9H0swiurieqE0XD03vUC9
+f3GigYm52pY47Ho/w55GJ7M0YnQz1k4aFLh73vW4XHsj61fI7+kb82437Ks7zAx/
+M/FlnGkD2QYMuPMgYNt2ADYNFTV4gJdPAewWf8P5IktEQyJxK7g71vS1T7dxsyXW
+r931qdkCAwEAAaOCAqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUq1I8he6L
+bvui+QT7JeHKXGjbsdAwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYIT
+aWRwLWNvLmNhbHN0YXRlLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAUlkeW7xwrJrU
+Iq+A/LUUYfZvH+sxquwOM1mhUq+v3ocFt5CzAzwzPu4AOsLqL7fQV3ZmVANKgi7f
+ueOWjTQl29CcXCdYVVmd6FEhtaKpyCdFpZ9MfVo41JGtUuMnDMtUvWGYpPC2Qj1g
+VISnhkaLdDW+/MsA4D2maduqAig5vR7Y3pLyl/gA2StPZBN4oVunoqfymxFbn2kg
+2SMtFnYfj3Ub/+JxXW9zz0FHfYnSs7WqfdgtgTQjTa4fkXA/4RmsVARgVmp6AGQk
+n5LKSiSQRXmgDh6zsIXH6xx6LaZxsDwUE/tE3HFXwp3aGlzLj93Jhj2bfHSMEML/
+kWa26sfvbw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp-co.calstate.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-co.calstate.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Office of the Chancellor</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Office of the Chancellor</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.calstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Marcus Mizushima</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Gabriel Sroka</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://iam.calstate.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://iam.calstate.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 659, expires on Sat Oct 1 17:51:48 2011 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICApMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkzMDE3NTE0OFoXDTExMTAw
+MTE3NTE0OFowGzEZMBcGA1UEAwwQaWFtLmNhbHN0YXRlLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA3xvUjx9s/Hdd0JejlXzyyr31b7VlXD6ViiVyhM8b
+FVXSwHdLIc+bUrIyo/CfqdMWMOV3+1feL0dHTux+mFen7I7h7Ma+aS0l4jHkB+tX
+oUcfZ6h7p3635DS7MnlQ8tfqzy1xjzUvQJ595/P6A2SlXSDzvTJ/fo9FHowDC2pQ
+r2UCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUzl1dtrwBs8J6
+TM3OjQEj9RxaTwAwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQaWFt
+LmNhbHN0YXRlLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAaLhFhW/BmZui4cH/PFXO
+JefpRRPAHoWonYU4senSLyf1soPLh/61Syc5y9WRt6ZPiZ7ZVUZpz4xKInvtl+j/
+F0Z1bBWmRP0n7xSBhVBEdxQRN+hBrMAtS5m7kH+2qwWKHqg26rQ+fvG0ZmYWYLOC
+OP7ERoVR7mDeT0rhbStY5GaPbL7uWPYG/CJlOC0DHcjyzP3qfD4h6hZEd6o4qPFB
+zx7Q4dCXeQb1jW7nrJMb0UhZ7i6e4MO6G/KGYR7xKum7DbEUeNjANUu/lE0xlHfz
+siM39L6nPQBGaD5J1FzM7VXW1cBpVvhplgw/qDWQWC9trwbSqxsYKmlMzQ6yLEGk
+Xg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://iam.calstate.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://iam.calstate.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://iam.calstate.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://iam.calstate.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Office of the Chancellor</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Office of the Chancellor</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.calstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Marcus Mizushima</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Gabriel Sroka</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://moss-stage.test.calstate.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ptsc.test.calstate.edu/Login/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 10758295474946205649, expires on Sun Nov 17 17:19:08 2019 GMT -->
+ <ds:X509Certificate>
+MIIDBjCCAe6gAwIBAgIJAJVNJLwM3GfRMA0GCSqGSIb3DQEBBQUAMCAxHjAcBgNV
+BAMTFW1vc3Mtd2ViMS1zdGFnZS5jc3VjbzAeFw0wOTExMTkxNzE5MDhaFw0xOTEx
+MTcxNzE5MDhaMCAxHjAcBgNVBAMTFW1vc3Mtd2ViMS1zdGFnZS5jc3VjbzCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJh6mzxIlzpYS1kNUvKa2pHT7TMJ
+J89nUB7I1NBc+9KjPa0T/yoBu87oDl+Ma6+MqxdUldivFdc+JueTZQnBMOmuA5Rm
+cgxoG2MZ511JPeJfy4NRESKlg23S6/l/8B5i4OwdaOXB0MJli/q0U+uSUGrC8+1p
+Y7HFVp5baiKLVWwSpT7tAQ8u6KspPVblqF/z/UacA/PugEO+Ldx3e/C5iUNanWp8
+fqyZNeRdVnR5okP662XU3XkA+/a19c95R0VzBkzmNIo0/Xx7nIEoGZ9gFO5Xtym2
+reF3yAWdKW54CaND7rwGZ31JVjzvACI9ZIb7zqFa4x6PkuW1ughkkfUZgVcCAwEA
+AaNDMEEwIAYDVR0RBBkwF4IVbW9zcy13ZWIxLXN0YWdlLmNzdWNvMB0GA1UdDgQW
+BBSQgvGWAm3YTsZJxF1cehkdXecJeTANBgkqhkiG9w0BAQUFAAOCAQEAQHIqDmCX
+TKmZG+HtFn1DbcyKcCj8YNuRUnlO08oCWqm9ts7Sq/hmAFGzXy6gM2PdJ8rXhqrI
+yBNdtZeO9bSAU1ljRNV9kbDVk6D/gtGF2bjiDBaNovJddaUWQ7F1h+NNSh2DD2jy
+hVnmcBmrDeLKhxzlSp/hNqXUPz2XGhnibi3Hr8MSF48xN272nItLkPPKV03WTqtY
+ThiJ5oG/7V3PqnLyAfR9ZVkbPJtOBL1Tk8yH7N6Yi5fe0Lg7pwqC5yN3KlNWAoSu
+2Z5wbeIRuwYjkLAwRmAkpG4aiaYv2eDpkJtC+UImx/ULZxKJr/WXpvpJk8hksrwB
+W0xLHIb+9Fo5Xw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ptsc.test.calstate.edu/Login/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ptsc.test.calstate.edu/Login/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ptsc.test.calstate.edu/Login/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ptsc.test.calstate.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Office of the Chancellor</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Office of the Chancellor</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.calstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Marcus Mizushima</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Gabriel Sroka</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://portal.stage.calstate.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://portal.stage.calstate.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12377563762942876861, expires on Thu Nov 21 23:12:43 2019 GMT -->
+ <ds:X509Certificate>
+MIIDADCCAeigAwIBAgIJAKvF8KnK9Ry9MA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2Nvd2V3dndzd2ViMDIuY3N1Y28wHhcNMDkxMTIzMjMxMjQzWhcNMTkxMTIx
+MjMxMjQzWjAeMRwwGgYDVQQDExNjb3dld3Z3c3dlYjAyLmNzdWNvMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqov7mp82T5Kzn4f7/59uDftwpWQl40DD
+SrwOCylUnvCQOBB7gg6RwLrcGT9hPnpBBlDvO83e0Wvmr1+ooDdNTYhUsSCPjKQ2
+9eCq2d7ZjaYQBA9BKzNAFrtYuceTyKMlOrzc7CYv6dHjUFEUelBQUpxicXmObgUk
+bQjir0Wepqs/OJxgIh+T5rRuXS8+wPj1pFTjrcVKcgQxzQu9UNkpUmzuTw4hJB+R
+eqiBEBgOYpIry/a10j8WTIkDY8nZjyamAOFMm2T+FE4yvldRiJIGxpXVdTP0aokK
+NWtpFKv/NRO2Iy6E5xl2b74YJuX2/HXVnuxDqWJDU48cLF8iyigs2wIDAQABo0Ew
+PzAeBgNVHREEFzAVghNjb3dld3Z3c3dlYjAyLmNzdWNvMB0GA1UdDgQWBBTAJd2B
+sPGXaMbAfH/L+MhocbiHbTANBgkqhkiG9w0BAQUFAAOCAQEAFBcrDb2pjnbuVAND
+c6ybEcvAkzHTSlDV9fsReKPKHsc19ZXcQmvUKkrns4qmzHQJxprgysLlh1Pgp5RV
+/c9O5JA+kRX3RS1rmBkXaqD19RH2+Zc7DfYMCqqmGCD/rjSXHyq0CnzXnH4g9GAZ
+TRlro1Shf3xcUb4u656UOMHgdgvYpK7G5f1FBk8J68Fn51ZzSMubn9csjxLNpaan
+gXXcNKwD22Rn2QgfTqbQFpbcNoFc0Pho7RBGSEOONjwifBy4pLymalMc7LtdCo9A
+CJZ+DNhz3cSytDrLoweyQ9DNPaj/nJRibrx7+BSLgKWUcN/s3DikDqewi7WTsvR6
+F5g9UA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://portal.stage.calstate.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://portal.stage.calstate.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://portal.stage.calstate.edu/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://portal.stage.calstate.edu/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Office of the Chancellor</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Office of the Chancellor</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.calstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Marcus Mizushima</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Gabriel Sroka</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://vcl.calstate.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://vcl.calstate.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 13847729161143137617, expires on Mon Feb 18 16:40:05 2013 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgIJAMAtBE27wTVRMA0GCSqGSIb3DQEBBQUAMIG5MQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxvbmcgQmVhY2gxJDAiBgNV
+BAoTG0NhbGlmb3JuaWEgU3RhdGUgVW5pdmVyc2l0eTEhMB8GA1UECxMYT2ZmaWNl
+IG9mIHRoZSBDaGFuY2VsbG9yMRkwFwYDVQQDExB2Y2wuY2Fsc3RhdGUuZWR1MSQw
+IgYJKoZIhvcNAQkBFhVpYW1hZG1pbkBjYWxzdGF0ZS5lZHUwHhcNMTAwMjE5MTY0
+MDA1WhcNMTMwMjE4MTY0MDA1WjCBuTELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNB
+MRMwEQYDVQQHEwpMb25nIEJlYWNoMSQwIgYDVQQKExtDYWxpZm9ybmlhIFN0YXRl
+IFVuaXZlcnNpdHkxITAfBgNVBAsTGE9mZmljZSBvZiB0aGUgQ2hhbmNlbGxvcjEZ
+MBcGA1UEAxMQdmNsLmNhbHN0YXRlLmVkdTEkMCIGCSqGSIb3DQEJARYVaWFtYWRt
+aW5AY2Fsc3RhdGUuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+n1Svr7Bhg/lRjWg7W5FSLZdZuxpXsbvGilc41OusxLtZPueRI4ZpxL9yjnYYzcM5
+RBG5FY4mVbTDFAydqifKDesnPKjf6SkhZ8EGRZ9sPKNzvI+u0rzGic4NPaWszs6l
+VYEXwXARdlPi2Yh1gymZ+dOZ2/8qxWQOeJK/66LfEh1xlQ8qWXmRWOEkgZNESRgN
+0vjoPfUtS8/4Z+qfWmvfgCxH0AfQf/RvoO60iuTrnpndm7D0ozMSsizxOePcAjh7
+0LQ0vmGJpvx5M2+jYVQfopf3KqO2/wd4Nm3jHn/bNevST2lNZpHJEWACewwr7a6o
+M3SFEHuHwE7ahnND8lYEBQIDAQABo4IBIjCCAR4wHQYDVR0OBBYEFCXs0iGTsWs4
+REH3CuvW8AhiIiETMIHuBgNVHSMEgeYwgeOAFCXs0iGTsWs4REH3CuvW8AhiIiET
+oYG/pIG8MIG5MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEzARBgNVBAcTCkxv
+bmcgQmVhY2gxJDAiBgNVBAoTG0NhbGlmb3JuaWEgU3RhdGUgVW5pdmVyc2l0eTEh
+MB8GA1UECxMYT2ZmaWNlIG9mIHRoZSBDaGFuY2VsbG9yMRkwFwYDVQQDExB2Y2wu
+Y2Fsc3RhdGUuZWR1MSQwIgYJKoZIhvcNAQkBFhVpYW1hZG1pbkBjYWxzdGF0ZS5l
+ZHWCCQDALQRNu8E1UTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAB
+YtoZQAoo4cg/8yyjbio8jDjUIohq25WspzVKmFNX7rJmBvYC98UGzeJKw/gInO64
+Xv7A13bbzGBRHwMxN9KVjMw6/r3iCu8iI4pjby1aehRaXHBQANdWvzhEBc3R0XRY
+f1pTLJCKCN3dU4VJAnw4G1HfCoEaj3yR3401UoChAmQM1vfieyjASPOjOcegZn0p
+S3fFQdQXfbvTCaqSfKdQKF8ggemcRoxIAH0ZR90RPTg/xZyvKPOKb8mbVW9SkhfV
+xLpRip8ia6eB41EYgvA74wZG/utGW2m1y/sLf0OGiy+tPkJNrq1LxfPkkySLAdRn
+8NmnlD0g/wfwl7CJLhOy
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vcl.calstate.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://vcl.calstate.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://vcl.calstate.edu/Shibboleth.sso/SAML2/ECP" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vcl.calstate.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Office of the Chancellor</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Office of the Chancellor</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.calstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Marcus Mizushima</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Gabriel Sroka</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://xerxes.calstate.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://xerxes.calstate.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 13043166865200173788, expires on Thu Dec 19 16:14:18 2019 GMT -->
+ <ds:X509Certificate>
+MIIC5TCCAc2gAwIBAgIJALUCoyiCZtLcMA0GCSqGSIb3DQEBBQUAMBUxEzARBgNV
+BAMTCmNvd2V3eGVzMDEwHhcNMDkxMjIxMTYxNDE4WhcNMTkxMjE5MTYxNDE4WjAV
+MRMwEQYDVQQDEwpjb3dld3hlczAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAqwUGOnQ0lSUABWetC3JDXX/m9cwqomB4ZYWMCHL3R3CNnYkZZUXz5WR1
+5/hfR5mN+uEEpGNhw+4c6wsH5XwoNjamUzWcAPfLTvoGjIpiWc6+xsMThQ0aF8rw
+qjsLauKLEfXRM5z69Zkp4GekDYlcA3n523wUPyOpjr0xPR97Js869rSQVtDgRFZh
+4ZFBYYioqfFTBKI7MeB7qAjbcvOZwQ3+euWC2pRVxrFuaJbsTuKZl4ofXtx8h5ns
+VDH46KYzLXYVsZiSeNUJrwAr+IqyIhdC7iy/BPPgiU0gC0XsuqM2bHc5WNKDGYWM
+YU/zNSuJNR4/I2pVH6kZEelbFfLf7wIDAQABozgwNjAVBgNVHREEDjAMggpjb3dl
+d3hlczAxMB0GA1UdDgQWBBQGVeMJjX3fYAPmmbCX/k08u2OuczANBgkqhkiG9w0B
+AQUFAAOCAQEAd7iRjBb+WgL/quVQ8NXE/hDpNVLupihsvcl9lDwrlnB604+W8T4u
+7Kz4wDVK4KXWX6rIjvpweFhXYdksqhhnejuiG+vnxmtCZ5vrzZ5EeBsqNo4nX3Fz
+SVU+KGSYBOdlAnV6CcAQBbFABVyJtdFUNPopX1gRWehFsGJmLzHqrp5WLQzqjjDF
+fBXnobzEPfpzI/TqFDR49Z31nDovLWtN13vOLhLdWg+krTpeq38tB+RuNsq3SlQi
+LHQsaukyQGqFha3EDN0AHc8R4QfJ3doitN4DLAgI8IFcQKvkIDFBVMmS02v58JFK
+5AX5HRLbOCTI3UMvrGzzpTqYGgNOdgz+Ng==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://xerxes.calstate.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://xerxes.calstate.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://xerxes.calstate.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://xerxes.calstate.edu/Shibboleth.sso/SAML2/ECP" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Office of the Chancellor</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Office of the Chancellor</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.calstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Marcus Mizushima</GivenName>
+ <EmailAddress>iamadmin@calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Walker</GivenName>
+ <EmailAddress>dwalker@calstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- James Madison University -->
+<EntityDescriptor entityID="urn:mace:incommon:jmu.edu">
+ <IDPSSODescriptor errorURL="https://itfederation.jmu.edu/shiberror.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">jmu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 228, expires on Wed Nov 19 21:08:22 2008 GMT -->
+ <ds:X509Certificate>
+MIIFTTCCBDWgAwIBAgICAOQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTEyMDIxMDgyMloXDTA4MTEx
+OTIxMDgyMlowTzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGEphbWVzIE1hZGlzb24g
+VW5pdmVyc2l0eTEdMBsGA1UEAxMUaXRmZWRlcmF0aW9uLmptdS5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAMDAPXs3VDRTLbeGLGZFwLTfj+0tbKk7QzGq
+QXoOXtwWeY3PBCiCA0oz3b0CN+Y0A2xZiXJ4DQ9OjMIU5FNEjNftIJK/9M3a0Oeq
+mfEP5yvxzd1xYWdDbkihblyAErTvd9/42rtcXh8iGQsj+jwJQsPFOCDwYLlUyLlH
+HtzUSV+lAgMBAAGjggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFCkSLM9D
+M05+yWXuOPO7BCozEKoJMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYD
+VR0RBBgwFoIUaXRmZWRlcmF0aW9uLmptdS5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AFHZ4yBTXdS0a570ZGv6MKKobiwtKfSf7s2hoqpWNETtm37cyscMb1VPehPOssWb
+fVzKY4JDTZEmr6BF9SC2U9kZhafsQkmuTgTjm9mtDRsVaG0qw2RqiBR+Tf2KbduL
+UrQN9d8wwoeFxZBFZXMqcbp/NyTvKI4gr39XjOdaPurKtNGqFpD8O6elCcxTB7zP
+65dcdQWavdx/QlbwbRyDlFmqeaBGT0ApZ1h27X4/fk6zc7GrbTiyGnzKjg9wiRne
+2dTF1gIz9ejZL8+1sx0orXhJpQwD7+GUXYMIZisCEpYnWs6SGdfIxfFNpjvWDSft
+YxZKxFxlOwz8KlWbQLyZC6Q=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://itfederation.jmu.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">jmu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 228, expires on Wed Nov 19 21:08:22 2008 GMT -->
+ <ds:X509Certificate>
+MIIFTTCCBDWgAwIBAgICAOQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTEyMDIxMDgyMloXDTA4MTEx
+OTIxMDgyMlowTzELMAkGA1UEBhMCVVMxITAfBgNVBAoTGEphbWVzIE1hZGlzb24g
+VW5pdmVyc2l0eTEdMBsGA1UEAxMUaXRmZWRlcmF0aW9uLmptdS5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAMDAPXs3VDRTLbeGLGZFwLTfj+0tbKk7QzGq
+QXoOXtwWeY3PBCiCA0oz3b0CN+Y0A2xZiXJ4DQ9OjMIU5FNEjNftIJK/9M3a0Oeq
+mfEP5yvxzd1xYWdDbkihblyAErTvd9/42rtcXh8iGQsj+jwJQsPFOCDwYLlUyLlH
+HtzUSV+lAgMBAAGjggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFCkSLM9D
+M05+yWXuOPO7BCozEKoJMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYD
+VR0RBBgwFoIUaXRmZWRlcmF0aW9uLmptdS5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AFHZ4yBTXdS0a570ZGv6MKKobiwtKfSf7s2hoqpWNETtm37cyscMb1VPehPOssWb
+fVzKY4JDTZEmr6BF9SC2U9kZhafsQkmuTgTjm9mtDRsVaG0qw2RqiBR+Tf2KbduL
+UrQN9d8wwoeFxZBFZXMqcbp/NyTvKI4gr39XjOdaPurKtNGqFpD8O6elCcxTB7zP
+65dcdQWavdx/QlbwbRyDlFmqeaBGT0ApZ1h27X4/fk6zc7GrbTiyGnzKjg9wiRne
+2dTF1gIz9ejZL8+1sx0orXhJpQwD7+GUXYMIZisCEpYnWs6SGdfIxfFNpjvWDSft
+YxZKxFxlOwz8KlWbQLyZC6Q=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://itfederation.jmu.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">James Madison University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">James Madison University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.jmu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Unix/Linux Group</GivenName>
+ <EmailAddress>linux-root-l@jmu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Helpdesk</GivenName>
+ <EmailAddress>helpdesk@jmu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Lawrence Berkeley National Laboratory -->
+<EntityDescriptor entityID="urn:mace:incommon:lbl.gov">
+ <IDPSSODescriptor errorURL="http://login.lbl.gov/incommon/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">lbl.gov</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 266, expires on Fri Feb 26 21:06:59 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAQowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIyNjIxMDY1OVoXDTEwMDIy
+NjIxMDY1OVowGDEWMBQGA1UEAxMNbG9naW4ubGJsLmdvdjCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAv8BTqaDaMakSF3Pz0j0C2SSfKjIQnuPtHKkIulx0TmGe
+lhAx7bajbSMLSwxAoeprNQOmM97hlNQb/VEGtt1Tey9jK5qaA7E7iEiqB50FY5lr
+4snbWN1vgrKj86WBGPd3vwdCL/Rfd77PAa7H0MwvQk/FPbbnRnb7w5UxxeK7FxsC
+AwEAAaOCAqcwggKjMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUL8ePWOyiQ1yTqoni
+lE+3PskSqw4wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJ
+CUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAYBgNVHREEETAP
+gg1sb2dpbi5sYmwuZ292MA0GCSqGSIb3DQEBBQUAA4IBAQA6kww3iR6787BsSf/W
+mnooYfkIIvsf4WVtBpa1gRrJQE/E/yCBlMXbsZNeFR9yZI52UCdHTY88Qlzjo23r
+lBP9y6GiX8RIegiJK1ZEMnJ5uAGbxHRKQoEOgwRFeKSGb+9WyCV4UZyNUaJDid2G
+QjYwpmICNgLdWMQHWt68WEzLU6YLbRZdZaIbNBxkSXL5JsIQ+JqdhkM45O4zauXQ
+9poN+kUXsP/k0OT6lSWywGlP5X4NlC6DOa+a3mQZACq9GsQrIJ6/H58J4vJjXc7Z
+7mLiqP95E3qXd3mp2KoH+qIgPLlh6VYAg8mirld+sgN45HtAAy5C9XywmIqoiSyM
+0srQ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 511780972927817123465789827277952086187216384955, expires on Tue Oct 31 23:36:25 2028 GMT -->
+ <ds:X509Certificate>
+MIIDHzCCAgegAwIBAgIUWaUNclZjoQfm4ab+ttJmW3Oqs7swDQYJKoZIhvcNAQEF
+BQAwGDEWMBQGA1UEAxMNbG9naW4ubGJsLmdvdjAeFw0wODEwMzEyMzM2MjVaFw0y
+ODEwMzEyMzM2MjVaMBgxFjAUBgNVBAMTDWxvZ2luLmxibC5nb3YwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUWmS996rDiCDoR0+O6MM5ufJlH6JYK9vv
+1AHR29TrZXIv4xkddf8KdTEgXfS7nimbrqKO+rNnt4dvYGfG/BH2jyFhZH48EZMA
+7xzBqp9OTr4uG0J1b286ychnlZAkgqtich4FCQOkhSKWbt9XSudcsWNqSG/VRN9r
+WfqI16q74IFLm8ATUJDkTn+sG29rJcDTqADDlbA8gP3qBHXrPypfmEZChCnEpoUJ
+82w8KjwbyrRIUtOnFBkZsj8XD1Hlv6vASHXxgc7nAYP9zxXSlBFfg1oSMuyWZSXC
+vRmXb32H9I8wO+/8KvzmndzZzU1yw+KZcaMhxfTFUAwxfCDfHyZjAgMBAAGjYTBf
+MD4GA1UdEQQ3MDWCDWxvZ2luLmxibC5nb3aGJGh0dHBzOi8vbG9naW4ubGJsLmdv
+di9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUm7bprLeALfsJXQkGskKJIbn7o00w
+DQYJKoZIhvcNAQEFBQADggEBAC7pPx/biv1uaWXHd77M0HS03VP5oazpjD8yt9TO
+kFST/Q3Jtsg3anxCfqaP/R2vcad8H722vFDZwGflImbZg3DNhF6Mj/pt3CuGpnIg
+7+6mXRTDNzaTKya4wX8RZdNMZ129n4LO+IVgjXZBBpGyNkPbu5D1dXuvsOdWH81B
+//GRSpTRrm0DB2rN6refGeRfHB7ZMVeWQVJFwr+51X+6OitKHLG6/xPqURI+x3mA
+jMIMRq4HkXJG3HRnSAxxmy5CPoslaIvJEXvV1WGUe/1jSqCKfdVSf1SeN2KqfQyj
+XHl1TMy82/4cFm7JOZXiJx32LIlICdpcBIGU7dFwHmiVYJc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.lbl.gov:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.lbl.gov:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.lbl.gov/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.lbl.gov/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://login.lbl.gov/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.lbl.gov/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">lbl.gov</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 266, expires on Fri Feb 26 21:06:59 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAQowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIyNjIxMDY1OVoXDTEwMDIy
+NjIxMDY1OVowGDEWMBQGA1UEAxMNbG9naW4ubGJsLmdvdjCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAv8BTqaDaMakSF3Pz0j0C2SSfKjIQnuPtHKkIulx0TmGe
+lhAx7bajbSMLSwxAoeprNQOmM97hlNQb/VEGtt1Tey9jK5qaA7E7iEiqB50FY5lr
+4snbWN1vgrKj86WBGPd3vwdCL/Rfd77PAa7H0MwvQk/FPbbnRnb7w5UxxeK7FxsC
+AwEAAaOCAqcwggKjMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUL8ePWOyiQ1yTqoni
+lE+3PskSqw4wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBugYIKwYB
+BQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YgoJ
+CUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAYBgNVHREEETAP
+gg1sb2dpbi5sYmwuZ292MA0GCSqGSIb3DQEBBQUAA4IBAQA6kww3iR6787BsSf/W
+mnooYfkIIvsf4WVtBpa1gRrJQE/E/yCBlMXbsZNeFR9yZI52UCdHTY88Qlzjo23r
+lBP9y6GiX8RIegiJK1ZEMnJ5uAGbxHRKQoEOgwRFeKSGb+9WyCV4UZyNUaJDid2G
+QjYwpmICNgLdWMQHWt68WEzLU6YLbRZdZaIbNBxkSXL5JsIQ+JqdhkM45O4zauXQ
+9poN+kUXsP/k0OT6lSWywGlP5X4NlC6DOa+a3mQZACq9GsQrIJ6/H58J4vJjXc7Z
+7mLiqP95E3qXd3mp2KoH+qIgPLlh6VYAg8mirld+sgN45HtAAy5C9XywmIqoiSyM
+0srQ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 511780972927817123465789827277952086187216384955, expires on Tue Oct 31 23:36:25 2028 GMT -->
+ <ds:X509Certificate>
+MIIDHzCCAgegAwIBAgIUWaUNclZjoQfm4ab+ttJmW3Oqs7swDQYJKoZIhvcNAQEF
+BQAwGDEWMBQGA1UEAxMNbG9naW4ubGJsLmdvdjAeFw0wODEwMzEyMzM2MjVaFw0y
+ODEwMzEyMzM2MjVaMBgxFjAUBgNVBAMTDWxvZ2luLmxibC5nb3YwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUWmS996rDiCDoR0+O6MM5ufJlH6JYK9vv
+1AHR29TrZXIv4xkddf8KdTEgXfS7nimbrqKO+rNnt4dvYGfG/BH2jyFhZH48EZMA
+7xzBqp9OTr4uG0J1b286ychnlZAkgqtich4FCQOkhSKWbt9XSudcsWNqSG/VRN9r
+WfqI16q74IFLm8ATUJDkTn+sG29rJcDTqADDlbA8gP3qBHXrPypfmEZChCnEpoUJ
+82w8KjwbyrRIUtOnFBkZsj8XD1Hlv6vASHXxgc7nAYP9zxXSlBFfg1oSMuyWZSXC
+vRmXb32H9I8wO+/8KvzmndzZzU1yw+KZcaMhxfTFUAwxfCDfHyZjAgMBAAGjYTBf
+MD4GA1UdEQQ3MDWCDWxvZ2luLmxibC5nb3aGJGh0dHBzOi8vbG9naW4ubGJsLmdv
+di9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUm7bprLeALfsJXQkGskKJIbn7o00w
+DQYJKoZIhvcNAQEFBQADggEBAC7pPx/biv1uaWXHd77M0HS03VP5oazpjD8yt9TO
+kFST/Q3Jtsg3anxCfqaP/R2vcad8H722vFDZwGflImbZg3DNhF6Mj/pt3CuGpnIg
+7+6mXRTDNzaTKya4wX8RZdNMZ129n4LO+IVgjXZBBpGyNkPbu5D1dXuvsOdWH81B
+//GRSpTRrm0DB2rN6refGeRfHB7ZMVeWQVJFwr+51X+6OitKHLG6/xPqURI+x3mA
+jMIMRq4HkXJG3HRnSAxxmy5CPoslaIvJEXvV1WGUe/1jSqCKfdVSf1SeN2KqfQyj
+XHl1TMy82/4cFm7JOZXiJx32LIlICdpcBIGU7dFwHmiVYJc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.lbl.gov:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.lbl.gov:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Lawrence Berkeley National Laboratory</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lawrence Berkeley National Laboratory</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lbl.gov/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>James Lee</GivenName>
+ <EmailAddress>jelee@lbl.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Greg Haverkamp</GivenName>
+ <EmailAddress>gahaverkamp@lbl.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>James Lee</GivenName>
+ <EmailAddress>jelee@lbl.gov</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Moss Landing Marine Laboratories -->
+<EntityDescriptor entityID="urn:mace:incommon:mlml.calstate.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">mlml.calstate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 421, expires on Fri Sep 3 18:12:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAaUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkwMjE4MTI0NloXDTEwMDkw
+MzE4MTI0NlowIDEeMBwGA1UEAxMVaWRwLW1sbWwuY2Fsc3RhdGUuZWR1MIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3+H/xWSJk24Zn3Y+uN6QtEjp1e054Y8eA
+ZaCX8i7IqdD61q4B8AojKYFqzMshq5OyoZh4RXOkluohwRgn8FJD5AUuCiFx4G7w
+TZWx6cYimaw1pUv0625c4a5bn7LMAegevY49K9juDNIUtUVMhBNPW+17f6iMBPa2
+SmM53YcLqQIDAQABo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQoC+H+
+jQcA9IWSfHw5h2dpweRfsDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAX
+ghVpZHAtbWxtbC5jYWxzdGF0ZS5lZHUwDQYJKoZIhvcNAQEFBQADggEBABobAEBq
+FaLOCsj/mLeLWtGGcoh1V5r16vT3a/abrg5/12w1THq9xJEfNc/GFkGRSeroV5pS
+AuPkWXgLGyCoCcY5CprrthPN+aJq4p9G6Ljsx+wNTLIRWLqCPMXIQHml1JX1SqA/
+nRIRAdQHNOBSK4rOmfl45i3OpFullmOpMj0lZPRL8M4mglG1PaOlx4314jDDEth6
+7P5tMsoElM2QA43ldwT+aCvknU0YLWUvVxdXLJIDzXKWgbtAZYp1TZPlW2s22qAH
+8JuIwo+QqnMjByIC4F++0uubHEDpAgwDCIJiAbEYy7QofDueMYuJNVWm6QGLQqEQ
+d2Vb+76A+Pjiz20=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp-mlml.calstate.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-mlml.calstate.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp-mlml.calstate.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-mlml.calstate.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp-mlml.calstate.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-mlml.calstate.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">mlml.calstate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 421, expires on Fri Sep 3 18:12:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAaUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkwMjE4MTI0NloXDTEwMDkw
+MzE4MTI0NlowIDEeMBwGA1UEAxMVaWRwLW1sbWwuY2Fsc3RhdGUuZWR1MIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQC3+H/xWSJk24Zn3Y+uN6QtEjp1e054Y8eA
+ZaCX8i7IqdD61q4B8AojKYFqzMshq5OyoZh4RXOkluohwRgn8FJD5AUuCiFx4G7w
+TZWx6cYimaw1pUv0625c4a5bn7LMAegevY49K9juDNIUtUVMhBNPW+17f6iMBPa2
+SmM53YcLqQIDAQABo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQoC+H+
+jQcA9IWSfHw5h2dpweRfsDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAX
+ghVpZHAtbWxtbC5jYWxzdGF0ZS5lZHUwDQYJKoZIhvcNAQEFBQADggEBABobAEBq
+FaLOCsj/mLeLWtGGcoh1V5r16vT3a/abrg5/12w1THq9xJEfNc/GFkGRSeroV5pS
+AuPkWXgLGyCoCcY5CprrthPN+aJq4p9G6Ljsx+wNTLIRWLqCPMXIQHml1JX1SqA/
+nRIRAdQHNOBSK4rOmfl45i3OpFullmOpMj0lZPRL8M4mglG1PaOlx4314jDDEth6
+7P5tMsoElM2QA43ldwT+aCvknU0YLWUvVxdXLJIDzXKWgbtAZYp1TZPlW2s22qAH
+8JuIwo+QqnMjByIC4F++0uubHEDpAgwDCIJiAbEYy7QofDueMYuJNVWm6QGLQqEQ
+d2Vb+76A+Pjiz20=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp-mlml.calstate.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-mlml.calstate.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Moss Landing Marine Laboratories</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Moss Landing Marine Laboratories</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mlml.calstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Jeff Arlt</GivenName>
+ <EmailAddress>jarlt@mlml.calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>John Witkowski</GivenName>
+ <EmailAddress>jwitkowski@mlml.calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Marcus M. Mizushima</GivenName>
+ <EmailAddress>mmizushima@calstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Gabriel Sroka</GivenName>
+ <EmailAddress>gsroka@calstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Virginia Commonwealth University -->
+<EntityDescriptor entityID="https://shibboleth.vcu.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">vcu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 14488029203501563534, expires on Mon Oct 29 13:34:21 2012 GMT -->
+ <ds:X509Certificate>
+MIIDOzCCAiOgAwIBAgIJAMkP0cy6Mj6OMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEnNoaWJib2xldGgudmN1LmVkdTAeFw0wOTEwMzAxMzM0MjFaFw0xMjEwMjkx
+MzM0MjFaMB0xGzAZBgNVBAMTEnNoaWJib2xldGgudmN1LmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAL4gIuA1ljlDh/jlffYhbTRMsfGFErcWrejd
+5UA2FvUEL14+PPzpHq6+8HHZL1TYW5WnRq4dpuvHUxOfSxt5gom9bl3SUa3pAFsk
+hKcXqOwZzvPPVo0Rp7iZguVjkiZBlSYXo3cP4bfMuNrfvDTCAFvxa8fZN8yxclVL
+Bg7yXKh6gPbVN9VST3KG/mExI7yghNFnxJgh1xsfl4idJCvKb+V3IuD8hdWiS7hp
+Q+mcn+1rA+TQarXODC5rf/JilvWaRvh6cwMHw35sBownzI44h/L1vfHimiPGXvo7
+oroZ7NGUK1j0G6GolK7ixBHjQZZGUv7O2X/4Rj+NaIFkf+KnNIECAwEAAaN+MHww
+HQYDVR0OBBYEFFb2M0GvEkqM6CsDMAgoGdxe/022ME0GA1UdIwRGMESAFFb2M0Gv
+EkqM6CsDMAgoGdxe/022oSGkHzAdMRswGQYDVQQDExJzaGliYm9sZXRoLnZjdS5l
+ZHWCCQDJD9HMujI+jjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBl
+RNsX0fk9l9EeZa8AHpPcxk3eQaW8r4MT+o57LXtBDZEvKFc8fRws09Ptkyg9CETv
+5uT7GQZ0HEFZyONJHsQy8Q1Etr4Q7I5J9EAxokBG4kFAn7Jcp1LHf5zHlWVhDsR+
+LMhDmHPuyDGqN8pVU/47MA0hFGILpckRY6q4j7L3aXyet0ImyPVlgJUoMXRso7vN
+Uw8mKyvL8HT3iZ42D8wENFNhA3nck2RDX3K1nv0qCbNF+FlnUDTy7i6EnH4U2aoe
+mYJ3G1FBVt0b8LdS0XisQ9pY3kpuQqspN4SFrJUDi6luNLdH8/YguSB0uf2Pdyyj
+KUd8anrB7gIglUS1bz6F
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.vcu.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.vcu.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.vcu.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">vcu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 14488029203501563534, expires on Mon Oct 29 13:34:21 2012 GMT -->
+ <ds:X509Certificate>
+MIIDOzCCAiOgAwIBAgIJAMkP0cy6Mj6OMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEnNoaWJib2xldGgudmN1LmVkdTAeFw0wOTEwMzAxMzM0MjFaFw0xMjEwMjkx
+MzM0MjFaMB0xGzAZBgNVBAMTEnNoaWJib2xldGgudmN1LmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAL4gIuA1ljlDh/jlffYhbTRMsfGFErcWrejd
+5UA2FvUEL14+PPzpHq6+8HHZL1TYW5WnRq4dpuvHUxOfSxt5gom9bl3SUa3pAFsk
+hKcXqOwZzvPPVo0Rp7iZguVjkiZBlSYXo3cP4bfMuNrfvDTCAFvxa8fZN8yxclVL
+Bg7yXKh6gPbVN9VST3KG/mExI7yghNFnxJgh1xsfl4idJCvKb+V3IuD8hdWiS7hp
+Q+mcn+1rA+TQarXODC5rf/JilvWaRvh6cwMHw35sBownzI44h/L1vfHimiPGXvo7
+oroZ7NGUK1j0G6GolK7ixBHjQZZGUv7O2X/4Rj+NaIFkf+KnNIECAwEAAaN+MHww
+HQYDVR0OBBYEFFb2M0GvEkqM6CsDMAgoGdxe/022ME0GA1UdIwRGMESAFFb2M0Gv
+EkqM6CsDMAgoGdxe/022oSGkHzAdMRswGQYDVQQDExJzaGliYm9sZXRoLnZjdS5l
+ZHWCCQDJD9HMujI+jjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBl
+RNsX0fk9l9EeZa8AHpPcxk3eQaW8r4MT+o57LXtBDZEvKFc8fRws09Ptkyg9CETv
+5uT7GQZ0HEFZyONJHsQy8Q1Etr4Q7I5J9EAxokBG4kFAn7Jcp1LHf5zHlWVhDsR+
+LMhDmHPuyDGqN8pVU/47MA0hFGILpckRY6q4j7L3aXyet0ImyPVlgJUoMXRso7vN
+Uw8mKyvL8HT3iZ42D8wENFNhA3nck2RDX3K1nv0qCbNF+FlnUDTy7i6EnH4U2aoe
+mYJ3G1FBVt0b8LdS0XisQ9pY3kpuQqspN4SFrJUDi6luNLdH8/YguSB0uf2Pdyyj
+KUd8anrB7gIglUS1bz6F
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.vcu.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.vcu.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Virginia Commonwealth University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Virginia Commonwealth University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.vcu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>JE Fritz</GivenName>
+ <EmailAddress>fritz@vcu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Virginia Polytechnic Institute and State University -->
+<EntityDescriptor entityID="urn:mace:incommon:vt.edu">
+ <IDPSSODescriptor errorURL="https://shib.vt.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">vt.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 375, expires on Sun Jul 4 18:56:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAXcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMzE4NTY1MloXDTEwMDcw
+NDE4NTY1MlowFjEUMBIGA1UEAxMLc2hpYi52dC5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDJ/qQ8s9By85mYL7PVryYIdZewqiFTstkXGo6VAMxl
+W9NnGHbThuZ+WXG4k28fAk2D+rGHKRxEmPGygAqZzZ87o7Z63har0F0X/9M3zOPX
+ADruPLy7APAsYBdQ84R00udHcAYiSBbcNI/BrLxF9QxtLiecTcxzkbAfJcXMXWe1
+GfhDN+8qrmi3lB0pO/rQccY2kd9K9/17xTb7M6Lj2iKLeOz71FqAzm0OYyyL2lkA
+oIws93xzyav8/fr6/ssengsvwIL5mDBU5b5Vs6fg1NyFQP9oujnTDIASHL9FXJkj
+P0SB7JypYuz1Bq5W48hiKEruV/MmPDkUkkMBJasqokdbAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFKD8T0srMuYemAhXFdLq7vbt7XLeMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC3NoaWIudnQuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQBVEIAmHl3QeX60Qz3PcNxuO5FMU9lV2PvIJ/75ISP4jcjqHss9
+9AuHHmz+HfZX//T/i37KDhB5Fnfu/aeLZIDyBB2kJigboOBQA70M/KQmkIdheSWv
+S3YQ6PuO3hqe+/Bqfhjw4M7fnD+9rfoNdFUYbHS1zDoxLyL4U6Q+2WeodD/y+YXz
+yrNuDucpRROpjU9RAW2UZ0P7iV4hSllVo85k6gY/VvncGSA8aqeTY4SzNmbH5EIA
+OBy202gvsP4u6pouKjPK0nsQrhFyPmq9d+0JlZGUd44H6s2wCbjDM32GWfbcacF+
+gWAYlDzBb2SsR3PRwT6aJEWink9YHZFGlplY
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.vt.edu/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.vt.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">vt.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 375, expires on Sun Jul 4 18:56:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAXcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMzE4NTY1MloXDTEwMDcw
+NDE4NTY1MlowFjEUMBIGA1UEAxMLc2hpYi52dC5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDJ/qQ8s9By85mYL7PVryYIdZewqiFTstkXGo6VAMxl
+W9NnGHbThuZ+WXG4k28fAk2D+rGHKRxEmPGygAqZzZ87o7Z63har0F0X/9M3zOPX
+ADruPLy7APAsYBdQ84R00udHcAYiSBbcNI/BrLxF9QxtLiecTcxzkbAfJcXMXWe1
+GfhDN+8qrmi3lB0pO/rQccY2kd9K9/17xTb7M6Lj2iKLeOz71FqAzm0OYyyL2lkA
+oIws93xzyav8/fr6/ssengsvwIL5mDBU5b5Vs6fg1NyFQP9oujnTDIASHL9FXJkj
+P0SB7JypYuz1Bq5W48hiKEruV/MmPDkUkkMBJasqokdbAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFKD8T0srMuYemAhXFdLq7vbt7XLeMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC3NoaWIudnQuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQBVEIAmHl3QeX60Qz3PcNxuO5FMU9lV2PvIJ/75ISP4jcjqHss9
+9AuHHmz+HfZX//T/i37KDhB5Fnfu/aeLZIDyBB2kJigboOBQA70M/KQmkIdheSWv
+S3YQ6PuO3hqe+/Bqfhjw4M7fnD+9rfoNdFUYbHS1zDoxLyL4U6Q+2WeodD/y+YXz
+yrNuDucpRROpjU9RAW2UZ0P7iV4hSllVo85k6gY/VvncGSA8aqeTY4SzNmbH5EIA
+OBy202gvsP4u6pouKjPK0nsQrhFyPmq9d+0JlZGUd44H6s2wCbjDM32GWfbcacF+
+gWAYlDzBb2SsR3PRwT6aJEWink9YHZFGlplY
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.vt.edu:10443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Virginia Polytechnic Institute and State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Virginia Polytechnic Institute and State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.vt.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Marvin Addison</GivenName>
+ <EmailAddress>shib-admin@vt.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Mary Dunker</GivenName>
+ <EmailAddress>dunker@vt.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Marvin Addison</GivenName>
+ <EmailAddress>shib-admin@vt.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Microsoft -->
+<EntityDescriptor entityID="https://downloads.channel8.msdn.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 467, expires on Thu Nov 25 20:31:12 2010 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAdMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTEyNDIwMzExMloXDTEwMTEy
+NTIwMzExMlowHTEbMBkGA1UEAxMSd3d3LmRyZWFtc3BhcmsuY29tMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzx+TlKaaxrgQm3hZukgmkIDkg7uNYjMl
+zWujZ5UBnmnNr0/LVPbQ7ANUv9TTe2XgV1EbCEMrQD5Siy5z6z7jRYOX27SmDJiL
+vgdckv1XZjxVRCZACiWHHLYYTyPAqf8vlNT2m0uySjssY/teZ4lacZT45JoxCIop
+OC/Un35nlXmNt/dtv66lsc9V4EIxCbMCN0skPWDTy8q9Y/mfzVivKNGicywXuEIF
+baFmQ5ocNVxRxriQ2mxdrEe9UoPZoKKMhegnzyJu1xi87yFMN+kXOpqN3/whdi9p
+/fGaIRw9JT1poT674hL+ejuZuZlvLjHywIhKuQ++59UztAr3ZyQLUQIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS4CV6t2ZkJcxCYGKWZHc0QHaPl
+zzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJ3d3cuZHJlYW1zcGFy
+ay5jb20wDQYJKoZIhvcNAQEFBQADggEBAJJad/ukiZYUL59HDAuHQ8QYwEz4iyah
+Pk5FduX3VvO04frWXPCUVRa8HIf62ZNdO8WHQi4RhMzg2Iu3hEp4CyztgZUoNiIS
+klU9kbJxYE1R8XTxI1PzZLk8N1pw18TJSuaM7vI5LEHotobM/IMFlZ8o2+MqKCLU
+x2Yx9YAa6oYkFMpdqFBwR+UjgiWXSLXEhiE4HmVRhyKlxE3LeV87pj+Qa+asfHiS
+szTU69+UEiAwGqB2jKQ4wseqajIFXLoHobwbkCvTX/bK8ZmcHMut33+3huuOC65+
+BWLWJwiFKzVeftNXbInYUAqUErXnNu9R7mYTHSEzPB+BurQ669p6/+s=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.dreamspark.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.dreamspark.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Microsoft</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Microsoft</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.microsoft.com/en/us/default.aspx</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>DreamSpark Engineering Team</GivenName>
+ <EmailAddress>dsengt@microsoft.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>DreamSpark Engineering Team</GivenName>
+ <EmailAddress>dsengt@microsoft.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Scott Blackwell</GivenName>
+ <EmailAddress>scott.blackwell@microsoft.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://staging.dreamspark.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 446, expires on Thu Oct 7 18:14:05 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAb4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAwNjE4MTQwNVoXDTEwMTAw
+NzE4MTQwNVowITEfMB0GA1UEAxMWc3RhZ2luZy5kcmVhbXNwYXJrLmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvyt5Coj3UzRIAN4AMxfkCOJfldddhJjg
+7PEe/9HnY0GnXs3QExkFKoaLqdVa6BbGg8p5iOJvJ+hN8KW8rlEOdUaVhmPdE6y3
+ZHnErru6kmwwV/sFPQEqfsFKhENe7scfgfcMl4jx53PUkAn84itc1LSPhbJfsALu
+HurV5Nwk0+cCAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUrQqs
+L1PyXk/vJ7oK+EACxDjcpwUwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc3RhZ2luZy5kcmVhbXNwYXJrLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAgFob
+QMnMr7WedSIrpSek0jZoGdwW+Ih2y2ZaNP96ygFyIZTxnYDbY4wGoVPDbA+1uGew
+MoOigJlZkBeJyinRCAaOjRaOWAU91JxtJi/4kZrJbPDY8djyCbfSRAEXUSAPuBwx
+PBUwwjoz57LnhrgSNNU6X20uGOpzt9IYmcujZ/7t5P9u8/tzVBOpa62QAgFJVBwD
+Ucr+wB3H3RDSF0kBH94nAgOPXJToHWJM7gcOr+m8AEEI1YukftZVrwE9/3cI7SPe
+eEW5lxwrxpzVESmLHCr+HpdOsZqG6B4Nrt6UjjI9jB1rguPXKBjfUw7YAeCwx7jT
+05NcwImw3Hy1xQdZqQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://staging.dreamspark.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Microsoft</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Microsoft</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.microsoft.com/en/us/default.aspx</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Conte</GivenName>
+ <EmailAddress>v-bconte@microsoft.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Scott Blackwell</GivenName>
+ <EmailAddress>Scott.Blackwell@microsoft.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Old Dominion University -->
+<EntityDescriptor entityID="urn:mace:incommon:odu.edu">
+ <IDPSSODescriptor errorURL="http://shibboleth.odu.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">odu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 284, expires on Sat Mar 20 19:06:14 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICARwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMxOTE5MDYxNFoXDTEwMDMy
+MDE5MDYxNFowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC5vZHUuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BwDkdKLPDpcF/Sl8c+N8R2s7HG0Yotu
+uuJonzoaVhaLITbHQ9dxbF4y9dUJRFTb9KXzuRB9HI1Gc1AugFquLN09gSsUH/80
+EBx3V2PA3yh9oj8jT+VPeR52Y+x2JvTlTXCJE85gto+6M3jc/jxLKu0sBa/hPMEi
+2Lf6eN8wMiykcAjFQy45eD6W3UbhWIdFdIJzBOHbc5Lw2QFL7eh+J1eW49hDAxg1
+Np0rwk7TafXskBN2AQ6xpd/+NNsVSdUIGL79ys4UMyIFRh4bkpPxTh7K3NenqQ4z
+rlLEReIy4Gwv/xP9MsBIT5zTFpP7m80JRylQD7AY1r4ltOI9UaYfpwIDAQABo4IC
+rDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSQLfgOPlsbjl3bNhl+3y5b6eHo
+oTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSB
+rTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNz
+dWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1UdEQQWMBSCEnNoaWJi
+b2xldGgub2R1LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAGI507zxebncyRIHehRR0
+NW53bXZ7AzWeDX9N7l10aUTPiQcLr1wsLcTfveDiWAAMUEtOwsM6jGucAg6x/lCS
+48aQfXx/9IA5CYV+ZPUlVgKNI3mnmD62+TyX77m6gqR2HRaElHpDvBrppM7MIHGF
+gp1K20EM9EgJWN+kcjaq3VfoYUNZgZFHyK3xTpKVEOMXZx5hq0Cd0YsoEZ1cS5BY
+I0d49jJnMYqCJAkwR8FZ6cPjn7fAZnCvvgs/2bkIpavKa4wSG6WwlQQCJkOy+wzW
+TpO/yauENUQhA4Uk57B0g3c8WrCS8gNTHDli9Hv4cWjp5jRQXrZJJTOPOR0l3L8T
+3w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 14555286187115283073, expires on Wed Jan 30 21:50:38 2013 GMT -->
+ <ds:X509Certificate>
+MIIE0zCCA7ugAwIBAgIJAMn+w6uDKAKBMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD
+VQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEDAOBgNVBAcTB05vcmZvbGsxIDAe
+BgNVBAoTF09sZCBEb21pbmlvbiBVbml2ZXJzaXR5MQ0wCwYDVQQLEwRPQ0NTMRsw
+GQYDVQQDExJzaGliYm9sZXRoLm9kdS5lZHUxHzAdBgkqhkiG9w0BCQEWEHRkZXJn
+ZW5zQG9kdS5lZHUwHhcNMTAwMTAxMjE1MDM4WhcNMTMwMTMwMjE1MDM4WjCBoTEL
+MAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRAwDgYDVQQHEwdOb3Jmb2xr
+MSAwHgYDVQQKExdPbGQgRG9taW5pb24gVW5pdmVyc2l0eTENMAsGA1UECxMET0ND
+UzEbMBkGA1UEAxMSc2hpYmJvbGV0aC5vZHUuZWR1MR8wHQYJKoZIhvcNAQkBFhB0
+ZGVyZ2Vuc0BvZHUuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+lBO4vpFW9ikY90LlmdDGqdRXU4YVSEMQQKUvXBVb6NZpsN5FassFhtqE83WckPF8
+viFjZDOfKdTsJ2oWp5DsjH36kqEoLgS2JoUdVD3MjZ5GxZ5r2ZfBccWXL/kmu4Wv
+ByeHj+Fa8ehwagmZ4CXC5Oxd+WYsz4dd5t6lD0PO7Od4RS0sysDCIDC/KTso8p7p
+DDG/vpPbzuwfkxdM8FG3w+3aShgj2N4rnhorrnDkPFzJ4MHrjo0rq359TI8gt8Vx
+I/SW4qN2s2v9O6TDS0YF/qIWU/mIk7/z2F+hF9sC7VD4FC3WqFu3nFm7rTu7tCi0
+IXbC4hX9+xIl6EvhOfapUwIDAQABo4IBCjCCAQYwHQYDVR0OBBYEFIreB34Ia3x6
+l/xVA9jXPGWly38cMIHWBgNVHSMEgc4wgcuAFIreB34Ia3x6l/xVA9jXPGWly38c
+oYGnpIGkMIGhMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEDAOBgNV
+BAcTB05vcmZvbGsxIDAeBgNVBAoTF09sZCBEb21pbmlvbiBVbml2ZXJzaXR5MQ0w
+CwYDVQQLEwRPQ0NTMRswGQYDVQQDExJzaGliYm9sZXRoLm9kdS5lZHUxHzAdBgkq
+hkiG9w0BCQEWEHRkZXJnZW5zQG9kdS5lZHWCCQDJ/sOrgygCgTAMBgNVHRMEBTAD
+AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBwmJQ0x1E2tEw5INt+Oo0ZbNExxloPDtGX
+F494Kah7sK1JfbwYjvQt+Mr21IoBon6DhAxUgUMioErjNlx/O61YfvvrxM0beOqe
+RcbiehzolNXZoDc/BpOIyg2Mnts0Oq1W1iqdboG8o/C1hO6QDkDEqs54wzW3IwiB
+6he6+IMkfZU21LFQrtXY97M3MWzazAZSZuiEz/o/xCRC1KAkgETKqPLUj61YiLWK
+RsTSoA0uK8ON9te+ae9yVj8t2PWaPkYgjnP4p5yWEYhEogrSdDr75ncNoD7H9YEl
+j3zAHdA4Cb/2GuXsNgP1vuj5oSKruQenypnVtxFix/Ad2fxsAgyB
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.odu.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.odu.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.odu.edu/idp/profile/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.odu.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth.odu.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.odu.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">odu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 284, expires on Sat Mar 20 19:06:14 2010 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICARwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMxOTE5MDYxNFoXDTEwMDMy
+MDE5MDYxNFowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC5vZHUuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BwDkdKLPDpcF/Sl8c+N8R2s7HG0Yotu
+uuJonzoaVhaLITbHQ9dxbF4y9dUJRFTb9KXzuRB9HI1Gc1AugFquLN09gSsUH/80
+EBx3V2PA3yh9oj8jT+VPeR52Y+x2JvTlTXCJE85gto+6M3jc/jxLKu0sBa/hPMEi
+2Lf6eN8wMiykcAjFQy45eD6W3UbhWIdFdIJzBOHbc5Lw2QFL7eh+J1eW49hDAxg1
+Np0rwk7TafXskBN2AQ6xpd/+NNsVSdUIGL79ys4UMyIFRh4bkpPxTh7K3NenqQ4z
+rlLEReIy4Gwv/xP9MsBIT5zTFpP7m80JRylQD7AY1r4ltOI9UaYfpwIDAQABo4IC
+rDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSQLfgOPlsbjl3bNhl+3y5b6eHo
+oTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcBAQSB
+rTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0EgSXNz
+dWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1UdEQQWMBSCEnNoaWJi
+b2xldGgub2R1LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAGI507zxebncyRIHehRR0
+NW53bXZ7AzWeDX9N7l10aUTPiQcLr1wsLcTfveDiWAAMUEtOwsM6jGucAg6x/lCS
+48aQfXx/9IA5CYV+ZPUlVgKNI3mnmD62+TyX77m6gqR2HRaElHpDvBrppM7MIHGF
+gp1K20EM9EgJWN+kcjaq3VfoYUNZgZFHyK3xTpKVEOMXZx5hq0Cd0YsoEZ1cS5BY
+I0d49jJnMYqCJAkwR8FZ6cPjn7fAZnCvvgs/2bkIpavKa4wSG6WwlQQCJkOy+wzW
+TpO/yauENUQhA4Uk57B0g3c8WrCS8gNTHDli9Hv4cWjp5jRQXrZJJTOPOR0l3L8T
+3w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 14555286187115283073, expires on Wed Jan 30 21:50:38 2013 GMT -->
+ <ds:X509Certificate>
+MIIE0zCCA7ugAwIBAgIJAMn+w6uDKAKBMA0GCSqGSIb3DQEBBQUAMIGhMQswCQYD
+VQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEDAOBgNVBAcTB05vcmZvbGsxIDAe
+BgNVBAoTF09sZCBEb21pbmlvbiBVbml2ZXJzaXR5MQ0wCwYDVQQLEwRPQ0NTMRsw
+GQYDVQQDExJzaGliYm9sZXRoLm9kdS5lZHUxHzAdBgkqhkiG9w0BCQEWEHRkZXJn
+ZW5zQG9kdS5lZHUwHhcNMTAwMTAxMjE1MDM4WhcNMTMwMTMwMjE1MDM4WjCBoTEL
+MAkGA1UEBhMCVVMxETAPBgNVBAgTCFZpcmdpbmlhMRAwDgYDVQQHEwdOb3Jmb2xr
+MSAwHgYDVQQKExdPbGQgRG9taW5pb24gVW5pdmVyc2l0eTENMAsGA1UECxMET0ND
+UzEbMBkGA1UEAxMSc2hpYmJvbGV0aC5vZHUuZWR1MR8wHQYJKoZIhvcNAQkBFhB0
+ZGVyZ2Vuc0BvZHUuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+lBO4vpFW9ikY90LlmdDGqdRXU4YVSEMQQKUvXBVb6NZpsN5FassFhtqE83WckPF8
+viFjZDOfKdTsJ2oWp5DsjH36kqEoLgS2JoUdVD3MjZ5GxZ5r2ZfBccWXL/kmu4Wv
+ByeHj+Fa8ehwagmZ4CXC5Oxd+WYsz4dd5t6lD0PO7Od4RS0sysDCIDC/KTso8p7p
+DDG/vpPbzuwfkxdM8FG3w+3aShgj2N4rnhorrnDkPFzJ4MHrjo0rq359TI8gt8Vx
+I/SW4qN2s2v9O6TDS0YF/qIWU/mIk7/z2F+hF9sC7VD4FC3WqFu3nFm7rTu7tCi0
+IXbC4hX9+xIl6EvhOfapUwIDAQABo4IBCjCCAQYwHQYDVR0OBBYEFIreB34Ia3x6
+l/xVA9jXPGWly38cMIHWBgNVHSMEgc4wgcuAFIreB34Ia3x6l/xVA9jXPGWly38c
+oYGnpIGkMIGhMQswCQYDVQQGEwJVUzERMA8GA1UECBMIVmlyZ2luaWExEDAOBgNV
+BAcTB05vcmZvbGsxIDAeBgNVBAoTF09sZCBEb21pbmlvbiBVbml2ZXJzaXR5MQ0w
+CwYDVQQLEwRPQ0NTMRswGQYDVQQDExJzaGliYm9sZXRoLm9kdS5lZHUxHzAdBgkq
+hkiG9w0BCQEWEHRkZXJnZW5zQG9kdS5lZHWCCQDJ/sOrgygCgTAMBgNVHRMEBTAD
+AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBwmJQ0x1E2tEw5INt+Oo0ZbNExxloPDtGX
+F494Kah7sK1JfbwYjvQt+Mr21IoBon6DhAxUgUMioErjNlx/O61YfvvrxM0beOqe
+RcbiehzolNXZoDc/BpOIyg2Mnts0Oq1W1iqdboG8o/C1hO6QDkDEqs54wzW3IwiB
+6he6+IMkfZU21LFQrtXY97M3MWzazAZSZuiEz/o/xCRC1KAkgETKqPLUj61YiLWK
+RsTSoA0uK8ON9te+ae9yVj8t2PWaPkYgjnP4p5yWEYhEogrSdDr75ncNoD7H9YEl
+j3zAHdA4Cb/2GuXsNgP1vuj5oSKruQenypnVtxFix/Ad2fxsAgyB
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.odu.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.odu.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Old Dominion University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Old Dominion University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://web.odu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Todd Dergenski</GivenName>
+ <EmailAddress>tdergens@odu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Technical Support Center</GivenName>
+ <EmailAddress>occshelp@odu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Todd Dergenski</GivenName>
+ <EmailAddress>tdergens@odu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- InCommon LLC -->
+<EntityDescriptor entityID="https://idp.incommonfederation.org/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">incommonfederation.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 234, expires on Sun Dec 6 15:28:27 2009 GMT -->
+ <ds:X509Certificate>
+MIIFKTCCBBGgAwIBAgICAOowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTIwNjE1MjgyN1oXDTA5MTIw
+NjE1MjgyN1owJTEjMCEGA1UEAxMaaWRwLmluY29tbW9uZmVkZXJhdGlvbi5vcmcw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMsS3N7wt4yxSxx8yeb08b7go2Nm
+HpKR754gn60sUNhiep1jI3s7kALvK+OTN//fBOf3thTOJDF2k6GC3cj9b0nALPoJ
+gv1/DLsEuCLdndbCVlyBNhG/xxB+kcIkjl/olTH9hO3XSFBFNA0JQbgqbQ/8mqmb
+5nPEqNM4c/td1h/PAgMBAAGjggK0MIICsDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FB7//2MNy4fSWlaLofsdoJssBz8eMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9p
+bmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9j
+YS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNh
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8v
+aW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5j
+cmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRw
+Oi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5w
+ZGYwJQYDVR0RBB4wHIIaaWRwLmluY29tbW9uZmVkZXJhdGlvbi5vcmcwDQYJKoZI
+hvcNAQEFBQADggEBAHHyY6qs7hO1x0l+UQaO+Um0UH42afl0ZjTk/KFKh/PxgiTu
+tQmf9QBWSOjoOp9F2k3DVMb+2wDVItvPCVC42scmuIfJ/Pz2OFJEvw/LcaeJePNF
+GFh1JlsaAnd8Qz5pf8gyz5tWgVm/v/pdT8tu2uGPK07T+EcQhmsUP2zmkS3BTHnB
+anLUxamn4rqe5KHRkV/dJ7Ikm0r37R/pXCQu1d/aF9thZQ2GB8/uxYxLlqNN379F
+l7vmn2me4bqIfd/ViFaPDz2J9Sw4475aZHzZpMq2SDuhNKecatEVZrpFrrvXBUOV
+qofWkuCJKHd3rr2lhILwUcsDMZUbPW2o1v+Hiy4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.incommonfederation.org/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.incommonfederation.org/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">incommonfederation.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 234, expires on Sun Dec 6 15:28:27 2009 GMT -->
+ <ds:X509Certificate>
+MIIFKTCCBBGgAwIBAgICAOowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MTIwNjE1MjgyN1oXDTA5MTIw
+NjE1MjgyN1owJTEjMCEGA1UEAxMaaWRwLmluY29tbW9uZmVkZXJhdGlvbi5vcmcw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMsS3N7wt4yxSxx8yeb08b7go2Nm
+HpKR754gn60sUNhiep1jI3s7kALvK+OTN//fBOf3thTOJDF2k6GC3cj9b0nALPoJ
+gv1/DLsEuCLdndbCVlyBNhG/xxB+kcIkjl/olTH9hO3XSFBFNA0JQbgqbQ/8mqmb
+5nPEqNM4c/td1h/PAgMBAAGjggK0MIICsDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FB7//2MNy4fSWlaLofsdoJssBz8eMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9p
+bmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9j
+YS1jZXJ0cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNh
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8v
+aW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5j
+cmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRw
+Oi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5w
+ZGYwJQYDVR0RBB4wHIIaaWRwLmluY29tbW9uZmVkZXJhdGlvbi5vcmcwDQYJKoZI
+hvcNAQEFBQADggEBAHHyY6qs7hO1x0l+UQaO+Um0UH42afl0ZjTk/KFKh/PxgiTu
+tQmf9QBWSOjoOp9F2k3DVMb+2wDVItvPCVC42scmuIfJ/Pz2OFJEvw/LcaeJePNF
+GFh1JlsaAnd8Qz5pf8gyz5tWgVm/v/pdT8tu2uGPK07T+EcQhmsUP2zmkS3BTHnB
+anLUxamn4rqe5KHRkV/dJ7Ikm0r37R/pXCQu1d/aF9thZQ2GB8/uxYxLlqNN379F
+l7vmn2me4bqIfd/ViFaPDz2J9Sw4475aZHzZpMq2SDuhNKecatEVZrpFrrvXBUOV
+qofWkuCJKHd3rr2lhILwUcsDMZUbPW2o1v+Hiy4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.incommonfederation.org:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.incommonfederation.org:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">InCommon LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">InCommon Operations</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.incommon.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Tech Support</GivenName>
+ <EmailAddress>techsupport@internet2.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- SumTotal Systems, Inc. -->
+<EntityDescriptor entityID="https://imp39.sumtotalsystems.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 622, expires on Fri Aug 12 17:52:01 2011 GMT -->
+ <ds:X509Certificate>
+MIIFozCCBIugAwIBAgICAm4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxMTE3NTIwMVoXDTExMDgx
+MjE3NTIwMVowJDEiMCAGA1UEAxMZaW1wMzkuc3VtdG90YWxzeXN0ZW1zLmNvbTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANGF/JydKIXM4cjZEzWppmR/
+0qCdDgzrdfehVgeCWL5lDBow22oQ/6jEV1zDhAm9j++cYHKBKPnq1f0nUheMmDsC
+AoepoL4nuKIyWC6U9FRp3V1AN9Kfe/etMUxtz9bD8aIWT64XHWZ4+4CWHt9B4heJ
+v2IO9lqndo5o32y4RQ8Zm3TnFuRBTXV+zU3tyzK98lIYIQcCnnfiGzUMmdKIykQN
+JnPUbtQYT90Cl7g4igcUSbdeWtbV7aJbSz6QhuShDoUIfICfQcHpyLu3kak9c3/t
+jusNT3r1AWhIlRTPGSBcJcpnoNYbHLXgT7OvilHHvp4ALNmbOsujSOxSBUKl1MEC
+AwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUevOwIBRGtx5Pu1mV
+x6Je0TCLU1IwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0RBB0wG4IZaW1wMzku
+c3VtdG90YWxzeXN0ZW1zLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAQwtEkfkgH0L+
+Eg1NQ3GOZDlWyqaogNIxS3VsBJkM2Vp2zspBKLV1EanBjPOrApyOXUKyjrjSJLjr
+fYLDpsTh0cs26gsVCcvl4nNd2W48s5TI4/mQy1OqM1MgAwjO1wQX/GveINT+8zHE
+qMjy9msuz8IXmiJSFIZC0LVyEvSSxZ+Lbl8ULRnt2nsa6MPEiVDmNL225fhTOKTW
+hM9B36b1spAtvdzlcYFIYveWHBwsIp+sjtA575hz+tBHf/ippPIFCwDbV1KceE4M
+1rj6DT+gn73hT5x5rIt9Qww1vK2j2echfH6CY6W0iZZnAl+wqfY25ZwmPCLaeJUC
+++je5AQY7Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://imp39.sumtotalsystems.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://imp39.sumtotalsystems.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SumTotal Systems, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SumTotal Systems, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sumtotalsystems.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bharathy Mohan</GivenName>
+ <EmailAddress>bmohan@sumtotalsystems.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://imp40.sumtotalsystems.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 250, expires on Sun Jan 24 23:16:24 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICAPowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDEyNDIzMTYyNFoXDTEwMDEy
+NDIzMTYyNFowJDEiMCAGA1UEAxMZaW1wNDAuc3VtdG90YWxzeXN0ZW1zLmNvbTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr9DnV/W4Puy5gbg4RpVSNBEr201j
+SA/qn26C0wlQOWp0weXM2jgHqDEszQ4HYfK+8LpXCdzHjLFf/CbV4oOWtD2jxI+I
+hLQel3CDPCxy7CIrTtgKHXNOeytLHg81+/SvwMuQZp+GtsrYDf5GeIz0irYjOiRi
+QYk1Pe5ZZQ+r7e8CAwEAAaOCArMwggKvMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+e+WPn46oeemsfYCTjImaxUBFjG4wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAkBgNVHREEHTAbghlpbXA0MC5zdW10b3RhbHN5c3RlbXMuY29tMA0GCSqGSIb3
+DQEBBQUAA4IBAQAInMexlY3XRx7L5lX1zqp1rjjrLFIgDdQejeyjKX7SjIktFsah
+4DrLwlLt0nCh7YVT/K+BP7av6nceulTJYAKQ0wajNlhbuHd+Yw4dYGzqNviGJVuz
+L8VXEYC1iCf192HlpcAdrubIqle0z0yMP3dW1mHx+7HSKWdN6Njl0zds7eg+lWYI
+xaOu1PHHcU8pAa7sewrXHoLGBAwtn9QY0Ox9fgZmrfAS8//sHKzilKojEay0HKwr
+buux8PbSMrqRWbcMzwgkQuMm4I+gb1qWKBjQ+duNNV0XcTKhXcBZho+oTHAgg0kw
+Wns1sdc2fCYbX57zGG84EE2VtjC0HVwOUig6
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://imp40.sumtotalsystems.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://imp40.sumtotalsystems.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SumTotal Systems, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SumTotal Systems, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sumtotalsystems.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bharathy Mohan</GivenName>
+ <EmailAddress>bmohan@sumtotalsystems.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://uca82stage.sumtotalsystems.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 639, expires on Thu Sep 1 18:19:53 2011 GMT -->
+ <ds:X509Certificate>
+MIIFrTCCBJWgAwIBAgICAn8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgzMTE4MTk1M1oXDTExMDkw
+MTE4MTk1M1owKTEnMCUGA1UEAxMedWNhODJzdGFnZS5zdW10b3RhbHN5c3RlbXMu
+Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGeNF2lkBv/xH0pB
+8WbrWWCMGfX4nZsacusIWj+vwimIqQRZFJ/QzP44oVJnCoowwo+SgZI3GmO7O6UJ
+uK81wupHJBDlA9t9J8I7SGVPST4wvMhipZSW4xDHnY2/LYffxpMsmO7Yb9NmJ8p3
+6sPhujQFvQB8cDs1xzTG0z9wR06Vg3dCtVx+nyp6p9xcCgvvNPsoGTDCfAee5S0E
+RojeYUaodZiZ7M0XA4becnHFzTHv02X4Py4ljsg8xIydEL5VUuWK7cn3I1ThDZ+E
+mNxq7P3arO1m3X/mPG6KuC4Pjaz/GfE7dyjexICrYLGDY7ZSZEX6c4np7Km9KyYQ
+Y/a69wIDAQABo4ICsDCCAqwwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRTt5Skbh1/
+IJCk/tk3okfCeVhNfzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjApBgNVHREEIjAggh51
+Y2E4MnN0YWdlLnN1bXRvdGFsc3lzdGVtcy5jb20wDQYJKoZIhvcNAQEFBQADggEB
+ALn/BPggJFLdhYHQyHSX2VybZ4my1bJaj5nKh7P7IEFRXa8JZn8kMtePnqLzihz1
+JcGK53yDAJi16y/pvRlT7l1mFIJV7PBKPbe9X/U7lV7iho+LspqmZxFeq+NENRyH
++kB+imvNgm9Z1gdEdCVtpMhIYyz08pxZ7LeqooEEN91B5YRiR4Isnmob6g8AUzWY
+/PDX5OcP+oZzWq1BiqwUNg4iUAZUbe6nkNIfYuBMrAC63rWkKn/JqSIQW7ryjOil
+oiHqf4keQXyIUWGVTyCGLrxg3QuQvLfwc8nQD2ATQiH5CDu3EbH4zFvDCReY8lWR
+DLiJ2TOI7SuJONVwTPolfwk=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://uca82stage.sumtotalsystems.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://uca82stage.sumtotalsystems.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SumTotal Systems, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SumTotal Systems, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sumtotalsystems.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bharathy Mohan</GivenName>
+ <EmailAddress>bmohan@sumtotalsystems.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucastage.sumtotalsystems.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 267, expires on Sat Feb 27 19:11:57 2010 GMT -->
+ <ds:X509Certificate>
+MIIFLTCCBBWgAwIBAgICAQswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDIyNzE5MTE1N1oXDTEwMDIy
+NzE5MTE1N1owJzElMCMGA1UEAxMcdWNhc3RhZ2Uuc3VtdG90YWxzeXN0ZW1zLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2b6MFF9rFvwzOFXq5QPe+3Iw
+uFxJVKab5WPczq2loIFtcerGHS2z2cHGIprAbxkVtS3tvLpTGUJ8FW+bf8ZP356/
+NAHI63FM8wLE+DcjTWJeB8W/EK4DjOPuF+VobcAZgzuvvFfEwtTdL82iob/u82TJ
+Wc3S2U74nQYc8eBXCAsCAwEAAaOCArYwggKyMA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQU6pvyEu33DY9624aGGG7dUZmt3OswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDov
+L2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRz
+L2NhLWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9u
+Y2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0
+dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2Vz
+LnBkZjAnBgNVHREEIDAeghx1Y2FzdGFnZS5zdW10b3RhbHN5c3RlbXMuY29tMA0G
+CSqGSIb3DQEBBQUAA4IBAQB1TG1euFhyPcxWBa0ya179+HkkPPKkKlh9yJY8Qew5
+bDK/1HzXtTlI2iYNEzVPUkCFUmirkQ/kggDnlFQTFqC+u2flemr4SWLlMzpD3uzP
+X6XDp3xSFNVg3uGBIMmVN50yQFaqOE5DuKWSFpcwek4/J128SYqSd9dccIAo/fsb
+SDQVlM5qu/9aiFQQYqMyh6qCbTxCRgfRVUBhHfJwvTfgoA7IjcHltw41MREER5vb
+fmbU2yFwfJuX5qz8IccCXcSHp4YtQrjfB3kK8YL8qmYXgAL5kJyj7lV9zwenTzsA
+nMPAXNDkkcBeJ1tF13Wu2VsIGTruy8ImVz/z9LweiSe6
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucastage.sumtotalsystems.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ucastage.sumtotalsystems.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SumTotal Systems, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SumTotal Systems, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sumtotalsystems.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bharathy Mohan</GivenName>
+ <EmailAddress>bmohan@sumtotalsystems.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://uca.sumtotalsystems.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 640, expires on Fri Sep 2 14:50:30 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAoAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkwMTE0NTAzMFoXDTExMDkw
+MjE0NTAzMFowIjEgMB4GA1UEAxMXdWNhLnN1bXRvdGFsc3lzdGVtcy5jb20wgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJu33uAo5L++MNfi8bVYjR9RqRN9FEbn
+FnsZ2sz+Y5keeYIOU0HriIXWjgE/0zaB2aWX73xYEg4WgkmUeJTgy2NHWnG51OzX
+cWOXHu14ufe1B+uhdo5OXV5Doe3W+tIj7aRhE25zD7hRkT1skiW8/CBd4t6gPIGZ
+DuwEZ8TiATXfAgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFFs+
+NyWeKXka63hoc09Eja09BVPEMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF3VjYS5zdW10b3RhbHN5c3RlbXMuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQAp
+X20LpdBoLb1KEphb8PzekUNtPpB4NdV+cKcVX4L7G/GfJCYcu03KpZrmWgMg5wYF
+NX3Y7j21GDueQhba2jf1pNXWOJ/OpFqGUEYtRJqF6qrR2xnatR+VwH2orWIVIUul
+Ng8RR3aAhRH6HkT+giYSbECksSVphQZzo1BY6f1ZdhNbQON9twIGiz6dl3xTudZe
+rV63djCV0NG39DykpV4VGj3wO1Yvt8Oj9YeisTR5g4H+ZGUDJsRiZPUaGw6lw8AW
+SpcEbqKzsAla8WgRAB6S+6kngxICi3AfGKb1e3F5Ot8XEUK8C1ajPFuJWJlqKCvn
+rMz1D01FHRbWZvxi9uS5
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://uca.sumtotalsystems.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://uca.sumtotalsystems.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SumTotal Systems, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SumTotal Systems, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sumtotalsystems.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bharathy Mohan</GivenName>
+ <EmailAddress>bmohan@sumtotalsystems.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://uc.sumtotalsystems.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 678, expires on Sun Oct 23 18:17:32 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAqYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAyMjE4MTczMloXDTExMTAy
+MzE4MTczMlowITEfMB0GA1UEAxMWdWMuc3VtdG90YWxzeXN0ZW1zLmNvbTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMyuVCorxXr0KiFw10liEKRPeJR/
+4maf4UsS95OUTQ8L24skuJm1VrQ+gRtZigm+jiOWkJwrN9Mzsg9kcnix/R76BFqN
+93hvGEHKpUxztUMEE1X+k9p+VY1PX6ltdIp1Mx45+gSUgf+9o/MpecT1/iaoppN7
+3ye4waGusQq+rTR0F1LAWL3VxvdIIAE9TzPqbaSSVJPjRta+hOHtJprEkllw4dEH
+tuICN79EexXCO4f4pGepGFq/7yexaDRYXzbi0PaFau8H0XC76dmmErkQY9Jljx9g
+IeqiSaL4hMZ/4xFikxGmcxhjuSIS7AF6xn4jlv/83yVSqUVqIty4hdTy7NUCAwEA
+AaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUPFbEnwwiCjQWsPLEpXIK
+Q2TZb5AwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBowGIIWdWMuc3VtdG90
+YWxzeXN0ZW1zLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAM+eYbzyfKm1HwJAn8c7n
+p+M5kYBV+Siop2ozCl5c61EA/oSiTC5rZDX+plvkYUhgi+y3B7BYySsd2k1IdqG+
++4fuvYCCevTGTX+sfQlx9sDCIDg4obR827vRx0l/xIu/EStKvEIstgl/9jgWBWix
+jSuWAa/xa+g2W2m7NDA8N8e0RgCpcOWNhwaNOguZt1PyjPYBM+JG+DGDUuLhWA8+
++ODZzzVTLHq4bXscuEeh5JdmzN/+4CtqO/YSwuq+rqRX4xD0eM87pVTbf2KE82AN
+IhtPxdjEQME6ew34jaL2myaUQqcXtUVHC8UN1NtPcZ6TIvb9Cdxy2D7X5jt9970N
+gQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://uc.sumtotalsystems.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://uc.sumtotalsystems.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SumTotal Systems, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SumTotal Systems, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sumtotalsystems.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Bharathy Mohan</GivenName>
+ <EmailAddress>bmohan@sumtotalsystems.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Michigan -->
+<EntityDescriptor entityID="https://shibboleth.umich.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://shibboleth.umich.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umich.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 541, expires on Fri May 20 18:07:32 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAh0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxOTE4MDczMloXDTExMDUy
+MDE4MDczMlowHzEdMBsGA1UEAxMUc2hpYmJvbGV0aC51bWljaC5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAKrbDxPzel1SFTkaHwDGjQYA7qU36loQ2EuE
+EWTDm+ed6lRc8EtqrLaZMiTnOPVxpK/rEHoSU2FIqjGWnJddo66W+AXuxjthAPCE
+7GtOj7Hmfc0XQhLpAva/yAg4B1RWZ88LtonsmFR4DZyJUvYgLBnqYEC8VT6JZ+Bv
+vIQpTrOFAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNHkkDe6
+JB0rio0BBb63h6uotoR4MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FHNoaWJib2xldGgudW1pY2guZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQC9z6fYLi2o
+E2mDkwX/fQLmBanO97vHylnc1qmQCMzyLAESkTApBm77WOvmssbjkyG5DsEcE2XS
+42EUza2N76zhAHTsRRZvcgStsG+rPgSwtjqVpC41WRYPzrxesHlAUd4f1krmeAb4
+kYR/UdHqqYjNGCd2IFFD0Hl8qb1p+ody3h2gbfKQKzCyKxY4GNL7nrlaNrRvQEVy
+ZcTFPO7ZXAPIZOLLUUyHhSTCOXIDTjw0rcAWVP2B9XNwphDMhWOdE+JTrijIArc7
+mrgAerQu+JmrXcSa7nw6qiDbxhEP/cSHnR36MfR6DqaHv4JkYWItGeryFn3nE1ud
+AZon1EkRPH/r
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.umich.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.umich.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umich.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 541, expires on Fri May 20 18:07:32 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAh0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxOTE4MDczMloXDTExMDUy
+MDE4MDczMlowHzEdMBsGA1UEAxMUc2hpYmJvbGV0aC51bWljaC5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAKrbDxPzel1SFTkaHwDGjQYA7qU36loQ2EuE
+EWTDm+ed6lRc8EtqrLaZMiTnOPVxpK/rEHoSU2FIqjGWnJddo66W+AXuxjthAPCE
+7GtOj7Hmfc0XQhLpAva/yAg4B1RWZ88LtonsmFR4DZyJUvYgLBnqYEC8VT6JZ+Bv
+vIQpTrOFAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNHkkDe6
+JB0rio0BBb63h6uotoR4MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FHNoaWJib2xldGgudW1pY2guZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQC9z6fYLi2o
+E2mDkwX/fQLmBanO97vHylnc1qmQCMzyLAESkTApBm77WOvmssbjkyG5DsEcE2XS
+42EUza2N76zhAHTsRRZvcgStsG+rPgSwtjqVpC41WRYPzrxesHlAUd4f1krmeAb4
+kYR/UdHqqYjNGCd2IFFD0Hl8qb1p+ody3h2gbfKQKzCyKxY4GNL7nrlaNrRvQEVy
+ZcTFPO7ZXAPIZOLLUUyHhSTCOXIDTjw0rcAWVP2B9XNwphDMhWOdE+JTrijIArc7
+mrgAerQu+JmrXcSa7nw6qiDbxhEP/cSHnR36MfR6DqaHv4JkYWItGeryFn3nE1ud
+AZon1EkRPH/r
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.umich.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.umich.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Michigan</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Michigan</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umich.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Liam Hoekenga</GivenName>
+ <EmailAddress>shibboleth@umich.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Mark Montague</GivenName>
+ <EmailAddress>shibboleth@umich.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>University of Michigan Webmaster Team</GivenName>
+ <EmailAddress>webmaster@umich.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shib-sp-test.www.umich.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 544, expires on Sat May 28 19:37:20 2011 GMT -->
+ <ds:X509Certificate>
+MIIFpTCCBI2gAwIBAgICAiAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyNzE5MzcyMFoXDTExMDUy
+ODE5MzcyMFowJTEjMCEGA1UEAxMac2hpYi1zcC10ZXN0Lnd3dy51bWljaC5lZHUw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDzw76y6tC9mLqjG7gACBef
+bowx7BOCY8ASdBJ8fkm2p7l39iggBqfCw4v7V7NyZIOnNr+iqN+j51Xoi1Bayjjl
+4f83ZK7i9jhEt9eHp4sUMcvjJ4CUXO+dd8zVlAW/PTTe+s2a8oDRmmi6mma5quCC
+c/faoyWWjYf11KEw1sptaJzOvMdYhDe2mimCA93/Oq7mXrXas5TqTxCkTGtOG0bM
+SA8ZEFMjY42x/dNRz/11HuMdfMqeP5PCDvoxFVC5PY9oaGji4FmYgip5H9XlQy/C
+3mUs1wIoJz/vW7mlHzKt7FG5K1/hTAMo6cQjp1SssszuueAzkCrPhHJ0LEATGw4N
+AgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFG8eB0C9pUxJjVyA
+XjQyGT2NEQOEMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCUGA1UdEQQeMByCGnNoaWIt
+c3AtdGVzdC53d3cudW1pY2guZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAmWrg8q4fh
+DXoYapsfBgACx7BFpJfxwQHfoVVY54arBwHCze2yb2I+pX+gboZ9Hdo7fHZ2R4ZB
+RgPOJCYkHURA4A6WJVcg3rQqk4CR2ytJrsaaMt9H6tObJBbPHEaY4zo+ujZKNiaj
+wfwpnfkRyflpc+Kv7jsX7nE55tVw6mHF14nmWdSxVZwqyIKxufD5IHW0o3eFsAWr
+TRZl8AKbv5WR+4xLyp8d7GzHVBXcJ8j64QOBsamgBeQMLIwOZHMq6VkVH7xSk4Ko
+coFtyWrw6SAxPYmgAUpto9fE9qGFbmdAixcqCJF1YHdmNY8xIRpO+ixiw0hgvBMq
+yahoTz7DQsah
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib-sp-test.www.umich.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib-sp-test.www.umich.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib-sp-test.www.umich.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://shib-sp-test.www.umich.edu/Shibboleth.sso/SAML2/Artifact" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://shib-sp-test.www.umich.edu/Shibboleth.sso/SAML2/ECP" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shib-sp-test.www.umich.edu/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Michigan</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Michigan</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umich.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Liam Hoekenga</GivenName>
+ <EmailAddress>shibboleth@umich.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California, Berkeley -->
+<EntityDescriptor entityID="urn:mace:incommon:berkeley.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">berkeley.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 414, expires on Sun Aug 22 18:12:55 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAZ4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyMTE4MTI1NVoXDTEwMDgy
+MjE4MTI1NVowHDEaMBgGA1UEAxMRc2hpYi5iZXJrZWxleS5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBALaB2FOzSy35hdD5/osuJTqNZpoiovmrwTb7OIAH
+bkMzXgtzgI+FTej52DbIhcNTdWKDzg55hhgEps0H5MwTNg471o7OBabMs3otEeom
+cG534gxJv1Xt1GDlWqpvOGcfpZp8QkGQchOU87ZKZKhUfFctMzGVxBRVscUD2xCg
+eS8PAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFN68x6u92nIC
+FNotBaklE606XvkfMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXNo
+aWIuYmVya2VsZXkuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQDJakU1znp9sFZ+VW+a
+LK24k4xBP7m0RZGrDUNGnnl41p8F6xgzKKXvbv6xn6wtcm/pojh4QK3qVOJe+2RT
+XdJL6t82wX34OPFoTNuBunGMCu9qkXmGRZWEvKvE7C38+G5rRHMGKw0b7C/vd4V7
+ICzrBZ1Pb597I/nCZWJzJJdWVeFXNpz9KqPdkgaUmK11QIEPz27y709qutAPDdUe
+SyJlvUdxqnf4Bwl+v6V+K3GppEEcL0GSo6pA1InG6caJ7fM8YKFEuBBnt6fU2Gdc
+eO+3GZPuuQETnxe1TXsip8lEHfsJ9Q0GBXLF+zsl0/t30r3eNf5ljgxl/4P2An6N
+YfHe
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.berkeley.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.berkeley.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">berkeley.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 414, expires on Sun Aug 22 18:12:55 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAZ4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyMTE4MTI1NVoXDTEwMDgy
+MjE4MTI1NVowHDEaMBgGA1UEAxMRc2hpYi5iZXJrZWxleS5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBALaB2FOzSy35hdD5/osuJTqNZpoiovmrwTb7OIAH
+bkMzXgtzgI+FTej52DbIhcNTdWKDzg55hhgEps0H5MwTNg471o7OBabMs3otEeom
+cG534gxJv1Xt1GDlWqpvOGcfpZp8QkGQchOU87ZKZKhUfFctMzGVxBRVscUD2xCg
+eS8PAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFN68x6u92nIC
+FNotBaklE606XvkfMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXNo
+aWIuYmVya2VsZXkuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQDJakU1znp9sFZ+VW+a
+LK24k4xBP7m0RZGrDUNGnnl41p8F6xgzKKXvbv6xn6wtcm/pojh4QK3qVOJe+2RT
+XdJL6t82wX34OPFoTNuBunGMCu9qkXmGRZWEvKvE7C38+G5rRHMGKw0b7C/vd4V7
+ICzrBZ1Pb597I/nCZWJzJJdWVeFXNpz9KqPdkgaUmK11QIEPz27y709qutAPDdUe
+SyJlvUdxqnf4Bwl+v6V+K3GppEEcL0GSo6pA1InG6caJ7fM8YKFEuBBnt6fU2Gdc
+eO+3GZPuuQETnxe1TXsip8lEHfsJ9Q0GBXLF+zsl0/t30r3eNf5ljgxl/4P2An6N
+YfHe
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.berkeley.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeff McCullough</GivenName>
+ <EmailAddress>jeffmc@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Karl Grose</GivenName>
+ <EmailAddress>karlgrose@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://kualiready-dev.berkeley.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 14745176480855828102, expires on Thu Dec 17 23:33:52 2009 GMT -->
+ <ds:X509Certificate>
+MIIE5TCCA82gAwIBAgIJAMyhY+LT2yaGMA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIQmVya2VsZXkx
+FDASBgNVBAoTC1VDIEJlcmtlbGV5MQwwCgYDVQQLEwNJU1QxJDAiBgNVBAMTG2t1
+YWxpcmVhZHktZGV2LmJlcmtlbGV5LmVkdTEmMCQGCSqGSIb3DQEJARYXa3VhbGly
+ZWFkeUBiZXJrZWxleS5lZHUwHhcNMDkxMTE3MjMzMzUyWhcNMDkxMjE3MjMzMzUy
+WjCBpzELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNhbGlmb3JuaWExETAPBgNVBAcT
+CEJlcmtlbGV5MRQwEgYDVQQKEwtVQyBCZXJrZWxleTEMMAoGA1UECxMDSVNUMSQw
+IgYDVQQDExtrdWFsaXJlYWR5LWRldi5iZXJrZWxleS5lZHUxJjAkBgkqhkiG9w0B
+CQEWF2t1YWxpcmVhZHlAYmVya2VsZXkuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAw3wAVDAvwcmSI/joV78RVBVIQtaqhh9NNTU/EgaV8HZiexp4
+SAbzU2CsXQkkddmsqy/lNRxrPMRmsur68l4/fu4BmgItjFAw4bC4KNdaOooBY/4l
+DgXBjC66fT97d2S4PN+tio7zpVq+gqDLAxCSVjb9s/ywVxMDtBwjgZvhGE0XtO18
+Az39Odfob49/eqBBn/uoKTxYssI/RM5r44Ruaqn19l24ufguUSVAgvhIwUQEaY08
+1EppH5iAYft320m/w9gtytjPLKev/VWq+gX1Dm1C90SjvnhnZ8KG2b/UjMs2wyFq
+OTdOfRFn5kttYGZS42RISA8h1BkC8tOCu36XYwIDAQABo4IBEDCCAQwwHQYDVR0O
+BBYEFG0OS+dG4BK39lmoWpSkaiCpVOXTMIHcBgNVHSMEgdQwgdGAFG0OS+dG4BK3
+9lmoWpSkaiCpVOXToYGtpIGqMIGnMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2Fs
+aWZvcm5pYTERMA8GA1UEBxMIQmVya2VsZXkxFDASBgNVBAoTC1VDIEJlcmtlbGV5
+MQwwCgYDVQQLEwNJU1QxJDAiBgNVBAMTG2t1YWxpcmVhZHktZGV2LmJlcmtlbGV5
+LmVkdTEmMCQGCSqGSIb3DQEJARYXa3VhbGlyZWFkeUBiZXJrZWxleS5lZHWCCQDM
+oWPi09smhjAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBTnk0+6Akm
+45MVw9Nnk2i0IHLxmUYzmnRzX91tWwQ2agCu30t2N8n3Jv9VcKAts3DVZo2kkMS+
+Qg+hwWOh0SjXDucU7jO/xv1fS+vLC5qwEkT9lSa1zLjLZj2cOOIKS70UOP6Jwi0/
+ci9GQSrqjNP0N/mkrzuZCy0ZhKhNvjym0Pjx1y6PqYNZSCjHkzfsv9eu6r2CZ+b4
+JVu7AwUjGQYc4UgP33Ob9iXz3QZlCMprZYa476GPEdYzvtUNMDP1Kx2nLYqKyCIt
+2jDbLCMJv24ghl+i9HfZMiLubOjmT58AIx2glhn10Ehmxzyw/OYlt9qObgabqB14
+JZqRrTWCj0u4
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kualiready-dev.berkeley.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kualiready-dev.berkeley.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucready.berkeley.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 534, expires on Fri May 13 18:07:21 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAhYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxMjE4MDcyMVoXDTExMDUx
+MzE4MDcyMVowIzEhMB8GA1UEAxMYdWNyZWFkeS13aW4uYmVya2VsZXkuZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6qXTN6yoN5hXl82O/a6I8pc4AONpz
+dvwfg5etWGnlTemdmkt1qT1nFgg2r37gW2gEU6bhLoAU+oca8PzUBzXZ52+Rm4z+
+X/ZaRoos5lHYwqrwYmWP0q/EvghZE5BzVk1CqV1CAJ2j6ZmqPwpKrl8/vkrBFiQ8
+o2zCUjZI6g7ygQIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTM
+0rvb7zdw7RLRX4isGdJgt7BcaTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghh1Y3JlYWR5LXdpbi5iZXJrZWxleS5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AA+fTzda+Snqiziq+ciZuv25G6nxtvj4fkfbtg8aF+bX6mMxc4H0y7G7s9UZj1IG
+EN6nousf8Y7JV9zP/uUFFnc+JfV9sy8w2kDq+6jV70hXVQA3z4vyeal8hufLBnby
+/KuP2ih8SCYahPrK6tWV3v8LcFujXB48KEf5aiL9hXzKA6aYKI/JWe4iwe5uZ18U
+5bt8m6/2GVuaYFHmENxqDRHtVPO6q/TwfselZwe53lVWs1TRnunCJemDpSxOcW9X
+nPcigkvjvvx+exbFmOOq5/mIFk/HHJ6Epxq0GrYFFfPtoIJVJQx/0jj0r8jo+Jcq
+IDPRkZySzAVm7hnRtQbg3uc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 485, expires on Sat Jan 22 20:20:30 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAeUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDEyMTIwMjAzMFoXDTExMDEy
+MjIwMjAzMFowHzEdMBsGA1UEAxMUd2ViZmFybS5iZXJrZWxleS5lZHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChRHq6xLgNyN8SD9wbs+vYZB0V1uCX
+5EdpVUbcgwdgWh0rsoUfBZHCaYLG9AOk3ZLhNLXtm+kSJraVEpfEvjjifCtiE354
+7tKGbwOy3WwR/DAMmqGocrGLX8UoHFW/Ur0G8hfXhFq6dk7dNy8JoGLcCdv/V+uA
+iRWigAsVoRyNC24Ji2R1xFMGlptLPIvzyFOwNZGwLeuHSFA4qDaFCpyLXUMJxBgi
+tlA/qswI5fdJsUhHH3vwHuGwn5X89NRYDnO75if1LZie685dwNLsfSbuEIOlcCIW
+UCwPjvJwrhtT9VGSD8WvLY6Q3etKU0j6uA2S11hof6t3AQf8gNj4ixdTAgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFI2fvNBG4HPkPYF5zVcb2Iz7
+VRG2MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFHdlYmZhcm0uYmVy
+a2VsZXkuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCsZSE+A+2fb1GjdrldCXvM5lla
+t1t3SBvvmU2UZsgJxJiW8PJ5UKHdJr63YIAPc9+ypSVJ3gXN9ESFewmnKJhD1e2R
+LggYH3KPRt/u2n9JXYUae5tVFhxHQbZzEreq/tToXdQL5x+1ocjwfZ10yimXObAF
+uL653799mAjjqoBcTkk1M2Bw45cQGnCeckFTNs8eDsC7EVyl+hPX4CFfUp31Fj7Q
+SAMF8aA4DCipGVpJzJXAM6v9N/zELf1WvOOWN3uj4K6HpMVvbTsuj7+/20Cik/k2
+WWYaIDdC/G6LDVTo33Ez3Z1Yf9vWAiAddxH6Ng3f3OCmkMYSFbnWKhjFQ1bk
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucready.berkeley.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ucready.berkeley.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Karin Bliman</GivenName>
+ <EmailAddress>kbliman@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucready-dev.berkeley.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 453, expires on Sun Oct 24 18:20:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAcUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAyMzE4MjA0M1oXDTEwMTAy
+NDE4MjA0M1owIzEhMB8GA1UEAxMYd2ViZmFybS1kZXYuYmVya2VsZXkuZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApkrJzD5qG3/Rpxl3QTCaRKyg
+vZGEvjCnggeCygzlZedSBmH1Gr0IRmp9v1hpzsHydxEv8MfZvsVy+EFZ6j+qI9N0
+pUPurPDk+Z8646y7rbcLj7sA3c0oPJaH8DSY9tOPNMEK11vxtzzh4FS5O19mJmY1
+o5UJP9moxw7YzyGUFCCGwpFLhV1ooIJDWSGnv/b2p4LvIoSq1DSKVHPZt/wbwBDo
+qzv4y3Bz1lw8KAoj50guMt47kbFr29pMp1zwWVkavklNP/S091xMRkmwsK4x2teZ
+NaFgQOKO41QZJBu2kTd3osfE0jSdSWcLoa91SWeWm8o2lsS79bW1x+cU9S98mwID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTWeDK33rflHk4wJYhc
+oeDCy/e16jB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghh3ZWJmYXJt
+LWRldi5iZXJrZWxleS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAFlPbPMoeTiVfm99
+Sv8fj2Ca7uX8SlNVAdsuQfwdxaXRz8G3zMw9dSvAla1paDq4rn2KMX8lgSV3kAS3
+px4JnKrdvTq98lmWlASsAzITImKkLoJ/FJYl8AH2LqWBKUXjdd+9y73bbw15yV09
+N7JrPywg5uXBd6HeXDe3jbIN72Tw0uT2NYGkiD1vwSZ0UZdXodWpyueyI094SLZ2
+ApWiXaRE7/oS1OGjc9tdyt6+W2VJfn9+qmwKZ00sVdlmKvZM4d+k+AJevqDljSoe
+tJ1SHhNFhBqejN8ggPGvP/HOv2CExb7e8wplOBtvYH58qQHoS8kygxkG0kH/i4c6
+jSyjqZg=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 528, expires on Thu May 5 18:20:59 2011 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAhAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwNDE4MjA1OVoXDTExMDUw
+NTE4MjA1OVowJzElMCMGA1UEAxMcdWNyZWFkeS13aW4tZGV2LmJlcmtlbGV5LmVk
+dTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoc7mGeQEiu2akuP8XQxmdwNT
+VYN255qJQmXbXdMA8G3EUQhYIhA1H0ngSzPGq7uv+Yn/TvsiT3r6ya+9AOWMCXOW
+1MZM9Cr4uBIefGyzUBAa5bHk3OWhLsor7hWxA0rH08QuNTQMlbBXb38U7cnmgaQK
+/CLx83i26N8SVgQdHOECAwEAAaOCAq4wggKqMA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQUQ63thbihdafQZZNrNL1xoWjGtKUwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9p
+bmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9j
+YS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJwYD
+VR0RBCAwHoIcdWNyZWFkeS13aW4tZGV2LmJlcmtlbGV5LmVkdTANBgkqhkiG9w0B
+AQUFAAOCAQEAtkP+Di2aqwS2fyglQWv5Fy9/nrXhLwhm2Y3N9F9kn0gRdwhCQkd0
+Yz4ZSLEebuPLqSn3v6GwT7RwpSkeKHaH4BYek1BQtALguxMXi0rYVQL3LCF/vfNL
+SdWJsSVhwMsDEA2lRxuTTx1qCdb+1W8KdZSjJ5UO0lIMNtYeOLxi2gepNSYMABzU
+Dmmj5Ztej0BfIKwuFxPlPQpnzT4VNWsmxxRF7Nio7ghNZQ1FC5K5RdZOnYAMGdDB
+5ynAbLl6K4T/8uXrngnloQB7Rs4nCtvQV9LF0yOzwqt7Uz9XzoQGLHQ42OQLKu5d
+/os+iL1M6RMmTg/7Cx+9ngKA5vo1Nw0HsQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucready-dev.berkeley.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Adam Cohen</GivenName>
+ <EmailAddress>adamcohen@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucready-qa.berkeley.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 537, expires on Mon May 16 18:40:29 2011 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAhkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxNTE4NDAyOVoXDTExMDUx
+NjE4NDAyOVowJjEkMCIGA1UEAxMbdWNyZWFkeS13aW4tcWEuYmVya2VsZXkuZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCcSo+yS0oAPy3gdjDBa6hJSstD
+kQKpE79ICtr7IWzr/CHv3C4QgIeszjOVtSdh8MagaWN+4baYpCjPCPyguiRSHmsE
+ehIB7F4rtTjEfGc25G1sbCxLOCJOx10rF6PhoKv/nwkiUmgUQbaldEYio37PKZwx
+4lqme1QjPUr6PiChSwIDAQABo4ICrTCCAqkwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBT1399UiHlVJtxzIGP8qdg4hZ+6XzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAmBgNV
+HREEHzAdght1Y3JlYWR5LXdpbi1xYS5iZXJrZWxleS5lZHUwDQYJKoZIhvcNAQEF
+BQADggEBAC4vpBGnf0fCA8cRaYtihXNfll0Zlvxkl+n1Qsyxm4MIskrMJkVpKtUV
+HZfUdMEukCSa/VZo94L6/dc64OLtmR/PRvPLLhIXxhews5vGEst03xVuvEEIyHWY
+9L+8+E9ac7JKiQYg8bj1clAZWmWbpS5zA0uP1Viv+hUc5LuICFriDkdAEHhgtxpe
+nVDZ2j2I8N29Sals6q7rUyrJ+qkYvIZR+8i4oyBLfC4K/hACRm/zN5lgNdGSbyXm
+sY0ifnm99EzFEQlBYOUsVPH9UxmZfWXqnJgTsGwTqNYG9c/agoUDJEZf0UFrlYE8
+jW+jEwXnXt5XC4Eao7BXv/IET2jcuCM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucready-qa.berkeley.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ucready-qa.berkeley.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Karin Bliman</GivenName>
+ <EmailAddress>kbliman@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucready-win.berkeley.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 534, expires on Fri May 13 18:07:21 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAhYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxMjE4MDcyMVoXDTExMDUx
+MzE4MDcyMVowIzEhMB8GA1UEAxMYdWNyZWFkeS13aW4uYmVya2VsZXkuZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6qXTN6yoN5hXl82O/a6I8pc4AONpz
+dvwfg5etWGnlTemdmkt1qT1nFgg2r37gW2gEU6bhLoAU+oca8PzUBzXZ52+Rm4z+
+X/ZaRoos5lHYwqrwYmWP0q/EvghZE5BzVk1CqV1CAJ2j6ZmqPwpKrl8/vkrBFiQ8
+o2zCUjZI6g7ygQIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTM
+0rvb7zdw7RLRX4isGdJgt7BcaTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghh1Y3JlYWR5LXdpbi5iZXJrZWxleS5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AA+fTzda+Snqiziq+ciZuv25G6nxtvj4fkfbtg8aF+bX6mMxc4H0y7G7s9UZj1IG
+EN6nousf8Y7JV9zP/uUFFnc+JfV9sy8w2kDq+6jV70hXVQA3z4vyeal8hufLBnby
+/KuP2ih8SCYahPrK6tWV3v8LcFujXB48KEf5aiL9hXzKA6aYKI/JWe4iwe5uZ18U
+5bt8m6/2GVuaYFHmENxqDRHtVPO6q/TwfselZwe53lVWs1TRnunCJemDpSxOcW9X
+nPcigkvjvvx+exbFmOOq5/mIFk/HHJ6Epxq0GrYFFfPtoIJVJQx/0jj0r8jo+Jcq
+IDPRkZySzAVm7hnRtQbg3uc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucready-win.berkeley.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Karin Bliman</GivenName>
+ <EmailAddress>kbliman@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucready-win-dev.berkeley.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 528, expires on Thu May 5 18:20:59 2011 GMT -->
+ <ds:X509Certificate>
+MIIFJTCCBA2gAwIBAgICAhAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwNDE4MjA1OVoXDTExMDUw
+NTE4MjA1OVowJzElMCMGA1UEAxMcdWNyZWFkeS13aW4tZGV2LmJlcmtlbGV5LmVk
+dTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoc7mGeQEiu2akuP8XQxmdwNT
+VYN255qJQmXbXdMA8G3EUQhYIhA1H0ngSzPGq7uv+Yn/TvsiT3r6ya+9AOWMCXOW
+1MZM9Cr4uBIefGyzUBAa5bHk3OWhLsor7hWxA0rH08QuNTQMlbBXb38U7cnmgaQK
+/CLx83i26N8SVgQdHOECAwEAAaOCAq4wggKqMA4GA1UdDwEB/wQEAwIFoDAMBgNV
+HRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4E
+FgQUQ63thbihdafQZZNrNL1xoWjGtKUwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd
+3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBG
+ZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhv
+cml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9p
+bmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9j
+YS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJwYD
+VR0RBCAwHoIcdWNyZWFkeS13aW4tZGV2LmJlcmtlbGV5LmVkdTANBgkqhkiG9w0B
+AQUFAAOCAQEAtkP+Di2aqwS2fyglQWv5Fy9/nrXhLwhm2Y3N9F9kn0gRdwhCQkd0
+Yz4ZSLEebuPLqSn3v6GwT7RwpSkeKHaH4BYek1BQtALguxMXi0rYVQL3LCF/vfNL
+SdWJsSVhwMsDEA2lRxuTTx1qCdb+1W8KdZSjJ5UO0lIMNtYeOLxi2gepNSYMABzU
+Dmmj5Ztej0BfIKwuFxPlPQpnzT4VNWsmxxRF7Nio7ghNZQ1FC5K5RdZOnYAMGdDB
+5ynAbLl6K4T/8uXrngnloQB7Rs4nCtvQV9LF0yOzwqt7Uz9XzoQGLHQ42OQLKu5d
+/os+iL1M6RMmTg/7Cx+9ngKA5vo1Nw0HsQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucready-win-dev.berkeley.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Karin Bliman</GivenName>
+ <EmailAddress>kbliman@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucready-win-qa.berkeley.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 537, expires on Mon May 16 18:40:29 2011 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAhkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxNTE4NDAyOVoXDTExMDUx
+NjE4NDAyOVowJjEkMCIGA1UEAxMbdWNyZWFkeS13aW4tcWEuYmVya2VsZXkuZWR1
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCcSo+yS0oAPy3gdjDBa6hJSstD
+kQKpE79ICtr7IWzr/CHv3C4QgIeszjOVtSdh8MagaWN+4baYpCjPCPyguiRSHmsE
+ehIB7F4rtTjEfGc25G1sbCxLOCJOx10rF6PhoKv/nwkiUmgUQbaldEYio37PKZwx
+4lqme1QjPUr6PiChSwIDAQABo4ICrTCCAqkwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBT1399UiHlVJtxzIGP8qdg4hZ+6XzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAmBgNV
+HREEHzAdght1Y3JlYWR5LXdpbi1xYS5iZXJrZWxleS5lZHUwDQYJKoZIhvcNAQEF
+BQADggEBAC4vpBGnf0fCA8cRaYtihXNfll0Zlvxkl+n1Qsyxm4MIskrMJkVpKtUV
+HZfUdMEukCSa/VZo94L6/dc64OLtmR/PRvPLLhIXxhews5vGEst03xVuvEEIyHWY
+9L+8+E9ac7JKiQYg8bj1clAZWmWbpS5zA0uP1Viv+hUc5LuICFriDkdAEHhgtxpe
+nVDZ2j2I8N29Sals6q7rUyrJ+qkYvIZR+8i4oyBLfC4K/hACRm/zN5lgNdGSbyXm
+sY0ifnm99EzFEQlBYOUsVPH9UxmZfWXqnJgTsGwTqNYG9c/agoUDJEZf0UFrlYE8
+jW+jEwXnXt5XC4Eao7BXv/IET2jcuCM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucready-win-qa.berkeley.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Karin Bliman</GivenName>
+ <EmailAddress>kbliman@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://win-cfdevwebfarm.ist.berkeley.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 15456591757224507565, expires on Sun Jan 3 21:46:44 2010 GMT -->
+ <ds:X509Certificate>
+MIIFAzCCA+ugAwIBAgIJANaA2E+HmPitMA0GCSqGSIb3DQEBBQUAMIGxMQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCQ0ExETAPBgNVBAcTCEJlcmtlbGV5MRQwEgYDVQQK
+EwtVQyBCZXJrZWxleTEaMBgGA1UECxMRUGxhdGZvcm0gU2VydmljZXMxKjAoBgNV
+BAMTIXdpbi1jZmRldndlYmZhcm0uaXN0LmJlcmtlbGV5LmVkdTEkMCIGCSqGSIb3
+DQEJARYVbWxlZWZlcnNAYmVya2VsZXkuZWR1MB4XDTA5MTIwNDIxNDY0NFoXDTEw
+MDEwMzIxNDY0NFowgbExCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDQTERMA8GA1UE
+BxMIQmVya2VsZXkxFDASBgNVBAoTC1VDIEJlcmtlbGV5MRowGAYDVQQLExFQbGF0
+Zm9ybSBTZXJ2aWNlczEqMCgGA1UEAxMhd2luLWNmZGV2d2ViZmFybS5pc3QuYmVy
+a2VsZXkuZWR1MSQwIgYJKoZIhvcNAQkBFhVtbGVlZmVyc0BiZXJrZWxleS5lZHUw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDJ+C3IzqsCTL79+xHELfBC
+cHJt4tz2u6+LnbeqLZLE/tnaBeHkc/LsCCsf2sj304F98SvxjJ5dlyhDbJ/PHaTR
+ggKHCRvWmrslpnhH5h0MCwIH0zIUEggixs4cVtCO6wrA0cvBKRWP6uSFCM7Pq5rb
+VCYl9+kqPwlt31Is5Pghhq6Mj89o09DeFnPAp/YoWAMD3pHteTB48HMToVPojUqW
+0b7vUMRqULy8S+YCor4mUH1gQSLLHysKS1RaNJVn44B0hQqDir6p2f45PBukOlou
+duVDiMy/dIMpPiYCToK4w7tbj/u86FIARc0Sz1dMQxD+BmkxX1lkpOs3a/jehC3l
+AgMBAAGjggEaMIIBFjAdBgNVHQ4EFgQU2bqtXcn+5GYgDKV6v+ZHyBzGblUwgeYG
+A1UdIwSB3jCB24AU2bqtXcn+5GYgDKV6v+ZHyBzGblWhgbekgbQwgbExCzAJBgNV
+BAYTAlVTMQswCQYDVQQIEwJDQTERMA8GA1UEBxMIQmVya2VsZXkxFDASBgNVBAoT
+C1VDIEJlcmtlbGV5MRowGAYDVQQLExFQbGF0Zm9ybSBTZXJ2aWNlczEqMCgGA1UE
+AxMhd2luLWNmZGV2d2ViZmFybS5pc3QuYmVya2VsZXkuZWR1MSQwIgYJKoZIhvcN
+AQkBFhVtbGVlZmVyc0BiZXJrZWxleS5lZHWCCQDWgNhPh5j4rTAMBgNVHRMEBTAD
+AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAclYYEf5FVkr36LyRFjeisFEhC+e/ZTXk3
+hlMKwZZZt7TEyP9CWax3r9ZwZxKO8ojCXmqs/9m0LtsOFRNGWiusUhRsdK81YIiJ
+Ef5gSgBg21zzpjQn5ltXwb9T8p2nQ8z52PhVwm0imT+25J5hyKjROZRZbh8L4NPA
+xijklunGMaHZuUiYGzgdRfAIrVPtel0cmUhCk4sJz+beEG1JNY1q58MJdDRTXeCL
+YRhGauC26r2EvuZyNrE51RSRTRUpGmAMyXmuZLaPqhCDu5RvZpRhLRGONVRxmoHZ
+J0Eqpyp69ZqF+To75HJ/phbMK84VhWtKmTfXWTkZX9fOk8L5W1dl
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://win-cfdevwebfarm.ist.berkeley.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://win-cfdevwebfarm.ist.berkeley.edu/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Berkeley</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Berkeley</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.berkeley.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Michael Leefers</GivenName>
+ <EmailAddress>mleefers@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Utah -->
+<EntityDescriptor entityID="urn:mace:incommon:utah.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">utah.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 307, expires on Sat May 1 19:09:36 2010 GMT -->
+ <ds:X509Certificate>
+MIIFozCCBIugAwIBAgICATMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQzMDE5MDkzNloXDTEwMDUw
+MTE5MDkzNlowIDEeMBwGA1UEAxMVaW5jb21tb24uc3NvLnV0YWguZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwupeoMt1OXpXiCCBBCLLziC1jhe
+xrkefGkDJcsMWsMjHqwLsDrZKat56K3MfTfW7mY8h0QDvGHm7lVqkbvxvjx34X76
+ReKJF2MSk5Ye/JBIMPvnLj0Juq+FBRPX6/8ZfTS04YianDwlmaaTxjGHSA76htfD
+Agjwt+dfIW7CpKnwduvGqW9KjuuPiuHM41rJQJK9hhP53rx6vIiZgldTtnxCmS/K
+fBd1v035ajLleEBYmrxo1KYpRLd9Xm6glkvLS0VsVOiLTnyS/GxYm6ANb50NhU63
+n6OW/kYXPfjYxdC3m5T3Lftt3v+OIJ/5bwLvLHlviw+VxA7mupUpkSkaNQIDAQAB
+o4ICrzCCAqswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSOLI/mJIo9iPU+YI374xCg
+CV1TPjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcB
+AQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0Eg
+SXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCAGA1UdEQQZMBeCFWlu
+Y29tbW9uLnNzby51dGFoLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAlWYN5xVNTBdO
+SeDz0diIHusZ9catREitt7RC7Dcb8SCliEqDjFY592cjjieEbFvOBB63wt72+2jp
+Hl6kcKtGjtN5KtrU/UkjgRwrRaKGH0qjJXpqQBKEqR5KIwzkecv2U5iW6zYUV//6
+xSxxsCWBBSCE0jJy4V0bV3g0jKh+auqXHr9BJMsQ1fUhGedlotEWniSqqarc31Bh
+giE5C8ThBCCfGJ0gBWJKc1He9eK2EpZQZ5VzVwZij9vt8fUl0YPbjEFbsLlIIyGv
+o0i9vPiEkrD7YNlxVyYWsa8v93yNz9DkCr3dOdl++oNCIk00+JqzyFrnJLNLldZl
+blR5x4yQFg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://incommon.sso.utah.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">utah.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 307, expires on Sat May 1 19:09:36 2010 GMT -->
+ <ds:X509Certificate>
+MIIFozCCBIugAwIBAgICATMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQzMDE5MDkzNloXDTEwMDUw
+MTE5MDkzNlowIDEeMBwGA1UEAxMVaW5jb21tb24uc3NvLnV0YWguZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzwupeoMt1OXpXiCCBBCLLziC1jhe
+xrkefGkDJcsMWsMjHqwLsDrZKat56K3MfTfW7mY8h0QDvGHm7lVqkbvxvjx34X76
+ReKJF2MSk5Ye/JBIMPvnLj0Juq+FBRPX6/8ZfTS04YianDwlmaaTxjGHSA76htfD
+Agjwt+dfIW7CpKnwduvGqW9KjuuPiuHM41rJQJK9hhP53rx6vIiZgldTtnxCmS/K
+fBd1v035ajLleEBYmrxo1KYpRLd9Xm6glkvLS0VsVOiLTnyS/GxYm6ANb50NhU63
+n6OW/kYXPfjYxdC3m5T3Lftt3v+OIJ/5bwLvLHlviw+VxA7mupUpkSkaNQIDAQAB
+o4ICrzCCAqswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSOLI/mJIo9iPU+YI374xCg
+CV1TPjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6BggrBgEFBQcB
+AQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiCgkJQ0Eg
+SXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCAGA1UdEQQZMBeCFWlu
+Y29tbW9uLnNzby51dGFoLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAlWYN5xVNTBdO
+SeDz0diIHusZ9catREitt7RC7Dcb8SCliEqDjFY592cjjieEbFvOBB63wt72+2jp
+Hl6kcKtGjtN5KtrU/UkjgRwrRaKGH0qjJXpqQBKEqR5KIwzkecv2U5iW6zYUV//6
+xSxxsCWBBSCE0jJy4V0bV3g0jKh+auqXHr9BJMsQ1fUhGedlotEWniSqqarc31Bh
+giE5C8ThBCCfGJ0gBWJKc1He9eK2EpZQZ5VzVwZij9vt8fUl0YPbjEFbsLlIIyGv
+o0i9vPiEkrD7YNlxVyYWsa8v93yNz9DkCr3dOdl++oNCIk00+JqzyFrnJLNLldZl
+blR5x4yQFg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://incommon.sso.utah.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Utah</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Utah</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.utah.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Caprice Post</GivenName>
+ <EmailAddress>Caprice.Post@Utah.Edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Robert Roll</GivenName>
+ <EmailAddress>Robert.Roll@Utah.Edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- NG Web Solutions -->
+<EntityDescriptor entityID="https://federation.nelnet.net">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 417, expires on Mon Aug 23 12:03:09 2010 GMT -->
+ <ds:X509Certificate>
+MIIFIzCCBAugAwIBAgICAaEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgyMjEyMDMwOVoXDTEwMDgy
+MzEyMDMwOVowJjEkMCIGA1UEAxMbb3N1LnNjaG9sYXJzaGlwcy5uZWxuZXQubmV0
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCD/+lcSe3Ii18ZWEebEIH3dTZx
+4oAEufTj7pEWRqwmRL6VLrSnLL7nechn07AxRjDlC55dBYWconvWYFalq5PhP183
+KPFVfKJwhLVxnQF6ribjJwcD7VAxWwSwpbq52mBAcbTuI7zGwIhmPuLOqnIsY7vL
+mj/X4lZLhe4i1+q+vQIDAQABo4ICrTCCAqkwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBQUKybvxskkZmxkN9ROb01OOSPfyjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAmBgNV
+HREEHzAdghtvc3Uuc2Nob2xhcnNoaXBzLm5lbG5ldC5uZXQwDQYJKoZIhvcNAQEF
+BQADggEBACSCtdwRVcJ+TsYNKf+aljErIeTkIoLmm68OyltQvQEFMzmDRty8IrVl
+nEVRT7Zc6IldSGJuI48Q9RcbLuWhZegylVqzomokOKaCN8Yn9CT3Nq4E+yRkQ7av
+lcZi895QRGU8Uq3SchonEkcnd5taERG9Hk+mlEznGgggHWsVd6Tr1ovT368sEgms
+OMhClXOnsReWTwfmm3G4eDV6dfCbEymasHTGJUfHisp6kyrUD9MxdnijKWGdoys6
+Zievc74omc8M35OUgHRVHg7mnxy3S9FgsjI2QGGjj/Bqb2tTeNKTXPkwwDlxFWZh
+TsT1B4GDrOl/VBqPAyJ1YB8GI1FRMTc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://federation.nelnet.net/sp/acs.saml1" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">NG Web Solutions</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">NG Web Solutions</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ngwebsolutions.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Jim Grace</GivenName>
+ <EmailAddress>Jim.Grace@ngwebsolutions.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>John Muniz</GivenName>
+ <EmailAddress>John.Muniz@ngwebsolutions.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Phil Knight</GivenName>
+ <EmailAddress>Phil.Knight@ngwebsolutions.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://federation.ngwebsolutions.com">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 473, expires on Fri Dec 10 20:11:20 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICAdkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIwOTIwMTEyMFoXDTEwMTIx
+MDIwMTEyMFowKDEmMCQGA1UEAxMdZmVkZXJhdGlvbi5uZ3dlYnNvbHV0aW9ucy5j
+b20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK5tmnV8AZeEafBEpniJ7NJs
+nSVqaX5nDCG0QeWMuMIWo7H17JkkiN2/d6cqknM/v7TCtJcg3yZMyHg6C5req5Xf
+oo3bpmlUYPrA+EAjqHCgiGfDwTG7wan5EnCMtCP7jg5Ui3CoxQKgE7778iOoBH/8
+zh6AlCI2T6IefNvY7ZipAgMBAAGjggKvMIICqzAOBgNVHQ8BAf8EBAMCBaAwDAYD
+VR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0O
+BBYEFN3WqnHg6DH8Gt9KjXs7OYp0nvZFMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wz
+nd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24g
+RmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRo
+b3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8v
+aW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGN
+BgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29t
+bW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4G
+A1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2lu
+Y29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCgG
+A1UdEQQhMB+CHWZlZGVyYXRpb24ubmd3ZWJzb2x1dGlvbnMuY29tMA0GCSqGSIb3
+DQEBBQUAA4IBAQCRmQArihFz/fiP+eBeOTjx2yzT+jwLz45zKaMJlNbgTfLy3poW
+KxFShtAarRdvaZwRptNh+9Hg1SutRj9myP+p4UhhapAyWPTw/RJvZHqpNgVpeYmm
+OWMsLh4WZ6Vk5Sx8JmyNiZhsMoZxA5Lxngv8JZEsR/bbgritwNmxjonrXxz8/8F/
+57le1HC9C+ThM+pa2XNvY3envODrb+lN2j5k38WZkikSzCQGzuOZxGdiuF/iNnBy
+NSM39ulMEYFuwAr2vkPxwtGQUWN9Qhllr28KGZDLDGbIQ0Se3Rwwcfj+nwjAMYZB
+UL656sYEIomSWTGCbYcDSIsNKZBzvZSjWK//
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://federation.ngwebsolutions.com/sp/acs.saml1" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">NG Web Solutions</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">NG Web Solutions</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ngwebsolutions.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jim Grace</GivenName>
+ <EmailAddress>Jim.Grace@ngwebsolutions.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Phil Knight</GivenName>
+ <EmailAddress>Phil.Knight@ngwebsolutions.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Rutgers, The State University of New Jersey -->
+<EntityDescriptor entityID="urn:mace:incommon:rutgers.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">rutgers.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 451, expires on Fri Oct 22 18:17:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAcMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAyMTE4MTc0M1oXDTEwMTAy
+MjE4MTc0M1owIDEeMBwGA1UEAxMVc2hpYi5vaXJ0LnJ1dGdlcnMuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1w9xlflH9s2IiinG6Pgsa3p0dYns
+NcwQqV4+tgRkeHO/4CHx8YWvgkpR3+d8a55+BNaIqCGzfzjIe/pjylcZysf2uPuu
+zMHbrXqZgfTJCBviDggNxEEuxJG7F8LchIgeJMoQfLFgQIhMjDfPkhDMovRlVZtQ
+/2LzWHjs9BR3RWeg+Y/s9gUGc4YvMt9o/aGP8PgvOs3XiSiPxPOECkzQ0mCeG+Tu
+vQ33hnzQ38vqDNfHbinm/ymDkSyA79B5UtK5sgUs+1slogKgQSoUsTDE1Yz5SBkl
++nf58aVPPMnatLXhnf2TU15MI/Ijk1KexI3i8Rpr5ee0XFeWX8K5S7w50wIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBStut1tWum0Rf7kSFIMDnKE
+nSxgyTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVzaGliLm9pcnQu
+cnV0Z2Vycy5lZHUwDQYJKoZIhvcNAQEFBQADggEBADglu4XzsPl03JYT+6GUcZK/
+JPWTJC3Str4EOPEr3p167U9PzIVHUAEe4j3raavl4DhNJImyZIMKUyGbhUcely5q
+K/N19u5B1DHhf2Oq1BgW2acvecFM1+zJJ5J1YwXCPSiAKw77Xe8IGZug0vX1AupU
+5EtXJ9ZaI5lO+oPkQzM9b6jUb9/LIlH/fpQWZJ/vk8U7hLZU4E/Nl38T5UqWgfeo
+acsHVofvEYfACZ19ypG4S6I+X1wWLHKfZytjmuUyZ2rOoIUA7cGQeJ3rZkF8MK0D
+y8KHNJm2KHEh1NgVHRk5nPVGi3AqjhGnX9ydvfQMJT5sGPhgrlwgkAcq/spc77c=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.oirt.rutgers.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">rutgers.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 451, expires on Fri Oct 22 18:17:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAcMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAyMTE4MTc0M1oXDTEwMTAy
+MjE4MTc0M1owIDEeMBwGA1UEAxMVc2hpYi5vaXJ0LnJ1dGdlcnMuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1w9xlflH9s2IiinG6Pgsa3p0dYns
+NcwQqV4+tgRkeHO/4CHx8YWvgkpR3+d8a55+BNaIqCGzfzjIe/pjylcZysf2uPuu
+zMHbrXqZgfTJCBviDggNxEEuxJG7F8LchIgeJMoQfLFgQIhMjDfPkhDMovRlVZtQ
+/2LzWHjs9BR3RWeg+Y/s9gUGc4YvMt9o/aGP8PgvOs3XiSiPxPOECkzQ0mCeG+Tu
+vQ33hnzQ38vqDNfHbinm/ymDkSyA79B5UtK5sgUs+1slogKgQSoUsTDE1Yz5SBkl
++nf58aVPPMnatLXhnf2TU15MI/Ijk1KexI3i8Rpr5ee0XFeWX8K5S7w50wIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBStut1tWum0Rf7kSFIMDnKE
+nSxgyTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVzaGliLm9pcnQu
+cnV0Z2Vycy5lZHUwDQYJKoZIhvcNAQEFBQADggEBADglu4XzsPl03JYT+6GUcZK/
+JPWTJC3Str4EOPEr3p167U9PzIVHUAEe4j3raavl4DhNJImyZIMKUyGbhUcely5q
+K/N19u5B1DHhf2Oq1BgW2acvecFM1+zJJ5J1YwXCPSiAKw77Xe8IGZug0vX1AupU
+5EtXJ9ZaI5lO+oPkQzM9b6jUb9/LIlH/fpQWZJ/vk8U7hLZU4E/Nl38T5UqWgfeo
+acsHVofvEYfACZ19ypG4S6I+X1wWLHKfZytjmuUyZ2rOoIUA7cGQeJ3rZkF8MK0D
+y8KHNJm2KHEh1NgVHRk5nPVGi3AqjhGnX9ydvfQMJT5sGPhgrlwgkAcq/spc77c=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.oirt.rutgers.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Rutgers, The State University of New Jersey</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Rutgers, The State University of New Jersey</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.rutgers.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Charles Hedrick</GivenName>
+ <EmailAddress>hedrick@rutgers.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Illinois at Urbana-Champaign -->
+<EntityDescriptor entityID="urn:mace:incommon:uiuc.edu">
+ <IDPSSODescriptor errorURL="https://shibboleth.cites.uiuc.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">illinois.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 280, expires on Sun Mar 14 20:11:34 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICARgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMxMzIwMTEzNFoXDTEwMDMx
+NDIwMTEzNFowJDEiMCAGA1UEAxMZc2hpYmJvbGV0aC5jaXRlcy51aXVjLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAn9bQRaUXS3VRj3W6bp1K5BsDwHj3
+RKtJwbsK70c9cRCJZkvGqPa6ZaX6WLaBFcoe75frJHV2FhU79SvhNU3okeEEB1wT
+a4xRxpAYHXjd2n25GywrMbFZWI3fLNfSuBOdH/LGcfp7vWmBDTzPWYiGPC6j2Fmz
+C6pUFG6V0obxwG0CAwEAAaOCArMwggKvMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+iOsT3olDjglSNAbIKFUfDAI3BUAwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAkBgNVHREEHTAbghlzaGliYm9sZXRoLmNpdGVzLnVpdWMuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQAMs8uaOODQsZ9cghJJcOuwz5FQMory1GQ5lgnK7WVSHOBg8J6F
+B78M1onB9YVyrcV8Srv1AJgnbbETUKJdL5c9g37UU8QKe01145t+RxNsyJ9UPWyu
+wVrxMAMwBaMCkxVjPD9/+GXI2lkYUWuq0gm+Y335CRz9rCOroHIM9r5dEG/Y3J4t
+32YPLQwb9sn7GcbVCs3ciJhryTmVityieoEjIb4bGisThQvuU8e6xGdlhy6I5VN0
+46o/zjiYpcV+10y1ZXR6AB7Wo9HQG59rUCkzqKxJXoMNDD/oxwansooYVCs23wlM
+4IeHMK+TH49LglGq7DdjKkuiMntQiyEsZr1h
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.cites.uiuc.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.cites.uiuc.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">illinois.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 280, expires on Sun Mar 14 20:11:34 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICARgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDMxMzIwMTEzNFoXDTEwMDMx
+NDIwMTEzNFowJDEiMCAGA1UEAxMZc2hpYmJvbGV0aC5jaXRlcy51aXVjLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAn9bQRaUXS3VRj3W6bp1K5BsDwHj3
+RKtJwbsK70c9cRCJZkvGqPa6ZaX6WLaBFcoe75frJHV2FhU79SvhNU3okeEEB1wT
+a4xRxpAYHXjd2n25GywrMbFZWI3fLNfSuBOdH/LGcfp7vWmBDTzPWYiGPC6j2Fmz
+C6pUFG6V0obxwG0CAwEAAaOCArMwggKvMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+iOsT3olDjglSNAbIKFUfDAI3BUAwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAkBgNVHREEHTAbghlzaGliYm9sZXRoLmNpdGVzLnVpdWMuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQAMs8uaOODQsZ9cghJJcOuwz5FQMory1GQ5lgnK7WVSHOBg8J6F
+B78M1onB9YVyrcV8Srv1AJgnbbETUKJdL5c9g37UU8QKe01145t+RxNsyJ9UPWyu
+wVrxMAMwBaMCkxVjPD9/+GXI2lkYUWuq0gm+Y335CRz9rCOroHIM9r5dEG/Y3J4t
+32YPLQwb9sn7GcbVCs3ciJhryTmVityieoEjIb4bGisThQvuU8e6xGdlhy6I5VN0
+46o/zjiYpcV+10y1ZXR6AB7Wo9HQG59rUCkzqKxJXoMNDD/oxwansooYVCs23wlM
+4IeHMK+TH49LglGq7DdjKkuiMntQiyEsZr1h
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.cites.uiuc.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Illinois at Urbana-Champaign</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Illinois at Urbana-Champaign</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uiuc.edu/index.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mike Grady</GivenName>
+ <EmailAddress>m-grady@uiuc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Mike Grady</GivenName>
+ <EmailAddress>m-grady@uiuc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://cilogon.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cilogon.org/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 10242511584731451503, expires on Sun Jan 27 17:36:04 2013 GMT -->
+ <ds:X509Certificate>
+MIIDVDCCAjygAwIBAgIJAI4ktgTnvdBvMA0GCSqGSIb3DQEBBQUAMBYxFDASBgNV
+BAMTC2NpbG9nb24ub3JnMB4XDTEwMDEyODE3MzYwNFoXDTEzMDEyNzE3MzYwNFow
+FjEUMBIGA1UEAxMLY2lsb2dvbi5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQCU2+Mqs1OhxQRdrJ+W19BUgquVG/3rxd9EDzwGOWBkO+awCXtRe50p
+LGVXYF/ylNXeAdF2LHICKHB35i/ZNnXj9Y+llarHiTyrrSmYa3OA0Q2YEzSsv6o6
+rk4+SysmnFPLggVbFnqmtCRn7bwAodonhWWfVqwBj+GkO3RoedfCYhfsiKJOTioN
+Bc1VXlNlxBeAVYuJuhDzCQnSn+IhLnqKWXpnq2exZfeOG+yfUQB31BONSnCWadFW
+ODgybq5q+D4IDFeW+2LmQGNVCjUnB7RTGwRWgj2AHusySohpwDCha1eIqXb+FNGA
+ifI2PEgCS69NgBJNMaAvAAjcEUugK0bfAgMBAAGjgaQwgaEwDgYDVR0PAQH/BAQD
+AgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAJBgNVHRMEAjAAMB0G
+A1UdDgQWBBS6KexHniS9+CMFdNlM/DILrMQ3AjBGBgNVHSMEPzA9gBS6KexHniS9
++CMFdNlM/DILrMQ3AqEapBgwFjEUMBIGA1UEAxMLY2lsb2dvbi5vcmeCCQCOJLYE
+573QbzANBgkqhkiG9w0BAQUFAAOCAQEAS4U3vwFFyjsezayUJcVm6PW40HIJW3iV
+qaNv/8dwPFKtX03C3XEMnexFegnZ4cYSTAc5fdpAxaEZjnhTsKsA5aFKHlF1uUYn
+5beFDAbLDn5AlJamBoYn3s8ZOa0x9A1FdrDLSLTUqc1BH1Hz8MRFR/NsD/LdI1I5
+5tIY6A/0lAlOgq/+iRyAzc/NZloHRJriiysJzRLWq1oF2VlW0fgkF7v1tf7oBZjq
+SPTVAuw69SbXBXnaHQXN2DnsdUhepjQTumKi+S1sZhAMW9nVNFXVBkehfr5NUFR+
+8QVxZNy6yZE12GjQMJc6YbNQ8kiC2gzqTimid0/2DzSakuhgAMacNg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cilogon.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://cilogon.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cilogon.org/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cilogon.org/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://cilogon.org/Shibboleth.sso/SAML/Artifact" index="5"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Illinois at Urbana-Champaign</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Illinois at Urbana-Champaign</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uiuc.edu/index.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Terry Fleury</GivenName>
+ <EmailAddress>tfleury@illinois.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Michael Grady</GivenName>
+ <EmailAddress>m-grady@illinois.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Jim Basney</GivenName>
+ <EmailAddress>jbasney@ncsa.illinois.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://collab.cic.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 489, expires on Mon Jan 31 20:59:18 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAekwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDEzMDIwNTkxOFoXDTExMDEz
+MTIwNTkxOFowGTEXMBUGA1UEAxMOY29sbGFiLmNpYy5uZXQwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAIbE37VnSZ3eGEExVJTWk4GpeMPZVhMNp/UBJOppuDX1
+ZdJnL/W1+QIpL7RQB3IyZrf1rGboPghLizqGYRnFbQY1egHw7vUnPvUoaWiNbWS6
+WsQRqbbkuBnbze6umsU1lvS4X/aSqV6lppShPASlInf57tybrqbTmAY1FlkqP3U3
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFG9pikIpXkpz6HIj
+WlIPUvQ4m4g0MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmNvbGxh
+Yi5jaWMubmV0MA0GCSqGSIb3DQEBBQUAA4IBAQA3S4XvyeVt/1Q5WT1vSp8UAw3j
+Bz5iFB54v5odMgVtLSEAlLFJcnu3EQRgvMva7QbQUueJT++fzpc4KGcFftmPZZ38
+PgsPMn0saJM26/t2jMW0B2Xj847euDd60IO/PptISZLjl/TZlyG3Qqm3IhK2jLRu
+Xv+8G43JNj+xLIIbLe8TZPyEMJznxbYnRjL4fXL6AApyeEXM1LhFHak7jCa7Y+gH
+yjuQhVW/fvvxcuIEe8t/+mVjnACl19zYW30IaVCldivVZl9XDEGdTJPsakg/uBR6
+2QAq7Ez7YxTk9N0RWIKPQbz8OaUuDKBRVOGiN0k+0VOWzHbDF5HCLELVQQUs
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://collab.cic.net/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://collab.cic.net/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cicme.cic.net/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://cicme.cic.net/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cic-ts-6.cic.net/Shibboleth.sso/SAML/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://cic-ts-6.cic.net/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cic-test.cic.net/Shibboleth.sso/SAML/POST" index="7"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://cic-test.cic.net/Shibboleth.sso/SAML/Artifact" index="8"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Illinois at Urbana-Champaign</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Illinois at Urbana-Champaign</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uiuc.edu/index.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Marko Stojkovic</GivenName>
+ <EmailAddress>mstojkov@staff.cic.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Russ Snyder</GivenName>
+ <EmailAddress>rwsnyder@staff.cic.net</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Tim Newcomb</GivenName>
+ <EmailAddress>tdnewk@staff.cic.net</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://monk.lis.illinois.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://monk.lis.illinois.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://monk.library.illinois.edu/Shibboleth.sso/DS" index="2"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 623, expires on Fri Aug 12 17:52:07 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAm8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxMTE3NTIwN1oXDTExMDgx
+MjE3NTIwN1owIDEeMBwGA1UEAxMVbW9uay5saXMuaWxsaW5vaXMuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzsOP/HJV+o0N2Lk/UJCG32/K1yMo
+GdJE8vSeYVJinZAZP2yHXSb5EF7z/22+W7wQLQeB8/JFNyWgEwtvIzo2Sxfa7Bgl
+Iz60mQdMVTs+YWdu4kBUe/JcXTYkMCWP6gyfTK9Z96B+9qrnT2YPXT+XOa6zTUB+
+7oC/HppG8+L2Ff3WZOc9rWVsZlj2XZBgK1uTODtPDLClGVTt0t3iVgRKwA5/qsPH
+ZC0iV/w/7UYSPzjf+/qELQH+RhZVmbLKO5ZYinvX/NKCQv9kJGKsXFeh2aLyC9+w
+muH1OUaI5ZOGjETQs5JQH6fK+ESKKTcmx9zLmanorBUqfXoOY10Ckdu+xwIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBStitDT+31hEp/Tg5vGLzhK
+YDYUVTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVtb25rLmxpcy5p
+bGxpbm9pcy5lZHUwDQYJKoZIhvcNAQEFBQADggEBAKVuaysDfwRjO71fyRQTVii9
+2v7IO5iW2Pjj+DHCbRiNHzII9TsiltUcH7RfenhJhU1tvs0gsrCwN6YJMG50YGmg
+mGaZ5YYGmt6br/pdEZdu/tpFszMEhbIY9ZEbVBHpXO7CC7GJb+ZeKwOisbu2SfCA
+P3lAdE3dWLfDQ/ag/7/04S54hrtwdtggWO8l4OZl4cwhuohDxxD74t+3MMw+mYVn
+bZ0DIWTf47zsjuaRRGkxyqiknVMB4fprfBQxVg/FX7/euUw+ad2M3RZW6bcw31zb
+cgBTiOcqQ+TfiYKvAr9X4a+AY/ZkzRF1exnFm+khbYpKiHn5k7znZ2e5jZGJySY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://monk.lis.illinois.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://monk.lis.illinois.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://monk.lis.illinois.edu/Shibboleth.sso/SAML/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://monk.lis.illinois.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://monk.lis.illinois.edu/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://monk.lis.illinois.edu/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://monk.library.illinois.edu/Shibboleth.sso/SAML2/POST" index="7"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://monk.library.illinois.edu/Shibboleth.sso/SAML/Artifact" index="8"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://monk.library.illinois.edu/Shibboleth.sso/SAML/POST" index="9"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://monk.library.illinois.edu/Shibboleth.sso/SAML2/Artifact" index="10"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://monk.library.illinois.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="11"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Illinois at Urbana-Champaign</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Illinois at Urbana-Champaign</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uiuc.edu/index.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mike Grady</GivenName>
+ <EmailAddress>m-grady@illinois.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- UniversityTickets -->
+<EntityDescriptor entityID="https://brownbearstickets.universitytickets.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 427, expires on Sun Sep 5 18:09:26 2010 GMT -->
+ <ds:X509Certificate>
+MIIFvzCCBKegAwIBAgICAaswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkwNDE4MDkyNloXDTEwMDkw
+NTE4MDkyNlowMjEwMC4GA1UEAxMnYnJvd25iZWFyc3RpY2tldHMudW5pdmVyc2l0
+eXRpY2tldHMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2G+X
+cD+vAFy+xWOgF1vnLtPx1gV8JqhHiy9isknfuJGgs2PQU5gAMQwdpBiPaGYNGPNR
+p8zIS6cop1xxMhp3fWp8YYke0hPIZ/GTvqdSCcOI7G3DpoJEPFiTvZqGSZA1Va3X
+Cq+aqa7AOq4kQb723va8SebTalZaAXTJPkxc09qVVJJI6QwsES8hemIJWh0jqWoz
+cvsmhwtYUn2NjngsugIjxQHP6gUt3xwGXUZ4ndsr0LiwA8dryNV/VOvoqeUIt9qA
++pxlgw80AWDcIZ8bPRoNSjidDPXY5eq6hoS42LV7wr2xIqpKIcnHeqX9p+XSHKlE
+wZiqLdlDYPTEWUDUvQIDAQABo4ICuTCCArUwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBQ3nK/gX1Fs8lP4UvBpnyahl+lRDTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYD
+VR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1v
+bmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNV
+HSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNv
+bW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAyBgNV
+HREEKzApgidicm93bmJlYXJzdGlja2V0cy51bml2ZXJzaXR5dGlja2V0cy5jb20w
+DQYJKoZIhvcNAQEFBQADggEBAHBWFy1yfMKbtK35JnrWUz9JCyQ05bGaFw1DrCns
+fVIytVjLy4Cfs9EEUXjg9RvMWc6IQWw901u/lx4gEskRvjndl+yWMWbwBL6wGZg/
+y89z8irqmaU8F/fN5pwyGhp+NyM32vZ8IiS/Zyu4Q01WT05iVqheIgN8+RgHE5bj
+3wPAaDS7zZiHlIOgSwe3nd+GizrCVwO8N5INmRCec3pxhAaVEPqD/OKvkCpBVWvb
+ZO3RHjBLw2KY804qROPhmnb2WwhLvYqAigB0TdWXbDMDeoqqEaQJJ9BHRwCX90Iz
+JePLUGjTtzJgdjy7/FKNlfKHc7FYFBTLdNLJ8CTNMKw2K50=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://brownbearstickets.universitytickets.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UniversityTickets</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">UniversityTickets</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://universitytickets.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Gordon Capreol</GivenName>
+ <EmailAddress>gcapreol@universitytickets.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>UniversityTickets Support</GivenName>
+ <EmailAddress>support@universitytickets.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://jhutickets.universitytickets.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://jhutickets.universitytickets.com/Shibboleth.sso/SAML/POST " index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 11595233400012263089, expires on Sat Mar 6 13:50:33 2010 GMT -->
+ <ds:X509Certificate>
+MIIE5TCCA82gAwIBAgIJAKDqi1fXec6xMA0GCSqGSIb3DQEBBQUAMIGnMQswCQYD
+VQQGEwJVUzELMAkGA1UECBMCTlkxETAPBgNVBAcTCE5ldyBZb3JrMR8wHQYDVQQK
+ExZVbml2ZXJzaXR5VGlja2V0cywgSW5jMSkwJwYDVQQDEyBqaHV0aWNrZXRzLnVu
+aXZlcnNpdHl0aWNrZXRzLmNvbTEsMCoGCSqGSIb3DQEJARYdc3VwcG9ydEB1bml2
+ZXJzaXR5dGlja2V0cy5jb20wHhcNMTAwMjA0MTM1MDMzWhcNMTAwMzA2MTM1MDMz
+WjCBpzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk5ZMREwDwYDVQQHEwhOZXcgWW9y
+azEfMB0GA1UEChMWVW5pdmVyc2l0eVRpY2tldHMsIEluYzEpMCcGA1UEAxMgamh1
+dGlja2V0cy51bml2ZXJzaXR5dGlja2V0cy5jb20xLDAqBgkqhkiG9w0BCQEWHXN1
+cHBvcnRAdW5pdmVyc2l0eXRpY2tldHMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA3aLYoAuFgWJI2AMdZjLxSPSl/Sbe1Iz0IbtZg6VUCmnHicSl
+LfVF+dx+7673L3YUYzxDKn0Ag572/E/lO8+QzFz8tyW1rm4ps/kxIblgp/j4TVqP
+bzp/d6527DYKRuiOc1WXJNkD3Tx9qVGcMAKUeZd1tSKNM/KtyNMIGBQ8IPHDtVy3
+w1DYT3eaBc2vJ1ShIVI55hLMzF4upg25vMvBzVkDsDtJvl1xw7y9EeFIfF1WkbTu
+BJA78cFZCj5em4+U/vdsIuTq+lkHp7OBhyNqcLWFSblpuNtOxZ0KYK98CbzHnmBi
+/AvQzh1bdIyWFtnW/C/hIW/CpXeXTOiJ8xY+JwIDAQABo4IBEDCCAQwwHQYDVR0O
+BBYEFPYksLf68UVofYt01BHSApM73c9+MIHcBgNVHSMEgdQwgdGAFPYksLf68UVo
+fYt01BHSApM73c9+oYGtpIGqMIGnMQswCQYDVQQGEwJVUzELMAkGA1UECBMCTlkx
+ETAPBgNVBAcTCE5ldyBZb3JrMR8wHQYDVQQKExZVbml2ZXJzaXR5VGlja2V0cywg
+SW5jMSkwJwYDVQQDEyBqaHV0aWNrZXRzLnVuaXZlcnNpdHl0aWNrZXRzLmNvbTEs
+MCoGCSqGSIb3DQEJARYdc3VwcG9ydEB1bml2ZXJzaXR5dGlja2V0cy5jb22CCQCg
+6otX13nOsTAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCU60JsoD+k
+/bNnNlF5KEIeGLRKv6G1BT98IxA5i0euO5jv7yPX5U/3x2TRxBQSB7UCxBFNRJNc
+trVJY5CTpIPpysnGZqvxVep1ydRgX/A3ThUimGaA/rxzqDZRMQkwrzpfHTSNFJaA
+HuSPABQXEpTAlnNisRHeh3v0VlQYHVwkjYLSP8zG2y8W/n6fcZ+mLa96WMTBfugF
+Ow7uU81b0QwhRh2datIZh7VmXksYyxyxqJQGA5NUtOiu3l5ejkZqxAOa67yNilLN
+Zw876n/9xDFZV7V7RjuKI28Cvj6iE0gCKdpPVpVqNpKOipycsdfVMFZOXU15yLRk
+5iLcD0Akvs+a
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://jhutickets.universitytickets.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UniversityTickets</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">UniversityTickets</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://universitytickets.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>UniversityTickets Support</GivenName>
+ <EmailAddress>support@universitytickets.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Gordon Capreol</GivenName>
+ <EmailAddress>gcapreol@universitytickets.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://lafayetteticketsonline.universitytickets.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 465, expires on Thu Nov 18 20:27:51 2010 GMT -->
+ <ds:X509Certificate>
+MIIFyTCCBLGgAwIBAgICAdEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTExNzIwMjc1MVoXDTEwMTEx
+ODIwMjc1MVowNzE1MDMGA1UEAxMsbGFmYXlldHRldGlja2V0c29ubGluZS51bml2
+ZXJzaXR5dGlja2V0cy5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
+AQDUjz8rf4wXX47CBdxJU4+sJ9SohhMLvtxwH/HeePBBDcHwfKzdAVICA46fOqvb
+qf6vBr3Yf446Ml2/ic25ZYTWZr2PBeqKuI3K1NRInRV/N+8f6xCkA3aV3QJZ9/yf
+N3Is5RxMi2O7tMhoOtxszLBViW0gEhHRbQNpyBryxJzSPyb3gDrIcSna4vSSyyRu
+1BT+LnyzgHBattUsLKb6UH0sJ3yZG/G5TNr4NhCOmHMCmLbBLNZOHYlS73gLDEoE
++BxwEDs6rViJKhS4CzIIFEfxfDPpdTKbb3j7Iay1Mu+kt7XskxR74pTHa5/8a99M
+eBaXiac+QXLP8M45ILKkEzNbAgMBAAGjggK+MIICujAOBgNVHQ8BAf8EBAMCBaAw
+DAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYD
+VR0OBBYEFEkaASR1WxRpxfePmuKwIOlvlejMMH4GA1UdIwR3MHWAFJMtyGEYrWPj
+m2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21t
+b24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBB
+dXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+MIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDov
+L2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRm
+MDcGA1UdEQQwMC6CLGxhZmF5ZXR0ZXRpY2tldHNvbmxpbmUudW5pdmVyc2l0eXRp
+Y2tldHMuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQB3I1L1UN+N3qDDb0UTY6ggg+2+
+Pgx9ZBK2tJgI49RkBfsX8c4voHs7GWTN28cos6FPP+3U/WIbqN1Qs0I8/kdwuPtI
+Q3L5z5yefJq276M/MZC9e9dGcCDGh1b6HhkKCgn1jb004YSVnuE216xxe11MyAfM
+ilpXF+3kHH//JHew4RUk6XjH2ia5Rpl8zCTmtN818bCKLgNtVGzGXEWupcsDjw8H
+FevaWhDhF5JGoQ0G5Kd9APjRBwMnXSlZoTXcuwE0Z7u0e8DnvPAlDOVE7mTjzlxb
+8DvfcO4DYAkkNNYr3k8w+QLSFFPA5csJmB0bPggPTbOFiefvB53f0TsZTF9V
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://lafayetteticketsonline.universitytickets.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UniversityTickets</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">UniversityTickets</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://universitytickets.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Gordon Capreol</GivenName>
+ <EmailAddress>gcapreol@universitytickets.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>UniversityTickets Support</GivenName>
+ <EmailAddress>support@universitytickets.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://nbo.universitytickets.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 425, expires on Sat Sep 4 18:08:05 2010 GMT -->
+ <ds:X509Certificate>
+MIIFozCCBIugAwIBAgICAakwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkwMzE4MDgwNVoXDTEwMDkw
+NDE4MDgwNVowJDEiMCAGA1UEAxMZbmJvLnVuaXZlcnNpdHl0aWNrZXRzLmNvbTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMONVvSmTQKsVAFGTEwXyqK3
+NXOduMrJ70i3zi5YkRs5sOyLFpVcVkvZGTmh/hJQKOtQywtKF98RdGXSk6NC8WT8
+XUOkyMmCptx1AbhRH6o8FCgwRGabx5DMy44VJduPDzgtiK54BwngdEJMIDpZ9Pnr
+xFaTaiDkX+y44Ne/WOJGBX8+RNoTkyLjDtzlSnjFnxRNEIUtZ3omRxqzbqAytWDS
+4OSELB1Oso9FL9f/EnEI053ER8/WMN0ajM/WlSRm/ZcHO16XJUL8WebUF9Cs8SeH
+cKHrKoJI05iNoC8xr+zUZJbVSo4B4x2Kc8x/ck7yOmgTGLMB2T73ysLh2YlsyUMC
+AwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUiu5JRbdWhU4c4cfn
+J9wzE+WackYwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0RBB0wG4IZbmJvLnVu
+aXZlcnNpdHl0aWNrZXRzLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAIKzjxMKODDzS
+uJY5iDeKS+U6MGeWOdQoErZ8pl1zJSHB095OlKmu/Ae+bxw0IzgigQEESL2AM8vU
+yUCHm2W1pT5iikjg0z138P7ZmUO8BF8z2sLidej1kzC00UAcWRTOe6CA4/ZM/64Q
+nLE8ynj4C4lal8uDWBPbmyZHirzExife75L7y7CesH6LsXJwGr1H5E83Ekyky0EM
+NcukodOuo5BqYDoQoPidDtS2dgAHfIrBUtbAY73Cs6bPflpoG4693Bqcw7b9U/zz
+mHvQBsu33PJW431arOYqQKwPseAb1HL4d07AU56Np3YE3MUFk+WGao0SBDeBJVfx
+bBD8CYndNw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://nbo.universitytickets.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UniversityTickets</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">UniversityTickets</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://universitytickets.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Gordon Capreol</GivenName>
+ <EmailAddress>gcapreol@universitytickets.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>UniversityTickets Support</GivenName>
+ <EmailAddress>support@universitytickets.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Trondent Development Corporation -->
+<EntityDescriptor entityID="https://ucsso.travelprefs.com">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 309, expires on Sat May 1 19:09:49 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICATUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQzMDE5MDk0OVoXDTEwMDUw
+MTE5MDk0OVowIDEeMBwGA1UEAxMVdWNzc28udHJhdmVscHJlZnMuY29tMIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDE7kMyOXiQPfLNlvE2FBax2unKP+/0IFJG
+D1ZETFGSrcmm32uutzj1smmIR7S+GtjqutDT//d5nHPHoaNbwg1oyfg4qSag0G16
+RI2I4rRVGYyH5QmBByrS4raoBgqXtp5dajn41LD3gRze4BCrtXZqhYXfQ69u0brt
+5s+ctM3hWQIDAQABo4ICrzCCAqswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQyt9vV
+JI9u4BLRLAcly2egrzm6HzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGN
+BgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29t
+bW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4G
+A1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2lu
+Y29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCAG
+A1UdEQQZMBeCFXVjc3NvLnRyYXZlbHByZWZzLmNvbTANBgkqhkiG9w0BAQUFAAOC
+AQEAQKVV2RwO4VukBocgwA62ySYRylbk8r8yarOYWNmsFQ7FAVQmVmXUqw/AW7Cx
+O/AXN4tEFzkw6botF94maZul4lXlaqtTKvZfAF853LIkiiKSUobTSybf5dOsxv82
+izM0YY2zYmyqZn3VYmuBn5qb++6Knkl8BJ+ki3ERaKEK7sJvxkuLqOtw6a1vHBHS
+M6gd7wNfv9h821tZU1kOXv2Nsvy2bYgnCISMm1eDzH4kHPAgn4PwvfIkoMXVz92N
+8Br3I/wU03FE0xkAmpkx+GDXWcKfL6y7U+IRj62G+lGzapmnpUNpkRYTKEgT/333
+YCvb1+hq4tiYs5WNusR51DogHw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucsso.travelprefs.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ucsso.travelprefs.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Trondent Development Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Trondent Development Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.trondent.com/tdc/default.jsp</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Network Operations</GivenName>
+ <EmailAddress>netops@trondent.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jeff McCombs</GivenName>
+ <EmailAddress>jmccombs@trondent.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Trondent Support</GivenName>
+ <EmailAddress>support@trondent.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://uc-stage.trondent.com/shibboleth/incommon/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 303, expires on Mon Apr 19 19:51:47 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAS8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQxODE5NTE0N1oXDTEwMDQx
+OTE5NTE0N1owIDEeMBwGA1UEAxMVdWMtc3RhZ2UudHJvbmRlbnQuY29tMIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZIm9gGYtAFRFiUMVEgETVsneAViagoUI4
+6CUtgewauE/cyoPj9usamr2F+0EkceB6Y5KPVzwfdAVSEfjcdE/DkgFEzkTBypHU
+ncA6bSioMZ9Q0IfHPOq0cR1Qz6J7b74XlffXe6iNVSNKfLbFilmdyGQ8aWqh7U+G
+DyaoXbLjGQIDAQABo4ICrzCCAqswDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQjq7Gp
+hXBkOz/4kTx03AhdBpdoTjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGN
+BgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29t
+bW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4G
+A1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2lu
+Y29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCAG
+A1UdEQQZMBeCFXVjLXN0YWdlLnRyb25kZW50LmNvbTANBgkqhkiG9w0BAQUFAAOC
+AQEAMS0778CCZsfjg7IY0EHRRxlNNwr/wbBesCCdUUNKmTyAS2ggMTwoLKRp9G/o
+1QJL5gM88vB9X4A7yiCVBcqRQXwMWC6sllb4jXfs4G4utN/FI4ajDeeUUOO7ki55
+gZ31kMry68fo7rHz0hMIB3pUaBo1Yf/Zis4pUIhaDqGce6mkpwu4AFK4TWzNHmJN
+2+TBtG96jTBKF0ENrrRny2MxkbPzyUa+IQMDWwF9hIuBATzmG9IHVAcd/IbDTmUH
+lJcP6BKzSTnZ3O6apBf4tMiBm62Atxdp/Tk4cYfU1tf2VCap3Ym0eV3G0/BM9OtX
+yOosFX12U+tAmVA2kBVBJANV8A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucsso-stage.trondent.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ucsso-stage.trondent.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Trondent Development Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Trondent Development Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.trondent.com/tdc/default.jsp</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Trondent Network Operations</GivenName>
+ <EmailAddress>netops@trondent.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Trondent Support</GivenName>
+ <EmailAddress>support@trondent.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jeff McCombs</GivenName>
+ <EmailAddress>jmccombs@trondent.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- ProQuest LLC -->
+<EntityDescriptor entityID="https://pqshibboleth.proquest.com:9443">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 490, expires on Fri Feb 4 17:05:26 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAeowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIwMzE3MDUyNloXDTExMDIw
+NDE3MDUyNlowJDEiMCAGA1UEAxMZcHFzaGliYm9sZXRoLnByb3F1ZXN0LmNvbTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuphJptTTHCmMVxNgJxhde0Gvtoqc
+O+u68ZQk6AIGvwbjnwPKoryOai42KpOqS2cqTqXIpRM5ix+dZkRK2qy6yaVxm9/x
+68jT5iy1PBPMgBjPDfCLdHFIfG35wOlq831aWjzoydAqfeEk9d5Ql63jj28l5Oh0
+2sCAN+h2AjfGjnECAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+OoO6+Fn1w3syWfMo69II2kWsO30wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZcHFzaGliYm9sZXRoLnByb3F1ZXN0LmNvbTANBgkqhkiG9w0BAQUFAAOC
+AQEAkT2N6y0Abrf4Lj+hsLcemWkBjEsSa6gMTgS3bGUUxO2keC/OLcAKyjheVB3/
+vEv7IPgvTUVGDwExqSdrZBdQD6gvbcndZcZG17QtZmQaGGocRGgtVFqLJeX/X8Mh
+eDuSfigWj3mh461yqJhFRp8mtRrLmztBaC0WDRPHHiv5SSPSL6XGVIYnNCPOPRh0
+V2R1qZsnBeqSHdiddTjp2385jCVOa9AoZ+vmYhnUeQr4hNviBk1m1sbbZxav4VSm
+bmq1F/ZhWxiiHpnDJ3lk1fTb98ClOTUbl/vigTsU7TFGO7SZE7QlJRdisWC/aWOo
+rUdtGoUocs9Py0i043t+fTvBPw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pqshibboleth.proquest.com:9443/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ProQuest LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ProQuest LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.proquest.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Chad Roberts, Software Developer Lead, ProQuest (Ann Arbor, MI)</GivenName>
+ <EmailAddress>chad.roberts@proquest.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://pqshibboleth.proquest.com:9443/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 490, expires on Fri Feb 4 17:05:26 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAeowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIwMzE3MDUyNloXDTExMDIw
+NDE3MDUyNlowJDEiMCAGA1UEAxMZcHFzaGliYm9sZXRoLnByb3F1ZXN0LmNvbTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuphJptTTHCmMVxNgJxhde0Gvtoqc
+O+u68ZQk6AIGvwbjnwPKoryOai42KpOqS2cqTqXIpRM5ix+dZkRK2qy6yaVxm9/x
+68jT5iy1PBPMgBjPDfCLdHFIfG35wOlq831aWjzoydAqfeEk9d5Ql63jj28l5Oh0
+2sCAN+h2AjfGjnECAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+OoO6+Fn1w3syWfMo69II2kWsO30wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZcHFzaGliYm9sZXRoLnByb3F1ZXN0LmNvbTANBgkqhkiG9w0BAQUFAAOC
+AQEAkT2N6y0Abrf4Lj+hsLcemWkBjEsSa6gMTgS3bGUUxO2keC/OLcAKyjheVB3/
+vEv7IPgvTUVGDwExqSdrZBdQD6gvbcndZcZG17QtZmQaGGocRGgtVFqLJeX/X8Mh
+eDuSfigWj3mh461yqJhFRp8mtRrLmztBaC0WDRPHHiv5SSPSL6XGVIYnNCPOPRh0
+V2R1qZsnBeqSHdiddTjp2385jCVOa9AoZ+vmYhnUeQr4hNviBk1m1sbbZxav4VSm
+bmq1F/ZhWxiiHpnDJ3lk1fTb98ClOTUbl/vigTsU7TFGO7SZE7QlJRdisWC/aWOo
+rUdtGoUocs9Py0i043t+fTvBPw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pqshibboleth.proquest.com:9443/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ProQuest LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ProQuest LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.proquest.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Chad Roberts, Software Developer Lead, ProQuest (Ann Arbor, MI)</GivenName>
+ <EmailAddress>chad.roberts@proquest.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth.chadwyck.co.uk/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 323, expires on Fri May 21 19:15:42 2010 GMT -->
+ <ds:X509Certificate>
+MIIFJzCCBA+gAwIBAgICAUMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyMDE5MTU0MloXDTEwMDUy
+MTE5MTU0MlowJDEiMCAGA1UEAxMZc2hpYmJvbGV0aC5jaGFkd3ljay5jby51azCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArzKU6RnrTXwfmc+H7A0tafWJBtOL
+2ecNo8KUysZk7zGWz045UmiSNGcxKlzZWNeWwRHHzf4opaAvOpcLZrfS9S8/LxNd
+QrcUlHKRwmTTz30q0ULzPmCxaxCni4tSjWhOj1kh4ZdNmQtpzfe4dxSfkmCos/+Z
+ACnSC3Xufah0rXkCAwEAAaOCArMwggKvMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+6YXozFjlpfRtzvawsiiXDqaLr7EwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2lu
+Y29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2Ey
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6
+Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBk
+ZjAkBgNVHREEHTAbghlzaGliYm9sZXRoLmNoYWR3eWNrLmNvLnVrMA0GCSqGSIb3
+DQEBBQUAA4IBAQAS17xM+wjnjLIEjjf1aLZXJq4OA+yelzKP/u+tlghNBKvO6E/k
+38o7xW5qDU8HX43ILq6qIYmNbp9iEeyClxQtMCZ537GKHaUFGq4oZYmd07Xxos5E
+p71qeTf6gP3K+MgaVyXGl07vA61QrhbdcFPvgKPLGuqF1NakNIcc+ovtHqY2hstU
+WiJWNJnRk4iY3NoNVEk3OvueoyGsQf8gLpDXRpm9BgGSxmzRXv62yzFJlmJsSa8Z
+OOVcF1YDrNrK6KLEP+Nxhf/hGnf4BAgwEo3nApw3M1UhIYuhpMBKq73jAFFyYTbR
+SOCDIImN0MPzGKyb7eXBpjpT6oxfdUtcR2uY
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.chadwyck.co.uk/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ProQuest LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ProQuest LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.proquest.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Geoff Leach, Software Team Leader, ProQuest (Cambridge, UK)</GivenName>
+ <EmailAddress>geoff.leach@proquest.co.uk</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Douglas Hall, Assistant IT Manager, ProQuest (Cambridge, UK)</GivenName>
+ <EmailAddress>douglas.hall@proquest.co.uk</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibboleth.illumina.csa.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 305, expires on Thu Apr 29 19:13:48 2010 GMT -->
+ <ds:X509Certificate>
+MIIFKzCCBBOgAwIBAgICATEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDQyODE5MTM0OFoXDTEwMDQy
+OTE5MTM0OFowJjEkMCIGA1UEAxMbc2hpYmJvbGV0aC5pbGx1bWluYS5jc2EuY29t
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDoAg+5TPj5KNbuC9bHst1bZaxX
+Z2Mk0ltpDqocQ8l0Nfa+w/VhnfAhtZMlrqhlqjpHz3u7T2u2VUNB3IZ12CKXS5pR
+0lEy3r2sqABZgCCRVpoYwTTSlymvlf7s3A15oLCy9OaFO5RLM7tRQACEOdBJGRM7
+3oHNEt2fkIt1/KpkRQIDAQABo4ICtTCCArEwDgYDVR0PAQH/BAQDAgWgMAwGA1Ud
+EwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQW
+BBSNxK3a53PuzUHMwU+3xcnt/8cmzTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53d
+jZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZl
+ZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9y
+aXR5ggEAMIG6BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8v
+aW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMv
+Y2EtY2VydHMucDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25j
+YTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0
+cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMu
+cGRmMCYGA1UdEQQfMB2CG3NoaWJib2xldGguaWxsdW1pbmEuY3NhLmNvbTANBgkq
+hkiG9w0BAQUFAAOCAQEAmJOVEWMGhkeyNwqQ+lE9WYrCRryIqOawuQ3Zb7+GGzzj
+a09Q3MH/KgMRSX/AfLF27h4jBirEuDjZXiEBjXmPZi1O/V5zOvcZmF36qZNjZyo/
+gPdqq+tQOXyM6Wm5tvMo7b8NI8ZpNx57lU4R678dH4Gf1g3yRIhASILZHriaAGnQ
+JpLdWS00FY3rhvcp5WjkNqEPxyeQ7gKZr30bo5wEEAhnVGLT3/GGKTOtmzg+MQpX
+/Y8WKhQGK81gp1WDeAffj6/+lU8XcOeQOCPcID570UOVBjFhMSztJKqzTy/Wbnzb
+9GoWoU7XiW45ydbYRSNdBybEvvCHJIWz+G85Yg/HZA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.illumina.csa.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shibboleth.illumina.csa.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ProQuest LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ProQuest LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.proquest.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Shibboleth Illumina Tech</GivenName>
+ <EmailAddress>shibboleth.illumina.tech@proquest.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Shibboleth Illumina Admin</GivenName>
+ <EmailAddress>shibboleth.illumina.admin@proquest.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>CSA Illumina Support</GivenName>
+ <EmailAddress>support@csa.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Outside The Classroom -->
+<EntityDescriptor entityID="https://v9.alcoholedu.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 346, expires on Sun Jun 6 18:25:02 2010 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAVowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYwNTE4MjUwMloXDTEwMDYw
+NjE4MjUwMlowHDEaMBgGA1UEAxMRdjkuYWxjb2hvbGVkdS5jb20wggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDGr3qv8tMKon+6463E4VuBKB0hJvWsLJ3I
+GahW2HJKApSzaFqlz5Xp6yFS3jqKxYaLQ8yJWbymtUuzRnYIl1/YpBYjX28t5eJQ
+WnkCZ53f8A7hcK5L/JLdUTIWGH50m5QLyLg9gg78/wtoinDAaIoQWtCTGQb1Pi2d
+6j3qsIPgosPCq0VubV8V/uNEG3lu24ipjLHabfjCEvzBiZ60cvQE5uZa42AMef/1
+/q2kMtGwf/raDDkq0RmCKdb5N2Cn4AWbuv9TONd/BRhQjwseNn0JOdDukercLsHw
+QpIuK+F7LdG+jM4MN7uUlEFbN1sEHv/t2YBhA6BYiN2/kMSeBRuBAgMBAAGjggKr
+MIICpzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFGgjaCd5Hzms1Qzzw8I/vkpGOa1y
+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQG
+EwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5D
+b21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgboGCCsGAQUFBwEBBIGt
+MIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IKCQlDQSBJc3N1
+ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHAYDVR0RBBUwE4IRdjkuYWxj
+b2hvbGVkdS5jb20wDQYJKoZIhvcNAQEFBQADggEBAE6mU86LJlJJPRGP2LSsO8qU
+CkNxFcjfaE56XRg9d8AGAiDcbfb7kq+II2HPtTFX020U8khb9sRejJ3gJ3tMZDru
+BS4Kvq+iV4bcngAGGalKL9zXUaMyyALypiyun58F66MxjR2LpsZEMBIG3sn6rMBn
+USgVos1vEst2EncdncUXsYJ33qQdYdnj/hMRqNETFFSqk3pec0hbkGhA6YFEuWjb
+N6QvUmjpZLgvBpAoHnpu7SW0iDdunr2NoDlb608coNd/4HRkIk1ASufH676TBhvB
+gz8FoesKwAYamK8RRPdK20Aymj5gCu/8rlrmf0vpqmhwedN3xOrt9KjJRvsasZQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://v9.alcoholedu.com/Shibboleth.sso/SAML/Artifact" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://v9.alcoholedu.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://v9.alcoholedu.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Outside The Classroom</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Outside The Classroom</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.outsidetheclassroom.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Heather Haynes</GivenName>
+ <EmailAddress>haynes@outsidetheclassroom.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- The Kuali Foundation -->
+<EntityDescriptor entityID="https://us1.ready.kuali.org/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12898029158361128764, expires on Fri Feb 26 19:55:03 2010 GMT -->
+ <ds:X509Certificate>
+MIIFAzCCA+ugAwIBAgIJALL/AS7Ovt88MA0GCSqGSIb3DQEBBQUAMIGxMQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIQmVya2VsZXkx
+EzARBgNVBAoTClVDQmVya2VsZXkxDDAKBgNVBAsTA0lTVDEcMBoGA1UEAxMTdXMx
+LnJlYWR5Lmt1YWxpLm9yZzE5MDcGCSqGSIb3DQEJARYqa3VhbGlyZWFkeS10ZWNo
+LXN1cHBvcnRAbGlzdHMuYmVya2VsZXkuZWR1MB4XDTEwMDEyNzE5NTUwM1oXDTEw
+MDIyNjE5NTUwM1owgbExCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
+MREwDwYDVQQHEwhCZXJrZWxleTETMBEGA1UEChMKVUNCZXJrZWxleTEMMAoGA1UE
+CxMDSVNUMRwwGgYDVQQDExN1czEucmVhZHkua3VhbGkub3JnMTkwNwYJKoZIhvcN
+AQkBFiprdWFsaXJlYWR5LXRlY2gtc3VwcG9ydEBsaXN0cy5iZXJrZWxleS5lZHUw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCyRyOkrgqiSVUDk9RbevgJ
+VikcP+S7D/IFGxxvtThfwogoZ9lMICwmQPe0i1XpAvzsEZZUngq2CfqyCOwoHu0b
+SGkZDR9GZJncpk/woiq5kUeazTJw8/hgLfmhzd9PQz1bWZ7wu0GIxZx6bFCyAJXk
+xajQeWD5ospMX530vSpjJpOeDQJ9Y48MGs5itc6cme7vrJd0qgu4tk084Rf+79S5
+P28BISQI7k5PAq6oqLvyqVFebPpPBzIocBl5o7D2TVbSzC8nm1i71TcqJ6bxD7zb
+cPsnnp7TAfy/eK+qsRFHWci569uZ31BFLxoS+03hjp4f8U1VBxpgJi1RV2wcpO3D
+AgMBAAGjggEaMIIBFjAdBgNVHQ4EFgQUs1tNiRsZ7oxMSgoUdYLNmc1wHtowgeYG
+A1UdIwSB3jCB24AUs1tNiRsZ7oxMSgoUdYLNmc1wHtqhgbekgbQwgbExCzAJBgNV
+BAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhCZXJrZWxleTET
+MBEGA1UEChMKVUNCZXJrZWxleTEMMAoGA1UECxMDSVNUMRwwGgYDVQQDExN1czEu
+cmVhZHkua3VhbGkub3JnMTkwNwYJKoZIhvcNAQkBFiprdWFsaXJlYWR5LXRlY2gt
+c3VwcG9ydEBsaXN0cy5iZXJrZWxleS5lZHWCCQCy/wEuzr7fPDAMBgNVHRMEBTAD
+AQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCZ7/ZfAelgwTlVRbKebH0Ni8Uq+Evu6KE9
+rC1RXKjj6wdFDLJGW5rq6c4FHDh2NFaO4yBIZizYzfTtu8BcTV7gOxgOg/JmZfZO
+xXL8sT4PHLMJXAuRxpNyZEuuAlpRewbfifv7/CiYimHaPz1+3h8wvqABXqDcSewH
+krXNM3cqpL+4Os0X92BTuYS1YIf0KdB8upEcCDCUV+oCThVmeQ0i/VumPe5Qau9x
+tS90xUZsyUUv5AxA8b3OOvvLolD9gD7Dv504LWdbwL8JBpHJSEOON9oqYxTUJu3u
+pgh3qG63QeVrl0Jew9N39nw6sAu3cwmAT44GzEczlm4sOBzjzNgw
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://us1.ready.kuali.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://us1.ready.kuali.org/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Kuali Foundation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Kuali Foundation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kuali.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ryan Means</GivenName>
+ <EmailAddress>rmeans@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://us1.ready-qa.kuali.org/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 10705125475343560728, expires on Fri Feb 26 19:44:01 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDDCCA/SgAwIBAgIJAJSQPubR1nAYMA0GCSqGSIb3DQEBBQUAMIG0MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIQmVya2VsZXkx
+EzARBgNVBAoTClVDQmVya2VsZXkxDDAKBgNVBAsTA0lTVDEfMB0GA1UEAxMWdXMx
+LnJlYWR5LXFhLmt1YWxpLm9yZzE5MDcGCSqGSIb3DQEJARYqa3VhbGlyZWFkeS10
+ZWNoLXN1cHBvcnRAbGlzdHMuYmVya2VsZXkuZWR1MB4XDTEwMDEyNzE5NDQwMVoX
+DTEwMDIyNjE5NDQwMVowgbQxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9y
+bmlhMREwDwYDVQQHEwhCZXJrZWxleTETMBEGA1UEChMKVUNCZXJrZWxleTEMMAoG
+A1UECxMDSVNUMR8wHQYDVQQDExZ1czEucmVhZHktcWEua3VhbGkub3JnMTkwNwYJ
+KoZIhvcNAQkBFiprdWFsaXJlYWR5LXRlY2gtc3VwcG9ydEBsaXN0cy5iZXJrZWxl
+eS5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDHWdwiHLz2ALzM
+yhHbTjquIcerl+pNyXrY6WnMNyzRaAGsP/HEOHAJKu55CD0F5v5ItLxRc6YyMuH9
+TpWtQcMIczm+xmCzU5HlaFzLon2Sqa1SPcsWKhjxWJgGUR6S0zNzYIO/pRDb0Ij3
+MffHEblQYbQYT0CVBl8hVtlM0x3sfElhN7xFAFIoB+n/OBPTosEcMvqmlYY47uJo
+zjEf5kJghdB3oWqjHnzt/FDEzmpkJjkgGLmfs7jVHTChwViO5YqtdX8biwzUnKV1
+93+EVC5gz5/IahEM88+X49MhuCeueGT3YF1KPROb7GUf+UnaeFIjPYjjuvQcTa/E
+JDwr8P3RAgMBAAGjggEdMIIBGTAdBgNVHQ4EFgQUICH6yJmnSBavjNAIcY5OTqbT
+W0UwgekGA1UdIwSB4TCB3oAUICH6yJmnSBavjNAIcY5OTqbTW0WhgbqkgbcwgbQx
+CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMREwDwYDVQQHEwhCZXJr
+ZWxleTETMBEGA1UEChMKVUNCZXJrZWxleTEMMAoGA1UECxMDSVNUMR8wHQYDVQQD
+ExZ1czEucmVhZHktcWEua3VhbGkub3JnMTkwNwYJKoZIhvcNAQkBFiprdWFsaXJl
+YWR5LXRlY2gtc3VwcG9ydEBsaXN0cy5iZXJrZWxleS5lZHWCCQCUkD7m0dZwGDAM
+BgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAHjaB9n2CkNdaobN4Sl+YX
+Jp7D1Cn9/J1m7AWK05pz9Ipe+DhoFNScTczptYhpAubgf5j+xkaJ1jx1pDF8/qQ7
+hqZCnFJacYeo4BQIU0B6gqRoKMoL4Q7xsRcXPp9Gs6qrOcA15kZNfoASr0E6A/5g
+p60nyf4r4xGxJ0gaN7PLrEZ25lmbD5LrgGj/DNe5+PBTTWZvcoBmL1CIO64kaSng
+sDRIb6sTrDsX6OfwVyQPnQpOhAF72KqO10F8uvVRsQU+SYnKje56drU7JZIhpGlK
+eYikK8PJiLHQARTKnrD1iAvU3AvPVKulWZSTlrPyhvZOw/qYX4gcoL1DSwpHphCY
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://us1.ready-qa.kuali.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://us1.ready-qa.kuali.org/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Kuali Foundation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Kuali Foundation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kuali.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ryan Means</GivenName>
+ <EmailAddress>rmeans@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://us1.ready-staging.kuali.org/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 11869944252538169617, expires on Fri Feb 26 19:48:19 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgIJAKS6g2h0OikRMA0GCSqGSIb3DQEBBQUAMIG5MQswCQYD
+VQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8GA1UEBxMIQmVya2VsZXkx
+EzARBgNVBAoTClVDQmVya2VsZXkxDDAKBgNVBAsTA0lTVDEkMCIGA1UEAxMbdXMx
+LnJlYWR5LXN0YWdpbmcua3VhbGkub3JnMTkwNwYJKoZIhvcNAQkBFiprdWFsaXJl
+YWR5LXRlY2gtc3VwcG9ydEBsaXN0cy5iZXJrZWxleS5lZHUwHhcNMTAwMTI3MTk0
+ODE5WhcNMTAwMjI2MTk0ODE5WjCBuTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh
+bGlmb3JuaWExETAPBgNVBAcTCEJlcmtlbGV5MRMwEQYDVQQKEwpVQ0JlcmtlbGV5
+MQwwCgYDVQQLEwNJU1QxJDAiBgNVBAMTG3VzMS5yZWFkeS1zdGFnaW5nLmt1YWxp
+Lm9yZzE5MDcGCSqGSIb3DQEJARYqa3VhbGlyZWFkeS10ZWNoLXN1cHBvcnRAbGlz
+dHMuYmVya2VsZXkuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+1lsGG2tmB308ilw1GFn2ElCsAEBbtNwEHZvbMEdn1YFFpwZ1Rmttwq+wKbW4P3+l
+1Zww99A7KR2iZAclJzPl4ADh5xBkL5GepGNcrYmC3bK5eD71hqPSta8E9AflkTZD
+FHuI+3KiKK0uJQXOrAJ6eylC7f8FM/I0yuS/rzP+umSiaiyI/bIdqwFDdW2T93BJ
+cAFAGGPPcb2Uzezc6fU6897pQjHbtRTrfw51zQyrKVqManBMqQaKzmxOBNxvygJu
+rb1p/vNRlYeFQBdWkm+83NL+ltJRPHK+LvCzPW8L17SxwHl8v3WFB7vKtEtPzp81
+e8hEIzOBFI9mxK2s841E/QIDAQABo4IBIjCCAR4wHQYDVR0OBBYEFHk82GqzxFKz
+RIuxO48SNfaV4O7PMIHuBgNVHSMEgeYwgeOAFHk82GqzxFKzRIuxO48SNfaV4O7P
+oYG/pIG8MIG5MQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTERMA8G
+A1UEBxMIQmVya2VsZXkxEzARBgNVBAoTClVDQmVya2VsZXkxDDAKBgNVBAsTA0lT
+VDEkMCIGA1UEAxMbdXMxLnJlYWR5LXN0YWdpbmcua3VhbGkub3JnMTkwNwYJKoZI
+hvcNAQkBFiprdWFsaXJlYWR5LXRlY2gtc3VwcG9ydEBsaXN0cy5iZXJrZWxleS5l
+ZHWCCQCkuoNodDopETAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCv
+90m2FEpxdvpT43XIr7w2z5RyFmzSQ1PuqsU/DhE37pD2bDH7W05504/wmR+m045B
+HmoZHSn0Ap2FJ0ULPPc3P8g2QE+F0XB5/NwVecpxbyFFdhkWsVu4zZEjP5YJGJZ9
+XpnhUBEqVKdNXPYv/Ll2GTKKXmsvaPC0bUloNpV9mR+gdsPzkI/OdYQCV0WlsMNQ
+5lgY9aQ7r6SNkeRTdV94d3NO/0mRkeZCw8J2uQtUgbJrYQJbyt27BRA48lwHw4C5
+DdRIpDR1HDD1mqXZU+LS9XDwr3tHFsn7iXC5uW6V9oMT2tWJjd8kX/laogUdQYWc
+IEimW7XVfmty/sZTardI
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://us1.ready-staging.kuali.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://us1.ready-staging.kuali.org/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The Kuali Foundation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Kuali Foundation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kuali.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kai Hsieh</GivenName>
+ <EmailAddress>kchsieh@berkeley.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ryan Means</GivenName>
+ <EmailAddress>rmeans@berkeley.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Carleton College -->
+<EntityDescriptor entityID="urn:mace:incommon:carleton.edu">
+ <IDPSSODescriptor errorURL="https://login.carleton.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">carleton.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 324, expires on Mon May 24 14:40:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAUQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyMzE0NDA0M1oXDTEwMDUy
+NDE0NDA0M1owHTEbMBkGA1UEAxMSbG9naW4uY2FybGV0b24uZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDOBlQORZtupdGd0bmLXZIj0NY2gL6jGcKKKe0/
+cMXvkQ1xh8x4luevXDq1HFnyzo/zurhNERV9acqkEBpILpZJcY9lYyH9Szv/0fKG
++rc6u5eX74p/nBR5vgOMTIbrf+jYfaq23D4kEV8vH0hJzLA4iKlPPcsXIblzSsFK
+gK9afwIDAQABo4ICrDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTNZvXaldWs
+VQb6F/LDVXzVLgKEEjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6
+BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1Ud
+EQQWMBSCEmxvZ2luLmNhcmxldG9uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAAgtx
+yxaJazfvu3yd/OQvQCwVG4wbaaXcOTYnkTPPUYJPJS7Mmh7bQaZeK+ltBIvCkXQr
+JGXCn2uzTjBg3YoHMxAwhqq6WIdg6STpO7OhcbgZTlWdl30lb4pOQ4QmSQWYxNJ7
+2Xd3depIw6y8vNk4cfJLQqddDEJY06QodzKvKGRPwzVRwtLusjk7jzE+f1VOcjlE
+xcp4SbHt6s7F/QgGyJJH/H8y06gN4UOLhLzodQ0d4RMwFyTLBXsytP3rhICYYeTn
+0B+uSI+ww0jCXojhytCbXCqn5SP0lJRxM428ozsGaKhhu3I+ZnnEUGK236VVN/Wq
+mmC9Y9C/V2Q77ijp3Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.carleton.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">carleton.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 324, expires on Mon May 24 14:40:43 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAUQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyMzE0NDA0M1oXDTEwMDUy
+NDE0NDA0M1owHTEbMBkGA1UEAxMSbG9naW4uY2FybGV0b24uZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDOBlQORZtupdGd0bmLXZIj0NY2gL6jGcKKKe0/
+cMXvkQ1xh8x4luevXDq1HFnyzo/zurhNERV9acqkEBpILpZJcY9lYyH9Szv/0fKG
++rc6u5eX74p/nBR5vgOMTIbrf+jYfaq23D4kEV8vH0hJzLA4iKlPPcsXIblzSsFK
+gK9afwIDAQABo4ICrDCCAqgwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTNZvXaldWs
+VQb6F/LDVXzVLgKEEjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIG6
+BggrBgEFBQcBAQSBrTCBqjCBpwYIKwYBBQUHMAKGgZpodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiCgkJQ0EgSXNzdWVycyAtIFVSSTpodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB0GA1Ud
+EQQWMBSCEmxvZ2luLmNhcmxldG9uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAAgtx
+yxaJazfvu3yd/OQvQCwVG4wbaaXcOTYnkTPPUYJPJS7Mmh7bQaZeK+ltBIvCkXQr
+JGXCn2uzTjBg3YoHMxAwhqq6WIdg6STpO7OhcbgZTlWdl30lb4pOQ4QmSQWYxNJ7
+2Xd3depIw6y8vNk4cfJLQqddDEJY06QodzKvKGRPwzVRwtLusjk7jzE+f1VOcjlE
+xcp4SbHt6s7F/QgGyJJH/H8y06gN4UOLhLzodQ0d4RMwFyTLBXsytP3rhICYYeTn
+0B+uSI+ww0jCXojhytCbXCqn5SP0lJRxM428ozsGaKhhu3I+ZnnEUGK236VVN/Wq
+mmC9Y9C/V2Q77ijp3Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.carleton.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Carleton College</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Carleton College</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.carleton.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Matthew Bockol</GivenName>
+ <EmailAddress>mbockol@carleton.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://test-sp.carleton.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 325, expires on Mon May 24 14:40:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAUUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDUyMzE0NDA1MloXDTEwMDUy
+NDE0NDA1MlowHzEdMBsGA1UEAxMUdGVzdC1zcC5jYXJsZXRvbi5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAMlpaCTTtwI94Yo6k08BURvC3kSZaOSAYepg
+hvk+GtR0SOT45noMbCLXNtNVi2Mme1InAIEn/CfdXKWhnlhFv05hhvcJP/cYGf4c
+4pVU8RyPR8EpqSztxsihfLHpaJ6qy2zatIF2ZsRsrScMJkt898GJhRssLpjT7BH6
+3RCCdwyHAgMBAAGjggKuMIICqjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFA6ssSQQ
+cUcZhxhNCweXZYRMJiScMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gboGCCsGAQUFBwEBBIGtMIGqMIGnBggrBgEFBQcwAoaBmmh0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IKCQlDQSBJc3N1ZXJzIC0gVVJJOmh0dHA6Ly9pbmNvbW1vbmNhMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0G
+A1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21t
+b25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYD
+VR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5j
+b21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHwYD
+VR0RBBgwFoIUdGVzdC1zcC5jYXJsZXRvbi5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+ADvZcrzHQxuFLUQi08rjonuDvgzvBSiuX2P5Q3cvKF/m8ZuMOmH19IHn8h1QxEwb
+0Ps5/t5na/Qczh7a1CAXdtoHnwjLMduNDKZTOJQgujgeimxmVgUy4Upa80RRtBQX
+m3SqKLPewq8KXixm8rUS4ZB3L0x+KhZeDPFQcR0H4pHzAVRfKxaMvzr6+E6JDJRL
+sjqiTLc4FqyK/mV7oqA7Ja0mJGoaLhbk85OJLypTpgxB5Dx5roCuasJ1fthKK85e
+3NkAf8Zfe2kL5y34z41TC/Bt3lVGVWdaKQM9NUCa6CUHowBqtMcPxGPAJXyAtpge
+o6d3r6g6/3W+CZ4LEhGBE/c=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test-sp.carleton.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://test-sp.carleton.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Carleton College</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Carleton College</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.carleton.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Matthew Bockol</GivenName>
+ <EmailAddress>mbockol@carleton.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Safari Books Online -->
+<EntityDescriptor entityID="https://authenticate.bvdep.com/incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 383, expires on Sun Jul 18 19:01:14 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAX8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNzE5MDExNFoXDTEwMDcx
+ODE5MDExNFowITEfMB0GA1UEAxMWYXV0aGVudGljYXRlLmJ2ZGVwLmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAscMqs1FV2fggIqHhUc0TSqk/JvM+VN+0
+IjFJWGeweX+tEMJ4qdWbFSRuIZ6snqKPq0fngozU4JZxq8npWi282fD+z/FwN3Z8
+j2GZzNL6WAE4LhewWKV4SMny7sMCsz5tzslA8u0kKWzl0oHfFRuFhg7TNK7Nm/uJ
+JhXArH7CiWMCAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU1H4n
+S2C9fAB5YyZYFDlX0bxMYDMwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWYXV0aGVudGljYXRlLmJ2ZGVwLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAljyy
+qVwgJGmNsAMpswmc3xOQ4yjhMICD4Y01u35CEmZ7OqRJVOj3roMqAGx763Cvr87Q
+I6Zeu+GbJ2BSRnW2ELnWLkMDa4kH/rdDI5RL4/lDp4AV0QmSSX21oeMU3vlQtiYw
+8/fG5lE6mSZgd8K7lRVKv13mBHDxFB833RPUa1nXLuvRVPPXW98tSMup9ru+g8Au
+6wQ1a9DUQF+5VM85MdGlh5CRUAon5jC5QmlgiflsqLYCoUJpf7VaSxkkNZaW+OcL
+80U+U2obJ0fn6hrFUj4yWZo1wX1bvXEB3LDWQB0VJXb4FRarFykh+tRJ6mdqtSZO
+cPtXaeaGBEu0gmNxBA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://authenticate.bvdep.com/incommon/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://authenticate.bvdep.com/incommon/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Safari Books Online</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Safari Books Online</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.safaribooksonline.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Peter Buelens</GivenName>
+ <EmailAddress>pb@bvdep.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Peter Buelens</GivenName>
+ <EmailAddress>pb@bvdep.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Peter Buelens</GivenName>
+ <EmailAddress>pb@bvdep.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of South Carolina -->
+<EntityDescriptor entityID="urn:mace:incommon:sc.edu">
+ <IDPSSODescriptor errorURL="http://www.uts.sc.edu/authentication/shibboleth/shibberror.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">sc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 464, expires on Thu Nov 11 20:03:45 2010 GMT -->
+ <ds:X509Certificate>
+MIIFkzCCBHugAwIBAgICAdAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTExMDIwMDM0NVoXDTEwMTEx
+MTIwMDM0NVowHDEaMBgGA1UEAxMRc2hpYmJvbGV0aC5zYy5lZHUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQChmwpos/dPDlh7zhzfYNI5RNc8udsppS2T
+VPPy5/SZ/eB0hRYGs3HCZCrE8t7zpepS2Y7sXHsJG96kPgeZVvWhDIOYEJZRTMcp
+tYHSjuD5OlOYGaSaxZ2CfycbnxS/gQJBSyi7pbeSYEQjShcVYCViRLc2NVP6vwY/
+juaipq7wTNblRnmLUYuBkikriRc4f0z4qa1j0TFI9dHa9pp1DZuOz8XhsJ8sl5TZ
+FSJLwnPqmaWcMwFm9BSqjihn1d6hsMEpPMcO4lpaQF2lzyQrkGJfTTwNy4uoA4er
+QJj+Hg0Fxaf/iS5IRTj6urUQO6J8b9boOEwEtZtLwIo3PG5RDpiFAgMBAAGjggKj
+MIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJ6EsggZYpFRPhU7KH9Zfhmcamvg
+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQG
+EwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5D
+b21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGl
+MIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAC
+hkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXNoaWJib2xldGguc2Mu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAQQkot3bYBJCbOi/gMLeWnC96Xyb9UJ5sW
+ZWP8Q6TvkPCIH254aAGeiaeqg4tKhNU1wJJWUf6jYWkrMUE+GxEPA7aQVb0F/tqO
+fTHHJBnKAgej/Cw3fw5pzoeTKXbJRtf45oRK8vvm3BVuanpqy2DmFP2XEIg+W0kv
+xOS/mVf+I4m+E+sGc2hqOKERUKa9I3OIZRyt4fcayHKUoSq2lr3+WH6TCNOI3ftI
+JeFdpFAEsVRCf6G0y15/NE2ZrZxIa40eMQyFiQBJZ3rg7QTxNHyRxrT1RzcJiqGW
+/BZ+1dTx9GUEp9N5c398vGG3GdxwYl6E0T7Cbv26YYi4i7HFU1VF
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.sc.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.sc.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">sc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 464, expires on Thu Nov 11 20:03:45 2010 GMT -->
+ <ds:X509Certificate>
+MIIFkzCCBHugAwIBAgICAdAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTExMDIwMDM0NVoXDTEwMTEx
+MTIwMDM0NVowHDEaMBgGA1UEAxMRc2hpYmJvbGV0aC5zYy5lZHUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQChmwpos/dPDlh7zhzfYNI5RNc8udsppS2T
+VPPy5/SZ/eB0hRYGs3HCZCrE8t7zpepS2Y7sXHsJG96kPgeZVvWhDIOYEJZRTMcp
+tYHSjuD5OlOYGaSaxZ2CfycbnxS/gQJBSyi7pbeSYEQjShcVYCViRLc2NVP6vwY/
+juaipq7wTNblRnmLUYuBkikriRc4f0z4qa1j0TFI9dHa9pp1DZuOz8XhsJ8sl5TZ
+FSJLwnPqmaWcMwFm9BSqjihn1d6hsMEpPMcO4lpaQF2lzyQrkGJfTTwNy4uoA4er
+QJj+Hg0Fxaf/iS5IRTj6urUQO6J8b9boOEwEtZtLwIo3PG5RDpiFAgMBAAGjggKj
+MIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJ6EsggZYpFRPhU7KH9Zfhmcamvg
+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQG
+EwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5D
+b21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGl
+MIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAC
+hkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEXNoaWJib2xldGguc2Mu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAQQkot3bYBJCbOi/gMLeWnC96Xyb9UJ5sW
+ZWP8Q6TvkPCIH254aAGeiaeqg4tKhNU1wJJWUf6jYWkrMUE+GxEPA7aQVb0F/tqO
+fTHHJBnKAgej/Cw3fw5pzoeTKXbJRtf45oRK8vvm3BVuanpqy2DmFP2XEIg+W0kv
+xOS/mVf+I4m+E+sGc2hqOKERUKa9I3OIZRyt4fcayHKUoSq2lr3+WH6TCNOI3ftI
+JeFdpFAEsVRCf6G0y15/NE2ZrZxIa40eMQyFiQBJZ3rg7QTxNHyRxrT1RzcJiqGW
+/BZ+1dTx9GUEp9N5c398vGG3GdxwYl6E0T7Cbv26YYi4i7HFU1VF
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.sc.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of South Carolina</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of South Carolina</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bill Crayton</GivenName>
+ <EmailAddress>bcrayton@sc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Bill Crayton</GivenName>
+ <EmailAddress>bcrayton@sc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Roger Truesdale</GivenName>
+ <EmailAddress>rogert@mailbox.sc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://sp.csd.sc.edu/shibboleth/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 475, expires on Sun Dec 12 20:14:27 2010 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAdswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIxMTIwMTQyN1oXDTEwMTIx
+MjIwMTQyN1owGDEWMBQGA1UEAxMNc3AuY3NkLnNjLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKe83oKrzfsQGNyHCL0Xee4v0jojXaRYaQF5Ozto
+z06OgAWA/l5Az0biB6EPDNILI7+NolIBsxbSDuONU1DxAL/pDDaq0/RhUjQD1H5A
+dLnViaXckM9pxt4EiHRpG2uVtyJRBYqEGDSPoTPESalW1aplWIFgAJH4PxWSiZdc
+JLe6D9dyvT078snBaYSt+YKYukfKQ6R9m96X8aqE4HeTzoZQTn0Ee4VHGqr4m3Al
+NVXbNFAOPTMgaPb3GlryKOOcnIN8veGLqDLv9d4X3AePG8g6SJ5BT6jQ87I4IBfn
+r57ntPNLK++jFG4tTR+St8ITQ+oPsi/nEoqHEkmcSsGKRL8CAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUkB2lyon8syQax+aIxAJY3Wk5IxswfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc3AuY3NkLnNjLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEATEFpkd2jv/JHYESaFRWtKjZXA5gxRSktFSF6iVUJH4TN
+FWK1zJaSNt4rjDlQzMpQAQ0MiXZ5HvCnP1vfgiKEpA9T1mY0J22iJyyi/QfY45wD
+22vamAOpsSbQ/jGeRLABBFxotv5kp3+3ROlK8kiQOcoa4G9sbZgi0dU6IwBL22no
+kJxkyTVDiKiMrkTNF/9BBVoCcjmnDJUspBLCBs1lQLUDBZE7qiEpaaOqDMMoa/gU
+Q2V/c97aeKZn1FIzLYtKknc/XxF+ikkFDzV/HxLcm8FZ91DF67SCC+HbM4xopRBA
+UH5ola7ll+RTHAwb8nhSZyeAWOg33QUh71P+168oFA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.csd.sc.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.csd.sc.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of South Carolina</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of South Carolina</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bill Crayton</GivenName>
+ <EmailAddress>bcrayton@sc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Bill Crayton</GivenName>
+ <EmailAddress>bcrayton@sc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Roger Truesdale</GivenName>
+ <EmailAddress>rogert@mailbox.sc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Stark State College of Technology -->
+<EntityDescriptor entityID="urn:mace:incommon:starkstate.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">starkstate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 339, expires on Fri Jun 4 19:18:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAVMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYwMzE5MTg1MloXDTEwMDYw
+NDE5MTg1MlowITEfMB0GA1UEAxMWd2ViYXV0aC5zdGFya3N0YXRlLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6KT2FBQHDnNpjRESPZnemI2uI/WFDXxD
+KgkwzntoTDbDivhan0LZh6bGGmTxswFBLG5EPLA6i9zCxGBqZ1fDe4chMtsg+PnD
+pvV+O7uR66X8TxXs8TzhAV5yKKQ+BUX2aaHUUFagYtVlH8YdUKhSDGNmH8wnznfS
+RrDqeBkB8JcCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUVWWE
+UrZC7RU5zp/kGhtydLOWBwEwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZ3ZWJhdXRoLnN0YXJrc3RhdGUuZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBAyD07sLApJ1dpbnm1vP3yR4xxXIcKz7Tlc8OmPYLMgknR79SXXV3rVkQo
+1HsFW8ITvw5y7hFdRAUFETX2WRAJJr7gDq5WDYSaDpl+bnCWisttquyOc+xqpQNp
+d0Ny/11auzq78ts7Q/OP5FLJbQ5psxmQbKvmk9eq//1H70LJwfUbjwZjWU/j+Yxm
+nzAfqJBRC8zqphoGlT+CTDqqA2zi3SqdDZGhY5dGc2+CA3Bc0eRSYv6CV5iDbt2y
+4szQfw0P6iUJFS/rU3FLq7m2je956ldHiFjgxG9Eu7co/vsooyteycVvw2fyEuE+
+UnaztJjasKEag0jDI9zFEcuNEeGk
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://webauth.starkstate.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">starkstate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 339, expires on Fri Jun 4 19:18:52 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAVMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDYwMzE5MTg1MloXDTEwMDYw
+NDE5MTg1MlowITEfMB0GA1UEAxMWd2ViYXV0aC5zdGFya3N0YXRlLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6KT2FBQHDnNpjRESPZnemI2uI/WFDXxD
+KgkwzntoTDbDivhan0LZh6bGGmTxswFBLG5EPLA6i9zCxGBqZ1fDe4chMtsg+PnD
+pvV+O7uR66X8TxXs8TzhAV5yKKQ+BUX2aaHUUFagYtVlH8YdUKhSDGNmH8wnznfS
+RrDqeBkB8JcCAwEAAaOCArAwggKsMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUVWWE
+UrZC7RU5zp/kGhtydLOWBwEwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBugYIKwYBBQUHAQEEga0wgaowgacGCCsGAQUFBzAChoGaaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YgoJCUNBIElzc3VlcnMgLSBVUkk6aHR0cDovL2luY29tbW9uY2EyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCB
+jQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBe
+BgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9p
+bmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAh
+BgNVHREEGjAYghZ3ZWJhdXRoLnN0YXJrc3RhdGUuZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBAyD07sLApJ1dpbnm1vP3yR4xxXIcKz7Tlc8OmPYLMgknR79SXXV3rVkQo
+1HsFW8ITvw5y7hFdRAUFETX2WRAJJr7gDq5WDYSaDpl+bnCWisttquyOc+xqpQNp
+d0Ny/11auzq78ts7Q/OP5FLJbQ5psxmQbKvmk9eq//1H70LJwfUbjwZjWU/j+Yxm
+nzAfqJBRC8zqphoGlT+CTDqqA2zi3SqdDZGhY5dGc2+CA3Bc0eRSYv6CV5iDbt2y
+4szQfw0P6iUJFS/rU3FLq7m2je956ldHiFjgxG9Eu7co/vsooyteycVvw2fyEuE+
+UnaztJjasKEag0jDI9zFEcuNEeGk
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.starkstate.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stark State College of Technology</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stark State College of Technology</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.starkstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Josh Bresaw</GivenName>
+ <EmailAddress>jbresaw@starkstate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Geoff Starnes</GivenName>
+ <EmailAddress>gstarnes@starkstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Minnesota -->
+<EntityDescriptor entityID="urn:mace:incommon:umn.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umn.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 370, expires on Sat Jul 3 18:27:12 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAXIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMjE4MjcxMloXDTEwMDcw
+MzE4MjcxMlowGzEZMBcGA1UEAxMQaWRwLnNoaWIudW1uLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA2ibZeTkmSuUrb57iMvpAF41vMqqCptXr1cfh8V4X
+du5eoZP0XRuP9XKXOTsCjUOpmvKKr0ABRJDHQZL1WXnTp1H22Z7Cm1YhW6EXDUec
+lxp8mCIn4LPVzZ6QO2CjdNwJ4SyeEREuRgjaHvmfCuq8xMX7DNF7uxUQ2O3SSLuJ
+u0MCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUHqN2x18TbfFk
+NB0xvrRWUKR8AvwwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQaWRw
+LnNoaWIudW1uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEACEqzbOYx/CeMdb+nOPJx
++MXfUtJdEWztRWBeqsWR3Pk3UQPc0Nzj+V60zyDF+ExkAtw6gsBel+cekYFBM2NB
+RJkKfaCgpGVB/x1rFZcNlbXmE4Zr7GBuTKoeEetLjw91YA7/gJgcnlCiTik5gcbs
+mYhjUlEC9CYALH5ErVsmE5NCD9Q1fOpvg5si5/w55r7Cv409ZGbWTIPtlOkziDhz
+G7A1Zt35ZEu5RzfI14iZwZ3RsfW/zjofU14fMpyNjhTPtXoGXs8PleL+okf0cYhC
+inwynxHwtT40C+7jQSOcEHa5n+LCMFKcpeUv4oMWix+ia34RwUJ8R8kzYOoX65NM
+Zg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.shib.umn.edu/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.shib.umn.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umn.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 370, expires on Sat Jul 3 18:27:12 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAXIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMjE4MjcxMloXDTEwMDcw
+MzE4MjcxMlowGzEZMBcGA1UEAxMQaWRwLnNoaWIudW1uLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA2ibZeTkmSuUrb57iMvpAF41vMqqCptXr1cfh8V4X
+du5eoZP0XRuP9XKXOTsCjUOpmvKKr0ABRJDHQZL1WXnTp1H22Z7Cm1YhW6EXDUec
+lxp8mCIn4LPVzZ6QO2CjdNwJ4SyeEREuRgjaHvmfCuq8xMX7DNF7uxUQ2O3SSLuJ
+u0MCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUHqN2x18TbfFk
+NB0xvrRWUKR8AvwwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQaWRw
+LnNoaWIudW1uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEACEqzbOYx/CeMdb+nOPJx
++MXfUtJdEWztRWBeqsWR3Pk3UQPc0Nzj+V60zyDF+ExkAtw6gsBel+cekYFBM2NB
+RJkKfaCgpGVB/x1rFZcNlbXmE4Zr7GBuTKoeEetLjw91YA7/gJgcnlCiTik5gcbs
+mYhjUlEC9CYALH5ErVsmE5NCD9Q1fOpvg5si5/w55r7Cv409ZGbWTIPtlOkziDhz
+G7A1Zt35ZEu5RzfI14iZwZ3RsfW/zjofU14fMpyNjhTPtXoGXs8PleL+okf0cYhC
+inwynxHwtT40C+7jQSOcEHa5n+LCMFKcpeUv4oMWix+ia34RwUJ8R8kzYOoX65NM
+Zg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.shib.umn.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Minnesota</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Minnesota</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www1.umn.edu/twincities/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Christopher Bongaarts</GivenName>
+ <EmailAddress>cab@tc.umn.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Kevin O'Rourke</GivenName>
+ <EmailAddress>kor@tc.umn.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Iowa -->
+<EntityDescriptor entityID="urn:mace:incommon:uiowa.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uiowa.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 401, expires on Sat Aug 7 18:29:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAZEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgwNjE4Mjk0NloXDTEwMDgw
+NzE4Mjk0NlowGDEWMBQGA1UEAxMNaWRwLnVpb3dhLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKtOTz8AVTxEX/oU3a3J6wglgQKVRv2mjeAc6eKy
+OyNNYMzTV+E2Rsd2E7bHSthylq3rTeFclw+NKYb8OoRXQv4D8vtz7ulGlMmJ5yoZ
+DAAbN2fEnd/DjQL1yTON4XVy42Gj/IDVXPf/zFBk2e/awTVxV4UcJkwSWULxEHf5
+1UwQ0C7atGfm02EoFSZCMTX/x1xRYNlo1cDzQCXUa+RnqxAEa5Fp/jTNc9yfQnG/
+nAsN5Njy5v6twRa/1oKcs3a8EVhMcVCPtMQSe/WmUyqt2jYL4O91EsvPy2YFvslx
+i8GrhhwVnGO9diqbXR4XE77omY4zi64t6tHnEWrzHBuK/mUCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUHYpzrOA8RbdJgWRMBT1Ph6a6wOkwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INaWRwLnVpb3dhLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEAw7FaEh9HZWCYXSJOEb/FRiR7LK0avVD9ffPtNoWOTYPI
+jfCVm092CdsrkcU1UfZOj84+9dBTosyaZ+NNEcGHhF6MM4i8i9aIt49gfFeoVonV
+x1OM5D7PawiJjAMg2wp7Zzm9ePtC51akFZPOlkCNI9Y1AzphC38+8pw8OpCgCH2P
+pF2BZXe4sgVvuxOBGfe16fPq1xs+DKItdpmo6v7PROscFfLapDPbVnOtXhl5bohi
+rTMWFUxPYfQa3kKxN/L7BbND7VjzpX+IfsYSFl4GQU/jrHByRg8KYt9M4UAfTQ/R
+CGbWjgCXSwY8fzaCmzhEF2ogrTYuH9DGe9f3X8D/Hw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.uiowa.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.uiowa.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uiowa.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 401, expires on Sat Aug 7 18:29:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAZEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgwNjE4Mjk0NloXDTEwMDgw
+NzE4Mjk0NlowGDEWMBQGA1UEAxMNaWRwLnVpb3dhLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKtOTz8AVTxEX/oU3a3J6wglgQKVRv2mjeAc6eKy
+OyNNYMzTV+E2Rsd2E7bHSthylq3rTeFclw+NKYb8OoRXQv4D8vtz7ulGlMmJ5yoZ
+DAAbN2fEnd/DjQL1yTON4XVy42Gj/IDVXPf/zFBk2e/awTVxV4UcJkwSWULxEHf5
+1UwQ0C7atGfm02EoFSZCMTX/x1xRYNlo1cDzQCXUa+RnqxAEa5Fp/jTNc9yfQnG/
+nAsN5Njy5v6twRa/1oKcs3a8EVhMcVCPtMQSe/WmUyqt2jYL4O91EsvPy2YFvslx
+i8GrhhwVnGO9diqbXR4XE77omY4zi64t6tHnEWrzHBuK/mUCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUHYpzrOA8RbdJgWRMBT1Ph6a6wOkwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INaWRwLnVpb3dhLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEAw7FaEh9HZWCYXSJOEb/FRiR7LK0avVD9ffPtNoWOTYPI
+jfCVm092CdsrkcU1UfZOj84+9dBTosyaZ+NNEcGHhF6MM4i8i9aIt49gfFeoVonV
+x1OM5D7PawiJjAMg2wp7Zzm9ePtC51akFZPOlkCNI9Y1AzphC38+8pw8OpCgCH2P
+pF2BZXe4sgVvuxOBGfe16fPq1xs+DKItdpmo6v7PROscFfLapDPbVnOtXhl5bohi
+rTMWFUxPYfQa3kKxN/L7BbND7VjzpX+IfsYSFl4GQU/jrHByRg8KYt9M4UAfTQ/R
+CGbWjgCXSwY8fzaCmzhEF2ogrTYuH9DGe9f3X8D/Hw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.uiowa.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Iowa</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Iowa</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uiowa.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>ITS DNA</GivenName>
+ <EmailAddress>its-spa-dirsvcs@uiowa.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://its-spa-006.iowa.uiowa.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 404, expires on Thu Aug 12 18:17:09 2010 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAZQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMTE4MTcwOVoXDTEwMDgx
+MjE4MTcwOVowJTEjMCEGA1UEAxMaaXRzLXNwYS0wMDYuaW93YS51aW93YS5lZHUw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL75EMh+kU502akMsK/1o2PLi7ow
+97MbKn0L+IHp2lvDT2+cPHFORfECvNnrkYjcHscHy+Ws7KWrfDdF7X5F4rk8KOXs
+hSIKP9wxNFwslTO2LemByH3YDFYOdfyk0v1yZNC1NaWZNaKDzcVvELgvgZ5QYtXw
+IK8YzbaF8H4M0mFNAgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FIK0DHRllNEARJElXJ5gFOxIPKCvMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCUGA1Ud
+EQQeMByCGml0cy1zcGEtMDA2Lmlvd2EudWlvd2EuZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBuTBgmcs44oDktuvTPaC2ebb4L6hrYiP461wCChLoPiJHBR9umy0AkLIgG
+2/SCjl4WES26fRqccEiK0RGDzpRNo62Jk5HHyYcJ2ZnG9R56ZXiaAsaVnWAd1BnB
+zQxOFyvXYE8LP0lvgxP/Nmj6aIV0mPHxYDNNG6z7rIfiY+2uSadxkc7gB2JKTmts
+QUi8gDZl3RPUr7ghn9dHuwTXeCKQ7gfiwQqZvHopFr3NcEAvI2LBPaEBtROh028z
+RBYooeEPXZ6AOJO6yOWFjxo8XFv5YfFLZ8CPJV//2uqqWFOJ3c9kxeXSLFurD+Kh
+AZiJyjK1tAzhGRWoc/wmXjd30Vx+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://its-spa-006.iowa.uiowa.edu/Shibboleth.sso/SAML/Artifact" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://its-spa-006.iowa.uiowa.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Iowa</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Iowa</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uiowa.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>ITS DNA</GivenName>
+ <EmailAddress>its-spa-dirsvcs@uiowa.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibtest.icts.uiowa.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 564, expires on Sun Jun 26 17:55:28 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAjQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYyNTE3NTUyOFoXDTExMDYy
+NjE3NTUyOFowIjEgMB4GA1UEAxMXc2hpYnRlc3QuaWN0cy51aW93YS5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMUZgNmVvS+xg7B4jtsyFb7GOIHZUkaD
+ZP39VY0WwRT+hqAsdCu7JIiIXvsi9NtU56y3tAhvLqNowD3H273Jcq66M3+/44AD
+qjVrtl8+rS6l6jpYgwliyAsbaWJqt8bf6dfQEKpny9ln3nQH4fXJaxaqCqLPSWQU
+5lLmKUAEZk7VAgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFI2q
+7Tv3xWO5Dbr0ib5RVDO8cwm3MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF3NoaWJ0ZXN0LmljdHMudWlvd2EuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBs
+iCH6QydN3LNW1y67d3vA35Znsamh5VcIIonZpuSo55yEIXHcmkbRqpn6kXTRqStS
+tL1gNCy8Eb/KIXvRGuTA76lXK0hhkQMYeNvM1L5Lnx7a257MCfjGDEW/Bitj5zU5
+1K0HcLyuM+BKo7sF44oXfIDdNgkhqmObPQKSxdIL650ZuJjDyK+zNYgNF2dK8jEl
+fZi7mLAGJQhO8+Ae2Oa+VxXyzTmzchOlGHvctNfjgjjNrMNdvFgR06IGaBZfq3Pk
+UQAj/clt3rqCw72H+VSOeZ/lzzfaEaP+aQsDyVLquSw+e8dhen/mmJGG0jLIe2/d
+PrnZE+CjxVd0E+tcyAeT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://shibtest.icts.uiowa.edu/Shibboleth.sso/SAML/Artifact" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibtest.icts.uiowa.edu/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Iowa</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Iowa</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uiowa.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Adam Harding</GivenName>
+ <EmailAddress>adam-harding@uiowa.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ben Rogers</GivenName>
+ <EmailAddress>ben-rogers@uiowa.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Nevada, Reno -->
+<EntityDescriptor entityID="urn:mace:incommon:unr.edu">
+ <IDPSSODescriptor errorURL="http://idp.unr.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">unr.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 450, expires on Fri Oct 22 18:17:34 2010 GMT -->
+ <ds:X509Certificate>
+MIIFAzCCA+ugAwIBAgICAcIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAyMTE4MTczNFoXDTEwMTAy
+MjE4MTczNFowFjEUMBIGA1UEAxMLaWRwLnVuci5lZHUwgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBALE9Jiuj6jFkiHXIBObYhI5y63pQIxjvoL5FBPYbtpSDKIfl
+hP40SJZ3l6Sf4rDOp7FQL+Wjb/bWX6whOj0G1EX7tz186D+ge2OCx4XO+1K/u9n5
+UWaZHsFW70xSETWwVrlQEtLTRiXOvpwOlNDaq0arqsVCZQjdDKlMqvlIHuJjAgMB
+AAGjggKdMIICmTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFFToJOXuGtQn2smzBwX9
+aOrgpZZvMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2lkcC51bnIu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAQfUtqC2dCUSmPhBsVFhyVPCJtuTduEpei
+fgwZc8UOpP8fpOyySxGIyLotwfOTw9YN4lrOPyfHPg7pQT17oe71ZQMrWSFxmlfB
+OixB9Nm3ximjTvIdwLYoQzj7psSymym7qBOlXOtrxK49Fbf89Y5irwQXyWkLcQkN
+8BqVDBeo3CWSV3zG3UhGrqalsz3oJcAIdKRN8vf2yrfyBQbLmQOyJ1do+0GU996a
+xM0hW+EbfC3WrXlYf0uIGfCLWi12dm8Qtp7KZ9HqcYdrktNbY5w1uGg4V7Ots8Sa
+cZAddRO/LKD6zlaki1uKlaXYQtzWJkg1MggLLiw84wE4+RqWKis0
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.unr.edu/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.unr.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">unr.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 456, expires on Fri Oct 29 19:13:03 2010 GMT -->
+ <ds:X509Certificate>
+MIIFATCCA+mgAwIBAgICAcgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAyODE5MTMwM1oXDTEwMTAy
+OTE5MTMwM1owFTETMBEGA1UEAxMKYWEudW5yLmVkdTCBnzANBgkqhkiG9w0BAQEF
+AAOBjQAwgYkCgYEAsT0mK6PqMWSIdcgE5tiEjnLrelAjGO+gvkUE9hu2lIMoh+WE
+/jRIlneXpJ/isM6nsVAv5aNv9tZfrCE6PQbURfu3PXzoP6B7Y4LHhc77Ur+72flR
+ZpkewVbvTFIRNbBWuVAS0tNGJc6+nA6U0NqrRquqxUJlCN0MqUyq+Uge4mMCAwEA
+AaOCApwwggKYMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUVOgk5e4a1CfaybMHBf1o
+6uCllm8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwFQYDVR0RBA4wDIIKYWEudW5yLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAwElplY/XGBBoToMaMDB8EuQjkbc3rBKgROM4
+voQ8qzj3/NfX1pMApYAlYdvCrMCzaFnnxPpHR3imc3g1RLhVGnSkBsHOh+lmlPD9
+50UMsp4T3o8/FRFYQ8lT55J2I5GktE4eHquZKBtPd15gJipJR/Igj5XShK7GKUQ0
+vllvogsLp0ohueHOs3iORIxAEtwIBiLRvbKua7HV/Kp7pverMFjT0nuBGssvBhe6
+lWyw38ssv65+b48+dmTaFL4hSfUwUKStpsCRXOzhCuvNaMNcVkw6n37drQRtrZyO
+xolnKWw7rzS4cc+k0vn0HafRDuMEjRaVwu4g1f4GB2Vnwes4zw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aa.unr.edu/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Nevada, Reno</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Nevada, Reno</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.unr.edu/content/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Derek Eiler</GivenName>
+ <EmailAddress>derek@unr.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jeff Springer</GivenName>
+ <EmailAddress>jeffs@unr.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Teragrid of the University of Chicago -->
+<EntityDescriptor entityID="https://go.teragrid.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 499, expires on Fri Mar 4 20:07:05 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAfMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMwMzIwMDcwNVoXDTExMDMw
+NDIwMDcwNVowGjEYMBYGA1UEAxMPZ28udGVyYWdyaWQub3JnMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCpRGQ6cLGZ5KyqFw9FUVPKYsOZbLhxN9Jx6Ib0dDPF
+Fj9g0mBo1odGP5CV1Ibbya9fzwKbkR3D6TpOnK3+KG2FTWzQAm3/wVlgmXs4Ekxp
+uzXeJoieEJKpTngwLEG3+nXVlKWRuLVjsuRaR9qPMLv0WhazFv+dG6kpxrEgerWk
+qwIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRfSnCLeRleFv2E
+bMhqoMaYm/qooTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9nby50
+ZXJhZ3JpZC5vcmcwDQYJKoZIhvcNAQEFBQADggEBAHLsKg+bFI2QY54JPiywebSy
+MRa361UGlbIEAnyyYXYbcp49YbrMfmbikkAWFRBIDNrRIBn3LGZqL0qUmG6FomsT
+8ZYx5dV86p2rRccf7C5ZNCleTUYgxzWI+UgAJLCxs0GaEFgAqBqRnBniG/NaTwXf
+qzENZ43/jp//5BBjwHfC6EWmLImh60gaw5ChY4ud+lqkxvDwpHdw/vhAorwxQSfP
+DGvlfNohAA0rpeXqclS7GiFLf0e9L3QoSJ7tgYzyJCPR/pe/CgyD1ehNI8Y0K0Go
+RTjvYKJtKYcspAqNn5wrWP5MTgF/kw0uN6TMzWWRxwQIQs2YgdIqbxLsWgZWfJ8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://go.teragrid.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://go.teragrid.org/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://go.teragrid.org/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://go.teragrid.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://go.teragrid.org/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://go.teragrid.org/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Teragrid of the University of Chicago</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Teragrid of the University of Chicago</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.teragrid.org/index.php</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Terry Fleury</GivenName>
+ <EmailAddress>tfleury@ncsa.uiuc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Jim Basney</GivenName>
+ <EmailAddress>jbasney@ncsa.illinois.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- NITLE (National Institute for Technology and Liberal Education) -->
+<EntityDescriptor entityID="urn:mace:incommon:nitle.org">
+ <IDPSSODescriptor errorURL="https://idp.nitle.org/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nitle.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 408, expires on Sun Aug 15 18:09:28 2010 GMT -->
+ <ds:X509Certificate>
+MIIFBzCCA++gAwIBAgICAZgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxNDE4MDkyOFoXDTEwMDgx
+NTE4MDkyOFowGDEWMBQGA1UEAxMNaWRwLm5pdGxlLm9yZzCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAsZPVB0aWBQr0bu4bML3LPfDDlJ7ZfYUDfjTI/nTVi3oU
+ViqzeCqajzGnaiWRjSPW/bRVPt6XwUTO12lD52xzi8Zq11q0Id6SjXOwyUGZPOM3
+zf1OEEPqAFq3l9X9mC0rGcRA3k7JbYeEVlF3Mtur8vQ9iB7dhCcomX+4OFhXNtEC
+AwEAAaOCAp8wggKbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0/LQyEED82+rGiB1
+o25RVQ+MkXwwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INaWRwLm5p
+dGxlLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEADWLDv8PwASnMjLxlkBcH67BYQMf7
+qckPXztNCRwevPeZ+keCD2Wf+Uo9qIusOgYGA1mqEfUyy+XjpfSA3bmzU0+LYpUX
+Qwm5gxKw68SCbBAgHJw/WGkasuCGISml2d0hzwdXGwjpTVLhm9P0NoGy+8xkoRyC
+mzBF4qXC+cX9HhWjWJw+ULpxxad2gsL+GNccatE8P7kxKy+mBrP1uBsig1sWftnZ
+SYuewTBmV8WgbokLxbdCOC5iU5Q17V8wuu4npLiKIe/t+Kfkc30PlOj97SrpqNgs
+iguD8wia0hD3xgoWrbZKBG7pDNaR6IAZooy6w5bS/nF3uNTjnknL6Zq6DA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.nitle.org/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.nitle.org/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nitle.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 408, expires on Sun Aug 15 18:09:28 2010 GMT -->
+ <ds:X509Certificate>
+MIIFBzCCA++gAwIBAgICAZgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxNDE4MDkyOFoXDTEwMDgx
+NTE4MDkyOFowGDEWMBQGA1UEAxMNaWRwLm5pdGxlLm9yZzCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAsZPVB0aWBQr0bu4bML3LPfDDlJ7ZfYUDfjTI/nTVi3oU
+ViqzeCqajzGnaiWRjSPW/bRVPt6XwUTO12lD52xzi8Zq11q0Id6SjXOwyUGZPOM3
+zf1OEEPqAFq3l9X9mC0rGcRA3k7JbYeEVlF3Mtur8vQ9iB7dhCcomX+4OFhXNtEC
+AwEAAaOCAp8wggKbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0/LQyEED82+rGiB1
+o25RVQ+MkXwwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INaWRwLm5p
+dGxlLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEADWLDv8PwASnMjLxlkBcH67BYQMf7
+qckPXztNCRwevPeZ+keCD2Wf+Uo9qIusOgYGA1mqEfUyy+XjpfSA3bmzU0+LYpUX
+Qwm5gxKw68SCbBAgHJw/WGkasuCGISml2d0hzwdXGwjpTVLhm9P0NoGy+8xkoRyC
+mzBF4qXC+cX9HhWjWJw+ULpxxad2gsL+GNccatE8P7kxKy+mBrP1uBsig1sWftnZ
+SYuewTBmV8WgbokLxbdCOC5iU5Q17V8wuu4npLiKIe/t+Kfkc30PlOj97SrpqNgs
+iguD8wia0hD3xgoWrbZKBG7pDNaR6IAZooy6w5bS/nF3uNTjnknL6Zq6DA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.nitle.org/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.nitle.org/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">NITLE (National Institute for Technology and Liberal Education)</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">NITLE (National Institute for Technology and Liberal Education)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nitle.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Eric Harper</GivenName>
+ <EmailAddress>eric.harper@nitle.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris G. Sellers</GivenName>
+ <EmailAddress>csellers@nitle.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>NITLE Web Support</GivenName>
+ <EmailAddress>webadmin@nitle.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Identit-E, LLC -->
+<EntityDescriptor entityID="https://www.myidentit-e.com/shibboleth/incommon/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 384, expires on Sun Jul 18 19:01:46 2010 GMT -->
+ <ds:X509Certificate>
+MIIGlzCCBX+gAwIBAgICAYAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcxNzE5MDE0NloXDTEwMDcx
+ODE5MDE0NlowHjEcMBoGA1UEAxMTd3d3Lm15aWRlbnRpdC1lLmNvbTCCAiIwDQYJ
+KoZIhvcNAQEBBQADggIPADCCAgoCggIBAOEKAeuqQrETGYthEMVeamazd9qc3e6m
+DGpWgZpdCSZz4iuXYfiK5/Y4hHqbSaJFdYOwbpbMw3O/4wV9cEyaNhhWTCAcvr0j
+tXDTGKrUoVMk5/TgrxHGU6xpj5R1yr1/Mgcwx1xBO7BAsEh6BmT5jzFc1Hqm5BA+
+MQnuo5sg9qtCFfVxTpyWsCYfSXUvGkx6ZlKaUzjzw4fep0je4gUUmJQXepD+Bb0+
+JY8mckp74Qat1bBIuAcQcNInoZyyAXAaca4oSrPE5Gd8aNK/66wUi/2gQ3F1ykuL
+tFOCzSjG1yPm1KTJW3oCE1ekcFpyyJgLmVcp6lnkSuYsQ2iZK5uJ4xz1C79pnvA1
+uSogoA/yqFYzDeiaUeE3qUNVl5Xltvqc4qkyVj8Yohbvr+/c5lNezzbMKK62tv+U
+8OpnOPirQ/dwn0AKDPOIWd8aNK+oAkSu+yLWMWplBBC0GUW0D9azD2tuVtr4CQ7L
+xTDUHY221jVb5DCUxy+JcKH9U0RTc/isO1dlz1sZYtCns7chY22zDIuF61ArgnmI
+QVZa+w5MDI1gD/259u4pblniH3RZYrtyx0rkSHB56Pu3CBrx9Tu6ucBmgCyj48a1
+yS7KCHFGsgoaTGaLhsAyMkFp9Fga2zDeNBQ409EHUPYGVYlYpxO+QYxAWKuXVsiS
+Bar+96WaPieZAgMBAAGjggKlMIICoTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFDMS
+Bw4nrG+g9+CCiXLCcklfKfnzMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB4GA1UdEQQX
+MBWCE3d3dy5teWlkZW50aXQtZS5jb20wDQYJKoZIhvcNAQEFBQADggEBAAMOhh6c
+XVjUP3HTaFwNYSu/92jNt5SyH09DUYwNm/nvqrBNYrTBMFP+pbOuuHK7GOccBrji
+pF1ffMauLZWBTvBJSAT1S4K5NuHVscj2uol6lEKviXnFgjZRhmJSIoFmslTKmw71
+ejsWeoKKxFyWh/+nq9qPft94Ntw7C4Ju+CBbtcwdn+ZfjGJz/pKkOqbSOxDFw0fz
+HHNHSxSrx76TYKhh9waa+KXws5KJJXEWXCyDzOyOA51alpULEnL8RqCuB134OxDo
+x9ul3wV4yRuVWHAw596Y8DuGxR6oMUOo0UTNbge0FZnGwxJ/sEE9cN9iJe7y3MZb
+iD15Lsh07Mmzea4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test.myidentit-e.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://test.myidentit-e.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.myidentit-e.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.myidentit-e.com/Shibboleth.sso/SAML/Artifact" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Identit-E, LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Identit-E, LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://myidentit-e.com/defaultstatic/default.htm</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Josh DePeau</GivenName>
+ <EmailAddress>jdepeau@dstewart.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Findlay -->
+<EntityDescriptor entityID="urn:mace:incommon:findlay.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">findlay.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 364, expires on Fri Jul 2 17:15:10 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAWwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMTE3MTUxMFoXDTEwMDcw
+MjE3MTUxMFowHDEaMBgGA1UEAxMRbWV0aXMuZmluZGxheS5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAKqbDQVE/rX7VihHQLlXy+E6/+EFu7NbgEZgCtqV
+AXfRy40g8xtVxP39LSftBDDu5vCxaudoFEkmA/7Eny7ww4tPalkNt7NksOwLlraS
+7/yOdHAcsAtxsPJoXhq7GGfGVkBrhKpBE20SDCWSBm3Uy2ZgAS0SGZZRKS/SCWXk
+u/OTAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJFG9w0MLDyc
+8O18DdWE2dbIdWgzMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEW1l
+dGlzLmZpbmRsYXkuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBZZMv0yXb1WNTBBex4
+Te+ZG1eTkT/ndwZmoCKc5KfRIgn9b1GKpxqEQdzC0JttIQTyZzmgnklbM9R+TVOl
+iJgGSqmyDZnUL/S3EA7P6uxiMmyi7Nuhi4lnR/L+urhwOoE9yYdJ2y1vT4KUOiaR
+9Ohh1ZclHKVC6nCrPEYbqp2+PoD2tTkJPuRMIT+05AkWFESk98lV4/T58jkdU9m+
+ibNwq3lnmqPhbnQPqTkqtUaS+shcOph7ozJYiNk+jXoYBLnQucqqIUfmIz5ZmBpN
+fY7uHexMkfKSf7ZWhnlOJ+2VxA5/xvFZ8pGkLl3WXV7iq5Ech0kAjm/++pLkF+d/
+RrT+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://metis.findlay.edu:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://metis.findlay.edu:8442/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">findlay.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 364, expires on Fri Jul 2 17:15:10 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAWwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDcwMTE3MTUxMFoXDTEwMDcw
+MjE3MTUxMFowHDEaMBgGA1UEAxMRbWV0aXMuZmluZGxheS5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAKqbDQVE/rX7VihHQLlXy+E6/+EFu7NbgEZgCtqV
+AXfRy40g8xtVxP39LSftBDDu5vCxaudoFEkmA/7Eny7ww4tPalkNt7NksOwLlraS
+7/yOdHAcsAtxsPJoXhq7GGfGVkBrhKpBE20SDCWSBm3Uy2ZgAS0SGZZRKS/SCWXk
+u/OTAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJFG9w0MLDyc
+8O18DdWE2dbIdWgzMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEW1l
+dGlzLmZpbmRsYXkuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBZZMv0yXb1WNTBBex4
+Te+ZG1eTkT/ndwZmoCKc5KfRIgn9b1GKpxqEQdzC0JttIQTyZzmgnklbM9R+TVOl
+iJgGSqmyDZnUL/S3EA7P6uxiMmyi7Nuhi4lnR/L+urhwOoE9yYdJ2y1vT4KUOiaR
+9Ohh1ZclHKVC6nCrPEYbqp2+PoD2tTkJPuRMIT+05AkWFESk98lV4/T58jkdU9m+
+ibNwq3lnmqPhbnQPqTkqtUaS+shcOph7ozJYiNk+jXoYBLnQucqqIUfmIz5ZmBpN
+fY7uHexMkfKSf7ZWhnlOJ+2VxA5/xvFZ8pGkLl3WXV7iq5Ech0kAjm/++pLkF+d/
+RrT+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://metis.findlay.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Findlay</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The University of Findlay</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.findlay.edu/default.htm</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ryan Fox</GivenName>
+ <EmailAddress>rfox@findlay.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- PeopleAdmin, Inc. -->
+<EntityDescriptor entityID="https://emp037.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://hr.jobs.ucla.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cs037.peopleadmin.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://training037.peopleadmin.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Heather Tufts</GivenName>
+ <EmailAddress>heather.tufts@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp041.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://joblink.jmu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cs041.peopleadmin.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://training041.peopleadmin.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Matt Thomas </GivenName>
+ <EmailAddress>matt@peopleadmin.com </EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Sohail Bashadi </GivenName>
+ <EmailAddress>sohail.bashadi@peopleadmin.com </EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp095.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jobs.odu.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cs095.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://training095.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test40.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Heather Tufts</GivenName>
+ <EmailAddress>heather.tufts@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp096.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.uvmjobs.com/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cs096.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://training096.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Thomas Valdez</GivenName>
+ <EmailAddress>thomas.valdez@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Heather Tufts</GivenName>
+ <EmailAddress>heather.tufts@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp114.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://listings.jobs.vt.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cs114.peopleadmin.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://training114.peopleadmin.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Thomas Valdez</GivenName>
+ <EmailAddress>thomas.valdez@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp193.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test45.peopleadmin.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cs193.peopleadmin.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://training193.peopleadmin.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://jobs.msu.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Heather Tufts</GivenName>
+ <EmailAddress>heather.tufts@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp219.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.unrsearch.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cs219.peopleadmin.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://training219.peopleadmin.com/Shibboleth.sso/SAML/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test47.peopleadmin.com/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Thomas Valdez</GivenName>
+ <EmailAddress>thomas.valdez@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp255.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.wustlcareers.com/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cs255.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://training255.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Heather Tufts</GivenName>
+ <EmailAddress>heather.tufts@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp274.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jobs.ufl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cs274.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://training274.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test42.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Thomas Valdez</GivenName>
+ <EmailAddress>thomas.valdez@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Heather Tufts</GivenName>
+ <EmailAddress>heather.tufts@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp510.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.nyucareers.com/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cs510.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://training510.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test43.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Heather Tufts</GivenName>
+ <EmailAddress>heather.tufts@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://emp684.peopleadmin.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 405, expires on Fri Aug 13 18:48:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAZUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDgxMjE4NDgxM1oXDTEwMDgx
+MzE4NDgxM1owGjEYMBYGA1UEAxMPcGVvcGxlYWRtaW4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDdAujQPFfA3SJbvATaV3ZOyrU0pR+XTYxt1YscwGWB
+65oJpinlJVt8EX6Wv57UiRd1qNUmvxOKzQy+yMRBsc4g+whvaeumiLgz2Qlhp8g1
+SNsR/gmVYPLOLNzmVPrX7XNKNli5+DOqtq5F4+9ou8bwqiqzRFy+lPWYLgYMvegh
+/wIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ2Nt7DOvqITu4x
+RqumCysoiZP7WTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9wZW9w
+bGVhZG1pbi5jb20wDQYJKoZIhvcNAQEFBQADggEBADiiC7+8367p+Rgdzpiul67Y
+rci//XYMt5eklnWSDDnILTxCmnZ/9qBnpARjzIIyUToU8qR53F8UHjpp3SAzLgxA
+CiQWSIWOzoqAJHKfKeQNID51wKLH5BP+6YD52+Q8ufjZgpYierKqLcJqtf+WaQGX
+36kVQP38uI3zK7jHnr28mN5OCEyKPAV+4Rs2KwxG+6rQ/NjBM+W0Y/k34Uguk2XM
+MOvH3xJ+SwsQJBcjigErJwsl1zOZxlvHEg8/p719H/dK8ZbZROHw2z5LMoCdwMmf
+IFJDINAoOBl+1Mb5A0xgbbDpQbh1/+KLgd+rOdA1ko6m0o4bfxAQHuM8M7xJsSc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cs684.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://training684.peopleadmin.com/Shibboleth.sso/SAML2/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jobs.baylor.edu/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">PeopleAdmin, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">PeopleAdmin, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.peopleadmin.com/index.php?option=com_frontpage&amp;Itemid=105</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Heather Tufts</GivenName>
+ <EmailAddress>heather.tufts@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Thomas Valdez</GivenName>
+ <EmailAddress>thomas.valdez@peopleadmin.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of South Florida -->
+<EntityDescriptor entityID="urn:mace:incommon:usf.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">usf.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 673, expires on Fri Oct 14 17:59:22 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAqEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAxMzE3NTkyMloXDTExMTAx
+NDE3NTkyMlowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC51c2YuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9p7phBAln7qNSgg8a/ENashdxW4G2Zl
+KLORMQTsTKdt2XodyeO9FxDdabvKCyEomIo25zTVnxICG+DxqbSB9wHBVKOi0BcP
+HpNZUb/6oD5T6ZubxEoIR+Fbdc8zHAr43DaiqiBXce1rRyjLkJRBOqjDreAgc8A9
+geaafsMXyoRUyd5uBnsHigHythfq7OQP0p/AOdHTzNQ8KSDbDtOYu0Mtuu6ocm89
+xqmi/WuyoPhUcrPoI3/TUKGFKRk5hXIGYcVrrX96krWWarH3BPy0giEVCh0P46GI
+JXyKFn3q0UPtxQzfZGDwE624a+upgInX8t+DKARudNmTLZC8bY7y+QIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS+JfA2NANbmgVg8gB5NjVa4+OF
+nDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJzaGliYm9sZXRoLnVz
+Zi5lZHUwDQYJKoZIhvcNAQEFBQADggEBAELueusEUbLsG3v+FV3cQhvwMyMqzQLe
+8vvVsEUU6R9G9YYTpSMzhW99M7HMJUrytVwXlaO4E+l3XRf0ZD+LtWkBr0fEhcl9
+IzV+HmIVlnBdMoql/pZXO97WgPsYICpwCE5OgqbmX+wR2lCx7/296YgvnyKV8tgS
+7jJfw9CcvBiv4pJVSt3NF7Qon6XWI8qiI19lp++//vIpwMmCUPTW1tTuDLhaPGVC
+p4szfML/PzLndweS+m8H+oT4WfwPlZ1ApmDArGP59C26YxUQlKXTmGIu9xEgJ43/
+kqbmuuq6ZlGqEJOnAeGgwVhjJe1dnf9Q0WDN1gmt4qkEPNUphbiyTiI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.usf.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.usf.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">usf.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 673, expires on Fri Oct 14 17:59:22 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAqEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAxMzE3NTkyMloXDTExMTAx
+NDE3NTkyMlowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC51c2YuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9p7phBAln7qNSgg8a/ENashdxW4G2Zl
+KLORMQTsTKdt2XodyeO9FxDdabvKCyEomIo25zTVnxICG+DxqbSB9wHBVKOi0BcP
+HpNZUb/6oD5T6ZubxEoIR+Fbdc8zHAr43DaiqiBXce1rRyjLkJRBOqjDreAgc8A9
+geaafsMXyoRUyd5uBnsHigHythfq7OQP0p/AOdHTzNQ8KSDbDtOYu0Mtuu6ocm89
+xqmi/WuyoPhUcrPoI3/TUKGFKRk5hXIGYcVrrX96krWWarH3BPy0giEVCh0P46GI
+JXyKFn3q0UPtxQzfZGDwE624a+upgInX8t+DKARudNmTLZC8bY7y+QIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS+JfA2NANbmgVg8gB5NjVa4+OF
+nDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJzaGliYm9sZXRoLnVz
+Zi5lZHUwDQYJKoZIhvcNAQEFBQADggEBAELueusEUbLsG3v+FV3cQhvwMyMqzQLe
+8vvVsEUU6R9G9YYTpSMzhW99M7HMJUrytVwXlaO4E+l3XRf0ZD+LtWkBr0fEhcl9
+IzV+HmIVlnBdMoql/pZXO97WgPsYICpwCE5OgqbmX+wR2lCx7/296YgvnyKV8tgS
+7jJfw9CcvBiv4pJVSt3NF7Qon6XWI8qiI19lp++//vIpwMmCUPTW1tTuDLhaPGVC
+p4szfML/PzLndweS+m8H+oT4WfwPlZ1ApmDArGP59C26YxUQlKXTmGIu9xEgJ43/
+kqbmuuq6ZlGqEJOnAeGgwVhjJe1dnf9Q0WDN1gmt4qkEPNUphbiyTiI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.usf.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of South Florida</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of South Florida</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.usf.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Eric Pierce</GivenName>
+ <EmailAddress>epierce@usf.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Dayton -->
+<EntityDescriptor entityID="urn:mace:incommon:udayton.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">udayton.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 396, expires on Sun Aug 1 18:17:14 2010 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAYwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDczMTE4MTcxNFoXDTEwMDgw
+MTE4MTcxNFowHjEcMBoGA1UEAxMTc2hpYmlkcC51ZGF5dG9uLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEApJvzKV1jlZNC8GfgodgdpbrAe98NUuaYm2ND
+KrSmmXbdSk5dox7RcJ3v6NPKGjVfpy+i8xW1BbbKCVkqjBIDMCMX0b15KTRE/hml
+YeX8iQ2uuH9bjEUWDlHYb2yW1CS8I/P/9rRhksgYADu1f7pnDBwipGvvJeRdiOsl
+gNfi9B8CAwEAAaOCAqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUWD9YR3xQ
+YU+N8IoPEOzET3HVMQ0wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYIT
+c2hpYmlkcC51ZGF5dG9uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEACxmcyCXR1P7W
+GAm99hdRXNFxpxeuY5XeSMxCUAJK6iTNOfNySyPFuiPDB7cdisqb/actVi4rlfqK
+2HcrTD4TBsK3l7goNiNn3WlZePhKukqKAwAl/BPOa2HYqW80KrEnC+YAxduVqWru
+q5+s6ya8/8egAHWBv1utWnkk1PP/xr2qAcWYAi60XHxmI8RcENdLs4ElFPf2O1jc
+V6fKnCvBv+pPgNy4N+J53MtFSAgcKGufb5TXU3SHvXIW63cttEOz32EMJ5VYxTUq
+j5a1HvZfe/9d/yyQeHZYTR38jxtANjI1H13UmjpzJ4iMZFjggYgS/Ye/spu4t/yW
+PRUbc3lr6A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.udayton.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibidp.udayton.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">udayton.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 396, expires on Sun Aug 1 18:17:14 2010 GMT -->
+ <ds:X509Certificate>
+MIIFEzCCA/ugAwIBAgICAYwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDczMTE4MTcxNFoXDTEwMDgw
+MTE4MTcxNFowHjEcMBoGA1UEAxMTc2hpYmlkcC51ZGF5dG9uLmVkdTCBnzANBgkq
+hkiG9w0BAQEFAAOBjQAwgYkCgYEApJvzKV1jlZNC8GfgodgdpbrAe98NUuaYm2ND
+KrSmmXbdSk5dox7RcJ3v6NPKGjVfpy+i8xW1BbbKCVkqjBIDMCMX0b15KTRE/hml
+YeX8iQ2uuH9bjEUWDlHYb2yW1CS8I/P/9rRhksgYADu1f7pnDBwipGvvJeRdiOsl
+gNfi9B8CAwEAAaOCAqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAA
+MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUWD9YR3xQ
+YU+N8IoPEOzET3HVMQ0wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0Wh
+WqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9u
+MSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCB
+sgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNh
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5w
+N2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCB
+gjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBT
+BgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYIT
+c2hpYmlkcC51ZGF5dG9uLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEACxmcyCXR1P7W
+GAm99hdRXNFxpxeuY5XeSMxCUAJK6iTNOfNySyPFuiPDB7cdisqb/actVi4rlfqK
+2HcrTD4TBsK3l7goNiNn3WlZePhKukqKAwAl/BPOa2HYqW80KrEnC+YAxduVqWru
+q5+s6ya8/8egAHWBv1utWnkk1PP/xr2qAcWYAi60XHxmI8RcENdLs4ElFPf2O1jc
+V6fKnCvBv+pPgNy4N+J53MtFSAgcKGufb5TXU3SHvXIW63cttEOz32EMJ5VYxTUq
+j5a1HvZfe/9d/yyQeHZYTR38jxtANjI1H13UmjpzJ4iMZFjggYgS/Ye/spu4t/yW
+PRUbc3lr6A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.udayton.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Dayton</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Dayton</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.udayton.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Steven Smith</GivenName>
+ <EmailAddress>smithstm@notes.udayton.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>UDit Help Desk</GivenName>
+ <EmailAddress>pchelp@notes.udayton.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Al Stern</GivenName>
+ <EmailAddress>astern@udayton.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- The University of Arizona -->
+<EntityDescriptor entityID="urn:mace:incommon:arizona.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">arizona.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 423, expires on Fri Sep 3 18:12:55 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAacwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkwMjE4MTI1NVoXDTEwMDkw
+MzE4MTI1NVowITEfMB0GA1UEAxMWc2hpYmJvbGV0aC5hcml6b25hLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqBuPxEj2NG2GqJjg7Zw+4mu4XRPa0ufs
+sw3cIASt3IEgufn42asdZI8wzKhWT05byJb4tceUxuL28Um1gQBCVX6zembBwyqD
+90xsk7OS0YUEs6b48/QRlp2/hgpB4hTRRbFQmb5DCWYB/uL+v5tJuNFSet9lRGso
+T0lirQezkL0CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUzw3Z
+4FLbvZT827kCD8nEamfZjokwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc2hpYmJvbGV0aC5hcml6b25hLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAxJZo
+4qDSuwBWODXdbOuHwo5v34tHZR6OSjPDGxDJAyNcqVaTICmkq7a1ZIRoga0ju3Uc
+FtcC97sQGMElKMCK8eLdHZ28c/Cpenl/HSrUQMXBtc6Vs+66TsDGSwLnfb17Fo24
+u1uzOH8UrRfO9zOV8jpt/XwvkNQhgOFpMHX/n4uuvAZdrsxuh24ZsUoGKA3CmzE2
+p/F1Fthazm/YvrKZOAjQS1kKNw7z7p3MXpnfwZa+lc+oAEgXdCcHL18b4omzMYpv
+ra8DeM0kT40bZQp415GZvJTO+66U36H6oeKUcPyHbO0t35B2yNPTEldklNs+9cbU
+eA7pKr2ed6JHgScoZA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.arizona.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.arizona.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">arizona.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 423, expires on Fri Sep 3 18:12:55 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAacwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkwMjE4MTI1NVoXDTEwMDkw
+MzE4MTI1NVowITEfMB0GA1UEAxMWc2hpYmJvbGV0aC5hcml6b25hLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqBuPxEj2NG2GqJjg7Zw+4mu4XRPa0ufs
+sw3cIASt3IEgufn42asdZI8wzKhWT05byJb4tceUxuL28Um1gQBCVX6zembBwyqD
+90xsk7OS0YUEs6b48/QRlp2/hgpB4hTRRbFQmb5DCWYB/uL+v5tJuNFSet9lRGso
+T0lirQezkL0CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUzw3Z
+4FLbvZT827kCD8nEamfZjokwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc2hpYmJvbGV0aC5hcml6b25hLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAxJZo
+4qDSuwBWODXdbOuHwo5v34tHZR6OSjPDGxDJAyNcqVaTICmkq7a1ZIRoga0ju3Uc
+FtcC97sQGMElKMCK8eLdHZ28c/Cpenl/HSrUQMXBtc6Vs+66TsDGSwLnfb17Fo24
+u1uzOH8UrRfO9zOV8jpt/XwvkNQhgOFpMHX/n4uuvAZdrsxuh24ZsUoGKA3CmzE2
+p/F1Fthazm/YvrKZOAjQS1kKNw7z7p3MXpnfwZa+lc+oAEgXdCcHL18b4omzMYpv
+ra8DeM0kT40bZQp415GZvJTO+66U36H6oeKUcPyHbO0t35B2yNPTEldklNs+9cbU
+eA7pKr2ed6JHgScoZA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.arizona.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The University of Arizona</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The University of Arizona</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.arizona.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Gary Windham</GivenName>
+ <EmailAddress>gary.windham@arizona.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="http://shibtest.ccit.arizona.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://shibtest.ccit.arizona.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 553, expires on Sun Jun 5 18:19:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAikwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYwNDE4MTkxNFoXDTExMDYw
+NTE4MTkxNFowJDEiMCAGA1UEAxMZc2hpYnRlc3QuY2NpdC5hcml6b25hLmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA9Za2dB0aIoboc6wSxbKT2wkK1RBa
+pRo1d5I1MngtV2uitb4j24D+AZ6S9OhdD8Q8p5HN89I/xQpbhMsOjIRStwq0up9w
+hVsLPhCebKHX/h5hq/gwnrFWPtOuY372sljxSas5olTfHfXc15xt8M+hj2bh9nIP
+AH2bhZ6heXd3KKECAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+13tTBrUrEkdrWzHyCJH3scZ0cG4wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZc2hpYnRlc3QuY2NpdC5hcml6b25hLmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEAsziLCuCjXAnK9n/ZuPUutB/dVwg7SeVwS5H2daT74CpGOKDoT7SY9ixLFoIk
+ZWucQ72eAC1NZhuZFoxA5vAxK+rk6Lio4I3oCTqjh3OPtykXiyxXhmHuUwY2euNi
+RMs+RsldB4zyhZuNLfmFj8DJq4SzCk4z0vqcTeD2foQEZQttZOYXlmruWy9jj2bI
+/0vkxR9DDlwu95whG0Gd89xd1QOkSYvO/Zr432CSREcXoZv1qlY2WFqlv59Z+vLz
+uvRi4hIYqFUJP5yWjkwFjeLB6rs/qzRYr9dZwJ/GX2lebz3D/WaOXO+EkQsv+c0m
+ty+fvydRptPwgJK32/YpmMALtw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://shibtest.ccit.arizona.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://shibtest.ccit.arizona.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The University of Arizona</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The University of Arizona</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.arizona.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Gary Windham</GivenName>
+ <EmailAddress>windhamg@email.arizona.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Massachusetts Institute of Technology -->
+<EntityDescriptor entityID="urn:mace:incommon:mit.edu">
+ <IDPSSODescriptor errorURL="https://idp.mit.edu/help.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">mit.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 478, expires on Fri Dec 24 20:10:58 2010 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAd4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIyMzIwMTA1OFoXDTEwMTIy
+NDIwMTA1OFowFjEUMBIGA1UEAxMLaWRwLm1pdC5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC4JDUGKlGjm+lm9mkncjbs1z+vLOUoGCuwOHbQsU1r
+akWDqvREXQu0FigrPJkkp3Bk/ubMVWa8uJXBGyuUsoZmx5LCEJfDJ5AqaEP2M2jl
+B7Rds9N+U9FgVu/BySWn1FQDbjFfzyeBHQusOB92pPaQ7JIaPAh1oV8ryN4mRQu/
+s2Bju7Y1FpfvOljjqCYSstVyWG/ISxKbWxgq3fnkTp+HL8Vd2SGOHf52+sQyrNhZ
+CK9dbryO30K8Stjc/N+67s6A3iJL47arHWJsFul9p6P6hOl4BfxUutOewz0cXbYm
+GaOP7huY42732NjZK3AT7ODvi+E6YIl+lIr4czxJH/EdAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFA4dQCFwOCJZo1agHARkr2Y3PpWCMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2lkcC5taXQuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQAIhtxXLVfuF+/LB9uyUh5tDaK0PPdSAc8emsn7CSMI3Z0RZCwV
+fIDDf4stU1uMGmUBh7lS7BHrAQJwOI1FcZnOd9XKi+oAmj61I8m+HddGP+sG524v
+HaxWaqRAtJY1ot50qP0rjOYzKSolcLhd+Ym5Py1FMDMg12bWxCGNcLzUIK4dE2pt
+Z6cyRWuC/zMsm3Lv1LP0w1Yqi5/d2a2QHvNm6Tzn7pB8WzR8ML/GvnceDw8ey5lJ
+TYIDqpRgCXxinC6bMYfUlPYkUn1z36ZL717lT8AwAoGzgonVvOzK+fmTge9ecexo
+u8C5dIrhLGq5YYp8NHNCbnpri6j85M+fzqOs
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.mit.edu:8444/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.mit.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">mit.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 478, expires on Fri Dec 24 20:10:58 2010 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAd4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIyMzIwMTA1OFoXDTEwMTIy
+NDIwMTA1OFowFjEUMBIGA1UEAxMLaWRwLm1pdC5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQC4JDUGKlGjm+lm9mkncjbs1z+vLOUoGCuwOHbQsU1r
+akWDqvREXQu0FigrPJkkp3Bk/ubMVWa8uJXBGyuUsoZmx5LCEJfDJ5AqaEP2M2jl
+B7Rds9N+U9FgVu/BySWn1FQDbjFfzyeBHQusOB92pPaQ7JIaPAh1oV8ryN4mRQu/
+s2Bju7Y1FpfvOljjqCYSstVyWG/ISxKbWxgq3fnkTp+HL8Vd2SGOHf52+sQyrNhZ
+CK9dbryO30K8Stjc/N+67s6A3iJL47arHWJsFul9p6P6hOl4BfxUutOewz0cXbYm
+GaOP7huY42732NjZK3AT7ODvi+E6YIl+lIr4czxJH/EdAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFA4dQCFwOCJZo1agHARkr2Y3PpWCMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2lkcC5taXQuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQAIhtxXLVfuF+/LB9uyUh5tDaK0PPdSAc8emsn7CSMI3Z0RZCwV
+fIDDf4stU1uMGmUBh7lS7BHrAQJwOI1FcZnOd9XKi+oAmj61I8m+HddGP+sG524v
+HaxWaqRAtJY1ot50qP0rjOYzKSolcLhd+Ym5Py1FMDMg12bWxCGNcLzUIK4dE2pt
+Z6cyRWuC/zMsm3Lv1LP0w1Yqi5/d2a2QHvNm6Tzn7pB8WzR8ML/GvnceDw8ey5lJ
+TYIDqpRgCXxinC6bMYfUlPYkUn1z36ZL717lT8AwAoGzgonVvOzK+fmTge9ecexo
+u8C5dIrhLGq5YYp8NHNCbnpri6j85M+fzqOs
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.mit.edu:8444/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Massachusetts Institute of Technology</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Massachusetts Institute of Technology</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://web.mit.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Touchstone Support</GivenName>
+ <EmailAddress>touchstone-support@mit.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Vanderbilt University -->
+<EntityDescriptor entityID="https://vushib-idp.vanderbilt.edu/idp/Shibboleth">
+ <IDPSSODescriptor errorURL="https://vushib-idp.vanderbilt.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">vanderbilt.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 521, expires on Sun May 1 17:56:46 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAgkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQzMDE3NTY0NloXDTExMDUw
+MTE3NTY0NlowJDEiMCAGA1UEAxMZdnVzaGliLWlkcC52YW5kZXJiaWx0LmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqzCrOsgNir1ragnRrZu6J1TYkc2X
+yWtKZbeUiKCqnZSbS04MqFFiqpRaXkrRDtFCVGnu2a8xTfJ2Zb0ilu+hb+LZNPhB
+ISGWphz9Aeh+JGa4m1K+heNM9wZpxHbhQ17eK4rocVsqx99kPjCEhA1JqMslEbFA
+uM6DhJ5RGCVI/EcCAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+q3uqraCyeHvAvhNICLHFmxjrgpswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZdnVzaGliLWlkcC52YW5kZXJiaWx0LmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEAQcbiyuwF1BVB/KVQzrXwqMSpJljd4cyOoL/AO5s9ocw2LQTvcCT3evwIA2IK
+JjObKjOgrVV9w5lT0k7mE6xzKj8YsQ7dSYZYmhCgNfWcYuhx0AXIRCR815bY/+YA
+2Fm/U6JnOE+zAxyk8M2f6FKZmz+4jtV6zO9vsDxpDl1cPicPnktFRZ7qDM7I3d/3
+t6rjD3TJAL/rvBzNKQJHVqAtx7gEZphsoBeQmXLbk48ZZRvXO6UFGzCD3EMGDiEg
+jEh49tUKW4X3WowIBX5nlLwUuynJClYSc8lZylPTS26O8yCq8fUMp5gZZy/k+mZb
+akaeeLHU1cbP1qa9RWDIwZNjeQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://vushib-idp.vanderbilt.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">vanderbilt.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 521, expires on Sun May 1 17:56:46 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHzCCBAegAwIBAgICAgkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQzMDE3NTY0NloXDTExMDUw
+MTE3NTY0NlowJDEiMCAGA1UEAxMZdnVzaGliLWlkcC52YW5kZXJiaWx0LmVkdTCB
+nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqzCrOsgNir1ragnRrZu6J1TYkc2X
+yWtKZbeUiKCqnZSbS04MqFFiqpRaXkrRDtFCVGnu2a8xTfJ2Zb0ilu+hb+LZNPhB
+ISGWphz9Aeh+JGa4m1K+heNM9wZpxHbhQ17eK4rocVsqx99kPjCEhA1JqMslEbFA
+uM6DhJ5RGCVI/EcCAwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMB
+Af8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU
+q3uqraCyeHvAvhNICLHFmxjrgpswfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2T
+uufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRl
+cmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0
+eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1Ud
+HwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0g
+BFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21t
+b25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0R
+BB0wG4IZdnVzaGliLWlkcC52YW5kZXJiaWx0LmVkdTANBgkqhkiG9w0BAQUFAAOC
+AQEAQcbiyuwF1BVB/KVQzrXwqMSpJljd4cyOoL/AO5s9ocw2LQTvcCT3evwIA2IK
+JjObKjOgrVV9w5lT0k7mE6xzKj8YsQ7dSYZYmhCgNfWcYuhx0AXIRCR815bY/+YA
+2Fm/U6JnOE+zAxyk8M2f6FKZmz+4jtV6zO9vsDxpDl1cPicPnktFRZ7qDM7I3d/3
+t6rjD3TJAL/rvBzNKQJHVqAtx7gEZphsoBeQmXLbk48ZZRvXO6UFGzCD3EMGDiEg
+jEh49tUKW4X3WowIBX5nlLwUuynJClYSc8lZylPTS26O8yCq8fUMp5gZZy/k+mZb
+akaeeLHU1cbP1qa9RWDIwZNjeQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://vushib-idp.vanderbilt.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Vanderbilt University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Vanderbilt University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.vanderbilt.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Lee Brewer</GivenName>
+ <EmailAddress>Lee.Brewer@vanderbilt.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Lee Brewer</GivenName>
+ <EmailAddress>Lee.Brewer@vanderbilt.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Lee Brewer</GivenName>
+ <EmailAddress>Lee.Brewer@vanderbilt.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California, San Francisco -->
+<EntityDescriptor entityID="urn:mace:incommon:ucsf.edu">
+ <IDPSSODescriptor errorURL="https://dp.ucsf.edu/idp/profile/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucsf.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 444, expires on Mon Oct 4 19:20:54 2010 GMT -->
+ <ds:X509Certificate>
+MIIFAzCCA+ugAwIBAgICAbwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAwMzE5MjA1NFoXDTEwMTAw
+NDE5MjA1NFowFjEUMBIGA1UEAxMLZHAudWNzZi5lZHUwgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBAL38UnLIMPP6ULM3JMt3in+PtLQhD1hEC4vd45TxKEurL7Me
+WRX95OyDvDpDUxnvgntG1Uc8q+vQZw1Ydtf5VUv7lC2hIQHPKaaA6cqHcWkyrGvz
+sqBGduA1NUkuvX5TD2tZkX2cw4AoVpg13a+t0MX/Mfuhtiy6JO0X+8EqqyKNAgMB
+AAGjggKdMIICmTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFDeq6q04ki5fSKGOfhjt
+ud9Lp7ITMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2RwLnVjc2Yu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCyPTzm4iZFtprMTOEl4x8+Nh7GJZJBErNZ
+tJ1kuxNywJ+yCNLc75V+z/LIgpd0YoaZoUhtknzQMskbs37UZ/5LqdHxCH6yVZf7
+vCVNSNmbFSrhbrLxvgaPSIfp2H/p3te3v9fNJTOaiwHHUuLdn/J1XtlV5hZtuMOF
+IycSYPzuhyNT8SkBfRAtqn1L8ekQATIeqZPh8mAAJ5Bhk9QqYjRjfE9mwcw0LOGP
+kGpkb0X9psKNbA4UnirbkT2mA1j4y6OuqxVRbvCOEaYXrHUMDRbImmOpc4h4k/HH
+ox1OwwxESYdcngIsJK8WDOJpQV8x0T5Ik3ilU5vpT8146/LyF+Pu
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://dp.ucsf.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://dp.ucsf.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucsf.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 444, expires on Mon Oct 4 19:20:54 2010 GMT -->
+ <ds:X509Certificate>
+MIIFAzCCA+ugAwIBAgICAbwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAwMzE5MjA1NFoXDTEwMTAw
+NDE5MjA1NFowFjEUMBIGA1UEAxMLZHAudWNzZi5lZHUwgZ8wDQYJKoZIhvcNAQEB
+BQADgY0AMIGJAoGBAL38UnLIMPP6ULM3JMt3in+PtLQhD1hEC4vd45TxKEurL7Me
+WRX95OyDvDpDUxnvgntG1Uc8q+vQZw1Ydtf5VUv7lC2hIQHPKaaA6cqHcWkyrGvz
+sqBGduA1NUkuvX5TD2tZkX2cw4AoVpg13a+t0MX/Mfuhtiy6JO0X+8EqqyKNAgMB
+AAGjggKdMIICmTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFDeq6q04ki5fSKGOfhjt
+ud9Lp7ITMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2RwLnVjc2Yu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCyPTzm4iZFtprMTOEl4x8+Nh7GJZJBErNZ
+tJ1kuxNywJ+yCNLc75V+z/LIgpd0YoaZoUhtknzQMskbs37UZ/5LqdHxCH6yVZf7
+vCVNSNmbFSrhbrLxvgaPSIfp2H/p3te3v9fNJTOaiwHHUuLdn/J1XtlV5hZtuMOF
+IycSYPzuhyNT8SkBfRAtqn1L8ekQATIeqZPh8mAAJ5Bhk9QqYjRjfE9mwcw0LOGP
+kGpkb0X9psKNbA4UnirbkT2mA1j4y6OuqxVRbvCOEaYXrHUMDRbImmOpc4h4k/HH
+ox1OwwxESYdcngIsJK8WDOJpQV8x0T5Ik3ilU5vpT8146/LyF+Pu
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://dp.ucsf.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, San Francisco</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, San Francisco</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucsf.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mukesh Yadav</GivenName>
+ <EmailAddress>mukesh.yadav@ucsf.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Omnilert, LLC -->
+<EntityDescriptor entityID="https://www.omnilert.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 472, expires on Sun Dec 5 20:09:13 2010 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAdgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIwNDIwMDkxM1oXDTEwMTIw
+NTIwMDkxM1owGzEZMBcGA1UEAxMQd3d3Lm9tbmlsZXJ0Lm5ldDCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAn1ty+PZBoIj4hBES8WyxzqOy6CjQEMYH93AtZOOA
+Q0BLIMCHuLL6VI0kdhlI9TDKNHQwQg+UtY+FWlLbW3TPxvYbrpWMBupGL9CV+6LI
+Y+qdQALu1B/F3mWvMDYxt5uT59OnpCmQWdpv4+jje/DmFJw/2bsJF6wBUxSor/Nf
+6d8CAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUD5hZ/0Fl9rix
+ua07wGN2uvnUtvQwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQd3d3
+Lm9tbmlsZXJ0Lm5ldDANBgkqhkiG9w0BAQUFAAOCAQEA0RBRVCJ28djkkZuB3Fpl
+NFG4RcDl2o4Q5sjEELRWc+VjJnM3vWQtCXrBjihPAcdaHyqj36ocx8S+drFbZNio
+7Lwhzi9j/P6b2qYFAnGDXrvoiR1x14ks25OU83OOBr/6p6O8+feCm1kePwmgNUSR
+z+bc2h02a2T2FED6+gQi50vBWUO1F/+CaRsf8xxEUt3swxiNjyJNdaubQfQrZMbe
+oWHn52Pyl2P278tY26B4AAqrbyYEIG2r9LtkylNW8qGKAdfv5j6M6Qsa2XgrvlvA
+8s35LCMU4VczWhkyJ6zQSU6XnS4Jiy5spXONEqSYgm6KazfZoFlrhtfyX04vVaF+
+8g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.omnilert.net/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.omnilert.net/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.omnilert.net/Shibboleth.sso/SAML2/POST" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.omnilert.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.omnilert.net/Shibboleth.sso/SAML2/Artifact" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.omnilert.net/Shibboleth.sso/SAML2/ECP" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Omnilert, LLC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Omnilert, LLC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.omnilert.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Niclas Gustavsson</GivenName>
+ <EmailAddress>nick@omnilert.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- National Student Clearinghouse -->
+<EntityDescriptor entityID="https://shibboleth.studentclearinghouse.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 431, expires on Thu Sep 16 18:25:26 2010 GMT -->
+ <ds:X509Certificate>
+MIIFMzCCBBugAwIBAgICAa8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxNTE4MjUyNloXDTEwMDkx
+NjE4MjUyNlowLjEsMCoGA1UEAxMjc2hpYmJvbGV0aC5zdHVkZW50Y2xlYXJpbmdo
+b3VzZS5vcmcwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM8fFUw3LWIC/q2E
+oezArp4IjYvRJLF4d9pCR8oayNFub+g3R16TfSe0yKrMM4bD81Rn7mMerswB0dKz
++JiRaZuw4Fb9ytGZCmnGE8Zjf/t8Cr2yEXN/xQQv1clUcWq6BN8sTIDpWC+Qmy9c
+tiY5NB6HPZbwgrd+01hbNcSsgYZxAgMBAAGjggK1MIICsTAOBgNVHQ8BAf8EBAMC
+BaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIw
+HQYDVR0OBBYEFAiT7XmlV0E2HuJN4gpTPC9UozCfMH4GA1UdIwR3MHWAFJMtyGEY
+rWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5D
+b21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0
+cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMu
+cGRmMC4GA1UdEQQnMCWCI3NoaWJib2xldGguc3R1ZGVudGNsZWFyaW5naG91c2Uu
+b3JnMA0GCSqGSIb3DQEBBQUAA4IBAQCCP56jBkF3NE4I6ff+tidrSqpRbsX01jZv
+bTo99OADf8yGnObck/Gd78OoERy2lQxHRrxoeVmag77xzf1CrQ8oVbPBvoE+MpJd
+aniqGppioL6TOYKtLDaQxc2S8s/jmMBwW/3YZTOoK5kFOhZushOXNbCDZmRXx2by
+1KLsqSMqyP7Ug4tKzAgXEeu+khAfkP9AGy1EuO6p5gPyGvRQ/vbWCQs8utWlJi6H
+CQKIPtOMhfk8rxHW8VC/1SimJHx7JvOXENIPIQEZOXVwUapsOauWARRV1QpME7R0
+AbztAeD/+7P30XKcBbsrpu22hcL0DY41YHzCvaYuTd1ouxfYqwdI
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.studentclearinghouse.org/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">National Student Clearinghouse</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">National Student Clearinghouse</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.studentclearinghouse.org/default.asp</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Doug Falk</GivenName>
+ <EmailAddress>falk@studentclearinghouse.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Tim Bornholtz</GivenName>
+ <EmailAddress>tim@bornholtz.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Lan Qian</GivenName>
+ <EmailAddress>qian@nslc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of California, Santa Cruz -->
+<EntityDescriptor entityID="urn:mace:incommon:ucsc.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucsc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 476, expires on Fri Dec 17 21:19:19 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAdwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIxNjIxMTkxOVoXDTEwMTIx
+NzIxMTkxOVowGTEXMBUGA1UEAxMObG9naW4udWNzYy5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCSO2gZQ1lSAwOHTsceWnCYsP6ZuOEglBjshPIB
+lvTTgy6E6LP0WR6sYyQ72zOH14EtzO5UUKg9rUt8BqXBoBUSmUBUmyMeadSHBwHA
+7JCTlgusoLIccG9c5jCYDedDnTLvjUpl3ywLJVSPYpw05RkUqlwEHlipdoRMzKyy
+VFoC+HWZssqI2w3HXJFD1Fr2XHmZjGBw79FKoooBbuMIXx32W2i88/krFXQhPfus
+KyB2qKelVmpWqxZFYeQcMJEvQR/oCFbWsgD5et3X86bddGjcyK/bs/OERSNpogYh
+pZsG6XMUA+kHXMI2QffZf3hZh1+jdBdhyDUnZtDVeLUEkp0jAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJbXBeHNLP4G0PqXbQuDoBmq0wctMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmxvZ2luLnVjc2MuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQDQOUFYCcFNunrQBXxm5hSHMNTpvxy0ydb3xjwqtdQw
+Sf4PMHFPk/o4QRTc2Wnh158RSabQ+9pfLLi9CoGIyvR3IZuoNEarxQVFEYeaYX14
+pbx5X5FMqluZSJlJmK+HX2wWzQYSV0q4qBNbxcViiMOe1o6MlfY3O47OLLROVi5L
+9fDm/U3j6IMLecg0pcu1FTAXXloKl26fyp+Wh1ZJGYEQKqUtAWc4l6o95fhteP8h
+s2bd1ZvXDpfBjSBUWJC7r/1J9B959dkP2AopTEGf6enxEmkzxBL8gvCsv6h8E0pN
+Bcy4FNoCys9BQiP6rC4iR/kpT3MYff0/lDbM3Wq5WXW5
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.ucsc.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.ucsc.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ucsc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 476, expires on Fri Dec 17 21:19:19 2010 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAdwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIxNjIxMTkxOVoXDTEwMTIx
+NzIxMTkxOVowGTEXMBUGA1UEAxMObG9naW4udWNzYy5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCSO2gZQ1lSAwOHTsceWnCYsP6ZuOEglBjshPIB
+lvTTgy6E6LP0WR6sYyQ72zOH14EtzO5UUKg9rUt8BqXBoBUSmUBUmyMeadSHBwHA
+7JCTlgusoLIccG9c5jCYDedDnTLvjUpl3ywLJVSPYpw05RkUqlwEHlipdoRMzKyy
+VFoC+HWZssqI2w3HXJFD1Fr2XHmZjGBw79FKoooBbuMIXx32W2i88/krFXQhPfus
+KyB2qKelVmpWqxZFYeQcMJEvQR/oCFbWsgD5et3X86bddGjcyK/bs/OERSNpogYh
+pZsG6XMUA+kHXMI2QffZf3hZh1+jdBdhyDUnZtDVeLUEkp0jAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJbXBeHNLP4G0PqXbQuDoBmq0wctMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmxvZ2luLnVjc2MuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQDQOUFYCcFNunrQBXxm5hSHMNTpvxy0ydb3xjwqtdQw
+Sf4PMHFPk/o4QRTc2Wnh158RSabQ+9pfLLi9CoGIyvR3IZuoNEarxQVFEYeaYX14
+pbx5X5FMqluZSJlJmK+HX2wWzQYSV0q4qBNbxcViiMOe1o6MlfY3O47OLLROVi5L
+9fDm/U3j6IMLecg0pcu1FTAXXloKl26fyp+Wh1ZJGYEQKqUtAWc4l6o95fhteP8h
+s2bd1ZvXDpfBjSBUWJC7r/1J9B959dkP2AopTEGf6enxEmkzxBL8gvCsv6h8E0pN
+Bcy4FNoCys9BQiP6rC4iR/kpT3MYff0/lDbM3Wq5WXW5
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.ucsc.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of California, Santa Cruz</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of California, Santa Cruz</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ucsc.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeffrey Crawford</GivenName>
+ <EmailAddress>jeffreyc@ucsc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Eric Goodman</GivenName>
+ <EmailAddress>ericg@ucsc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Purdue University Main Campus -->
+<EntityDescriptor entityID="https://idp.purdue.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">purdue.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 531, expires on Fri May 13 18:07:01 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAhMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxMjE4MDcwMVoXDTExMDUx
+MzE4MDcwMVowGTEXMBUGA1UEAxMOaWRwLnB1cmR1ZS5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCZkIfJGwEcqJVMAW4U4XK+t5A/LeY9jpq5XEK1
+AXtyBOBUPxGpB2RjVw3pywkNEzi5fUIbPTi4wjwGwjaoLBxd8jPhHttySykldPZg
+zThELEGkqomU12ZGb+5SHSsYZhRi5suEZtwFDPvB3onvRpFvk+fXaT9ilf86OsF7
+T+wUYdVjQ53GmML9iGA+/N3fZo9rHJHbMpl9MnC2RjkRAfg3wtXK2wtmI1fUmcu5
+zb6teBpmJ831kC8/M5oAEJUT5vJj8BCPbEqR4jwcWK5E+4fN0SK25g4nlJQJLJad
+idPZD0R/Oh3qPYhsh+lvsG+AFpBD/eH2uyxSc8KPpVfwZlrfAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNVQRaMIkL7Pq7+Xi5rmaD+wsJbhMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmlkcC5wdXJkdWUuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQC1CV8TtNwQGV5hyacZn5T+jd77o+FEm0TBQYDGJjwl
+E724rX6jQEMSE7nhMjXCdlCV+BToFHYO9yXsgwW3TmHcvAwyBjS5LdJeZ2yW/EOt
+zcLi2vnVrimL5SZyTv+7Cdbki0B3QUFu7lKb/QtLepcnLC8kP57tS/Od28IW8mc9
+zo9MTVXxp293WjGd9y3zdwTvLzSNqQWq7iP1NIPH3zSl700GkuLuZjyq4QBVfqCO
+CdpQCu00whkb535s4BQqDEytemjpc6kxu8jgxql+1Cq7oeQ4XFIpPh6SyTpXJg2b
+61jP76ZJMLx/FTyyxmZ7Das9R/4aLWAIW22uv1fqJ6st
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.purdue.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://www.purdue.edu/apps/idphs/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">purdue.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 531, expires on Fri May 13 18:07:01 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAhMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxMjE4MDcwMVoXDTExMDUx
+MzE4MDcwMVowGTEXMBUGA1UEAxMOaWRwLnB1cmR1ZS5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCZkIfJGwEcqJVMAW4U4XK+t5A/LeY9jpq5XEK1
+AXtyBOBUPxGpB2RjVw3pywkNEzi5fUIbPTi4wjwGwjaoLBxd8jPhHttySykldPZg
+zThELEGkqomU12ZGb+5SHSsYZhRi5suEZtwFDPvB3onvRpFvk+fXaT9ilf86OsF7
+T+wUYdVjQ53GmML9iGA+/N3fZo9rHJHbMpl9MnC2RjkRAfg3wtXK2wtmI1fUmcu5
+zb6teBpmJ831kC8/M5oAEJUT5vJj8BCPbEqR4jwcWK5E+4fN0SK25g4nlJQJLJad
+idPZD0R/Oh3qPYhsh+lvsG+AFpBD/eH2uyxSc8KPpVfwZlrfAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNVQRaMIkL7Pq7+Xi5rmaD+wsJbhMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmlkcC5wdXJkdWUuZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQC1CV8TtNwQGV5hyacZn5T+jd77o+FEm0TBQYDGJjwl
+E724rX6jQEMSE7nhMjXCdlCV+BToFHYO9yXsgwW3TmHcvAwyBjS5LdJeZ2yW/EOt
+zcLi2vnVrimL5SZyTv+7Cdbki0B3QUFu7lKb/QtLepcnLC8kP57tS/Od28IW8mc9
+zo9MTVXxp293WjGd9y3zdwTvLzSNqQWq7iP1NIPH3zSl700GkuLuZjyq4QBVfqCO
+CdpQCu00whkb535s4BQqDEytemjpc6kxu8jgxql+1Cq7oeQ4XFIpPh6SyTpXJg2b
+61jP76ZJMLx/FTyyxmZ7Das9R/4aLWAIW22uv1fqJ6st
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.purdue.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Purdue University Main Campus</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Purdue University Main Campus</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.purdue.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Purdue Identity and Access Management</GivenName>
+ <EmailAddress>accounts@purdue.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Northern Michigan University -->
+<EntityDescriptor entityID="urn:mace:incommon:nmu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nmu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 493, expires on Sun Feb 13 20:00:54 2011 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAe0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIxMjIwMDA1NFoXDTExMDIx
+MzIwMDA1NFowFjEUMBIGA1UEAxMLc3NvLm5tdS5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCvIyUrqI7RNJ6XFN/F7wgZ3bKY6fgXndhLtviIgjNi
+V/4n5TSCMomu7nEojkCrAMwKnuaGv4PHumavb3Jre8Y65/Fw2jmHSwRCEnMkDst2
+oCx29Hm0nm81Ew/rvg3SEcSOs+d/WkQ3Sx5X+3hm3Qci88TvIEyi3dIO9aK1mVBB
+Cq1k/1CujIqXubLfA/LGFMMEyNUU/A/Zfw/Ig4dDe4hUIneCKpn7EnWpKuTI4VQo
+qXG6pGbLEALd87ZV4cME45hZwXFEgti7kvl293vJhhaGqdd7BFMFuZRs5wTjjuB1
+L7T/rBzDOu72iACixF8rLck+iuO+Ruhu26oOiKnWSTXnAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFMPJsWdc7+Gk8JRf2/hVACxgaqGWMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC3Nzby5ubXUuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQDOiphaH9y4wH/4B2Zg6s9FLlIZWiMcD/sJQX9Iu4biFwX/WtFN
+9PjqpsLU9xFFc9cYNO0ppEJvtp8vbdpYA22id9G98wyW5cUtF8jh7O3fL/cglaWS
+uFkYbT0qUNAe3ceSeTeud4LQZU4e8ITVj1msZz9IobIxFpROmT+SZT/47DaN911w
+5RPY2ZTVlVX+FjeqsRAnqE7wKH14oh9UoUQQ3kDD9xHJvH/CPzZxrE5RPfen0vv7
+0OZHJJt42dylmhqQAHDWWmAu816lOy/flBGHuRT7X06OLFEHdM3Hm0b7ld0YrvYg
+whIN8JhvHoiclcPpsFP5IwpT6RQijRaNW4RV
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://sso.nmu.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://sso.nmu.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nmu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 493, expires on Sun Feb 13 20:00:54 2011 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAe0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIxMjIwMDA1NFoXDTExMDIx
+MzIwMDA1NFowFjEUMBIGA1UEAxMLc3NvLm5tdS5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCvIyUrqI7RNJ6XFN/F7wgZ3bKY6fgXndhLtviIgjNi
+V/4n5TSCMomu7nEojkCrAMwKnuaGv4PHumavb3Jre8Y65/Fw2jmHSwRCEnMkDst2
+oCx29Hm0nm81Ew/rvg3SEcSOs+d/WkQ3Sx5X+3hm3Qci88TvIEyi3dIO9aK1mVBB
+Cq1k/1CujIqXubLfA/LGFMMEyNUU/A/Zfw/Ig4dDe4hUIneCKpn7EnWpKuTI4VQo
+qXG6pGbLEALd87ZV4cME45hZwXFEgti7kvl293vJhhaGqdd7BFMFuZRs5wTjjuB1
+L7T/rBzDOu72iACixF8rLck+iuO+Ruhu26oOiKnWSTXnAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFMPJsWdc7+Gk8JRf2/hVACxgaqGWMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC3Nzby5ubXUuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQDOiphaH9y4wH/4B2Zg6s9FLlIZWiMcD/sJQX9Iu4biFwX/WtFN
+9PjqpsLU9xFFc9cYNO0ppEJvtp8vbdpYA22id9G98wyW5cUtF8jh7O3fL/cglaWS
+uFkYbT0qUNAe3ceSeTeud4LQZU4e8ITVj1msZz9IobIxFpROmT+SZT/47DaN911w
+5RPY2ZTVlVX+FjeqsRAnqE7wKH14oh9UoUQQ3kDD9xHJvH/CPzZxrE5RPfen0vv7
+0OZHJJt42dylmhqQAHDWWmAu816lOy/flBGHuRT7X06OLFEHdM3Hm0b7ld0YrvYg
+whIN8JhvHoiclcPpsFP5IwpT6RQijRaNW4RV
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://sso.nmu.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Northern Michigan University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Northern Michigan University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nmu.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Karl Mulder</GivenName>
+ <EmailAddress>kmulder@nmu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>John Marra</GivenName>
+ <EmailAddress>jmarra@nmu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Travel Solutions, Inc. -->
+<EntityDescriptor entityID="https://www.ts24.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 463, expires on Mon Nov 8 20:07:09 2010 GMT -->
+ <ds:X509Certificate>
+MIIFBTCCA+2gAwIBAgICAc8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTEwNzIwMDcwOVoXDTEwMTEw
+ODIwMDcwOVowFzEVMBMGA1UEAxMMd3d3LnRzMjQuY29tMIGfMA0GCSqGSIb3DQEB
+AQUAA4GNADCBiQKBgQC9S6QKWeuZTPBytlfVJtPXJzyDsdl4qsDPBYzJKFrz03Yr
+Cz776IcfbM3ixxetvpQ4nvQpLr7aszEKl4kqof5RnhPraRt8zlEbXwAd9hSXIo1j
+Ca0kzZzrWU6a4V6FShbGHMGGnw2rUWhXRf0AHH6AJqn0Ifdva455rDxZtxQH+wID
+AQABo4ICnjCCApowDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBR86xpWy3+FO8iNUXrM
+8goTDtn7SzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggx3d3cudHMy
+NC5jb20wDQYJKoZIhvcNAQEFBQADggEBAHVx9rufKqMtOsulOIbbjZaIJKP8+dsH
+CvjELrU2Fi1yeQjFRCelYdpw6zlbr67FtSNgDzzyq0PqZ96NUhd6wAjjw5L6m/3D
+z1pF2D0bZSkZiLw+I1tqzlSCW02eV31KOb6jDp88RE/InRRWg8N7VepLbXEBgdUX
+6G631E5kwrSRx5fRLk9SHUAuuE4eg8tFRljmKk7o9c+joOapkE8RAkOJda/6LWht
+WvUcG95M/xgdaGkLAjRiIfXF9L8fY7vr1yL5P3Zdk5OvUieFk57FxpZ6x/t3LV0u
+c/a8BOP0NC1EwfS6soxPZ8eXbKPI5fZb2UwW5s3Lldoc+O6tZcR5o8U=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.ts24.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.ts24.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Travel Solutions, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Travel Solutions, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://ts24.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Binh Ly</GivenName>
+ <EmailAddress>bly@ts24.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Colorado State University -->
+<EntityDescriptor entityID="https://shibidp.colostate.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">colostate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1256680690, expires on Fri Oct 26 21:58:10 2012 GMT -->
+ <ds:X509Certificate>
+MIIDhjCCAm6gAwIBAgIESuds8jANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCVVMxCzAJBgNV
+BAgTAkNPMRUwEwYDVQQHEwxGb3J0IENvbGxpbnMxIjAgBgNVBAoTGUNvbG9yYWRvIFN0YXRlIFVu
+aXZlcnNpdHkxDTALBgNVBAsTBEFDTlMxHjAcBgNVBAMTFXNoaWJpZHAuY29sb3N0YXRlLmVkdTAe
+Fw0wOTEwMjcyMTU4MTBaFw0xMjEwMjYyMTU4MTBaMIGEMQswCQYDVQQGEwJVUzELMAkGA1UECBMC
+Q08xFTATBgNVBAcTDEZvcnQgQ29sbGluczEiMCAGA1UEChMZQ29sb3JhZG8gU3RhdGUgVW5pdmVy
+c2l0eTENMAsGA1UECxMEQUNOUzEeMBwGA1UEAxMVc2hpYmlkcC5jb2xvc3RhdGUuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTE1kTlXGS2mt7QD8D1uatKcox0pC5+aZGek19tV
+0Hd2PUTzieIHAkNtlq+4fnH1MnrAkOMTblYkrvj4hbUaOnCnTwjsZueEVXNyy4isWUPJ7NEYRURN
+75aNNztGvJPR4OcOE76aJ+gKIbkzhMDfgIizSjTm0hEAq73oRFutfnhS31Udwrc8UEqP330yy5Qa
+fUYl7voaWn23r+yVpGApDwgCcI1Q45QxPR4RbYJw5YOmCE3KHM3kuodCnS9U38ZRktCY6CPbtjC8
+QyuAq8Ngh85qgnWyxn3UhE9dQx2Vsnl3IuV97IpddjNCfGVl9+Qoc3L8+vhPSq96ZAuu6oO3aQID
+AQABMA0GCSqGSIb3DQEBBQUAA4IBAQBBY1VxQVyXgEA7H5a8DlOPh+9RP4yiW4HW+r0mX9sm/Xvm
+J7CWsVKq+/LJ9vZGq2qAXb7lOCVFoWk+eQZ0HXfklP7+IpZlK656wyvLTh9+OIm/6UYb/ES9tGO/
+QIqQkTtz81zemEt1y/S8nVmLG6Wz9mbA8LBQUZRXFwrQ22ZFe+/25FzACPcm4twkKGUc8OffCNQF
+o0mIgeZTa+yf7Y4CVNGhMPf9BrtupAHNUIKNQymBAmMk4qRrgptPx7NwgdRwgjS6T7TERkbZUOhC
+jEdNmTbclqUYTiexXEyZMHf8nGYPuanLiPEMAvqqqQGriyzmAAze3UPlrUHOcvQzz1kJ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibidp.colostate.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibidp.colostate.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">colostate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1256680690, expires on Fri Oct 26 21:58:10 2012 GMT -->
+ <ds:X509Certificate>
+MIIDhjCCAm6gAwIBAgIESuds8jANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCVVMxCzAJBgNV
+BAgTAkNPMRUwEwYDVQQHEwxGb3J0IENvbGxpbnMxIjAgBgNVBAoTGUNvbG9yYWRvIFN0YXRlIFVu
+aXZlcnNpdHkxDTALBgNVBAsTBEFDTlMxHjAcBgNVBAMTFXNoaWJpZHAuY29sb3N0YXRlLmVkdTAe
+Fw0wOTEwMjcyMTU4MTBaFw0xMjEwMjYyMTU4MTBaMIGEMQswCQYDVQQGEwJVUzELMAkGA1UECBMC
+Q08xFTATBgNVBAcTDEZvcnQgQ29sbGluczEiMCAGA1UEChMZQ29sb3JhZG8gU3RhdGUgVW5pdmVy
+c2l0eTENMAsGA1UECxMEQUNOUzEeMBwGA1UEAxMVc2hpYmlkcC5jb2xvc3RhdGUuZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTE1kTlXGS2mt7QD8D1uatKcox0pC5+aZGek19tV
+0Hd2PUTzieIHAkNtlq+4fnH1MnrAkOMTblYkrvj4hbUaOnCnTwjsZueEVXNyy4isWUPJ7NEYRURN
+75aNNztGvJPR4OcOE76aJ+gKIbkzhMDfgIizSjTm0hEAq73oRFutfnhS31Udwrc8UEqP330yy5Qa
+fUYl7voaWn23r+yVpGApDwgCcI1Q45QxPR4RbYJw5YOmCE3KHM3kuodCnS9U38ZRktCY6CPbtjC8
+QyuAq8Ngh85qgnWyxn3UhE9dQx2Vsnl3IuV97IpddjNCfGVl9+Qoc3L8+vhPSq96ZAuu6oO3aQID
+AQABMA0GCSqGSIb3DQEBBQUAA4IBAQBBY1VxQVyXgEA7H5a8DlOPh+9RP4yiW4HW+r0mX9sm/Xvm
+J7CWsVKq+/LJ9vZGq2qAXb7lOCVFoWk+eQZ0HXfklP7+IpZlK656wyvLTh9+OIm/6UYb/ES9tGO/
+QIqQkTtz81zemEt1y/S8nVmLG6Wz9mbA8LBQUZRXFwrQ22ZFe+/25FzACPcm4twkKGUc8OffCNQF
+o0mIgeZTa+yf7Y4CVNGhMPf9BrtupAHNUIKNQymBAmMk4qRrgptPx7NwgdRwgjS6T7TERkbZUOhC
+jEdNmTbclqUYTiexXEyZMHf8nGYPuanLiPEMAvqqqQGriyzmAAze3UPlrUHOcvQzz1kJ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibidp.colostate.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.colostate.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Colorado State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Colorado State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.colostate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Randy Miotke</GivenName>
+ <EmailAddress>shibboleth@colostate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Kevin Swab</GivenName>
+ <EmailAddress>shibboleth@colostate.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Scott Baily</GivenName>
+ <EmailAddress>shibboleth@colostate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Stevens Institute of Technology -->
+<EntityDescriptor entityID="urn:mace:incommon:stevens.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">stevens.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 457, expires on Fri Oct 29 19:13:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAckwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAyODE5MTMwNloXDTEwMTAy
+OTE5MTMwNlowITEfMB0GA1UEAxMWc2hpYmJvbGV0aC5zdGV2ZW5zLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAocsjfJIlX+OTF31Cnw4/kkSJZTiIUoug
+jDbbz1T+a8i9qqFhM298Wc71GpyUq6kcDXRhzK6vxWxxmFsUfh12GAISAhRUszAZ
+4i9l/e20dp84rnW7QGRGdoBHoL304Z6xNTGW45Zu/hvaojeY/HK6WIR4FBrQG9my
+KG5W/nuqn90CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUQW/J
+6n/2/qfwRnkhPQM1MNsgcv8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc2hpYmJvbGV0aC5zdGV2ZW5zLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAvfWD
+IkdOPTZTdW+kdgCJK2UW8BwsZkX63Sc6RRMEjDTYRNtkw2h4XA1zLm+27ewQSoM2
+RvkjS6WF9zMutAaZ5hKwApVzStW4wMB9rGIVFr7h+0QEBKRNa6oZ+c4YrR68aDdU
+QLzx5AdQOnm3ApYJwjsGJInojSFkgd+zDjidHqopb9Y2FwYuFqavE8EPjLUXW680
+eqgiCB2Z4z24byfXewB0A/PvKBj6wV7SNeqOcS/jrwBHBFJzBHiQ7011cFSWKNJX
+JJIh98XAHGe1WnZ8I2grI3BscWkuwyUUixXYc8VPUz4dqLD+aZmWAy8d+o2b4JD1
+/Phf4LkcGWZen1904w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.stevens.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.stevens.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.stevens.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.stevens.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.stevens.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth.stevens.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">stevens.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 457, expires on Fri Oct 29 19:13:06 2010 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAckwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAyODE5MTMwNloXDTEwMTAy
+OTE5MTMwNlowITEfMB0GA1UEAxMWc2hpYmJvbGV0aC5zdGV2ZW5zLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAocsjfJIlX+OTF31Cnw4/kkSJZTiIUoug
+jDbbz1T+a8i9qqFhM298Wc71GpyUq6kcDXRhzK6vxWxxmFsUfh12GAISAhRUszAZ
+4i9l/e20dp84rnW7QGRGdoBHoL304Z6xNTGW45Zu/hvaojeY/HK6WIR4FBrQG9my
+KG5W/nuqn90CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUQW/J
+6n/2/qfwRnkhPQM1MNsgcv8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc2hpYmJvbGV0aC5zdGV2ZW5zLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAvfWD
+IkdOPTZTdW+kdgCJK2UW8BwsZkX63Sc6RRMEjDTYRNtkw2h4XA1zLm+27ewQSoM2
+RvkjS6WF9zMutAaZ5hKwApVzStW4wMB9rGIVFr7h+0QEBKRNa6oZ+c4YrR68aDdU
+QLzx5AdQOnm3ApYJwjsGJInojSFkgd+zDjidHqopb9Y2FwYuFqavE8EPjLUXW680
+eqgiCB2Z4z24byfXewB0A/PvKBj6wV7SNeqOcS/jrwBHBFJzBHiQ7011cFSWKNJX
+JJIh98XAHGe1WnZ8I2grI3BscWkuwyUUixXYc8VPUz4dqLD+aZmWAy8d+o2b4JD1
+/Phf4LkcGWZen1904w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.stevens.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.stevens.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Stevens Institute of Technology</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stevens Institute of Technology</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.stevens.edu/sit/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Byron Dolan</GivenName>
+ <EmailAddress>bdolan@stevens.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Simon Shi</GivenName>
+ <EmailAddress>sshi@stevens.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Simon Shi</GivenName>
+ <EmailAddress>sshi@stevens.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- MCNC -->
+<EntityDescriptor entityID="urn:mace:incommon:mcnc.org">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">mcnc.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 486, expires on Thu Jan 27 20:11:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAeYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDEyNjIwMTEwMFoXDTExMDEy
+NzIwMTEwMFowGDEWMBQGA1UEAxMNc2hpYi5tY25jLm9yZzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALa8PSAGOD7i05Hx/bkR/dhNCfiI/uAxH6OocSOd
+DXVrIqDCdz9ORshHSCAe0zxCNBDrVjSU+sCwcQFZTN/BhX4fzkjeCBIIgcsGzy0K
+5jrhDJ0xLIaXw3SNWjxSaTFRMftouW8DA+RDkjyhTcQ/AfRqpu02Zk691Wwm/p+M
+buaK6UpGvJTwS4pZLDp2cDiowhxSyZSJb8gFcwdSaTZPgAte9W43TVFiIEc6Y08g
++SSswSjhjlUrmXzLG6cGo/DIZuCGOPX+vaPS+CJXhHqACOW1n8GBTUP6bYpXG5Qy
+v0gEiF6Q3zpJZ7Y7eQy+LIXq7VRkQAGQJM5Bekr71/M2dXUCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUW44lUTMIMW34L32RSSBpxHcbpRMwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc2hpYi5tY25jLm9yZzANBgkq
+hkiG9w0BAQUFAAOCAQEAnbWRaMnlQu1PMuPRGxQKaIjnm25W4vSwxxzYpZLGGj+N
+iFFlJpbCJYlij0vjJ/JUskdbZyCVopCcqbi4AA0X9ezzRJWAl1eJK+u9oRLoQDm+
+ugjnifamZ/7x3PwIZ1eaTEyaDxCiHV2GpIz5lh7KnTs+p1o7mZfF6J0GPxqX1ltz
+Bdy7onbaItXINVNPCtTMHLDSrp1qdK7rkUPDQpDpChyz9Ziklzro6dgKEKw9J0l2
+xgsGNqHOXMeKNwErEdyDWw3AedupG70RPfSOLZIHiEJHpNUmz7B6ZAB5yMS5eZz7
+6CYR06z1DuBKhT87McNUZWFVqojdQfHYrYCnEpYUDw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.mcnc.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.mcnc.org:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.mcnc.org/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib.mcnc.org/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib.mcnc.org/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib.mcnc.org/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">mcnc.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 486, expires on Thu Jan 27 20:11:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAeYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDEyNjIwMTEwMFoXDTExMDEy
+NzIwMTEwMFowGDEWMBQGA1UEAxMNc2hpYi5tY25jLm9yZzCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALa8PSAGOD7i05Hx/bkR/dhNCfiI/uAxH6OocSOd
+DXVrIqDCdz9ORshHSCAe0zxCNBDrVjSU+sCwcQFZTN/BhX4fzkjeCBIIgcsGzy0K
+5jrhDJ0xLIaXw3SNWjxSaTFRMftouW8DA+RDkjyhTcQ/AfRqpu02Zk691Wwm/p+M
+buaK6UpGvJTwS4pZLDp2cDiowhxSyZSJb8gFcwdSaTZPgAte9W43TVFiIEc6Y08g
++SSswSjhjlUrmXzLG6cGo/DIZuCGOPX+vaPS+CJXhHqACOW1n8GBTUP6bYpXG5Qy
+v0gEiF6Q3zpJZ7Y7eQy+LIXq7VRkQAGQJM5Bekr71/M2dXUCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUW44lUTMIMW34L32RSSBpxHcbpRMwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc2hpYi5tY25jLm9yZzANBgkq
+hkiG9w0BAQUFAAOCAQEAnbWRaMnlQu1PMuPRGxQKaIjnm25W4vSwxxzYpZLGGj+N
+iFFlJpbCJYlij0vjJ/JUskdbZyCVopCcqbi4AA0X9ezzRJWAl1eJK+u9oRLoQDm+
+ugjnifamZ/7x3PwIZ1eaTEyaDxCiHV2GpIz5lh7KnTs+p1o7mZfF6J0GPxqX1ltz
+Bdy7onbaItXINVNPCtTMHLDSrp1qdK7rkUPDQpDpChyz9Ziklzro6dgKEKw9J0l2
+xgsGNqHOXMeKNwErEdyDWw3AedupG70RPfSOLZIHiEJHpNUmz7B6ZAB5yMS5eZz7
+6CYR06z1DuBKhT87McNUZWFVqojdQfHYrYCnEpYUDw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.mcnc.org:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.mcnc.org:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Steve Thorpe</GivenName>
+ <EmailAddress>thorpe@mcnc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Keith Venters</GivenName>
+ <EmailAddress>kventers@mcnc.org</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris Caswell</GivenName>
+ <EmailAddress>ccaswell@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://db-backup.ncren.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 685, expires on Mon Nov 14 19:55:56 2011 GMT -->
+ <ds:X509Certificate>
+MIIGFzCCBP+gAwIBAgICAq0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTExMzE5NTU1NloXDTExMTEx
+NDE5NTU1NlowHjEcMBoGA1UEAxMTZGItYmFja3VwLm5jcmVuLm5ldDCCAaIwDQYJ
+KoZIhvcNAQEBBQADggGPADCCAYoCggGBAKJda1rSWnITfaGfRuzNOiJAFvqeJCDG
+eKN1QosV1c4/B8/Sg6U51+2zUh5Lp3Rr/y4akHFC4g3KIVkfm9Zs+AfDcbyst8tn
+Cj62PFxw8fMSECLCu6XMFZ0t5hSaI+uQezDMcJefiDBdSbNcO+IpdSo6LmaX7aTQ
+QyCzFBT79hAbcWGqIrwOZy3VMiLqi3In+pdjpMr4/zLr7PCJ6X3DB2HNHcjwKZp4
+lSdBNyJeL0w1yqwfb7UEF5sW7V/Wwc9xuiFQQGQnKM2WVIXaMBEJp0rW7I/g6vQs
+ktqXtT0SjILakm1qBvnqMIyGUIJImIcRUeOLMEYTT56qQxRbTIy9b4MPNRdm5hIQ
+540GXuC/u0suRlhpjmFOtn1UUuEdAo8PKhe36zwpsquiT6J51U8qrE3+HtmJd7VR
+goy8UrOXD+DCdND4P3Sd4al9IRuhN/EB+s9swt7ccKREL4HbcgFe12pFUXa+f8cc
+hdeZ7ZokzWw3aeCJrGW3QVb9dwCpmWXCdwIDAQABo4ICpTCCAqEwDgYDVR0PAQH/
+BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUF
+BwMCMB0GA1UdDgQWBBQxduYTDnRw9nlmwuAwP7fVZn+L6DB+BgNVHSMEdzB1gBST
+LchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoT
+E0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmlj
+YXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwx
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEW
+Nmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3Rp
+Y2VzLnBkZjAeBgNVHREEFzAVghNkYi1iYWNrdXAubmNyZW4ubmV0MA0GCSqGSIb3
+DQEBBQUAA4IBAQC6CeGyOmOfQcS4rKp7bEc5J2Siy3xKi3jxWQVvOsBtrooCBErF
+LMxyCVC+HOf0/ZB6TmPpxF8iogyjCc5/IY/r0o2wEs4e1222vQqBSA/SEQ8MFQWS
+4bY2UxCqQcHHd+bnBkdndEHsfPwdamIkbRINes/LW6fITXpIkf5gdqvayk2Q7Zli
+cqZVyf+CDUvwXL+r86qxQJRY2RHWBT37CoxoRsyluGDs29ToDw66ZQXiHCSKzYfn
+685wqFJ/ATAfOKUeVKF0gT+50ucoNYCDP0dBTyDe48PYaLO/X+jYEjvl7rx9XiO6
+iBZwWl1QkWaS1EKzZ3Huf/CvOj3Frh0elGdy
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 689, expires on Sat Nov 19 20:06:23 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlzCCBH+gAwIBAgICArEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTExODIwMDYyM1oXDTExMTEx
+OTIwMDYyM1owHjEcMBoGA1UEAxMTZGItYmFja3VwLm5jcmVuLm5ldDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBANCeOMvAQwAF0GmkQ1KSESgNmeqyGfxo
+znQyifhbRIHIcbp7COXqkNmVcpSKYTgHLQe5hbr3PfPAuzSoWuU/jPEtMrhxb9J6
+gPYVMJAJxWkKFBi1BXecjlgpL9k1UXHkuDO0nGrtu8YU+j6OR3YDJ5FDln0ZS5tT
+MpdJulwFQqsRjNUFFTWTivdMks8uO0BO0f9gRC/ZSRSgIqmOeWy64AoIZQJUIz3e
+1T70mIYRosWvq478V3PkZny/jPjPdJijmF4hScTblLnCgAgHSKa3EniVBJyGAWto
+DCWeXleRhzU+U8n9nZuUY4by2aySutD01JgtK6NdRfv3QZRwALy2LlMCAwEAAaOC
+AqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU0QdPuS1GH8yKKD/tOaYBbqwJ
+jqIwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEE
+gaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUH
+MAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYITZGItYmFja3VwLm5j
+cmVuLm5ldDANBgkqhkiG9w0BAQUFAAOCAQEABCwVeiDKv8fF7ulTRSoSbH8Q3llO
+xY7ugiSmQRcwEwllFsCPPBlNipeMP6Z6V5uuu7Zo1HaQ3bMBV5BAUJSaagqc4m/j
+3b1uwXJEZ6H5vBmxhe1IN+jXOcCXNYMMWwB18P8mU5BMePdIEIXG0By+CANITNlU
+5/R5ShZE9wGkAOgokdR1HEL5XeVJ2Y2guHLftUQ50vXf6HMjr7VoarJL7AjFtYCX
+JL69GJS/a8TpAYRDM4Q1X2w4M98hMfUnSNmikaInlF9Uini8CEzYHmBVYXkWgnAf
+BQE1hJcS+NEiCsLf00sRwUheamEDw3ZpcqK1MjNaxsQdLjqWwaCtsAMVKA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://db-backup.ncren.net/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://db-backup.ncren.net/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://db.ncren.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 652, expires on Thu Sep 22 17:55:10 2011 GMT -->
+ <ds:X509Certificate>
+MIIFiTCCBHGgAwIBAgICAowwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkyMTE3NTUxMFoXDTExMDky
+MjE3NTUxMFowFzEVMBMGA1UEAxMMZGIubmNyZW4ubmV0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA3w9t2U+cFk0j7EI1agIo3rPgB8K2B7nTJEWpZeJ8
+rZxKz++U+U2kBmlqq+LWd5oMvJFqxiT/oAyB/gLG+Wkep0gmaNyk0iWWQy2eSq3m
+Cq2OWj/ny7wPEERgX9j2KJRZqUTlMLV2qkI0CAYKzFIqC7wF5mlRKb/bbgF0e6CK
+Kf6pKJSLY8oc8gER2utWxEAR7OC45dttBWVszefa6owJjvKPIcHsp+/H/0DYF8vW
+ja/8chImGvsfPKAxUwE6fI7PlXuijm+i3wUxvijzlDa3krMm0rvQ2JpILtZdZ9Z7
+9t3KIyQeJINAG+2JPgSR9xbqXmp7U79u+35AhzMOMEjVhQIDAQABo4ICnjCCApow
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQmMWTO2DJ1QXm18gw4r3kX2Q3DPTB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0
+cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYI
+KwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggxkYi5uY3Jlbi5uZXQwDQYJKoZI
+hvcNAQEFBQADggEBAETT/TLBm+KFpw5sMbp+U3BiflnxAFJ7UmVBgafxa+zcNtpC
+/mMIS6PVEz0LksXZ2loHL/OkqiN9HBy5bLsOaJR2mo5HobXlimhAOtH1Q44FSBml
+ezJoEkhTflsGFqzTo+HkkzLlSR9z+MtCO7wP6hxpXFc6ws/GAvHTsP0GgmzArB8G
+XwSsMNmWtk8mesbXB6e29eiyg+Q9ZAwMlMHN2/BiyDBiXn7bYz032JLYYRLhLsbt
+eLgs/AUP5rpgTstFxNzOSK1+keFC5gBDI5v3BhKU1eFaoGMEzt8GKsOuVuY8gsPo
+5SF370TG1kh229mJTuhzmpNrjZx+wyi8zYGxzhA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://db.ncren.net/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://db.ncren.net/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ec2-test-01.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 649, expires on Sun Sep 18 12:56:16 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAokwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkxNzEyNTYxNloXDTExMDkx
+ODEyNTYxNlowHzEdMBsGA1UEAxMUZWMyLXRlc3QtMDEubWNuYy5vcmcwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMw7j63ZEclN4JbZ4kbEQvNqGd39XG
+IYm8H4QbXXiLx5BwRDsiQ8v42bIyw+FPtxGa8XQuKoKscfrB3xGh2KZNB2Nbq4Vz
+Vcr3g/NbOuFgIY9vpMd9SJxIUGgq7Wu0GEnhSP+7Fi8TmaBpjdRBlZx6vHm3WxwQ
+9GwxvYdTsbyJ47f8OlcntQGKIrWHeJGBxippWpIVynwsiAfCxhrIiR2aSaz6nXdO
+0vrzL5KKNSwLoE5WgwD6ygggqVuDfdOwPQSpxAwhHGV+kzjbu6up52vKzj36MQcB
+kYkUMmIS8qk03HhjAxowYx5XjfouSZl/FT/q8UTS5YFHX/EhT8Jdl7YhAgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFP2AiCbRluYr6BaVwyZAS/Tm
+hwSrMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFGVjMi10ZXN0LTAx
+Lm1jbmMub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQA5/NkvEJ1GeyGn/yz/ucuEwJk1
+4APwVIHLI678h5VoFyOgobcZy52TTPmKYqegZYDRtj9KfBqXD7Dwx/gLtpkFDW+y
+uRSXhPzOzCofghKDAjNjZxFQAnJaatJV7YIXthO4qtErcCC1MZWDhx27TSxEEGzz
+i6tengdnfoa/a9MMVHHNn//jKvkISiZUJEozp/mWYV3Xm+Z5zC3CB3fVrOw8vJ7y
+Vc4m9FljYQpGVU+tJf4q+eVc+YnwCxGIRBTfsqc2XKWVjaxBEVjh0TUXoHuUF7Sw
+CnOdILf1F8lVnkBIIePoYUukkTcC4dUbu+I9w6mAM32cI4iCiXdWGPLlHG/K
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ec2-test-01.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ec2-test-01.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://edspaces.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 577, expires on Sun Jul 10 17:52:59 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkzCCBHugAwIBAgICAkEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwOTE3NTI1OVoXDTExMDcx
+MDE3NTI1OVowHDEaMBgGA1UEAxMRZWRzcGFjZXMubWNuYy5vcmcwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/B0syVwz0mzJSpC5L2fNoodpy8oSr7irk
+z7axiyJ4Eg5F6BqH6nlnOlFUZkpSUGh2n43t4P+FYexrCRXe+0+oCV6IAhUsLoxx
+u0NcMvdnhct+q9kZP3JH0k2X+S4md8EuwfWsqH9kG1EdCjbfPpck9YKzFCvukBn8
+wgGzqnQG9/hRnXLhI3HeZVb7kYiBfMDHViwL8pJ4Kfu1GCHlVfqeYuVREjCFcW64
+z3evjjntWBHp2hZjm/BBpsmXZs3/Ly1PIg/OjPMv5JE5txQT/cPwuG+q/HCf3Ttw
+kClHGe9VOHQaqsNcQFGfnR8QFQOcmyKs2aHQo1/+GeV+fsLhqNktAgMBAAGjggKj
+MIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFMhFezz0cfqEBIa1eM0CQT/vFulo
+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQG
+EwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5D
+b21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGl
+MIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAC
+hkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEWVkc3BhY2VzLm1jbmMu
+b3JnMA0GCSqGSIb3DQEBBQUAA4IBAQCDJJ9qfBpR19yQxAIQlgiJ/t1ho8GHNHOl
+pzBZsxGTLBaleJDPzpZcFPmD2VAFFkvDqz6JQ+pyC6Hg8CXd3JajwWy0YFmQRPeA
+3w/Av4nf7Llq+x30gabmeDS8G1vCFMcvDwXrnsB2bfF6rKsg7nxGYeG7SvIPcxXS
+CVxYS3uMQRlKs44vsmYoBDMgLwqxBV2W2FRLmZKtYn/RBRIht4Hy3DzCv5qj60Zk
+219PH69LTRENSj6KNlbwyBfHJksl31f5HO/oCRUF7iBtM4yrgSUT32QLfCPha9TT
+jV6gQ9I8MvT3rDm37p/AJxJMTjd2bCiTEW65l9Jq+SiXhvAUHtTi
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edspaces.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://edspaces.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://edspace-test-01.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 562, expires on Mon Jun 20 17:55:42 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAjIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxOTE3NTU0MloXDTExMDYy
+MDE3NTU0MlowIzEhMB8GA1UEAxMYZWRzcGFjZS10ZXN0LTAxLm1jbmMub3JnMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5kmpT4vpvM/4+yDbx48J1NM
+p5Gadrn356Ra6RAKMfFJPyOBMK6jZB6f7XJPExdcDnAQMS+peUqN93tNE7SKVvbo
+SLtCyXD2MW29VYBOx5ppmFlJwBeec/EWJ8OL3WTWG16oE5cNY+43JdReLZNDXV/8
+uXQUIut370jeMyIqpjIdYiaWmTwGq6zBZYOSl3dlhHQ6IEpNg8BVhcP8s7jVRV7o
+5y4eZVPcHou6xyjQ4J92n8maFbtHj8oxHJ0veMgAG8g8UefbZEsLKLAqmrQgRpVu
+kncpN6e86xnIXi+/u4/1GNicEU++DoLHtIg9jWp2CfZUN5+yiXx0a9S2bYVdAQID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQvslSBF59U94ATbyis
+KHXaxCllGDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhlZHNwYWNl
+LXRlc3QtMDEubWNuYy5vcmcwDQYJKoZIhvcNAQEFBQADggEBAFli9PTKFBu960QA
+tPV0+DnqAylgRT3iyUFBRs7uDfqz7/5rkQA7mUmHyXOe5rQX+ZJbMZi6lzWMTJQN
++DjmvdOJCalabAMumipFDQ2a1Ype9QA93xMIOIkATtCPuHTJqMOajjMn/lBGf+uS
+ECuNk9pzGmBOqaUWnKEEZfbHSTedLXcTzMG0kUBU669Ehd9i1+a4n2WIfzJ9sYm2
+bKV2MG30QDYI4OaamH0xH9sIEwwfEuhzvpbq/JDp/iXGMD61qcqFtd6XOIlykt/H
+8ZKPnbf4aTvxF82ByRLsL1+q3PtrG6oDMkQ/sQ4R20yGcyqJmz+Q21S8CXY4Aibt
+71vbazQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edspace-test-01.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://edspace-test-01.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://edspace-test-02.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 568, expires on Sun Jul 3 17:26:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAjgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwMjE3MjYxNFoXDTExMDcw
+MzE3MjYxNFowIzEhMB8GA1UEAxMYZWRzcGFjZS10ZXN0LTAyLm1jbmMub3JnMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7WAC3Qjs96/atbMBXSCga/4
+JtrkQSJQyHIbHhoMU8hcQ+Itq3J7vbatHqgydPkpprsYrNc99F/BGVc1LBldTRCx
+mfao8xpSVVlccoL+7z6Cn8R6mdrEtu9VwrSvHSqE11FMMQRarfjcTtc2zxXmLm7p
+mvE2sMOziwRr8hAeCg5JAbePJlQ338gPqs9vzTuRFqdziOhq2ZCnXkXzgLfhv6o7
+pDvuzmSy8PRNmvpYR17LTfBBV/oKF3CMfDIdpVlSJVSqi94Yk8LXhoCuN8QAOYpW
+/T9gGhNO4LInEVx/K4377l+h6es52ucYp+8jdRCZdn8eE3QtonLHfZJyN+EHjwID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRQWd3V74uF911zehqA
+oDnNzGlldjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhlZHNwYWNl
+LXRlc3QtMDIubWNuYy5vcmcwDQYJKoZIhvcNAQEFBQADggEBAGkNFFeRDtKLpxcR
+isQ5A23kwicO9LLVX1xFwZg/2LG8bJxK/jtFX+X2Z4rEv79zvfwiqHJR2SJ13xZ/
+G+4wkxnGLm9BjYaLRUX/SrLSRNtytbe9wntcgR388IHoM5iAogbVz/hauDGPOanu
+GA5QUXi3HWat2QBvyEf2CnFXRJr6Fqo5wb7QPCrgEbRLqvDt7yVZLaaOLRrW6p/8
+BB0j7LlmG6TFKIpfz4lMa7shpCtjAzbxKN3JQnk0a/r5kldeVU2jXi8TXnH2xJAn
+gKwKmQh5SUTaI9Vt8CWja8OPJU+TeKpynUhFKOi2U+ubfu3NTGDaau1I43M3qZMp
+cG/wFrg=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edspace-test-02.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://edspace-test-02.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://edspace-test-03.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 648, expires on Sat Sep 17 17:58:53 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAogwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkxNjE3NTg1M1oXDTExMDkx
+NzE3NTg1M1owIzEhMB8GA1UEAxMYZWRzcGFjZS10ZXN0LTAzLm1jbmMub3JnMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1iesWxsWthvg4g8LVJaensC
+mVNqNggubKBaSq9ByiE3ymnmNFMiIFKCa6mm1B5GcgzEj683tCfZtEymOHh0mFia
+1/duWlHDuf8yCdNedqcNH9AaHn+4Gqi9C/mqAR6mGwtkyMBGTM92l83sn2HBf9qk
+Vb+kRiJKwtuQfRoFBNw3wNvywMuFcrVHeD2fHROIRaOaNOfh8/FFLA5aQDs0QkmR
+oY6Mt0wDRZsmmjhSQAQkE6b5GFCG2jal7rpn7nZ8MXWg1tXkPtEiZTatBbbaRcI9
+y+KtN8JesWndMtYE5VAuzAiRNQiYp4RmNbmlc8TGVVghsJU9XmTF0ms7hir8JQID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTtHNAGDW3e3NeMuhhl
+jkUvo/lT4zB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhlZHNwYWNl
+LXRlc3QtMDMubWNuYy5vcmcwDQYJKoZIhvcNAQEFBQADggEBADT/iJ3QFbf8iChs
+aV5f9NIlhMj+b2K/AiENZrq2WM3j9YQpph4SmvUYaopPDonf87U2Ir+a7B+97DhW
+sM8Yws1sGIgLFEC+9bTqbwPHcNIgYRSox1q7nJ6b+nFKbZyXZU3Z8Iw9ks3G+l34
+0k6KT2nikZO5UUcEt6vU00VZzEgvOPXOAcIDwRLt8aHxP6kZEeK6T3OFPHxiTuvj
+Hy4aGQrkvSGO7u2nMu4NlfH5da6cdoqI+/TawO/1fd4LE0DTpMg/SFNfQQonKiGn
+RAmJGU9eWSZecWiKOwbw9VxguCr1BPuBBz+DkSNXjhrm/VT2n5jig8vnJP/ggzGL
++gsI9CU=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edspace-test-03.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://edspace-test-03.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://edspace-test.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 661, expires on Mon Oct 3 17:53:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICApUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwMjE3NTMwMFoXDTExMTAw
+MzE3NTMwMFowIDEeMBwGA1UEAxMVZWRzcGFjZS10ZXN0Lm1jbmMub3JnMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9rhd4P9iyuqvc742MMSxVxVKULwR
+Ie3G4wY/qVA34r4hbxypd7n+G82UVI7jqYkQ2D88ylOZwJPtbbChd2DrS6o5MuWi
+Ul1dW3/9xYFSrQ+TNtx3VoffJR32wydzRPt3ZKhPGu+oVwMoIO+FNiGJnBq5H2S0
+SlCc4gGK/QMHKasNGfKYWvhIIaGpkid8RlVH5n3CA92aW1ak+M9R/ZU1h7tgH6U2
+x+CKHY/3EIslpkzwaWsn52IVjugmXmeBG1RBG+lM7WUoK5TkCaU9beJAVIfNYdph
+mxQuZBokNG8zwLLUpYih19Ramx/NqCWh67DJCGTZQycHiP/2JKI0sjxayQIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSZQ88M/TcaUdnfiOmCZQmn
+vXayvjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVlZHNwYWNlLXRl
+c3QubWNuYy5vcmcwDQYJKoZIhvcNAQEFBQADggEBADvQ7lEUqI1Ga0txoyrwMUHG
+8/NfMx6k4Eflb2E20vxG1UNrPz/x4ske60YMgKpzQVVMN/sJ8ETK0DKeZujp8Uf8
+oPbmHM8Zy5XW3lpxgjBHWvZDNKw9hJx3KDt66J229aw6bPAHp1Plp2Z4zUa2Z7uW
+8JPKwAQTQspemWhiIzxZvInIYV7i2PGLBoY7wnK1UorOfOcEG4I9Dby8eM68ohUI
+kWoWWvkzUKe8Fe9o+I4EQF56mv+uuXhGxATNvAgCSY1D350m5DkTdvDhd2shi/49
+uQxK0ZHpBDetEhaXaolcRoGOnD1ZWgv64DlSgS95vKlFEXzckno/RJLkWWhY4sQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edspace-test.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://edspace-test.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://mcncweb.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 580, expires on Sun Jul 10 17:53:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICAkQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwOTE3NTMxNFoXDTExMDcx
+MDE3NTMxNFowGzEZMBcGA1UEAxMQbWNuY3dlYi5tY25jLm9yZzCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALrWKa43RC3j7OhD7ehT2o12jYbrH1UIf4BS
+5mio02zjEa+5xvUSeaMuZ3eosdDzKrIdXhxolfTXnHAkuEklgaPsi0yFukxZgCzH
+nycEkZi5nLvXqO2mJp0eS9pqFVhyX3MBy2TVI9kJf/aqwiJ10LXheyIDPA08pWco
+RMNFnYaH0PUnRTBuNp2MKyZK7tHdE5xGsWrxQpuqueJdpdvNVclYWhDNygZxhjC2
+VOpxAmGWev43QU8TMmTAU9fYbrUuh7n05soDX+Rf646LHyLM/JADrr3UmYq5DEN8
+mz3UHvpvNjtKks5WtOnsauyIYrpqI29UUDnTehUP/H/18qstMrsCAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUxG+1elJpd82ifiOUIpXjFdXE1D8w
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQbWNuY3dlYi5tY25jLm9y
+ZzANBgkqhkiG9w0BAQUFAAOCAQEAYd8L/PmS7V6X3oH4+uLf8+QW0WPLKH/g4etd
+vZAvIF5bCQVQ27e/+nMurpGIoKPsAY0Dpnf1BTScgtqYAjm6j2W/vaxiURcgRpn5
+YQhZ/fst+22c0ZltrBsrnlDy+XYk8Fh4epDwZZrNYflr3830BX2xDFawKt+L9VSv
+AqdDfmVAbidUgVwVBiL+wGPkoEm2glH2lXeEbWJoZaiVox9MB7bNC+xswXjHCZZj
+gLIjhe277efkWephiB/mDxf1V/LOLz3Qsp2RiPvRBkHIOGe8N3rNyX/qM0jCBLfT
+ZevAeIqJqx/o2fA/EhcJKedV8Z08cbwvcJCGdwOqm4Rbk3bd2Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mcncweb.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mcncweb.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://mcncweb-test-01.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mcncweb-test-01.mcnc.org/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 569, expires on Sun Jul 3 17:26:16 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAjkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwMjE3MjYxNloXDTExMDcw
+MzE3MjYxNlowIzEhMB8GA1UEAxMYbWNuY3dlYi10ZXN0LTAxLm1jbmMub3JnMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jN+4nKDnFc9Jk+lfQaH4unG
+K38UPtJ3uraMBwNhlazv02iOyRXf6vl2T6fCcTSCK36sqjhePBVrhd2ITC4qSfC1
+sFvOxIySuy7awb6MpmbQfU7hUwwICPbmFLOZL1y4vVyQ250JGDME4w21XR9EjODm
+HFKh5J1epPzZrBQNU7rDs5B4vI+YnSo85iR1AWN+UCg3rnoNi0ZTC3zfXVj5FpYK
+cjUOVzLRLD26GxJN7xUGYeDQTtkvThe1NJuk+Txqfi1HTsVvawrz1irMRaY0A4eu
+/qKteoHSPCnynFd7zuEo0OZfakUpWqpfQiOo4ZQfXmZbgQDVLi6jkyM8GZiEUQID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRLb3sExixzt9iJ1izy
+mFuu3S5lPjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhtY25jd2Vi
+LXRlc3QtMDEubWNuYy5vcmcwDQYJKoZIhvcNAQEFBQADggEBAKijWVtVcPjg7tuV
+Uiebhjw54vPhzOGvmE/RydEnMNMiKRBbZ3Ic65uhXEo8XVhMsF4jWeJc9up2zDAD
+m9rBnUW+AnKlPoS1EDlcIJBUhCRyd8w0TAUNhHu6rb6pjfiDYQ3ASAJontV1/eW3
+Zvod2sF1lTWcilQorRVphKHxkIxWnmxRjFbnMTXGVNCwjF3GWvnWjnQqVx+5iL22
+SKY7YD/dF7wqB9qnO8gMX6acRKcNTpSoicyx7Nbv0FdUnQM4ZalorKmloJy/Tjcz
+NsRZqZkMhDr6/IesIgH5tKD7UQuJVsMSCTM0UwZde7nykHyzv+3bgVP3rYbrkor/
+yDNsCV8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mcncweb-test-01.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mcncweb-test-01.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://mon-backup.ncren.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 686, expires on Mon Nov 14 19:55:57 2011 GMT -->
+ <ds:X509Certificate>
+MIIGGTCCBQGgAwIBAgICAq4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTExMzE5NTU1N1oXDTExMTEx
+NDE5NTU1N1owHzEdMBsGA1UEAxMUbW9uLWJhY2t1cC5uY3Jlbi5uZXQwggGiMA0G
+CSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQC58umokBk82SMeU8OtQ9yybXerXwkH
+W4y+9gCNQC2Isdf15j+XlA+4LlLbiTmSoK1LghCQ9Jepna2movMfuI7MWjbGqGza
+y+PxgAk2eAvE87/EM7AqZgj2DWGtTuYtnx9c5amvda/I0VcPXtXBhLBysQdLTG+i
+xPgkK30iA7L5lyzebm88BPjejHfac/5p8Vxc2vfRB9icuLU7SoiQqkmKmG9xQp8Q
+BWk9hdwFhUFdyV12GS2eCqTxQgoJqUp96Y+8iIP9QakUAI+lLgyzT1lOQFibCyli
+SPTlLzpi69kGO1TjS0/5WhZfEyUSNgtN3kAf0uPfq7K7IJW3NVbUXTM9PAPCcJKT
+ys7nbDq+lxiAfn/cZ7GoZQuIfZ0eNNSiO83XnlUeU+Kolftkhracf2jmkizk2VJ5
+GHrlQR1qjKCtv3K5qKBD7J2Vlph0Tv0yF4xhwrK4//TbB9bULI9wpVhzDuFcAPDj
+2g8/2Y+5deTDMwf/R64zJA7XshIUcLzMJMECAwEAAaOCAqYwggKiMA4GA1UdDwEB
+/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEF
+BQcDAjAdBgNVHQ4EFgQUb4B3u4cmo1HLyUycEMT06KBOriIwfgYDVR0jBHcwdYAU
+ky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQK
+ExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZp
+Y2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUH
+MAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNv
+bW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1j
+ZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+MS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIB
+FjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0
+aWNlcy5wZGYwHwYDVR0RBBgwFoIUbW9uLWJhY2t1cC5uY3Jlbi5uZXQwDQYJKoZI
+hvcNAQEFBQADggEBAAyquGJwg2jE9dHOjRkuGnjx2IfabVTYZddsf192+B8oIT/b
+43I2qiXUiW15IBkD2FY1nW9Nw2pnRkkbGwmsIgOovA0ff9JE9NuyJCBZCOeUqhVv
+eo+RholG5FxyC0R+GX89j6+4VSFH+fXf6jJgX6iWu8OwK6jkpF2M+QDVNOjGUmob
+H7NPrrvmpgYBdeY87O/JRtRM+zVoWbiewfOQy+Ie4M8OT2amD+jjTkot4oOU8EQ6
+ebkhyJLYKnWyZKNetOjWZue94W82vaMqEiP8pbK40qsGzy3EDn7aw+NLsljJCWRq
+buOj7ajJ5qJ/Yv82NOfPqxt1z4JciTqmIuex6Nw=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 690, expires on Sat Nov 19 20:06:29 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICArIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTExODIwMDYyOVoXDTExMTEx
+OTIwMDYyOVowHzEdMBsGA1UEAxMUbW9uLWJhY2t1cC5uY3Jlbi5uZXQwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDasuGrp7FzDIZkxkyKIma0bKnj/d4P
+t342bLnWVnEyAs6S+PFlFy9tyoooLWkuQzN9v3J6Gi/ckf4a4C5nvVF03QmGaOXg
+9Hpfib7Ea+IGAcjRt6zZCx2IOaPGenD+Yw7JhvHGJPhPWJUYY780Prxk+qg/VS1q
+FOxesTX5AQrXf0Oez/jbUKDQ1KeVEJ4HQOYcol75nym6K9nnS76D7Cj+lQUY+Tnq
+SSh7JIPRXb5PoR0a3N2Mcmk0devjKz3BtpHkD8uWf0jT3SNs1hU6EAvXHRlL1e6c
+CedcP9Nq6eyC9GOt2+CbMyWARk5mga90tvBpRb5GZhwUC0uZXe7wfAlnAgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFMACiAAJ44H3EjxI2GEYYN9F
+LLMpMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFG1vbi1iYWNrdXAu
+bmNyZW4ubmV0MA0GCSqGSIb3DQEBBQUAA4IBAQCR1Vz7WKguxFMLObe4jyqnU4m1
+MnB6bCIYKliK/DoLSY97gWataNDPvqQ8+8j25CsF+drJagIZEhaA1tzVY5tH3vYR
+0XzQUzcdHJJiA39spaMgkRScNx5wHJW1bos/J/dwbi3wqOJbyzD2A7elbaqn5C36
+Rk9SoBfzpjT0Ghv9PBt7w9XrdEoWNes5hVwEB21fv2tLaDvMPKzRLRtMDGYAFpmI
+if4BiYlG7tcxo7VgwykH6x3PETg59belALDf0KBJw9aFX7XMcHM+5PJV59A0Bkeb
+M9+EQMcwbFl7c/H/47pq8f3cMXGND/ILYU+lyb2Vx16TVk7GIWqnEczrmG+3
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mon-backup.ncren.net/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mon-backup.ncren.net/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://mon.ncren.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 681, expires on Mon Oct 31 19:14:18 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAqkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAzMDE5MTQxOFoXDTExMTAz
+MTE5MTQxOFowGDEWMBQGA1UEAxMNbW9uLm5jcmVuLm5ldDCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAOQmUZ0izrOgVHSbx5Qy7VjvkKb5SXLuuAUJ46wY
+Csx6mEXBAEsIx5xZVu8hcF5eopqfRE5KhBnkDoEMlZoYM4hXJbyfdczosxlM+JNi
+30/r0ns8O9bjyl+ngbb0fJjRnhC9iyfGqTWtEXRUzi5kAV2gvPxykuKmYmr9lK1Q
+wXvR1C5naCZ85QAV1PuXCxLL3b5ZNqaSxLtv1kOyCmOTeTv6nGUX9lxhW3pwburS
+tpMxjsYF0F/cRs20UYOTHv2EaZF4USgxSne6kMZmspcUXP6iSUHLLe4jLNRd/6va
+csBJ7Jwh0CyS/8vBtd+77abm9qTzJT5vBDOp9B2HVWJ5FC0CAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUURK4RgnEFmbPfbMXKT/FC16TaWcwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INbW9uLm5jcmVuLm5ldDANBgkq
+hkiG9w0BAQUFAAOCAQEACNarEiHIawi6wORht/sybB64P+pr8nx2tdcKGYsOSrM6
+fhczdXR+piShSnV6RlDFDNSQSjY8M0eZiOmwWJKrVI1vuWVjrbjCp1+0Qk9MXaGa
+qv7EXDg6JJBNXxm7/Hgplmp5CZm9h8kcgnnaD5gkasgy0cAzlMrm+CP+TYrLrjVU
+LzsciUXgKMgapFgNQMQPtxoUjKqz95btjF4AEaxohVV2SDeUNJt3P/B3uYCJcuaO
+oIAO5itk/Kjg3GBQYbA/aL1Me0NhyCVJLaBXsaWL7efxpJqNOIFHBFthoQoaksqU
+IV0/qQTbnIdkdqMgrNb7sdKMrGUp7p36de7uMlZrnw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mon.ncren.net/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mon.ncren.net/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://projects.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://projects.mcnc.org/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12417538922664599665, expires on Mon Feb 24 16:53:40 2020 GMT -->
+ <ds:X509Certificate>
+MIIC+jCCAeKgAwIBAgIJAKxT9dv2AqBxMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEXByb2plY3RzLm1jbmMub3JnMB4XDTEwMDIyNjE2NTM0MFoXDTIwMDIyNDE2
+NTM0MFowHDEaMBgGA1UEAxMRcHJvamVjdHMubWNuYy5vcmcwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDpf+02TJDjLIY+qqwr3g9zKo7X3hLy0SyfNAhn
+/qHG6nNKtpVEAXfmpXeYGgOol1PBu1weUt2lj5g3ap8cDDEoxYcoQTNCksMgX5He
+gTdzuh+H/ctHSnJkKlG52IHytYCro/lWq7ZMGcVN4NPwXrbCUGkKdnseKYgf1alT
+WUfE9QCSWEdgNiEERHpRpuezw/ARKBvEvtWEjox9hPStc4jFqrxE5XBlyEoThkG6
+SiRV0G6Emca89iqKhFBXdHFl1zO2+8xxB7LlN0moFh4IF3oDunjEH5Xx5Zn3Wtq+
+2b4f7Z/+T/ADf+KL1G5QVDAb6GjJCievhxQcq0CF1B80BHvhAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEXByb2plY3RzLm1jbmMub3JnMB0GA1UdDgQWBBTu8dQNmtCuRPKa
+M3Z70bMWjZsJ5zANBgkqhkiG9w0BAQUFAAOCAQEA2MRoe3dkPx9s6CtkMas8QiRR
+rh4fnMrso6rCy4tvr0OO6ednL3j/4NmWQYap1SM/oY7v8DNORuXOb2IqjReMK00X
+Trk/jEOvML8Z395TA8FrUumzKlQgoWJSg97OpkEv8EUKABqzGzvJRpY3QVGF86w2
+FBZqdDqvOo84Rt2rA9rN4V1Hy8LnJHVHg0RHj8l40DL+B0cNyl1LKu2L6SFO73dx
+4dRkdJfu62lg65x0nOa3tkHIWDgjuL4rmlEroWds/d7vgzOl2gDFl8H2HFcSsMXA
+fp8rcIHMGNltL1hmGO8EukOgYAWhyqagkME7pFcL+V8r1ZRL04V77I7zyLEDaQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://projects.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://projects.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://projects-test-01.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 582, expires on Sun Jul 10 17:53:28 2011 GMT -->
+ <ds:X509Certificate>
+MIIFozCCBIugAwIBAgICAkYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwOTE3NTMyOFoXDTExMDcx
+MDE3NTMyOFowJDEiMCAGA1UEAxMZcHJvamVjdHMtdGVzdC0wMS5tY25jLm9yZzCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOf7tKqiIAv5x/rZjNpHGyu5
+BAHSypL+evj965Lyh2QCtrZbEliDCC0cP5r08leD1GyZyKJbrvj5LGLccGIo+uc7
+iG/kGgfhymNyKHSFzjZMfy4GIzkNcXE4OgdC82fMyKwdlUMeZRaECQRmY1jb6N0b
+X9OE4WsiIc8hpfw/IUXId5bnuQeamZquoyZghFz0WZ2iMnfdOEyuCjv7oEn70rDm
+MZVetxrZT3D3u11um4sprAhhBjKt4Rt44bsoZ60ItTZvtpOnvknGTh14nIh6B0R2
+E8sXGIoV3hlIEQtSLFp2CHq2VdCFEpZnQHuussLVUy1qoJ6luHzL7Xi4G6D52hkC
+AwEAAaOCAqswggKnMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUSSeCA2b4dUPv+f2M
+oB3T7nzGEkAwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwJAYDVR0RBB0wG4IZcHJvamVj
+dHMtdGVzdC0wMS5tY25jLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAPrJ2iCzIUrvK
+8tQJ1+jjHET0YHLiqPEfOspzPg7JK5kOG1VFNtN3MsJIXBlVodChKf1qKoo+2MXv
+yz5nP2+o3p/E7gmLh53McbBTwTtkSqptJYN99EtlBsxSrgcevsqSNA59zve7z1pN
+aVbkcBwF4Yp53l8BxLAndF2y0cXoNLWKcTmatD0htb5pYUFinz7BECgcFhm/DXVX
+jFcZYs4p+OzZUBWpH9dQcLdBJvYIJN400oiCEjEbsvIqdtvj+LE2vGikWeur7t3Q
+K2/PU6VBqXatQ+xaOzjEcLbJ04FwaSYguh9R9vy4ncXHaMaGhJMJw58k09Bh3ELv
+ZXteRZfZxA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://projects-test-01.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://projects-test-01.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://snapp.ncren.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 697, expires on Sun Dec 11 19:59:13 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICArkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTIxMDE5NTkxM1oXDTExMTIx
+MTE5NTkxM1owGjEYMBYGA1UEAxMPc25hcHAubmNyZW4ubmV0MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqE+FNAh3YmILJ7rI9k01Qm+6rAMtMXyXKAj
+U0rj3JS4hp/nh4EITINdnQrXEvWxNiOfRKa+BfQAYMsHORx8Oj1/bb5MV2GEaJKU
+Zu88H3aWThQ5T/8QoZyxq0zsT92XasTVBkNPXI8Fb/RvQyAMdXwvkHDyuvI+ThW5
+DIywCtbR1oOcM215zlJyiNMOP8LoAfCNwpzPdrS9xXv/655dhVbGX50fiY/FrBkG
+QFUDR78N+odfo1DSaDRqaPN/GzqOmYs3l9vUweLTXCGZULtInoLUsoNkxIzXoUaB
+PDZ/fwi+BWIr8WCG4MRU6PTyYlEZUxJj1I5JFJpRS28VCOENIQIDAQABo4ICoTCC
+Ap0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRCdedRdkBdtNZqJH3hWtzGZxlSVzB+
+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMC
+VVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29t
+bW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCB
+ojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZD
+aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdl
+L2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8v
+aW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5j
+cmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQw
+QgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9zbmFwcC5uY3Jlbi5uZXQw
+DQYJKoZIhvcNAQEFBQADggEBAHuVMh+Aa2/NHN/u3fyKoAvGw4TmZpXQE85CcRpI
+Um/FS3SSAiKFdoqCaiZenCDbNCfM3JT+7qK6f3GF1rLvRr3vyel3Yn9yh9A9+XM9
+El3t3xciIIUGGeS5H5B+zifp7QrjOl7gtrHPTRXPoF8oKXZyrS4sE20pZY9IYow7
+wKTGycGrdSvADdOCmsaC+WuKafQ/BPvFrqzRgkc324DV9J6nipUSoOAxT/FFu8gm
+WOm/xt8mebqU8rl51Uv9sY0QUXiOqZk2f9ily3aXFjrw1ze9PYah9pIc3XAs9TqP
+pO0qsIXGn7DqLkdxP4Oqsw+maiWIwFbOndYO089k3IhbaPI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://snapp.ncren.net/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://snapp.ncren.net/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://sp-test-01.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp-test-01.mcnc.org/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 570, expires on Sun Jul 3 17:26:17 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlzCCBH+gAwIBAgICAjowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwMjE3MjYxN1oXDTExMDcw
+MzE3MjYxN1owHjEcMBoGA1UEAxMTc3AtdGVzdC0wMS5tY25jLm9yZzCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBALoYzEvxtyKBC+mvupmTMlrwUj5+Gg5e
+TLM4wqJwTaOR3FL/Pcb4FHSclX7CZl1cvPYjR9MfCSjb72PTWdpVZ8D3pHZlxVrM
+JYlOJQtcmuiHihSbx77idjimyqNU+qP7Kbf7Un22ceCdkHQ/aOvMMNxf6PM4D3mD
+asSa+VE9P2Nsogw24cREc+DRP60RJmPMZQBYoPlGDa9IGCg7JkvcqNiNA3wOrjJl
+RpySw/llUsNMc+PZh70cBg5emfXR+pDsKlXUgWFB9sP8q4YBhNsFzw1LHLyHPjGP
+1/BYgD+HQvQFyHmSLJNRjjhLbRCfu5CaRcDRG7THPysiM6SLNd8BvlUCAwEAAaOC
+AqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUkBLfUshE3tLfa+CCdqaS0/dK
+c/EwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEE
+gaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUH
+MAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYITc3AtdGVzdC0wMS5t
+Y25jLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEAJjRr830rLx+nfJ08ygcsxRNnydsB
+5xrzuT8TeQJATd2JGjNOKIGBHach0tN56rwrbBk2E0eldBQpdTqzI2rGmib35KkC
+ki490eWk5FrU5DqCOZx+/G2TfW2gxt3aRk8pZiveZ41TvRcNsPdkjL4in9abOKtE
+I1tGGx+guGZOri+JeJokf4c8TTKbBALudoy6spcnUm1FSkCQWWyIjuCOp10hJv9Y
+7mTLiI1kJ1RhJQvmMta6BpSyROYw3MpafnnRWIeBnH9aeu4H17dPA8kqtVD0f/z6
+KDL2BMik6/4Gw2Q9yROPZtQXtnryv/pUP7aUz/bv3HcBrRpiCyXccmdYrA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test-01.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp-test-01.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://stemweb-test-01.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 642, expires on Sat Sep 3 17:58:37 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAoIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkwMjE3NTgzN1oXDTExMDkw
+MzE3NTgzN1owIzEhMB8GA1UEAxMYc3RlbXdlYi10ZXN0LTAxLm1jbmMub3JnMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve/XNRDGmebGgvZ6tjYPhx0w
+JzMCARWuZ568qkhA4bT5royaX4pv72DAXysHmdIjU45jNeKr8PsCkDU07DcOziZZ
+xxwW/sX/3wEBdw4xwde84SBiss/1SYHJZqYNn8MMPMH8q8qi7rk/cGd6B3v4MIMy
+rMWYA3UTDPhYPOA3ORX179JutNedHBMj8NGS/CHOOhc2O0PJn+GYtVsewIZUSn1d
+ncga/jV98Q5USRvNUlYgtfEeph8coyf0xFM07oYjaxcaw1ZvhOahx/0As3x/L51T
+yQ0St4VvTiz/Sarkl3yNojfD66ITiwWeMYrJPy9DyD8SF8IkrWbLXbvcE6R4wwID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSqOB1A5KhfS+Qvf/kG
+UpSlmvWW5DB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhzdGVtd2Vi
+LXRlc3QtMDEubWNuYy5vcmcwDQYJKoZIhvcNAQEFBQADggEBAFeN04P8kvdDOrc1
+FYyxxcQaG7z00+Q+U8qtUC8uBlap6p66cAnw1+SBrc1OFNkKfI86mB4wCu9N78p9
+iD6hRf6lIFQpKS3AyW7LGveDuJRLJ2as00ho7fa/vqBdhFCNo1aAUEZ20Sx3jH1o
+QbNcQ8lD9nI0juFP2CuE8rJR58rXIiMs0C3PebMWiX3VytxW+fkLvezA6AzfpFNU
+hk29bAh8728sK6EU6Kbv14ODDlcxqpBN1rZA/B6M8BM+BKlX8g8w6mT7t+++wnq3
+rlkjyQzi+nvSnrIOhc1DbMTwteWat9/buhlSmekC1ut6dMZ7G597D0MxeUZt6gGk
+yoz5/d8=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://stemweb-test-01.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://stemweb-test-01.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://tools-backup.ncren.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 687, expires on Mon Nov 14 19:55:59 2011 GMT -->
+ <ds:X509Certificate>
+MIIGHTCCBQWgAwIBAgICAq8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTExMzE5NTU1OVoXDTExMTEx
+NDE5NTU1OVowITEfMB0GA1UEAxMWdG9vbHMtYmFja3VwLm5jcmVuLm5ldDCCAaIw
+DQYJKoZIhvcNAQEBBQADggGPADCCAYoCggGBANUzIEhViqqFokA9FeFW2pV49Uwz
+rwOd9QtZXWxg4MCgetZuKkBSeTS0wYOZpw8XB+y2aoG+GZ2474J9J1STH/vVT/Fp
+6CPcPLIYTiTJ0gc1ne3QOiCjyHXkMPekSbGH1iT9Q/UwjTrWEfvPRaAT5TrtHjE0
+xE7q187QMQ9UG2fDxvGe95hr0ChoGaf3hT9Uiv/qsfMPfBFjKLWvIGmZ/nsaIvDA
+57SPhPkpQyM+1RPXQ73pQyBaAvKhdP9AUf9cmOa7vwSOW+pSRqcSG+492JED3lq8
+k6OgHSAMYsTeHZiIlhms4N5g9o3Tyxz0NvWeuLp5DWo5CmHy8esF9rZbCsAZ4IJz
+uxvDSZHoXPUaPqs51OHMGIt+KQ4XAaNe9MShWVdjKXbYGt5rn4SRYqpEwAJxj+ZJ
+L0E44u2CIqK4gV+LOYzDggzI/1aURZS467CEmjE9Hu+n+ndA3ib4mN1YLzo5NRwg
+g9YKEAiwqdpc1V/IRC5aq3WdCeB/2BwsVV6uuwIDAQABo4ICqDCCAqQwDgYDVR0P
+AQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMB0GA1UdDgQWBBQ+6PL8Nm8Ul/ZP8ynnQTKyo2IB+TB+BgNVHSMEdzB1
+gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNV
+BAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRp
+ZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2lu
+Y29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2Nh
+LWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25j
+cmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUH
+AgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJh
+Y3RpY2VzLnBkZjAhBgNVHREEGjAYghZ0b29scy1iYWNrdXAubmNyZW4ubmV0MA0G
+CSqGSIb3DQEBBQUAA4IBAQDAG35sNx2al7rNjj9qLTOeTw/Yhdz9FJae1wVskzSE
+ff62JEyCXyR/zGdxVlxHqx/PI2fcvROllc03IoKUAiWY3owBCHRQygLOZ+sWBFgq
+MPGp8hjJc9piyXQ+9Vx0uzr0+X3PUt2H4w2vk1smcydM5IMtCdcRzPpxarBa5nTk
+vz+VeseTNDWfrOGZNmOs4w0cxVAM1Y7Q20b7/rVkaMxcv6smspB5pbmD4dQtU5KM
+Q5MceGSF5sEOFQGFlSr8DgzGmK4kEfTnk70lX+1Y0+ByBFgHaKfYXiI9w46PYo7s
+lAhN8sJ5Sg2dbxN19CPdI+e20qYyhN6zoKNwbDi+Vbv0
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 691, expires on Sat Nov 19 20:06:34 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICArMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTExODIwMDYzNFoXDTExMTEx
+OTIwMDYzNFowITEfMB0GA1UEAxMWdG9vbHMtYmFja3VwLm5jcmVuLm5ldDCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN9mjl9sNsVFGKBCs2VXrnSJkJ6s
+1QSgLjHpMapYD7vbf0Q68rxeiAy6vcef+JU3mwkSs9NPVbdURrn2h3U1Z/eq2wH+
+QFmSZocn/F8qzxW8hgZhC9cvseIsMo849Dae7QH3rFDbMpmK7aCWGmjUWgw5Jjn9
+LroOxYxOfm49C1+tdOnxF/0jEtue7Xfwl3vtwS63ZMl8Ug99+1U+ii6jQF0j8nSy
+nacz4Sz/Qe03qg8Jd0unoZOAgYw+7yRt/ovHzl+uR+2o8djVQJafELXQjNITevk7
+dTIPLyr3JBg3dHn+oya4SchGxnP4T9/smq6DHncBfom4+K9du7bYj3ZP1A0CAwEA
+AaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU4PHUFzzgzofQn+FPTQRU
+cc0oWbAwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBowGIIWdG9vbHMtYmFj
+a3VwLm5jcmVuLm5ldDANBgkqhkiG9w0BAQUFAAOCAQEAM7Bdz0/YtqlC7pFjZDlF
+nkiAQCueEnC1YOXJz7i/lKY1K6ayRRzxJQzsaIBl2jwQRYcyqdi2Zk4ZOY8LWQfk
+u06UCXhtOG9dl4KCOUBjFlBsiwsAEZNHPZvjG5CUjWbZhn87IzuHSE0gzgHqgD4y
+WqQyhNKqmHE+ePFXiaOoCC2vxBvJWdGcMfN6zVazfJoJ6Btqmmx1J57a8Wh4FY4X
+mWePpxfP4tBS4v3B14PhqHZ1VYE1wGbT+hVmveWlR0f8NaiZskuU9YL1f2aRIrCE
+Fz4vWMCVoQlDRZK3CX2FUtH5hw6kT/qkUlzqOsg2Pl+N1MKGHz4t42NaGGqsqWXz
++w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tools-backup.ncren.net/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tools-backup.ncren.net/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://tools.ncren.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 682, expires on Mon Oct 31 19:14:19 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICAqowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAzMDE5MTQxOVoXDTExMTAz
+MTE5MTQxOVowGjEYMBYGA1UEAxMPdG9vbHMubmNyZW4ubmV0MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHENlV/+qM5UF6kmzRro31h8cXVdziGWyfuA
+hUahCaglBtBBuwui5WCgvg8lB1wE5Eg2UXt9o3T/VKKxRDFkYYnNEZ/WeAABw6El
+iLG7LVbjRgnz0bX7SVM/kvkkMY/M4MDxpLFaFdtNm3oZXgSoQ9MgsMZVSrRMOtsx
+GYPGP69jVdhc+js7KlqrgsC/hsWaJFkCLvg054ZmozyjzA9/gP6D9IdGKfp3M9nB
+zctwPTuOQOI0aMvRLmgKN7K+pgFEJl8Y1T+YFC9Cih3ix+ajUngDvOJFHJSJYb0j
+VR3Z48YwekJHku7eNTwTlmUnV1a5MbqWny2OIlnqJ7Us2ShWuwIDAQABo4ICoTCC
+Ap0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBR3P2auUJJo4/Yb9ZmVed54RggFmzB+
+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMC
+VVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29t
+bW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCB
+ojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZD
+aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdl
+L2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8v
+aW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5j
+cmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQw
+QgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg90b29scy5uY3Jlbi5uZXQw
+DQYJKoZIhvcNAQEFBQADggEBAC99T5WBucNWrEFYnY2gXq4fIjkmZzK3WWXW+SDd
+LiWC+UQ+X4Ki5OLKPL/FOCj1Okhi9kCYXDxiq/241Bg0LyhjXpsvs5Rm0TSRVyMs
+rdajSUqOwKH1ULStn0yB/OGHWeKfjsdpdmJcyCHQaFWo6lSFJpztuhJi2S6hy+WX
+xVmn89SotzCtbsbkobkzNKQSrSOCj55xVTCn8WTMXTaX64KIV7UjfsoaiV1gbd1M
+r0YtuHpDurol3+SyN48qArUDKMn6hrJLMkPZzsC/CVj4uBZrCFIba4qQH3Y/zguS
+W3ZPI1L1AviRoACgy0LTUmUYgpp5lWrfz8OO5uanQFCGV/4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tools.ncren.net/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tools.ncren.net/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.mcnc.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://www.mcnc.org/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 585, expires on Sun Jul 10 17:53:41 2011 GMT -->
+ <ds:X509Certificate>
+MIIFiTCCBHGgAwIBAgICAkkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwOTE3NTM0MVoXDTExMDcx
+MDE3NTM0MVowFzEVMBMGA1UEAxMMd3d3Lm1jbmMub3JnMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEArXq6Oo4EtwNAqxIdBomb6tIUuK9rMozMUxDECM6y
+NBkzASAy2fYpmVx2stpwwTvpl21XHMqNavFzaDQHflF86gWwNIeEBbCDzE2pTj7z
+eR9aPP25WIELTtit0+K5+ti4M0CsCIU+C+qFItsGhsn60TXe51J1YegEGOwSz3u5
+eeRSjTfgnlH+lpZNvTfG7uvPVVTDJmLa6nhjIqyUHuj5Z/TI4F0X3N5bSAKKN2yD
+yURsGzo8o2tR91F3+g1tU3RMna/bRADMcTLdnjB7uT6FB7ueKjat03O+Ckj7pbhN
+lOZTo4C6WLR1yCiFlzqldcvTLrkA2UjIcvXsE5jw4ndxhwIDAQABo4ICnjCCApow
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSlP8OIMNN3oH5xvv7YbX6kFK098jB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0
+cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYI
+KwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggx3d3cubWNuYy5vcmcwDQYJKoZI
+hvcNAQEFBQADggEBAFE4/p4/9Es9PWEeYCyljdpXFC/yutVZlt/t3nOmaItgEfqU
+8O+BlIxnH9UYRLkL9gt2YpLGwvJ3ukGHIxMTr8ktHFoTPU2ivntYmHe4lFbabxoP
+PbLbMcX+HHQzGLN4IASAXCuVfxr6TZbleihqWBeqYUwkXw1gksZUmrKwzyWm4ssP
+BC3zd6/7onuiQLi97dYFw7N5lDocdOfGrEiHLgZIaGgmx1edktGbVoUfPWk94yPg
+wRC11rzU4hYKsgU3kTpDShF/LndS1K1DOPTTU4uS5ldt08ZzRM1i3BmXAn1P2i7c
+7ZK/A+7pvPlqpt6n/gVI7LV+fYPyvBtAQVxnMPY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.mcnc.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.mcnc.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://www.ncstem.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 628, expires on Thu Aug 18 18:13:13 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAnQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxNzE4MTMxM1oXDTExMDgx
+ODE4MTMxM1owGTEXMBUGA1UEAxMOd3d3Lm5jc3RlbS5vcmcwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCzkjk+0143RVEm+F1U9ngn+Bx+5INUV+fBXgAU
+3W996iNfYB9hv5dDk/bDZJuU2iWBUCqiOzHrsBfGoLQO7RWU7uddCJocSsfh0kJP
+KpcjgXtMA+m7yBwEJlId+M/QtuEoP84f6hR92SoBffQqJZIgBA52SdDJgLN31UYN
+avMvadOk2hULnMwKbDor4nrwd/suLX5Lwcp2xvBoBfNIvxXEL2bMMop1G/6NGg7U
+/hDe5I0fVNSQXps8nRr/+vvyGXMCmm+p6tZ+/rX/yJerDg++zYY+FMkhzjrNqTP1
+7RNt7Pwa2NWkml4OdoD5+lb06pQMf6abWrrHEBmzH7QceBRZAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFCwh9E7AkXcKe6BbSbfux7QJ6wdYMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnd3dy5uY3N0ZW0ub3JnMA0G
+CSqGSIb3DQEBBQUAA4IBAQCZqDU4kJicdc3PKPSXnJCZOQrDn5tyQhDKW61LU2fI
+oFSNAv3hdBiw+lJqiBs7SnlY7GHjWlPiwSb1J3Z1aXMpO+Aq4R3SN+hkmJagzq/V
+uIqv7mXJ5JuzQJz2XJXXNs7MKAY2R8AcfCRN6ejPZVClXZsmEEuMDB11KsoDq1bP
+EQjiQaN0Ob2p6b20U+xwqSUGSbqBaEjpGWw+jtP9Q+QLlqExi7Dil43al0vJf54K
+W5TxDpsmw2Bulm8/iqjbnBzUJSRKsdyB2I9IcpKmC1tHFtNUNpdkYDlTMsYCXPeu
+rpuB3N8FIedkUIBPETzfMYFepduYZNnD98VfPn1AIRe3
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.ncstem.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.ncstem.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MCNC</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MCNC</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mcnc.org/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>MCNC Technical Support</GivenName>
+ <EmailAddress>support@mcnc.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Arizona State University -->
+<EntityDescriptor entityID="urn:mace:incommon:asu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">asu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 545, expires on Sat May 28 19:37:24 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAiEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyNzE5MzcyNFoXDTExMDUy
+ODE5MzcyNFowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC5hc3UuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC2hqvIslb94Vc98e3BKoCuKfKFWWIGpD8msICS
+q1EM/Z4pSH98c3rbN8qBtdqO4gweffZPn3HQfrULopROGjAtS2jV+y8+vRxkg6Ty
+yTupH00mgQhxM5+pfO0iPW8hSDjct+LS8RyNFl3qdR9i5OehO/eLtBCOi+yEqsis
+WyaQRQIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRWMiaI7cYo
+BPH7qQ+Wsqg6vDwEFjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJz
+aGliYm9sZXRoLmFzdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAIBzA0ElW8G/Z84B
+qkxKIYazuuOtkujkutypZXDWH6uLbG8Hb77m7oM7Opxno7t07dSX50rLWNBsuNAL
+XSTT3khGKV+nI574DRpc0KcKBO3jJV9bFYOJy//XFSgPJn2EByUwtXsT9slJbif0
+yu9LYxdO1qV1iX1rva4EjOpufiZuPquVDFrqLSkjc2gmiOwzsarFgYZAPvX36Bcs
+hqyoSDIWMBbHdYVLnXWBbkgkevEeCtV2t141KGYvvkVNsVrPeOcpQBL05BhfGDGY
+tmQgQiL0onX5k3CEzTzpvrPMsHArrFh/b3n5nWhPw2YY05/jM+k7J8SB6sdBPj+Z
+WXsKSgI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.asu.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">asu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 545, expires on Sat May 28 19:37:24 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAiEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyNzE5MzcyNFoXDTExMDUy
+ODE5MzcyNFowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC5hc3UuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC2hqvIslb94Vc98e3BKoCuKfKFWWIGpD8msICS
+q1EM/Z4pSH98c3rbN8qBtdqO4gweffZPn3HQfrULopROGjAtS2jV+y8+vRxkg6Ty
+yTupH00mgQhxM5+pfO0iPW8hSDjct+LS8RyNFl3qdR9i5OehO/eLtBCOi+yEqsis
+WyaQRQIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBRWMiaI7cYo
+BPH7qQ+Wsqg6vDwEFjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJz
+aGliYm9sZXRoLmFzdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAIBzA0ElW8G/Z84B
+qkxKIYazuuOtkujkutypZXDWH6uLbG8Hb77m7oM7Opxno7t07dSX50rLWNBsuNAL
+XSTT3khGKV+nI574DRpc0KcKBO3jJV9bFYOJy//XFSgPJn2EByUwtXsT9slJbif0
+yu9LYxdO1qV1iX1rva4EjOpufiZuPquVDFrqLSkjc2gmiOwzsarFgYZAPvX36Bcs
+hqyoSDIWMBbHdYVLnXWBbkgkevEeCtV2t141KGYvvkVNsVrPeOcpQBL05BhfGDGY
+tmQgQiL0onX5k3CEzTzpvrPMsHArrFh/b3n5nWhPw2YY05/jM+k7J8SB6sdBPj+Z
+WXsKSgI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.asu.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Arizona State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Arizona State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.asu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Scott Banks</GivenName>
+ <EmailAddress>Scott.Banks@asu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>UTO EDNA Team</GivenName>
+ <EmailAddress>ednateam@asu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>UTO EDNA Team</GivenName>
+ <EmailAddress>ednateam@asu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Houston-Downtown -->
+<EntityDescriptor entityID="https://idp.uhd.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://idp.uhd.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uhd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 634, expires on Mon Aug 22 20:47:29 2011 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAnowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgyMTIwNDcyOVoXDTExMDgy
+MjIwNDcyOVowFjEUMBIGA1UEAxMLaWRwLnVoZC5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCXANvM7GAZ9lbBlQxrSYzdSngBVqjwJWepCJQOZOY2
+sysuOvM6OAmTgP3+9NzbuRTaPkbKyxEI+fHCxl4YbMD3vNYD1agieivSJ1Sxa5n9
+7UwIexyfetqfrsgcy8HFuh6hRJj3zTL9+rhRMcguvCFT+aogyCEzHV5ZgS/NWcy3
+TTs6fP/PSa2uPJwKPGibpuj7K5DDaxrp4rTegqrqyOxYqn2JfywTi+TSoCaZOZ9r
+nspIqCMfiOqf/N44zb7bpffzbfkaM4jAqrRM94hCKb88y+/pXO90Ezb7wlrLRAe8
+iGNTDRC11GaPYCSFykb2SPbeqh4EFm1BmZ3swwI3Dse1AgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFAymWRX9CrGNIR81JTA0cQ85HMTkMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2lkcC51aGQuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQAH1tZnvuuVasLUG/x6oY8YRmDlgqK2uL4IOzIuqw7qKvFOvN+S
+kiMJRzQK/8lwtGUF9yP69vt0VgHkpTOZDmCZGem5vLsUmOJZ/xDEZZJ+c7VWe4wO
+WjDn6/akYS3N/Kyd1XuTYBIWG+jzccE5Zp5kQvzpAFSVbLOhwgo0JAatSukfPrXp
+mSMXUM67ZsVTadJo6qIS2LGQkhdluiYLjWev7q9/OLooTUjHS6tnGENUsNeij3l+
+So9WUk9WIGlwwGLAu283BOzg2fnsTgpZuS2tbQNFpt9JkyBX/SJqCsENb7egtR+s
+DsG2jmpHLN3WP5yEgfJp1TVN8M0eGEiaePvO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.uhd.edu/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.uhd.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uhd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 634, expires on Mon Aug 22 20:47:29 2011 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAnowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgyMTIwNDcyOVoXDTExMDgy
+MjIwNDcyOVowFjEUMBIGA1UEAxMLaWRwLnVoZC5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCXANvM7GAZ9lbBlQxrSYzdSngBVqjwJWepCJQOZOY2
+sysuOvM6OAmTgP3+9NzbuRTaPkbKyxEI+fHCxl4YbMD3vNYD1agieivSJ1Sxa5n9
+7UwIexyfetqfrsgcy8HFuh6hRJj3zTL9+rhRMcguvCFT+aogyCEzHV5ZgS/NWcy3
+TTs6fP/PSa2uPJwKPGibpuj7K5DDaxrp4rTegqrqyOxYqn2JfywTi+TSoCaZOZ9r
+nspIqCMfiOqf/N44zb7bpffzbfkaM4jAqrRM94hCKb88y+/pXO90Ezb7wlrLRAe8
+iGNTDRC11GaPYCSFykb2SPbeqh4EFm1BmZ3swwI3Dse1AgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFAymWRX9CrGNIR81JTA0cQ85HMTkMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2lkcC51aGQuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQAH1tZnvuuVasLUG/x6oY8YRmDlgqK2uL4IOzIuqw7qKvFOvN+S
+kiMJRzQK/8lwtGUF9yP69vt0VgHkpTOZDmCZGem5vLsUmOJZ/xDEZZJ+c7VWe4wO
+WjDn6/akYS3N/Kyd1XuTYBIWG+jzccE5Zp5kQvzpAFSVbLOhwgo0JAatSukfPrXp
+mSMXUM67ZsVTadJo6qIS2LGQkhdluiYLjWev7q9/OLooTUjHS6tnGENUsNeij3l+
+So9WUk9WIGlwwGLAu283BOzg2fnsTgpZuS2tbQNFpt9JkyBX/SJqCsENb7egtR+s
+DsG2jmpHLN3WP5yEgfJp1TVN8M0eGEiaePvO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.uhd.edu/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Houston-Downtown</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Houston-Downtown</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uhd.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Vince Esquivel</GivenName>
+ <EmailAddress>esquivelv@uhd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Grace Davila</GivenName>
+ <EmailAddress>davilag@uhd.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Liberty University -->
+<EntityDescriptor entityID="https://shibboleth.liberty.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">liberty.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 653, expires on Thu Sep 22 17:55:11 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAo0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkyMTE3NTUxMVoXDTExMDky
+MjE3NTUxMVowITEfMB0GA1UEAxMWc2hpYmJvbGV0aC5saWJlcnR5LmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4WlYMz5ZI6v9BrZaYZmP+unBPC
+go+xykfr7MnLCgjcGbLX3Pv6LAFKN7r+WZDGZuh0FJF8GiXJYm0EkgSj5gSfjLWa
+Js6pa4E+77smRq//CXOlUSjdj0yMLlhw67g32N34BncIa+hJQEofWjLgODRxmOPU
+Gr6TEquiZPGE4EguEhHJybD9W3XQoqiWzuRAbF/Y3ENuWSdU4c3Cpovp6m7l9s27
+TzB4aUwtWaMfi5gMznFHtJ3xleGZtM6djByKSh6L8f1Kkkf5jNudEaLFS+jN/8CB
+MA03PubfrPckCc67WHU7o7AT96wGiU9S+bQoaearevlJdMItk5bZivEk3VMCAwEA
+AaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUsEBbmaJdTRPucQIA1UZ5
+24HKp88wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBowGIIWc2hpYmJvbGV0
+aC5saWJlcnR5LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAUgrkwYTlq4QCsMw3dw9j
+MPVrXljSgRglsQXvnYTybTsIgDK3tAngo+XY2Q7CowR2o1aZrwqqQNHivC59pxdU
+/p2JcF5+GcjCRrguGA7EKoOlcavFWjBfLjR0ONocj+6KTp7/zOQkMsMQiflXTEpf
+kVAVYIaI8N4ngDuBUNxcem70kWpFMD232gpPo8sQI8aNWr9X22xecVq/Eyvm3oRg
+CcrMeFRZ4F4jEKr8ne5MDqZUYnoobG7kujz0OB3Z5WZJXu5NmO3StW3q4qr86Ac9
+UMzBe/HxtnCEGjfV0ViJgKSrmbnLQdj4R2JOOpQ8kDUx7afvKASWpjfb9Sa27dLD
+mw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.liberty.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.liberty.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.liberty.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">liberty.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 653, expires on Thu Sep 22 17:55:11 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAo0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkyMTE3NTUxMVoXDTExMDky
+MjE3NTUxMVowITEfMB0GA1UEAxMWc2hpYmJvbGV0aC5saWJlcnR5LmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL4WlYMz5ZI6v9BrZaYZmP+unBPC
+go+xykfr7MnLCgjcGbLX3Pv6LAFKN7r+WZDGZuh0FJF8GiXJYm0EkgSj5gSfjLWa
+Js6pa4E+77smRq//CXOlUSjdj0yMLlhw67g32N34BncIa+hJQEofWjLgODRxmOPU
+Gr6TEquiZPGE4EguEhHJybD9W3XQoqiWzuRAbF/Y3ENuWSdU4c3Cpovp6m7l9s27
+TzB4aUwtWaMfi5gMznFHtJ3xleGZtM6djByKSh6L8f1Kkkf5jNudEaLFS+jN/8CB
+MA03PubfrPckCc67WHU7o7AT96wGiU9S+bQoaearevlJdMItk5bZivEk3VMCAwEA
+AaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUsEBbmaJdTRPucQIA1UZ5
+24HKp88wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBowGIIWc2hpYmJvbGV0
+aC5saWJlcnR5LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAUgrkwYTlq4QCsMw3dw9j
+MPVrXljSgRglsQXvnYTybTsIgDK3tAngo+XY2Q7CowR2o1aZrwqqQNHivC59pxdU
+/p2JcF5+GcjCRrguGA7EKoOlcavFWjBfLjR0ONocj+6KTp7/zOQkMsMQiflXTEpf
+kVAVYIaI8N4ngDuBUNxcem70kWpFMD232gpPo8sQI8aNWr9X22xecVq/Eyvm3oRg
+CcrMeFRZ4F4jEKr8ne5MDqZUYnoobG7kujz0OB3Z5WZJXu5NmO3StW3q4qr86Ac9
+UMzBe/HxtnCEGjfV0ViJgKSrmbnLQdj4R2JOOpQ8kDUx7afvKASWpjfb9Sa27dLD
+mw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.liberty.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.liberty.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Liberty University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Liberty University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.liberty.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>William Canterbury</GivenName>
+ <EmailAddress>wbcanterbury@liberty.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Brown University -->
+<EntityDescriptor entityID="https://sso.brown.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://wiki.brown.edu/confluence/x/b4D_AQ" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">brown.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 470, expires on Sat Dec 4 20:12:36 2010 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAdYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIwMzIwMTIzNloXDTEwMTIw
+NDIwMTIzNlowGDEWMBQGA1UEAxMNc3NvLmJyb3duLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALJiUuxzSSpZqym8fnDsyuM/RZGXQGa7HISwVFPM
+FRyHWojRKzy17Ea2EtojP3FNqw2v0zAdtc4OGfuXRyY106eJoNmcqbTgaCex+zeC
+D7Vo0zABYx5YR3QptUkzAnoKWP2RFCEXUiN6Cpu8dz9SuQExb6Sj9yeYYOQrPkDE
+GLB6f6MRrWqWje4BdPY1rVRY5X0mDNA1TZ4rEhI19CHpjozj6xV9hFGFCIctDS7m
+xfHQnRz+E7hbqI5f/1A62mVVyv/UORp39Jf52JVhdnxUcAFfFoVNxxS2I0AnNAFU
+O8ypIVCBFOJqQmd3iaFeHCscO7wY6MDyp9fGbrKdYABIM70CAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUd9gkg/AJGCd4Fp1uDSmEGTGhEWQwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc3NvLmJyb3duLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEArp6d+sYNBHSmEd13Hkb88voWkr5mu1EHh80MrwGBgB/1
+eqb0TQqQUMKAll+zmj+zkjcpdo3wEDlRYWwHUi2+CMjomIEqyFCFkSiH76BwFEwg
+xcmDKcHgX838AT1Bf/6S7muTJF+bqFb21yCugGZ3hS8DHbHLj1LqLR4feycZyxNs
+D+ljCT8Dw56Nop8oRCQqkYgQqdMjULSpBsrFTfgKO0OzCyxbvPq39aRMjUtOMdKC
+0z044PObWHWadU/pedaOwnaB/EINlIOPDeYHbhJAaRRTGccYlnG9Wgs+reTBp4jK
+Ht+HOLYVH/hQo8fE76DpgVINNBPHHicrQEfiRQfjRw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://sso.brown.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">brown.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 470, expires on Sat Dec 4 20:12:36 2010 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAdYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTIwMzIwMTIzNloXDTEwMTIw
+NDIwMTIzNlowGDEWMBQGA1UEAxMNc3NvLmJyb3duLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALJiUuxzSSpZqym8fnDsyuM/RZGXQGa7HISwVFPM
+FRyHWojRKzy17Ea2EtojP3FNqw2v0zAdtc4OGfuXRyY106eJoNmcqbTgaCex+zeC
+D7Vo0zABYx5YR3QptUkzAnoKWP2RFCEXUiN6Cpu8dz9SuQExb6Sj9yeYYOQrPkDE
+GLB6f6MRrWqWje4BdPY1rVRY5X0mDNA1TZ4rEhI19CHpjozj6xV9hFGFCIctDS7m
+xfHQnRz+E7hbqI5f/1A62mVVyv/UORp39Jf52JVhdnxUcAFfFoVNxxS2I0AnNAFU
+O8ypIVCBFOJqQmd3iaFeHCscO7wY6MDyp9fGbrKdYABIM70CAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUd9gkg/AJGCd4Fp1uDSmEGTGhEWQwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc3NvLmJyb3duLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEArp6d+sYNBHSmEd13Hkb88voWkr5mu1EHh80MrwGBgB/1
+eqb0TQqQUMKAll+zmj+zkjcpdo3wEDlRYWwHUi2+CMjomIEqyFCFkSiH76BwFEwg
+xcmDKcHgX838AT1Bf/6S7muTJF+bqFb21yCugGZ3hS8DHbHLj1LqLR4feycZyxNs
+D+ljCT8Dw56Nop8oRCQqkYgQqdMjULSpBsrFTfgKO0OzCyxbvPq39aRMjUtOMdKC
+0z044PObWHWadU/pedaOwnaB/EINlIOPDeYHbhJAaRRTGccYlnG9Wgs+reTBp4jK
+Ht+HOLYVH/hQo8fE76DpgVINNBPHHicrQEfiRQfjRw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://sso.brown.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Brown University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Brown University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.brown.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brown University Shibboleth Administrator</GivenName>
+ <EmailAddress>idm-shib-admin@brown.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://groups.brown.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://groups.brown.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 502, expires on Thu Mar 17 18:50:36 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICAfYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMxNjE4NTAzNloXDTExMDMx
+NzE4NTAzNlowGzEZMBcGA1UEAxMQZ3JvdXBzLmJyb3duLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALCyNFQPgtaqUEdRtAPgy5f+QiRwSSa5r1TW
+vcvLTIvcTiAWg+yzd5Xeod+ZejaEi1Y/nLGVYcS7jrMHLQgofDP9liFcZzmLvJS5
+ZIT9sXkYYZC2oi9qR/3PQ17Wat/naCTaxKYjkywmnXsLUfUGeY84SmzIloKNhkTs
+nGT3Izt/9a+Gt8q1Wl5+b7xAVTc6WDs4DnMJlzo/su4LBfG598yrcHCCSgkC+D+q
+6URydpSLVJjtpsWICgEdmjqK2ngYYoq/urvE6pPgvM4c8K133ldw2sEtRLvKnt2L
+5U90GHJKkHXUB9VGUyi/lvHoLyxi0cT+FUYFVnjIYdPtKp/iU10CAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUFjeo7IhQhHwTJIksmjwuNyK4nhww
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQZ3JvdXBzLmJyb3duLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAJJk3YEnwcW0BPIFn3uRhhjB2ygpoJZpJu2hW
+Sh02xoMk3VpuBofy2ZB2Bh6CeS9CuTN2NrbusTKhE5Te9GJITnZAHf+aU02Q29I4
+uEhb7Rjevt+dgj6aHNG6zo5LMn/gSafihafi4XqdHbcvRE8frRBxCnsLsnvJqiZ9
+H/C4SyWJ5FQL8l1Dt3C819UxxLoHkkuPmgVCqR21I/apo2gLIdPt5O/hmmcgqOSe
+ZbfQkDiOcZY41CIU1S8wZQW8rq02kv961BkcUcHBlHTqWfWtpdVQMyB9ArbR4u1K
+SrgwTJ+UKtxeNn1ANISYWoLpxz9qkJjlg/8bzPddxkGR4wwcKg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://groups.brown.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Brown University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Brown University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.brown.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Shibboleth Administrator</GivenName>
+ <EmailAddress>idm-shib-admin@brown.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://groups.cis-qas.brown.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://groups.cis-qas.brown.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 503, expires on Thu Mar 17 18:50:45 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAfcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMxNjE4NTA0NVoXDTExMDMx
+NzE4NTA0NVowIzEhMB8GA1UEAxMYZ3JvdXBzLmNpcy1xYXMuYnJvd24uZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kwxg3WePfG/2MEhA8qwxJwp
+W3KjguVtqBPj/GqIE3UbvVLOR2PmAOvJM47+6ISrVxn+Dz7/vliK0j0I4AduxEZe
+u8dLztZpdEQFjZ/PUKKyRDMwg59dKU+ob/wJbigOBWsrgEnpCMGFC+CY9LRkpXpA
+UnpNeZrv6pFbqVMN7lsAMpLbknliz1sTLpchKD0/5l1q3Vxmiuiu38Yzg6mXEjy8
+IQvin6Oh9aBvi1wgD6ChIUAwVSLIrjp2Fpvzu+b/bnUvBaQPk4DPUsHz7pbrk87K
++HFnmSVQ8BHHoKAwJpMVdc+8VUiLicNs3NcxFWuy+sxm0jdgfX2S3w0VZZExCwID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSwoEGU+I4tcO94KMts
+esi9eNLloTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhncm91cHMu
+Y2lzLXFhcy5icm93bi5lZHUwDQYJKoZIhvcNAQEFBQADggEBABczluBf2UDbPwAZ
+FcuV8sHrvnHXTeNxhXC/dQxs2i0rKHy1YEy0DnBfSGXiTjqWlZ8/GEXSdZRJXT8q
+Lkf0voum2kMY9bpmGjVVoyNTBDIDj31yCWpvcidyEZwY7WbWvhfWx4SCP6FcXjwK
+O5R7FXhaasxsFSAY9dF2kEjmfWnMd46XLmHtgTqK5QPyJ/bCpJu8nz/PRPjghq32
+W9wxIvUp7X8btulwPHCT8Wx3NZ3OSdlzWI0dm3h48O8dusNoirbGB+gYd+qQlse2
+3W1z6NrZoEi3gXFOWUTFf4NbGkVUYgwqUka7h2hlRSeOgGDyoCBeveCbf3z0OAeI
+yg0MMYc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://groups.cis-qas.brown.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Brown University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Brown University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.brown.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Shibboleth Administrator</GivenName>
+ <EmailAddress>idm-shib-admin@brown.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://james.cis.brown.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://james.cis.brown.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 504, expires on Thu Mar 17 18:50:54 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlzCCBH+gAwIBAgICAfgwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMxNjE4NTA1NFoXDTExMDMx
+NzE4NTA1NFowHjEcMBoGA1UEAxMTamFtZXMuY2lzLmJyb3duLmVkdTCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKjNjOCYmjsTRZXKDITnYjPLMcz3bhJl
+JTdm6QXrmluIc2HcK8w5Wpl2fhTRaz9sxsrhoxHhIu9sMAZswJ2bYn/qP1JYApFQ
+uwdHG0zAapWGmrUr5uGUf29J5cxhqNxsPnS8Mk/d35/D1D3J8KyL/DZYND8LZ+YH
+KCy/sPAaxbh4sU22SO0ZDFzSarwL9HWBSNO5inCRAeY/HHAj9WPE303txHkGFmKr
+DsXQoUAE6CYeaOexDfHoo1T05CCCNGbA+Ea0g6iBn1EJuM0XBCMVmJ0J+9Hr8+yj
+JQ9T5Q1hQBVaKBMcQFM5C6XXS902czIl04rUYTOBX3o5kl7eyMr1ng0CAwEAAaOC
+AqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUnZSndHd+52BAPGCya0V2qcIh
++tEwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEE
+gaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUH
+MAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYITamFtZXMuY2lzLmJy
+b3duLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAdsdPtkObCHWynGj3/O67CmFrcZ85
+UtBKjBu0IONrcutMbB7sS7+3YWJTLTYSyXpi66NUeYti3MmB9PEBEz7DHWqq3WNa
+Ggg0lo+ffnq2J62LkYFskNPr/YoyuzocQTT01VfSkigRqMpoMpBV/u9ipnxjygva
+juI1Qi0ptFXr3jFeGEbtf33i85Tbu74LlbKm6/wYJudnX97GpQIRjsBIMCctuLm/
+wzWDeP6Gz+ohtwpu/L6gH63Dr3l5591Eu4fkmZPBL+H4M+89rP9hvM+ztFN34cVh
+EJ4UbTsAnZTTxBVlXy2WGHJW6vX27JPCIB09fdiW+uROn0IoAqrOE81Msg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://james.cis.brown.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Brown University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Brown University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.brown.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Shibboleth Administrator</GivenName>
+ <EmailAddress>idm-shib-admin@brown.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://stc-test17.cis.brown.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://stc-test17.cis.brown.edu/Shibboleth.sso/Login" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 512, expires on Fri Apr 8 18:08:05 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAgAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQwNzE4MDgwNVoXDTExMDQw
+ODE4MDgwNVowIzEhMB8GA1UEAxMYc3RjLXRlc3QxNy5jaXMuYnJvd24uZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCorpEPOg0AWu8a8cf3eRNX8gIwTkUS
+2G1PKCkOTrTiKbIb+/kQBnlgBEBRgGJPouKtlqGGm62Yif5//UPM5zpPKXZf2dM1
+8igz1zWRwayz0+EXr2r2//z2o4LXqwgIGC984FVcyAshsRowyk4NxvCnRbXRs3I+
+YbAjf22NfRE9mwIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQo
+UEzY3tSk7jY8XNb8qenmsV3ijTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhzdGMtdGVzdDE3LmNpcy5icm93bi5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AD/KYjLpaEr6hJTj26KCKcxvXQ0aW9PTekFRfsYjeF911wpdP6wtsJlbX9PtxpGO
+t46sjc+ebunrqos4QhgmlhHe8RQfQ+bII+a4+RycrGBVmVL8lENdp1HXt0fUp12D
+aAEObm8NKVow2x59pUNUH4u/nwoHDNxcXq+OsKXKuXp0YSfEqDa+HlkNfz1SryJ0
+zwQ+0zqyJJmtu8ngoxcLLUpC/aKVPs112YlgYbltYyFcaw9wNvQ4onPhZ34bpKih
+JZ3JXJuE+Qe9/Qx8AzrFnD7i3qsCfVulUGWu0dj0rlk/hAGfnU925A5UM8VFYlYM
+QvShnSrt/DAnqmtx4Bu+Idc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://stc-test17.cis.brown.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Brown University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Brown University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.brown.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Steve Carmody</GivenName>
+ <EmailAddress>steven_carmody@brown.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://stc-test4.cis.brown.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://stc-test4.cis.brown.edu/Shibboleth.sso/Login" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 513, expires on Fri Apr 8 18:08:18 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAgEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQwNzE4MDgxOFoXDTExMDQw
+ODE4MDgxOFowIjEgMB4GA1UEAxMXc3RjLXRlc3Q0LmNpcy5icm93bi5lZHUwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2awp/fgr5ax4h+9sbMzchcUBZ
+J1Pe1vfHMQRlqbo6f8x2r6qnF7nbQdLrzNJIk7Y/flsEa5GL3B3U+vBpFtjasexR
+TJ+E29HGy4fV4xXMFE2kgrsqV/CiXd4y9cc3CG4dzpP2sCDqC33+YrUkbHwwYscA
+nic7gejwmWfA3ZT2QXlsY+ovVjaEivns9IxnFKL8wLI72Nx/++8pP2dKMdvb2Uf3
+b+kxXgAzHFa+S6brgaonTClxfRNGKuNpHXrXutM1JrdMpxoUZhaf1CffkltEra9f
+PnsOzonSlx2R86qTEJbni2iwthGlDc3Y5NEhCGM4igl+xNJLM9SokdUX1jmBAgMB
+AAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFEUPpb8JLk52UBgRvTHd
+NQT2D2FAMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQbMBmCF3N0Yy10ZXN0
+NC5jaXMuYnJvd24uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBgK65jQvJjnQKm1Aoi
+vMxYdYZImPCm7qyQfKCvPX1AHsD3wTXxmm8BB0A4MhvEodx8rvAJXR3aPgOyxGhJ
+Q+d0+NrsGoOKxiRklyRq9xlULCz48OhUJOPpWcmshmLHGBENcM2rLU9lNZpLdPnU
+H1sLchTxILS3L0tQnNJp7c1Kn8YIpBzcglKV6dK6reiLK+7NGVS1O9t7VN70PbFR
+92WQzrozUN9SNEcerszzbcbUtzNSMJrgPAlbE7IsXrLKdE39AUDW+9WcjXw9DQKQ
+Br3nmn6h1L5mqcFyHZ2x235sm2DRJyDH4x+5/VBTOm3wixENzgL+A6tWaPmpExFr
+8V1Z
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://stc-test4.cis.brown.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Brown University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Brown University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.brown.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Steve Carmody</GivenName>
+ <EmailAddress>steven_carmody@brown.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://wiki.brown.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://wiki.brown.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 505, expires on Thu Mar 17 18:51:01 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAfkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMxNjE4NTEwMVoXDTExMDMx
+NzE4NTEwMVowGTEXMBUGA1UEAxMOd2lraS5icm93bi5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDBAadQfT9KJ66pa/qob7Cp0i4HQfDhl/FAzL5d
+Ls/ekMycDsEZHpCouVHUsRmpkgU3MSgtR5MlLPIbNoHiJf6D+2m3UDGCsVGb0iqG
+I72Qwe42fv8/OFK2I47qzv/FSvZS3zmUkuKuu+yyWBpe+c05Wf97IH1pXSKcNVsx
+dBt8pVYt/vOHJljm6uZoML9BybJyORwb9TDw6ceS/L3yFPSMg8MRw3ZMpAL0do8R
+PT0VyP/hISj5EIicDtxY+7dmUwLHf+hOHbCOT/vG+ugpKgC4/6fRgdFXbUuXhtyS
+GzijoiOxRR9F5WGrpStBdAUh/FALgWfLNqo5CrBRRX84dguNAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFHf5QI+B6jmxkv/q4mOFVch6PgjRMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDndpa2kuYnJvd24uZWR1MA0G
+CSqGSIb3DQEBBQUAA4IBAQBV+pfuvgvsgGLAaBpYmDuGb+BpmXKWF3iZFM07Vn1A
+YznQMF815R7uGbfVtm5apfKpb/+dMShqf9mJBuWsO/qQObCefDBhHWDP6sGNl5kP
+0E4035HhkMnYJ95QIRHOCJfkBqaoBtTAdBQbK73PUml9+I4pbwGAH9X9byJGLR9m
+V954AUVI4eRlwfDE9Lzu3M5bpwx93MSM/NcFqI/3TUflz3oFPtaAwdsxgpx/+IdQ
+thnb7Y7Xi/ai2Aaqh3BSDcDt3aexs6qh0w2NSekJpKpt2rxo56JnmM7giIXobOAZ
+tCsh88wUBm9yRylWyMiIbhT7HIPTMsL6UGutmvWu0nT6
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wiki.brown.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Brown University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Brown University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.brown.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Shibboleth Administrator</GivenName>
+ <EmailAddress>idm-shib-admin@brown.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://wiki.cis-qas.brown.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://wiki.cis-qas.brown.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 506, expires on Thu Mar 17 18:51:06 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAfowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMxNjE4NTEwNloXDTExMDMx
+NzE4NTEwNlowITEfMB0GA1UEAxMWd2lraS5jaXMtcWFzLmJyb3duLmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMr/QN0mj26T0MJ+QfxD3fDMsJgn
+UsME0F7BCIIC4P6P1npUE0kHpPeRK6tlJt9Nl4URAa3VIl1c0dsVubhBHXx+Nbn9
+QCyjdXZ9T67h7IgVey8BtrOWcLzBFWgIjG6BNDWggUcK6cyIGE+iySp8YxIgPfzY
+fet4pmIc/6gBL5YilwBhpi+dCx3vKob7pLZaHttvRnzGIVKuZblB2AInbbPtTfso
+rvvS3dKySbWUMkrDklqIA0AdYT2EoGmeZ9K7GrXRQHtLtfiInf3D6cxqWkVu7zdv
+pTaUpRw4v+2zXRaGXJWbV6gbVKRanCe2JbwsZjnKZJ1sF3G42t8jNzRhAIkCAwEA
+AaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUF6fKWsG+o/P187sTygD/
+nZuG2LMwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBowGIIWd2lraS5jaXMt
+cWFzLmJyb3duLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAlEUEHRyaRgTQRMQ24xBF
+vE/T9Zye2XMKb+gAC/h7I5YxoYdK389W8clJaTUa5sC+ugFcPkTeO61W3OUvfo+4
+jVYVzT0l0alt2Be84mdt0N/Ygq5NMLhOeBhPkA/a6iLL1Pzeg41isTLbMkKuxL6J
+WWvKiNpDuW7ecPTLeIiV+JD3S485/063u+bMHMKFBnNuDnymH4mCjo2v8zR7GRyY
+LvPwILvMzD8JfvtTZWf1n87rZNRXNpF34EWWVXn4KYaM8U5PFHTBk1RTyQWWBlyG
+AwLIsLiNDGOFFjNffdCuaX/HWKD8g6lue8QrlnzG51v3n1FPi2877HYOYJzAG6+w
+7A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://wiki.cis-qas.brown.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Brown University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Brown University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.brown.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Shibboleth Administrator</GivenName>
+ <EmailAddress>idm-shib-admin@brown.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Missouri System -->
+<EntityDescriptor entityID="https://shib-idp.umsystem.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umsystem.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 514, expires on Sun Apr 17 18:49:56 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAgIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQxNjE4NDk1NloXDTExMDQx
+NzE4NDk1NlowIDEeMBwGA1UEAxMVc2hpYi1pZHAudW1zeXN0ZW0uZWR1MIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDI6/nXhtVFzK5erQYGwH25ND7iRvZf0EbO
+5x4ooJKQBassTHL3hZoczAzPJx7JnCGceSBSXAScEOcrP0OWvKKONWE/+0f9adAh
+Od3GC3YaTJsBgJmNrEKc34lFuuurhvyyb3Kcld6bMNkX7BS2jcuLCcK0SQeyOF7z
+/oYUGgRuKQIDAQABo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSEAmzN
+RPRbqE8JQB+JOD8z4sIFYDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAX
+ghVzaGliLWlkcC51bXN5c3RlbS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAKGP5wgZ
+0PO1JyOWpgpEB0bmysttxNaJpPVWp/3GqZKFJQ+J0etEo5PPfoG4HbhQTj3z2l2w
+4NC1iPhV5wQZB1e7bbBu39mRrPXzX+0p8nBSp0Y0h1oAqLR3OpR5LNDHvSt5zMsU
+ml7ZP1M0jagRCux6hGUioWVBHU7KQepvTY1xXbfqDB2rwQF8XMxNvkyJYZPANXH9
+VbtFtr+moqltD0aVO0AWsDYW2hMliJ4E8AGnz1Mw/WQxSUA6nNROA2a2B9D7gLes
+IbtTk3LkbjHpCw7U3zdGRs4oucfwBNqYYDAenAlBkmqOiwlB6vLYge9nr7l293jB
+mORImST/R8/kcJc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp.umsystem.edu:7443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib-idp.umsystem.edu:7443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib-idp.umsystem.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib-idp.umsystem.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib-idp.umsystem.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib-idp.umsystem.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">umsystem.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 514, expires on Sun Apr 17 18:49:56 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAgIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQxNjE4NDk1NloXDTExMDQx
+NzE4NDk1NlowIDEeMBwGA1UEAxMVc2hpYi1pZHAudW1zeXN0ZW0uZWR1MIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDI6/nXhtVFzK5erQYGwH25ND7iRvZf0EbO
+5x4ooJKQBassTHL3hZoczAzPJx7JnCGceSBSXAScEOcrP0OWvKKONWE/+0f9adAh
+Od3GC3YaTJsBgJmNrEKc34lFuuurhvyyb3Kcld6bMNkX7BS2jcuLCcK0SQeyOF7z
+/oYUGgRuKQIDAQABo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSEAmzN
+RPRbqE8JQB+JOD8z4sIFYDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAX
+ghVzaGliLWlkcC51bXN5c3RlbS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAKGP5wgZ
+0PO1JyOWpgpEB0bmysttxNaJpPVWp/3GqZKFJQ+J0etEo5PPfoG4HbhQTj3z2l2w
+4NC1iPhV5wQZB1e7bbBu39mRrPXzX+0p8nBSp0Y0h1oAqLR3OpR5LNDHvSt5zMsU
+ml7ZP1M0jagRCux6hGUioWVBHU7KQepvTY1xXbfqDB2rwQF8XMxNvkyJYZPANXH9
+VbtFtr+moqltD0aVO0AWsDYW2hMliJ4E8AGnz1Mw/WQxSUA6nNROA2a2B9D7gLes
+IbtTk3LkbjHpCw7U3zdGRs4oucfwBNqYYDAenAlBkmqOiwlB6vLYge9nr7l293jB
+mORImST/R8/kcJc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp.umsystem.edu:7443/idp/profile/SAML1/SOAP/Attribute-Query"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib-idp.umsystem.edu:7443/idp/profile/SAML2/SOAP/Attribute-Query"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Missouri System</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Missouri System</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://umsystem.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Clark, Hank</GivenName>
+ <EmailAddress>clarkc@missouri.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Hancock Jr, Denis C.</GivenName>
+ <EmailAddress>HancockDC@missouri.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Walker, Brand B.</GivenName>
+ <EmailAddress>WalkerBR@missouri.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Robb, George</GivenName>
+ <EmailAddress>RobbG@missouri.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- North Carolina State University -->
+<EntityDescriptor entityID="urn:mace:incommon:ncsu.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ncsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 484, expires on Sun Jan 16 20:15:19 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAeQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDExNTIwMTUxOVoXDTExMDEx
+NjIwMTUxOVowGDEWMBQGA1UEAxMNc2hpYi5uY3N1LmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALTnJzLSRt2QQkY5unH3Y1zd2fVXIJts+Pc++MW9
+dKq9/Fba3yP3i+SI5ldeO8+PU/vBl263MMkli8yZArbh7dIuLBzuNTRbHBmi8How
+6HAQYqWa/J4mv7gi111k7e0yxjVagfj0PyKP72JVQ5prDVGYi/YlBaic5mVtdRta
+WUgoudmAcpN10cqkX018UF9LVas8HAVQMWKKzxmix9ICAIilVrep0qXJdfLKJ4Qr
+HXY6jVWrhcco+nKx44ggEs2cOFs6ej+LCRGq2WBYicAcOPEkYzAgcJXoBoSgyQzh
+xPMbypWTupI7uxRlSM3j0N44skhF/HyZCujcvCk59qbdEFECAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUd0bT0fZn8kzZVApw511MXYuf5kkwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc2hpYi5uY3N1LmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEATElENKovoVxVQCoqGGxpsFjUsGMpsJ8ULW2giOftj4kA
+QqHhVumwzwSGoRzBAKlQ0Q7uBL8RZKhFgTbswYm6o7hNNlOrSXLTB9bGkUz+jgpq
+JaW7IImQmHlo0/Yh7eUD0DiAkR4QV15LG8xsck6x0wGL2OAdijAioMiwlQWLYeNR
+MV9Kav/8CbtEF2NGdEEfNlfo6LfMSfNw+HqijfpXBhSZK3QNO2QTDWwv3+/aaEBh
+LhL+R1JUcV9w4jJZ7/W/s1EDuHWA8PCDN4/qPAyFPUeG/2sJEP71LdyZ0/oyb78x
+4cgsQim3WAL+C0b61QXcAtXaZ7agxbVSzRZUh+eZBA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.ncsu.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.ncsu.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.ncsu.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib.ncsu.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib.ncsu.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib.ncsu.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ncsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 484, expires on Sun Jan 16 20:15:19 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAeQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDExNTIwMTUxOVoXDTExMDEx
+NjIwMTUxOVowGDEWMBQGA1UEAxMNc2hpYi5uY3N1LmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALTnJzLSRt2QQkY5unH3Y1zd2fVXIJts+Pc++MW9
+dKq9/Fba3yP3i+SI5ldeO8+PU/vBl263MMkli8yZArbh7dIuLBzuNTRbHBmi8How
+6HAQYqWa/J4mv7gi111k7e0yxjVagfj0PyKP72JVQ5prDVGYi/YlBaic5mVtdRta
+WUgoudmAcpN10cqkX018UF9LVas8HAVQMWKKzxmix9ICAIilVrep0qXJdfLKJ4Qr
+HXY6jVWrhcco+nKx44ggEs2cOFs6ej+LCRGq2WBYicAcOPEkYzAgcJXoBoSgyQzh
+xPMbypWTupI7uxRlSM3j0N44skhF/HyZCujcvCk59qbdEFECAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUd0bT0fZn8kzZVApw511MXYuf5kkwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc2hpYi5uY3N1LmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEATElENKovoVxVQCoqGGxpsFjUsGMpsJ8ULW2giOftj4kA
+QqHhVumwzwSGoRzBAKlQ0Q7uBL8RZKhFgTbswYm6o7hNNlOrSXLTB9bGkUz+jgpq
+JaW7IImQmHlo0/Yh7eUD0DiAkR4QV15LG8xsck6x0wGL2OAdijAioMiwlQWLYeNR
+MV9Kav/8CbtEF2NGdEEfNlfo6LfMSfNw+HqijfpXBhSZK3QNO2QTDWwv3+/aaEBh
+LhL+R1JUcV9w4jJZ7/W/s1EDuHWA8PCDN4/qPAyFPUeG/2sJEP71LdyZ0/oyb78x
+4cgsQim3WAL+C0b61QXcAtXaZ7agxbVSzRZUh+eZBA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.ncsu.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.ncsu.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">North Carolina State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">North Carolina State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ncsu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Charles Brabec</GivenName>
+ <EmailAddress>brabec@ncsu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://vcl.ncsu.edu/sp/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 517, expires on Sun Apr 24 18:16:44 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAgUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQyMzE4MTY0NFoXDTExMDQy
+NDE4MTY0NFowHzEdMBsGA1UEAxMUc2hpYi1zcC52Y2wubmNzdS5lZHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC/ZNV9714EEI9DUwL6HwYgo8NA/PAa
++c3/5eWBTxrWW+rdNFiAzJa6EHwy9mTZMydca+muoxOIHPMC99R8jc+Wc/0d5qBv
+7RkNug6PCtckOrOxGiU30WHcz0GXe/t1t0wwaH7isKHrQIyDtEkKxsNCtO0VT+v5
+1aKhDRtHfQngEdodPInwb91kfQtL8oxxmCmLjK8FTvBJZkuPWPCf0wVQSykgzCih
+pc6OxLp2htNOS2vHLBs0LzztO5ClTgGPlE4ftid3GU4LkWty9xYmWQ8O5rMwQXrg
++uToHDMqKu8aix0iKCFThYOis6kMimyX36O8GnKSvtXZYkKxNFz+08epAgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFOOn8SdHS9Xs2LZiBNUH5FlN
+2GTHMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFHNoaWItc3AudmNs
+Lm5jc3UuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQA9rTpvCpDrWI2ZzhRVwkj0Musx
+23jOencz3NpPy3u5lNXXkXvoxk4jiu7eOfnP5J4gDbT5kTpMXEyB80m+fY7I20EI
+ogcx/ChbCPqazat9wFDZ1iB/MmwW0cN2xAUOt4yHHR4LQUOt5Jhlir3GccqQjIMt
+amvfOwyNgTwtEgaSGI3zLrdWAzIEoMMrYoXVa1hEE8Z7WiIH0jc1DKmk+Jbw4qLj
+ssKStWsENBH0WeC/pLpoCbvySBSg+kywOcAaEbKzsfKWXu1llYp+lzKVquNtd3fj
+Z5RIAPlulQUVAaOPixqttVPdPrWC9JmvqiMIyNZ9Drw6efLherwZCCdytX7y
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vcl.ncsu.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://vcl.ncsu.edu/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">North Carolina State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">North Carolina State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ncsu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Charles Brabec</GivenName>
+ <EmailAddress>brabec@ncsu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Ramapo College of New Jersey -->
+<EntityDescriptor entityID="urn:mace:incommon:ramapo.edu">
+ <IDPSSODescriptor errorURL="https://idp.ramapo.edu/support.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ramapo.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 492, expires on Sun Feb 6 20:43:35 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAewwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIwNTIwNDMzNVoXDTExMDIw
+NjIwNDMzNVowGTEXMBUGA1UEAxMOaWRwLnJhbWFwby5lZHUwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAKmSTYhLPiOKhfUhNaGBPHVJygcs2hjCM29VuQn4yneS
+Wqocllu9UyRQFT3Q62vL2TaJzqKEfPPGbgvR3uqOVeXrTEGHAuXHLaUUifhuyM8a
+mLgGYeqkRNp/nH+JGwt2hSl8i1jaD1auc2tViZA6rIB1IHLbGCd4ZXBK1UrBDLXd
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFFSg7+h9EKe/AOUg
+tJW5pKeMYuNbMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmlkcC5y
+YW1hcG8uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCgjLUtnrdonc0Z/mSpiT3FFcD6
+KeOg0JF2mmu0GwDuMT0ODVRywExXeh270HAT4n4F0Kv5IcbH1mjCafKffY49v5bW
+NzmziquxDll7PIjl6qjLQvJTz08cxXuh0TlLfEwzfoKwy7blct9evj+0LqnALPK8
+EObBF1k67Jdoky9Myu5PfRUjBV7qDX41lU14i/AFAENjw5vjh3onnd1507ibB1of
+1ypOIbJYwneXANsYUgScu/udiazRy6bHJrwD/U46Nr6flJMyy+Zp54pUyYybQR8m
+6/q8IBmeZLqcjiZIHgaHSFVekGug0my30N6R3Z1a6RqWkb/zdv+2918DtBPC
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.ramapo.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.ramapo.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ramapo.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 492, expires on Sun Feb 6 20:43:35 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAewwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIwNTIwNDMzNVoXDTExMDIw
+NjIwNDMzNVowGTEXMBUGA1UEAxMOaWRwLnJhbWFwby5lZHUwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAKmSTYhLPiOKhfUhNaGBPHVJygcs2hjCM29VuQn4yneS
+Wqocllu9UyRQFT3Q62vL2TaJzqKEfPPGbgvR3uqOVeXrTEGHAuXHLaUUifhuyM8a
+mLgGYeqkRNp/nH+JGwt2hSl8i1jaD1auc2tViZA6rIB1IHLbGCd4ZXBK1UrBDLXd
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFFSg7+h9EKe/AOUg
+tJW5pKeMYuNbMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmlkcC5y
+YW1hcG8uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCgjLUtnrdonc0Z/mSpiT3FFcD6
+KeOg0JF2mmu0GwDuMT0ODVRywExXeh270HAT4n4F0Kv5IcbH1mjCafKffY49v5bW
+NzmziquxDll7PIjl6qjLQvJTz08cxXuh0TlLfEwzfoKwy7blct9evj+0LqnALPK8
+EObBF1k67Jdoky9Myu5PfRUjBV7qDX41lU14i/AFAENjw5vjh3onnd1507ibB1of
+1ypOIbJYwneXANsYUgScu/udiazRy6bHJrwD/U46Nr6flJMyy+Zp54pUyYybQR8m
+6/q8IBmeZLqcjiZIHgaHSFVekGug0my30N6R3Z1a6RqWkb/zdv+2918DtBPC
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.ramapo.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Ramapo College of New Jersey</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Ramapo College of New Jersey</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ramapo.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Michael Skafida</GivenName>
+ <EmailAddress>mskafida@ramapo.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Florida -->
+<EntityDescriptor entityID="https://login.ufl.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://login.ufl.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ufl.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 571, expires on Thu Jul 7 17:26:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAjswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwNjE3MjYwMFoXDTExMDcw
+NzE3MjYwMFowGDEWMBQGA1UEAxMNbG9naW4udWZsLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAM0UpxKZsVYXooE258HArCHoMjkcmX1ft5IcZicL
+3k2Xb6kMzX3LhTP6WQbompjxGJwiLIGrtKivnlC1HAaJBlUazJ9453l+2K3epnfP
+OkdM48Q7euyVA8pHZCiLcbl4qVi6XHgB+m/6rwBcqQrJOjiYBdbAKWUkzG8r9sqc
+Yk8OLaMSAi9cBMYIwpgr3n2i0I0n7DW6XRtWHcmhLiVpWvD7+IpiJ68lcYhI0Z4Y
+OQa1SVE876w42+Gkgfn0RBL0rLZweunEsrZqMjQZiMhWrzpyDIvX9RBcOUXhDO3n
+kHLpCcBIxU2c/hS7C+axIdXWaLREXz8fQ2q7Yn4J7z9oIysCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUI7NPnfC0TKNmP4JluutfdT5YsjIwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INbG9naW4udWZsLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEAS6+cRugGp9cHAMiuDBw1pLN8YHBFJpxU4n4ibS0uVTn0
+ihw69BiOPj11HzNSCt6mKbu8gg5jlDbj3pXm1I5oABmOVpjkh/+7VU6BA5hKg/Ux
+0mOTzNbs3JFFYJ86+sYuTEZjkSrCTHT3h7edCMULg/yTd/wQ9wEibHAXoasFqLDm
+BhmokdEUQOL1F/wspvFwzVtgsTZrSoHRShWYYsavME/DBy3+Pi3X1QcNBm6utmKV
+XUTzLg3LUp+iFAxzrI9oUL11iehqR+ddrDrgz1/pixLTPD2Y1EJttptdbxh0VJYH
+Fgeueyzjrt/lIVNDdMWgg7IHhJjaaqG2GRL8Aa4nhQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.ufl.edu/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.ufl.edu/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.ufl.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.ufl.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ufl.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 571, expires on Thu Jul 7 17:26:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAjswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwNjE3MjYwMFoXDTExMDcw
+NzE3MjYwMFowGDEWMBQGA1UEAxMNbG9naW4udWZsLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAM0UpxKZsVYXooE258HArCHoMjkcmX1ft5IcZicL
+3k2Xb6kMzX3LhTP6WQbompjxGJwiLIGrtKivnlC1HAaJBlUazJ9453l+2K3epnfP
+OkdM48Q7euyVA8pHZCiLcbl4qVi6XHgB+m/6rwBcqQrJOjiYBdbAKWUkzG8r9sqc
+Yk8OLaMSAi9cBMYIwpgr3n2i0I0n7DW6XRtWHcmhLiVpWvD7+IpiJ68lcYhI0Z4Y
+OQa1SVE876w42+Gkgfn0RBL0rLZweunEsrZqMjQZiMhWrzpyDIvX9RBcOUXhDO3n
+kHLpCcBIxU2c/hS7C+axIdXWaLREXz8fQ2q7Yn4J7z9oIysCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUI7NPnfC0TKNmP4JluutfdT5YsjIwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INbG9naW4udWZsLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEAS6+cRugGp9cHAMiuDBw1pLN8YHBFJpxU4n4ibS0uVTn0
+ihw69BiOPj11HzNSCt6mKbu8gg5jlDbj3pXm1I5oABmOVpjkh/+7VU6BA5hKg/Ux
+0mOTzNbs3JFFYJ86+sYuTEZjkSrCTHT3h7edCMULg/yTd/wQ9wEibHAXoasFqLDm
+BhmokdEUQOL1F/wspvFwzVtgsTZrSoHRShWYYsavME/DBy3+Pi3X1QcNBm6utmKV
+XUTzLg3LUp+iFAxzrI9oUL11iehqR+ddrDrgz1/pixLTPD2Y1EJttptdbxh0VJYH
+Fgeueyzjrt/lIVNDdMWgg7IHhJjaaqG2GRL8Aa4nhQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.ufl.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.ufl.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Florida</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Florida</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ufl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Michael Conlon</GivenName>
+ <EmailAddress>mconlon@ufl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Eli Ben-Shoshan</GivenName>
+ <EmailAddress>ebs@ufl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Fran McDonell</GivenName>
+ <EmailAddress>fran@ufl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Warren Curry</GivenName>
+ <EmailAddress>whcurry@ufl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- National Science Foundation -->
+<EntityDescriptor entityID="https://eauth.acpt.research.gov:9443/sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 604, expires on Sat Jul 30 18:00:12 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAlwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcyOTE4MDAxMloXDTExMDcz
+MDE4MDAxMlowIjEgMB4GA1UEAxMXZWF1dGguYWNwdC5yZXNlYXJjaC5nb3YwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCEHUxUi/b8w8qy4azvwZMQf3E0
+4oIHy2X/HHKRryne6EUPQ7am+rcSsNfFmbRgR1B1NtnxH0Xm392hbiaj9F7ifSKw
+GRNfnOqfPeq6hqoZvmMnywHfocCrgizc1rfR5UAQKKgvxEh9MPHtO5JNGCzJi9Ri
+NKmDK3O9Gfm+bLAnRXufQ8hdNUhgiayw7h9LqxcVgr+7l0D1ihfXu+cMg/YxmNiN
+jHNgswYHaaHaqCYEXcRsXoq07anvUExwXvkUOtyJOQgtPAeA31AQP2hEjk9sqoEm
+pXbykiEI65PX/zi72q7LksZH8BwV+J4FzjAQN+00gqeeWiIC/NkWwfCuxZGZAgMB
+AAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFNzXk4PMtFtgqpnRd64x
+RmJZzmH4MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQbMBmCF2VhdXRoLmFj
+cHQucmVzZWFyY2guZ292MA0GCSqGSIb3DQEBBQUAA4IBAQBqnmOCu5f7q5qKSRLQ
+73ehZ9LzCu/XV9LLGnFTXVo7GX59tarjJlUppv71/JVlWSV4IPNX5NKK6kxhhBUp
+AiYP7T0OtGCjpHbByI2t7mO8+9Q+aKa9pRGLdP0FfXhHuSweiVa9wC8jOHime/rF
+50m13SlEkTm4GAThrsG4qSg3uiuTAX6D3O2CHTxY4ZsWwkPXd9StOnplViRswGqy
+fPWPOeusrl9OmjrYehloJSuZzLM4IcWV8TLfEX0sB2urwrXuroMiVfdAf8llCd4v
+POfa2tO2V1EvPJwfQDaLDVMXuBgyuAqITkSPyouN1Bo2uHcr7h4e3DQqCUFOptMZ
+Xaj0
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://eauth.acpt.research.gov:9443/amserver/SAMLPOSTProfileServlet" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">National Science Foundation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">National Science Foundation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nsf.gov/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bill Altmire</GivenName>
+ <EmailAddress>waltmire@nsf.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Lotts</GivenName>
+ <EmailAddress>dlotts@nsf.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Research.gov Help desk</GivenName>
+ <EmailAddress>rgov@nsf.gov</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://eauthext.dev.nsf.gov:443">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 557, expires on Mon Jun 13 17:53:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAi0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxMjE3NTMwMFoXDTExMDYx
+MzE3NTMwMFowHzEdMBsGA1UEAxMUZWF1dGhleHQuZGV2Lm5zZi5nb3YwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQD1n4SeZ2wH9Fh9uGwvFctloQJr1EOQ
+/uy4XLKjiTqE0MGt1SBahyNqVx5Dep1pOk0eFfdv1GFHY7LNWlcr2wFVzTqpo6Ik
+SJmc8bqC2WgqZLxjKEVyZRV/Jc0Cv8lnOD8q1Ennh4yGMQMXZhFhqYbk+XXz9vGm
+BjXnNg+mrRT9YfvGXUj+Rn1rjne0gjvs4eSWSMNsEgBMQK/2uVEN0toyVVzaDF8q
+Zwo2Ve2lG+wb5hAJ+kdhggY1x1/kUoYzgIUuQft90umXJlWUhe6pUY7XCQby0cyr
+Inp7m9Xzej8MSiR4GSZXQCQhVpeCgbPTHbVaelH5EZKdFNSEVG99MCapAgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFKgcLzKY4PT+eVLxkAlIWoLR
+WGVyMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFGVhdXRoZXh0LmRl
+di5uc2YuZ292MA0GCSqGSIb3DQEBBQUAA4IBAQCEg6tmmXa2J0gJqF92Hdru+xxu
+mTqgDrvkL8+pqFOH1MoiVM+oX+52vtMBzLOqD4GSE+iiESvFUcJ4c9l1HfyuKTVD
+FNJQxrcNv2D2IgZOgZIe89W78EmwUtLwft+EIPYIspCF89GeH5Yc7Q+BZyPIX/kb
+h5P6PyVC0Vfus0b+2eTS0i+LBiKK70Q7STgMJ7bUWIbGyilGBWUEFERWjTNHZrw7
+MGvNpHFgepRC2HeNi4CWw6JCHPrXWVCy/Pnlb1J/w5yzxDHD4a4I8d3Ub2jZYCZK
+jc1pYV5DJzxTyR2jlzOzq+gV/0TCj5t1XISsbHSfCgfbEtjWBICEEbIcYlsZ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://eauthext.dev.nsf.gov/amserver/SAMLPOSTProfileServlet" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">National Science Foundation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">National Science Foundation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nsf.gov/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David Lotts</GivenName>
+ <EmailAddress>dlotts@nsf.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bill Altmire</GivenName>
+ <EmailAddress>waltmire@nsf.gov</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Research.gov Help desk</GivenName>
+ <EmailAddress>rgov@nsf.gov </EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of North Carolina at Chapel Hill -->
+<EntityDescriptor entityID="urn:mace:incommon:unc.edu">
+ <IDPSSODescriptor errorURL="https://sso.unc.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">unc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 495, expires on Sat Feb 26 20:09:58 2011 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAe8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIyNTIwMDk1OFoXDTExMDIy
+NjIwMDk1OFowFjEUMBIGA1UEAxMLc3NvLnVuYy5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCu1p/809RspIbkBHMOAhfjOms1j6yhKSoqKMrQeX05
+Wh0acNGG5SYM5TIXlThOqxWY52m2HwnOEa0umRnLjEQgKK1lnRqOs2LQNo5iRLab
+B+pqpd4m1zgVkp1u1LRb0F/qE0TXE0l2DkJrNCGoIhamvNgBoxTwVcs9f2bKy8RD
+rPx/tyh5XYd8/X4nRw7bUXUXBFCF6GNTAhYpKGMdUHsbpfuXM+sVyXVZO0cxnGA7
+/AcWMp4BHNdilRX54uJ4ioAwECh4Dxw60VZeeENYjDW9JsARgoGuda0FLrrZfOex
+AMfZXGrvUDbko16TccPwZWiXyylbMuBuzo2sq+J6aK5tAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFPKCIKxtSzTD/XZx+QLN/i085COsMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC3Nzby51bmMuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQA3DbkUR0xEze5txCdposWIn+RBWLkpTq+hYK6EayBG76vynije
+VC8tXemkNTinFPcW/cuUulWsJgBtT55ajBkUP2L4/kH27WvvMUzW0nrLRdBppd7F
+YKFassxm8UU1jqmWUIAynubusA9dJ2Ws4/OSrdqSL904yGLKbK06sOjdo239FOHg
+QJk1vexQtA7TDBWatsFTJTVCLU+/AlAsP/DLu5IMU4CmerxdB/WiZ/rdkZftkIMJ
+4Np5f2XpRKMi8ON4d1zN8lNOfFtVbR4dOrLCkuFdJlPiyku4ZBZaWie7e0H6vGll
+G/XQk8xkLEawJyH2ctbDT/xkaichJRXE2eQO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://sso.unc.edu:7443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sso.unc.edu:7443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://sso.unc.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sso.unc.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sso.unc.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sso.unc.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">unc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 495, expires on Sat Feb 26 20:09:58 2011 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAe8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIyNTIwMDk1OFoXDTExMDIy
+NjIwMDk1OFowFjEUMBIGA1UEAxMLc3NvLnVuYy5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCu1p/809RspIbkBHMOAhfjOms1j6yhKSoqKMrQeX05
+Wh0acNGG5SYM5TIXlThOqxWY52m2HwnOEa0umRnLjEQgKK1lnRqOs2LQNo5iRLab
+B+pqpd4m1zgVkp1u1LRb0F/qE0TXE0l2DkJrNCGoIhamvNgBoxTwVcs9f2bKy8RD
+rPx/tyh5XYd8/X4nRw7bUXUXBFCF6GNTAhYpKGMdUHsbpfuXM+sVyXVZO0cxnGA7
+/AcWMp4BHNdilRX54uJ4ioAwECh4Dxw60VZeeENYjDW9JsARgoGuda0FLrrZfOex
+AMfZXGrvUDbko16TccPwZWiXyylbMuBuzo2sq+J6aK5tAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFPKCIKxtSzTD/XZx+QLN/i085COsMH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC3Nzby51bmMuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQA3DbkUR0xEze5txCdposWIn+RBWLkpTq+hYK6EayBG76vynije
+VC8tXemkNTinFPcW/cuUulWsJgBtT55ajBkUP2L4/kH27WvvMUzW0nrLRdBppd7F
+YKFassxm8UU1jqmWUIAynubusA9dJ2Ws4/OSrdqSL904yGLKbK06sOjdo239FOHg
+QJk1vexQtA7TDBWatsFTJTVCLU+/AlAsP/DLu5IMU4CmerxdB/WiZ/rdkZftkIMJ
+4Np5f2XpRKMi8ON4d1zN8lNOfFtVbR4dOrLCkuFdJlPiyku4ZBZaWie7e0H6vGll
+G/XQk8xkLEawJyH2ctbDT/xkaichJRXE2eQO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://sso.unc.edu:7443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sso.unc.edu:7443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of North Carolina at Chapel Hill</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of North Carolina at Chapel Hill</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.unc.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>UNC ITRC</GivenName>
+ <EmailAddress>help@unc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>UNC Identity Management</GivenName>
+ <EmailAddress>idman@unc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Northwestern Ohio -->
+<EntityDescriptor entityID="urn:mace:incommon:unoh.edu">
+ <IDPSSODescriptor errorURL="https://webauth.unoh.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">unoh.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 496, expires on Mon Feb 28 20:07:02 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICAfAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIyNzIwMDcwMloXDTExMDIy
+ODIwMDcwMlowGzEZMBcGA1UEAxMQd2ViYXV0aC51bm9oLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMdN3P1mhuwTWEziQUNexDCNaZGGDcFhfT0b
+lhrDDgwmwDuh2EGk52opAZdOyH3pTYqXgPVcYRoY/hKpQQ84i9xumAwdR8ZJDIx1
+Ih0+L0e4j394siUGnqdTsFqxZmCwPF4Z0a0/azFxp2t4A3nvAa2E1LaCie/aBN/M
+4Bj6ARmfyJHUIWaoFkRG5oWHRMgY7EoKj/P85ZW1K4yRZjKQwbP/cLEcGw3m5imG
+pRX87QJefl+BCvDe0gJyubSr9gzAUtG5ZyennYziqiBl7l6P1yksxVvVdLOzMNyA
+vX6J/PiIFD7OTWvXBdxTZ9zlr2cQspfXCML+FlHX6KrVpGhSTOUCAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUef6YQm61uuMRKMaVTWtAJNOANnIw
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQd2ViYXV0aC51bm9oLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAWRhgFaHNZt8hkAUPUBQHim5nF58DSu9Xpub/
+8V4hnnKUurppdrIjZwBLnlyS5JdA2NpDZ4m2nIYpLdm+zZxbyN3Dywl30TgTp7nd
+DD9F1CkhRKR7O1oT4IdTlw/49cGxQGXa1nOAs11Amu5Z9IsKPZhQ62GX1u3xTaHG
+6CyHN3Y11bAfykNVJZBmmTj0q1sMqvwsWxnsEJ17IFTS/pjEMCKVfu21EE1Vv/sY
+qSO0u+cmWMSEWPX5FQRAzcWrbLHJlAImp3wjA8IM7i2yMy2P7U+ri9ONH4uJYeu7
+7EWE++2XBp6fWWiY2pYYxuclbdi1ipoqLPxhmH/RCSmmW0Z14g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.unoh.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://webauth.unoh.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">unoh.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 496, expires on Mon Feb 28 20:07:02 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICAfAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDIyNzIwMDcwMloXDTExMDIy
+ODIwMDcwMlowGzEZMBcGA1UEAxMQd2ViYXV0aC51bm9oLmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMdN3P1mhuwTWEziQUNexDCNaZGGDcFhfT0b
+lhrDDgwmwDuh2EGk52opAZdOyH3pTYqXgPVcYRoY/hKpQQ84i9xumAwdR8ZJDIx1
+Ih0+L0e4j394siUGnqdTsFqxZmCwPF4Z0a0/azFxp2t4A3nvAa2E1LaCie/aBN/M
+4Bj6ARmfyJHUIWaoFkRG5oWHRMgY7EoKj/P85ZW1K4yRZjKQwbP/cLEcGw3m5imG
+pRX87QJefl+BCvDe0gJyubSr9gzAUtG5ZyennYziqiBl7l6P1yksxVvVdLOzMNyA
+vX6J/PiIFD7OTWvXBdxTZ9zlr2cQspfXCML+FlHX6KrVpGhSTOUCAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUef6YQm61uuMRKMaVTWtAJNOANnIw
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQd2ViYXV0aC51bm9oLmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAWRhgFaHNZt8hkAUPUBQHim5nF58DSu9Xpub/
+8V4hnnKUurppdrIjZwBLnlyS5JdA2NpDZ4m2nIYpLdm+zZxbyN3Dywl30TgTp7nd
+DD9F1CkhRKR7O1oT4IdTlw/49cGxQGXa1nOAs11Amu5Z9IsKPZhQ62GX1u3xTaHG
+6CyHN3Y11bAfykNVJZBmmTj0q1sMqvwsWxnsEJ17IFTS/pjEMCKVfu21EE1Vv/sY
+qSO0u+cmWMSEWPX5FQRAzcWrbLHJlAImp3wjA8IM7i2yMy2P7U+ri9ONH4uJYeu7
+7EWE++2XBp6fWWiY2pYYxuclbdi1ipoqLPxhmH/RCSmmW0Z14g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.unoh.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Northwestern Ohio</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Northwestern Ohio</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://unoh.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jeremy Brinkman</GivenName>
+ <EmailAddress>jbrinkman@unoh.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Wisconsin - Whitewater -->
+<EntityDescriptor entityID="urn:mace:incommon:uww.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uww.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 551, expires on Fri Jun 3 17:56:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAicwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYwMjE3NTYxNFoXDTExMDYw
+MzE3NTYxNFowFjEUMBIGA1UEAxMLaWRwLnV3dy5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDFEmYGAFYpvAv9hJQ4bcZxLeq8YUIVK+bBVIYgrsEF
+Jthtg6QlQwI3gXg+LobVespdYmZVuysE1bf9rLouyZazOOMY+xpuMHQX2hM/Pf+W
+MPI6UoGtyp++UEbiCOWHpEGtfNCTEIzz7a8LHvpktPu7zbZ7f4Ofz0LhfG3KwedP
+VIpW3WXZJatRjbZYl6PUBRGLtY8JmHfohjEgbHjXOjM9Z1p29SXlEpPXKrKzKpiP
+97Qyh/s4RJkN0YTJs3bWFxKHcs3AK0oeSy/2P5Pvj1kMFXS3nVkkIkNfx5x4VH7p
+Pvdz5OKJFUIitsAUe+K2Fmm719hPzvfiD6bz0/i3KYAjAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFFSH0Td+Z2vF1WSqWonMTS1szaq2MH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2lkcC51d3cuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQCtGuqepisYaHHCCAcZZEQ5O0x1C/mwNPLYf/MEFZ+6CHRV0ABf
+fhily4qBu/HoneYD4eEblRKImFc4NRXWHOlsLKU0MYMeViEegO1lI4vgMRqs9i7B
+HHIPxTZvIJDJtk2xCMAy7Kr7Mf3c3itQ3exdKekXtnHUV9zeZV0ZEZrF7+msVyxM
+JrXeLuw/iM//RdPoOGzwWOHf4rWralnwhU9DtMA2ozuvxfQlCW/7B0D1TM4YIpUK
+7sTxjijrx5+6yjHGKt36Jj+lG2XBsHCwToUAkWOV2lBCXhg/nmALTYUfP1HkXEQa
+OIoOa1gQoJbhNQLUSJboL1ooHHk8aPgtrp0g
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.uww.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uww.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 551, expires on Fri Jun 3 17:56:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFhzCCBG+gAwIBAgICAicwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYwMjE3NTYxNFoXDTExMDYw
+MzE3NTYxNFowFjEUMBIGA1UEAxMLaWRwLnV3dy5lZHUwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDFEmYGAFYpvAv9hJQ4bcZxLeq8YUIVK+bBVIYgrsEF
+Jthtg6QlQwI3gXg+LobVespdYmZVuysE1bf9rLouyZazOOMY+xpuMHQX2hM/Pf+W
+MPI6UoGtyp++UEbiCOWHpEGtfNCTEIzz7a8LHvpktPu7zbZ7f4Ofz0LhfG3KwedP
+VIpW3WXZJatRjbZYl6PUBRGLtY8JmHfohjEgbHjXOjM9Z1p29SXlEpPXKrKzKpiP
+97Qyh/s4RJkN0YTJs3bWFxKHcs3AK0oeSy/2P5Pvj1kMFXS3nVkkIkNfx5x4VH7p
+Pvdz5OKJFUIitsAUe+K2Fmm719hPzvfiD6bz0/i3KYAjAgMBAAGjggKdMIICmTAO
+BgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcD
+AQYIKwYBBQUHAwIwHQYDVR0OBBYEFFSH0Td+Z2vF1WSqWonMTS1szaq2MH4GA1Ud
+IwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEc
+MBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24g
+Q2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNodHRw
+Oi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2Vy
+dHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNv
+bW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggr
+BgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9wcmFjdGljZXMucGRmMBYGA1UdEQQPMA2CC2lkcC51d3cuZWR1MA0GCSqGSIb3
+DQEBBQUAA4IBAQCtGuqepisYaHHCCAcZZEQ5O0x1C/mwNPLYf/MEFZ+6CHRV0ABf
+fhily4qBu/HoneYD4eEblRKImFc4NRXWHOlsLKU0MYMeViEegO1lI4vgMRqs9i7B
+HHIPxTZvIJDJtk2xCMAy7Kr7Mf3c3itQ3exdKekXtnHUV9zeZV0ZEZrF7+msVyxM
+JrXeLuw/iM//RdPoOGzwWOHf4rWralnwhU9DtMA2ozuvxfQlCW/7B0D1TM4YIpUK
+7sTxjijrx5+6yjHGKt36Jj+lG2XBsHCwToUAkWOV2lBCXhg/nmALTYUfP1HkXEQa
+OIoOa1gQoJbhNQLUSJboL1ooHHk8aPgtrp0g
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.uww.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Wisconsin - Whitewater</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Wisconsin - Whitewater</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uww.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Nicholas A Ciesinski</GivenName>
+ <EmailAddress>ciesinsn@uww.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Nicholas A Ciesinski</GivenName>
+ <EmailAddress>ciesinsn@uww.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Nicholas A Ciesinski</GivenName>
+ <EmailAddress>ciesinsn@uww.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California Polytechnic State University-San Luis Obispo -->
+<EntityDescriptor entityID="https://idp.calpoly.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">calpoly.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 554, expires on Fri Jun 10 17:53:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICAiowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYwOTE3NTMwOFoXDTExMDYx
+MDE3NTMwOFowGjEYMBYGA1UEAxMPaWRwLmNhbHBvbHkuZWR1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLl+pB0EAHnxoNAwBhKxKdoQLrFNxl4g+2iV
+1LZLFiwRogOnotgL5Axh2aaLgAMdV/s0+N6rd0oBpogTYpuLbWqKSJ9Gv5rSu8SV
+SOlU+ghwUjiliR+QWrW54zu/5wRv3cKwZ8wv7SuIv422rESbDuNB/COkyi4xoQou
+ybpCJbAHvwxcLrJ0ak2YurYqLnackfeezuwaiMIpXPPD5hJwPrQRo85L3NTV4cpv
+qV0jAeEDkuayaFcBiQIBjPxVKMdmTshtsCQapy52KHQ6iPYj/yre7LQReERuHd9y
+SwP6c5BMdOLBaAjvxF97Sq8PMtod2xM0i9KBWxxAKb4k4n1/mQIDAQABo4ICoTCC
+Ap0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQWe94hL8RqkOuP3J/Xpix81JTJyzB+
+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMC
+VVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29t
+bW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCB
+ojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZD
+aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdl
+L2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8v
+aW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5j
+cmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQw
+QgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9pZHAuY2FscG9seS5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBALgqqr5an6EMKSpNFMiYVU2kmvtS515HCKByGAym
+v3kjlpGBHqoTnMoVJRFWXV6b8Ma7NGss8cQjm8YQJAi6zeZK8QOqvY2mj+CjCpTF
+ZO65YGjywL5/r9JOYQ1plPrgs1tMZGptZeEPefBu/YwhLSt0OuRs/pDMgZJclUg8
+JmkKjQvqPnSnQ5kVYlZ4N0Nnz4cONzP+U1KQ9uZfYwNlIpEk3mgInZ22yNy2NfbH
+Xwwy436vetMATqtiJOWr0NIPFqVewydudgsQr+gSoouIVOTkZgOJfz4q0BSS3sQE
+HTHoDnyLj506U+AQpHYmhIGZ+ffbSOaf9oxR9Z3eaE1CUAo=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.calpoly.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.calpoly.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.calpoly.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.calpoly.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.calpoly.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.calpoly.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">calpoly.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 554, expires on Fri Jun 10 17:53:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjzCCBHegAwIBAgICAiowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYwOTE3NTMwOFoXDTExMDYx
+MDE3NTMwOFowGjEYMBYGA1UEAxMPaWRwLmNhbHBvbHkuZWR1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwLl+pB0EAHnxoNAwBhKxKdoQLrFNxl4g+2iV
+1LZLFiwRogOnotgL5Axh2aaLgAMdV/s0+N6rd0oBpogTYpuLbWqKSJ9Gv5rSu8SV
+SOlU+ghwUjiliR+QWrW54zu/5wRv3cKwZ8wv7SuIv422rESbDuNB/COkyi4xoQou
+ybpCJbAHvwxcLrJ0ak2YurYqLnackfeezuwaiMIpXPPD5hJwPrQRo85L3NTV4cpv
+qV0jAeEDkuayaFcBiQIBjPxVKMdmTshtsCQapy52KHQ6iPYj/yre7LQReERuHd9y
+SwP6c5BMdOLBaAjvxF97Sq8PMtod2xM0i9KBWxxAKb4k4n1/mQIDAQABo4ICoTCC
+Ap0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQWe94hL8RqkOuP3J/Xpix81JTJyzB+
+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMC
+VVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29t
+bW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCB
+ojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZD
+aHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdl
+L2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8v
+aW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5j
+cmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQw
+QgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9pZHAuY2FscG9seS5lZHUw
+DQYJKoZIhvcNAQEFBQADggEBALgqqr5an6EMKSpNFMiYVU2kmvtS515HCKByGAym
+v3kjlpGBHqoTnMoVJRFWXV6b8Ma7NGss8cQjm8YQJAi6zeZK8QOqvY2mj+CjCpTF
+ZO65YGjywL5/r9JOYQ1plPrgs1tMZGptZeEPefBu/YwhLSt0OuRs/pDMgZJclUg8
+JmkKjQvqPnSnQ5kVYlZ4N0Nnz4cONzP+U1KQ9uZfYwNlIpEk3mgInZ22yNy2NfbH
+Xwwy436vetMATqtiJOWr0NIPFqVewydudgsQr+gSoouIVOTkZgOJfz4q0BSS3sQE
+HTHoDnyLj506U+AQpHYmhIGZ+ffbSOaf9oxR9Z3eaE1CUAo=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.calpoly.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.calpoly.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California Polytechnic State University-San Luis Obispo</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California Polytechnic State University-San Luis Obispo</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.calpoly.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Identity Management Team</GivenName>
+ <EmailAddress>identity-management@calpoly.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Dan Malone</GivenName>
+ <EmailAddress>dmalone@calpoly.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Vermont -->
+<EntityDescriptor entityID="urn:mace:incommon:uvm.edu">
+ <IDPSSODescriptor errorURL="https://login.uvm.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uvm.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 500, expires on Mon Mar 14 19:21:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFBzCCA++gAwIBAgICAfQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMxMzE5MjEwMFoXDTExMDMx
+NDE5MjEwMFowGDEWMBQGA1UEAxMNbG9naW4udXZtLmVkdTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAsjX6U+8dwzcs10r6RsoD6TiNqUNlE/aLJl4PZ6B41tGU
+/csNfSK62LLyLglHflpaRAKQQqM9Bs4WV4NI+RFnU6bRIxwSiQ9+XEAiA9IYY0ve
+8W9pgbGiNZ0k5bH6Y0RRKRQSEtvmLil+7/x1YV9mafx3gqDruQjD3BgKde9/K/EC
+AwEAAaOCAp8wggKbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUMYZ2ClvWgMh5aou0
+ieTn+0e0X7YwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INbG9naW4u
+dXZtLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAO2zhQ5es23ej2+5TxICnSf4zEUFs
+Fh0Cz4d6viMkSPNQIoZZjCFzfZw0Z02M2zl8mn9MEDz+/eYSujx0Myp79mvn37I4
+KI2+I85TrJqNhdf607pDpgWJRvR5PFeoAnsSySxtH4yxMkoTwCrMQW0wcUSoE1be
+DKmaW+zJx+cZY3nflFoWYSh0D6xM2xcis/WGo1XeSX0u/MPeKz7zvmD9o6LmoHjM
+0K63/igH1JnB0mz9slQkd6RJHpJAaRkVM3viLomNTH27cPs3m5B98TA9PmJ1Q804
+J66gQ1C3t+Q8k7aNbyr0xNatn4qWWYOXARcbE0MEzgCnqHEIi6UauKIsNQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.uvm.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.uvm.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.uvm.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.uvm.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://login.uvm.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.uvm.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uvm.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 500, expires on Mon Mar 14 19:21:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFBzCCA++gAwIBAgICAfQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDMxMzE5MjEwMFoXDTExMDMx
+NDE5MjEwMFowGDEWMBQGA1UEAxMNbG9naW4udXZtLmVkdTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAsjX6U+8dwzcs10r6RsoD6TiNqUNlE/aLJl4PZ6B41tGU
+/csNfSK62LLyLglHflpaRAKQQqM9Bs4WV4NI+RFnU6bRIxwSiQ9+XEAiA9IYY0ve
+8W9pgbGiNZ0k5bH6Y0RRKRQSEtvmLil+7/x1YV9mafx3gqDruQjD3BgKde9/K/EC
+AwEAAaOCAp8wggKbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUMYZ2ClvWgMh5aou0
+ieTn+0e0X7YwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INbG9naW4u
+dXZtLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAO2zhQ5es23ej2+5TxICnSf4zEUFs
+Fh0Cz4d6viMkSPNQIoZZjCFzfZw0Z02M2zl8mn9MEDz+/eYSujx0Myp79mvn37I4
+KI2+I85TrJqNhdf607pDpgWJRvR5PFeoAnsSySxtH4yxMkoTwCrMQW0wcUSoE1be
+DKmaW+zJx+cZY3nflFoWYSh0D6xM2xcis/WGo1XeSX0u/MPeKz7zvmD9o6LmoHjM
+0K63/igH1JnB0mz9slQkd6RJHpJAaRkVM3viLomNTH27cPs3m5B98TA9PmJ1Q804
+J66gQ1C3t+Q8k7aNbyr0xNatn4qWWYOXARcbE0MEzgCnqHEIi6UauKIsNQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.uvm.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.uvm.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Vermont</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Vermont</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uvm.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>SAA</GivenName>
+ <EmailAddress>saa@uvm.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Northern Arizona University -->
+<EntityDescriptor entityID="urn:mace:incommon:nau.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nau.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 526, expires on Mon May 2 18:26:09 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAg4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwMTE4MjYwOVoXDTExMDUw
+MjE4MjYwOVowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC5uYXUuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCX8y0rRjesTLMlyhMMKWWKl0wvc2Jb/MO7Ql2H
+wYfTBvDu6Zo6N7jU7yceSrCapCS5Hytmebsz74JDKp5zGYvRPesYihXf7jG2+D5P
+86bUL2JGw2m5MhTkczUChzvldxvBJtPHhUWfjnHMHyDs3YURvH3B1n3GPijxUF6g
+ha30zwIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSyFvIO3s0c
+5Dfjxy8sckKb+teUyzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJz
+aGliYm9sZXRoLm5hdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAFbZi1VbUV2cwNSy
+ZmFDKXoFu4NQ4tzPstyyq69ntPZF9UtxNDckMYG5NAtU35AP60BxH2sekZq/za44
+xLMr0ep7YkktXwSNpWsZf/5j+/5kEGa01uSFNYJ02QVXmjIUsFNRiSrbY2/KWI8t
+AhpmyhY/j3ishKG4BvSw23UvCNEA7ogstGQmsd4SMQ62/ORsrxvk2D0PcyADFGse
+p3hfp8eZFytv67m/fU7Oa25WYipZ7tSG8Li3HS2nDZe55NgJZrNW38mdjAthFvJ5
+ObavLLK44nnEx9p9O8Fntjd2p3a3765K9NTLByRK/3+dMXxNGpjM03fh0UgkxgZ+
+TRrRldA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.nau.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.nau.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">nau.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 526, expires on Mon May 2 18:26:09 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAg4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwMTE4MjYwOVoXDTExMDUw
+MjE4MjYwOVowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC5uYXUuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCX8y0rRjesTLMlyhMMKWWKl0wvc2Jb/MO7Ql2H
+wYfTBvDu6Zo6N7jU7yceSrCapCS5Hytmebsz74JDKp5zGYvRPesYihXf7jG2+D5P
+86bUL2JGw2m5MhTkczUChzvldxvBJtPHhUWfjnHMHyDs3YURvH3B1n3GPijxUF6g
+ha30zwIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSyFvIO3s0c
+5Dfjxy8sckKb+teUyzB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJz
+aGliYm9sZXRoLm5hdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAFbZi1VbUV2cwNSy
+ZmFDKXoFu4NQ4tzPstyyq69ntPZF9UtxNDckMYG5NAtU35AP60BxH2sekZq/za44
+xLMr0ep7YkktXwSNpWsZf/5j+/5kEGa01uSFNYJ02QVXmjIUsFNRiSrbY2/KWI8t
+AhpmyhY/j3ishKG4BvSw23UvCNEA7ogstGQmsd4SMQ62/ORsrxvk2D0PcyADFGse
+p3hfp8eZFytv67m/fU7Oa25WYipZ7tSG8Li3HS2nDZe55NgJZrNW38mdjAthFvJ5
+ObavLLK44nnEx9p9O8Fntjd2p3a3765K9NTLByRK/3+dMXxNGpjM03fh0UgkxgZ+
+TRrRldA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.nau.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Northern Arizona University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Northern Arizona University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://home.nau.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Steddom</GivenName>
+ <EmailAddress>mark.steddom@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ahsan Imam</GivenName>
+ <EmailAddress>ahsan.imam@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Christopher Michels</GivenName>
+ <EmailAddress>christopher.michels@nau.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://alfresco.nau.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://alfresco.nau.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 566, expires on Fri Jul 1 17:53:38 2011 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAjYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYzMDE3NTMzOFoXDTExMDcw
+MTE3NTMzOFowGzEZMBcGA1UEAxMQYWxmcmVzY28ubmF1LmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAr2qTevzB1DRDOg1noeyVxtKpuyS7uQWbkNCrgLJN
+P9fEI7d+tqa/9ySZhgGzdMSmKH04m/gljh0Yvlu6baIroanXmRDRGgQuuLvXaG/3
++7pooJOtkLOQDAO4xZJlJ6Tbi9Qtb2HZmjscEthH9/dB2UAhWsZoeoihhOO7rCX5
+iUkCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUiswXilgOrjE7
+80lotJJDctpkg6cwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQYWxm
+cmVzY28ubmF1LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEABqpRq3rVwX0Kt5rT7NZr
+TGFWM2a2Di3M8c+2scpZ5m5LcdrqDmlFCWOJjmS85ZgiEg2tnkrdTxvnnSP6t+sR
+l3IvMzzPlTEV9x73iSldAmyAEQA1ZlPZRjRnxHA8ukBmCUtRjplbMEThsGh+FO65
+CAZN8wMevdRx1Od/fkh7TJf37oD1z7zYr64DQGL6ZnpJqD+XUd4eZTDCAOC9D4u9
+Ixj1OJYdsc+qCaqI8+l5vRARjER2UW4U5osFozfcxHnHlw5wPOx0lyrDUx61dNVs
+iYLRKUqiyOBSPvpUXiEjwtWyNcfgC8jgp5/IcIa8gBjK/MkMpaaeCUpsjJa+ubfP
+Eg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://alfresco.nau.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Northern Arizona University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Northern Arizona University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://home.nau.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Steddom</GivenName>
+ <EmailAddress>mark.steddom@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ahsan Imam</GivenName>
+ <EmailAddress>ahsan.imam@nau.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://confluence.nau.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://confluence.nau.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 525, expires on Mon May 2 18:26:03 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAg0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwMTE4MjYwM1oXDTExMDUw
+MjE4MjYwM1owHTEbMBkGA1UEAxMSY29uZmx1ZW5jZS5uYXUuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCgFiofr08E71vrnvsqDLFukdpdVK8fUdYqb+LM
+7Q96D48yYt6oA3vtZiC86MrJ6H+5SwkMAJOjfhpVF+KS+RbQlhVpZVbmoFmcmXXc
+QTXPC4NjhmlSFXSM7jCXW73ZzMuQUKQFJjA60hvfT6XAHZG2oxPZ6doj/nRi4yEC
+P0Q4swIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTpHNfuZdtw
+Lyn0RXv25z6d/o8tlDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJj
+b25mbHVlbmNlLm5hdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBAFQfk/3TISU50VvD
+ayn4lWvjCeOy7h1UV7fmcWV2bljk8XxTf4ha0TQasnQZOtX/+2XlV1GYgOuiGn/O
+VWWhrcoN/Tp5s5Z0SiOiv6U881gkigzz+S8HRXgODHwsdWaMWnBebMhAjEkDXlS6
+vnJlh9AJzZQ+o8uycsd3+q8enQLG8EnCQxjTRDIBlrXgo4Zk4BLxfsaIWNCHflvY
+YOTxinU9hsyzXnvfzj23XgXWSfpWN1AAmgIbnb1h9ryaJno8JLOo484Op1INzL0I
+Igc8Y4hdRX8yOh0IeVXJbtP2r2cUUlOj3Y2eSXdAfMTrOoRopX0BtizqS60mwqwz
+ZJsvtWg=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://confluence.nau.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Northern Arizona University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Northern Arizona University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://home.nau.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Steddom</GivenName>
+ <EmailAddress>mark.steddom@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ahsan Imam</GivenName>
+ <EmailAddress>ahsan.imam@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Christopher Michels</GivenName>
+ <EmailAddress>christopher.michels@nau.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://dev-alfresco.nau.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://dev-alfresco.nau.edu/Shibboleth.sso/DS " index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 567, expires on Fri Jul 1 17:53:39 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAjcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYzMDE3NTMzOVoXDTExMDcw
+MTE3NTMzOVowHzEdMBsGA1UEAxMUZGV2LWFsZnJlc2NvLm5hdS5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAJ6ZI1GJz/MYln2sUkuj9DS1/y37svA0RpO0
+Hbx28nsQtNEdBSZHxESZJngghZ2wOHVH20JcFXsOdsrDmhmU13FxIQfzuq8XQuCd
+98RRISx+9mZKcKQtewRE24US1X3AGbCyJkALTF9dDsplxwLdnvmLO1KZQ4kMxoy9
+VjJ5HJrrAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFMZTdO9E
+LZ2upgt5kBWqRkObQPs8MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FGRldi1hbGZyZXNjby5uYXUuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQB2dArN1M8V
+eE1uDP8kJmZm3PWR7ZH/5iV4go/EpyFeXzwenDnQ8Xlc9U8iNow34wCm9MsXXZ7W
++L4zl6ot+Afy0qMMu0LBMuNUNek+jD9bFp7kUvpRZfZIqc0gUbgAQ99ObU8qhRjo
+C5A1G8kbzrbziqt4mxd3LeBZblTozqV2InOf38EOM2vtvYCd2e3XFaqXMPeBmFJf
+ncaTjVjuRu386DXAySbXOndaSp0XZ1xpdny38w1zwzjOJ258GEGAumyWRgmSAFSE
+6rvH1txJvueDQap6AekFauLj+1I8+GjMZ/3py8X48NA0wBfFjQrlRWW4pCY9Omhl
+9NGX4WHPdF30
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev-alfresco.nau.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Northern Arizona University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Northern Arizona University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://home.nau.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Steddom</GivenName>
+ <EmailAddress>mark.steddom@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ahsan Imam</GivenName>
+ <EmailAddress>ahsan.imam@nau.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://dev-confluence.nau.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://dev-confluence.nau.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 530, expires on Fri May 13 18:06:53 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAhIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxMjE4MDY1M1oXDTExMDUx
+MzE4MDY1M1owITEfMB0GA1UEAxMWZGV2LWNvbmZsdWVuY2UubmF1LmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzLCPJx6ckKjTWZYrHErAJdcqI0Z5WCxL
+5k2IFR0y36UWmu5MG4ztmRS+Q91zmEXhDMlBRU7oUUK4eIEgo07ozGlWmelFJvhM
++fLaxeqetY33+BMErA9tf/LX1IIUNFurBXJ5suVVJQnFJRGeXo1y55vcZOwQmUC5
+EEUTB4ouGjUCAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUldmB
+BczI2D7hKwG92+IeMCoJFoowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWZGV2LWNvbmZsdWVuY2UubmF1LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAVNf4
+JHhJuFXj5tjTzpCq8GwcHgLNFEbCCYdlbWEH+H1vWyjM21h0jC9E/u5eOQPb5oUs
+y5QfADs3eLUJy14vzJtlBO/0jMvqmM1oU1MfTwgHkOO8YJzZpg05vwU+nAZYKAPS
+ip6DE+XHiskUGnM98Nx5ADtAfgbUx4JY5t5Rp5AjoLw5XrFHxMbjZooS2jGlvCok
+o7v171Zoazr+aGEvb7gcZKs3QKGMps2U3N6SAgIIcEf2WMaBrMUEQhHRTruuhBu0
+xSWZV4CvjoXEfrTq5y7r3oaEq6NZPS789zWaHnRC9oLO7gIRwbDTbb0/YCgv8pLY
+qlCC13U5AIJuOIghPA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev-confluence.nau.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Northern Arizona University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Northern Arizona University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://home.nau.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Steddom</GivenName>
+ <EmailAddress>mark.steddom@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ahsan Imam</GivenName>
+ <EmailAddress>ahsan.imam@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Chris Michels</GivenName>
+ <EmailAddress>chris.michels@nau.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ucc504.ucc.nau.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ucc504.ucc.nau.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 548, expires on Mon May 30 18:29:24 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAiQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyOTE4MjkyNFoXDTExMDUz
+MDE4MjkyNFowHTEbMBkGA1UEAxMSdWNjNTA0LnVjYy5uYXUuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC1X57xykOm/CdoipZ5ZgTNqr16vWwi8pr1S9X0
+1WhwFzl/8NJIJykfeTplY4AF3g45Q+0ZPseujZfHymT2DElwHzMKoR/8WGHHML4p
+BXaZbEtWPK+lua1Dqh76HXJ7AVq6H6gq0qUMI7vGGTnySQwciu4gohYSWzduR89W
+9eJzPQIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQF+j/tJtDu
+e++70YsWOx9DtpQFMTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJ1
+Y2M1MDQudWNjLm5hdS5lZHUwDQYJKoZIhvcNAQEFBQADggEBALp6dMlA6YzktooU
+tzpkoGJXeyVx2pM0ohRp6tmU5wWfth7YNeJcoJPU/VE5CFAZanyIaNFlZfQ3zyqg
+7NTMOYy8kWNjjOJT7EsyAwlr+/r/+KRmomXegUi1uI4Us/rlCUdcpTImL+d0/dWn
+EVfrC+RO5Nrk9stgy9J1c9EkiFnFdNdgCnxtcNYFjnHdFAN85v2LzmUDMDRt9xJf
+20Z/km48/IPeCXBC8h+8wu2yCK0YrtDgcwf2mzwIFJCoFZmqN61H8KxJyFAWOmwE
+/UnlPFFbS7v8iGJ/heo5GAeWMqcnGzbBc23AJS/mVdf9lCS6DI3GPLkchSo/6Z3W
++Z6/9ko=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ucc504.ucc.nau.edu/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Northern Arizona University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Northern Arizona University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://home.nau.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mark Steddom</GivenName>
+ <EmailAddress>mark.steddom@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ahsan Imam</GivenName>
+ <EmailAddress>ahsan.imam@nau.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Christopher Michels</GivenName>
+ <EmailAddress>christopher.michels@nau.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Washington University in St. Louis -->
+<EntityDescriptor entityID="https://login.wustl.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://connect.wustl.edu/selfservice/" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">wustl.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 596, expires on Sat Jul 16 17:55:27 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAlQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNTE3NTUyN1oXDTExMDcx
+NjE3NTUyN1owGjEYMBYGA1UEAxMPbG9naW4ud3VzdGwuZWR1MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDjy1V+HXMkpn6Hizx/VxEDiD5IBK5JWuLg7wDN/AQ0
+GF0KAmSY7wWFKGltr8ONDk2/1XwywHHDHzAg62s9+kNiG4igLv9b/+3SsizNyjr5
+YkYzPzm4LUVjAGuidJFhLMJqpGk+jUX7jQtUxYcJtpposqWCd7FYiUj4HDz9XAQf
+kQIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTND5OUnZuc/ulj
+KtvjdSOt8z71tDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9sb2dp
+bi53dXN0bC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAIDqxNd131FYYJpg01x5pRkx
+jawEs9wGCHX5Oh55DyjVdcjnTmqTlzXFR/EGiRUH6H4AwhjEa0fpFUwYQ7fcwT4E
+8ZLLAILymq1CZ3/L6x4HjTSbvBHIzgvQMrKhYUfKx1SVJz1YwjzXYZnRiBj+zkDA
+V5tcc57czvz2o7xqaDxZFLK3AsxTDInTFmgnoT07PbEW2CFsaQ5Xp5Pj9H963HJa
+7WrdMDtiyHUAzlaqQ2Z91fSd5jQEMGz5XWbU4HDPTAH7k0pU+nHrTTnMcWeBCDei
+k8P3qY4Tw/Uw14wL+RwQGNE4R8FtgwGF8P/Q5wTAi5q/P3k3DqGxw8pMbW4S3Bk=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.wustl.edu/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.wustl.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.wustl.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.wustl.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">wustl.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 596, expires on Sat Jul 16 17:55:27 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAlQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNTE3NTUyN1oXDTExMDcx
+NjE3NTUyN1owGjEYMBYGA1UEAxMPbG9naW4ud3VzdGwuZWR1MIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQDjy1V+HXMkpn6Hizx/VxEDiD5IBK5JWuLg7wDN/AQ0
+GF0KAmSY7wWFKGltr8ONDk2/1XwywHHDHzAg62s9+kNiG4igLv9b/+3SsizNyjr5
+YkYzPzm4LUVjAGuidJFhLMJqpGk+jUX7jQtUxYcJtpposqWCd7FYiUj4HDz9XAQf
+kQIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTND5OUnZuc/ulj
+KtvjdSOt8z71tDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg9sb2dp
+bi53dXN0bC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAIDqxNd131FYYJpg01x5pRkx
+jawEs9wGCHX5Oh55DyjVdcjnTmqTlzXFR/EGiRUH6H4AwhjEa0fpFUwYQ7fcwT4E
+8ZLLAILymq1CZ3/L6x4HjTSbvBHIzgvQMrKhYUfKx1SVJz1YwjzXYZnRiBj+zkDA
+V5tcc57czvz2o7xqaDxZFLK3AsxTDInTFmgnoT07PbEW2CFsaQ5Xp5Pj9H963HJa
+7WrdMDtiyHUAzlaqQ2Z91fSd5jQEMGz5XWbU4HDPTAH7k0pU+nHrTTnMcWeBCDei
+k8P3qY4Tw/Uw14wL+RwQGNE4R8FtgwGF8P/Q5wTAi5q/P3k3DqGxw8pMbW4S3Bk=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.wustl.edu/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.wustl.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://acadinfo.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 592, expires on Sat Jul 16 17:55:21 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAlAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNTE3NTUyMVoXDTExMDcx
+NjE3NTUyMVowHTEbMBkGA1UEAxMSYWNhZGluZm8ud3VzdGwuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDvKVzUNPG0QAw8ueBmBdDKOJOZtXnNwrygf1XV
+hyiMmWQWUVmt1I6+KPhYVxP5XUGU8AbyQQz4EBo4kEOhlouEILuqUHL0JZOAp1+x
+wBVBiupCiPgNgyAUp16Ty7uow0kcsQWqtkKNkXRJIgupPZIWyJGFY4DL/SgfYuSJ
+5XtUzwIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSA67jhRkUo
+h5lD6D2mN+wE3flU4DB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJh
+Y2FkaW5mby53dXN0bC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAJlIdG4DAHjTuXtJ
+5iw7ql1VfNaC+g1M3uLbH3DDrbPgXPV6dPz6IXotssDcV0Nr6HGhA/MaPVhRwFOq
+HNltoghGj+BgI/iYle7aS6NH6jFDx/sIi5/qskMTWcXGxVEglx9CMGoqOt7dtoLS
+BTwTvRqQjaNiod7Qt26vh5zMjym4hYEZ4fKy3XWzDeH0elP5weJkgdCooBC6efFy
+t8P/yzTFkOYt/mISrYpePnZztajP7k0jCkLTcmEg52rhHFznXPndO6xShsDkNriU
+c89UjhysEIk1bPXU37JZkjAHYVwdl0++1FqBQM/yx8szknN5wMSsCcwVp3qoF+5j
+6CqHxOs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://acadinfo.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://acadinfo.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://acadinfo.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://acadinfo.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://aiswiki.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 683, expires on Thu Nov 3 19:56:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkzCCBHugAwIBAgICAqswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTEwMjE5NTYwOFoXDTExMTEw
+MzE5NTYwOFowHDEaMBgGA1UEAxMRYWlzd2lraS53dXN0bC5lZHUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVhjZwaSxpYxdzUJ8xrlhtgNmKgogQpLhO
+am+ZAm+D/6UL4w0Ib0e90836TI+2JRNx34JqdXag2Tk0N17gYpHG6MG+fly8VksR
+L0rHidZBkUQUltxc47jBJkm1UK+a6ggMLJEKTpdaSFq3JVRVb9kgcPO9CxD5XPex
+V5hwvSB3iTNcDxJ4PMXUgH0XUUbdq3k2241C1stwPZ2kDu1nbGrDvh13HE1SQzan
+YqqBNQYjhkLqk7aB95yw42+Qc3W8/s4XOfDzohhffpipwyoKW1jFP+RjF/g01Wsl
+qe8lx1PUdbMGD0GO5lI4sylGpqDaAlWkLz+z8x8o/IAxGaG06F6BAgMBAAGjggKj
+MIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFK98Q8J+IhbB7+fBH9t5M2DIpYLf
+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQG
+EwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5D
+b21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGl
+MIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAC
+hkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlk
+Z2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6
+Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxz
+LmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEw
+RDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEWFpc3dpa2kud3VzdGwu
+ZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBu7FBKEGhi548z/8qDtUJj27NZhmoJiV0B
+uEussm/kBWpKZMwLisBfJ/otYZSTVp9VPJ2U6EiFPBBdHX3cSaJG1g/eSHu0Tg7j
+1495jEdmVLAyzi0MAejiFEc1EDjP8Ao/bH8I2tHO+gA4ahHbVYxByHtNHkcqCw1n
+t6Az1Hc55YgU5SktfOpkMmZtDPpB13EeUUUKvuzqGCYf+OpGnue7EIA5KDHgJNYl
+fS7jVrXaqrrfKLYM9ldFO9ZctcZ/Cz4+gmx8v5uUpCWhTXLqynuNVGV16A7LBBnD
+wHNqxq34+AjTE9SSNkR9FFiAFgw/ZhmSr3bd8kEM3OZuHOwArd5O
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aiswiki.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aiswiki.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aiswiki.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aiswiki.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://connect.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 593, expires on Sat Jul 16 17:55:22 2011 GMT -->
+ <ds:X509Certificate>
+MIIFDzCCA/egAwIBAgICAlEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNTE3NTUyMloXDTExMDcx
+NjE3NTUyMlowHDEaMBgGA1UEAxMRY29ubmVjdC53dXN0bC5lZHUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBALv6IL3RCwCSX5wbnWEVgvC0ZRA9pRtoAKM9fUQP
+cC0oib/cSZ/ko5NsrvKbesSILC3G3y4Lc8nsscAX4gqmky6mnBD9WhUBmX5DmdGq
+lGk9jUlSnPs8f0wWFSlReZQUMINLnxGCsBWnS46sS9xT1y6Y2yZaE1Qxe4M8odlP
+KTxPAgMBAAGjggKjMIICnzAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAd
+BgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFHiWvEMPD40C
+/lENApmCd/skH99+MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqk
+WDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEp
+MCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIG
+CCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIw
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYL
+KwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBwGA1UdEQQVMBOCEWNv
+bm5lY3Qud3VzdGwuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQB9VP9l4eevqu2BujXK
+yduOpCc9qpJxLzpI45TIgKylSq0ji8+gsKwT9CAm0hLIqENsuQulvjrCnqzP0dG+
+S/eZffT7jzVocvV0UGExcWt1w/VyO5zhsH2PgSJnAKVgBxex8M6Q/lxqG/sqtVww
+gn3efXSzUSevpcQeD3xbUwuHePIA36PQE3tbWVrtvVM0sb3zkRExgYjrzy2SFZqn
+Jci/tCnhrG3BtvQz3dXkNQvIu7v5GweogT5zllXpmsJA1PmmUk4rTLeav4s0LEC4
+GeURNfKkoI6tOjH61z1u6NS3RBot+SIqS9ypO/4wtUxlThdYJU+ECpGIIJ7n6YsA
+ThDg
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://connect.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://connect.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ehsaweb.wusm.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 620, expires on Mon Aug 8 17:52:02 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAmwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgwNzE3NTIwMloXDTExMDgw
+ODE3NTIwMlowITEfMB0GA1UEAxMWZWhzYXdlYi53dXNtLnd1c3RsLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwySBDJeE7cdErQGstGr0dFa1dX2s0ULq
+Z4O1b8P9Rf0cbCRcjcZRiaKxhNSuPoqGQ6BHjiwecnxFvNdxSzu6l8k0ZO6oSJ9n
+MlUDMAZ3PoxkmUerN8BlL8QJAM5GAjefXv/kPIZD1wLrGxtHKGgkLjQWu1An9Jcx
+JkbaBMxYu+MCAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUs1LU
+OMSECVdZHi9gLL6uXGmqz00wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWZWhzYXdlYi53dXNtLnd1c3RsLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAKc55
+yzgqG+49zWac8rN+bdJYYe6H6oUinQXNTazpr+NfFECMSDRsPRFK0NO4yDPiJFcX
+SF6yJVAqx0g75jsUQdFrVHNgKWSQGtfmTBOOkpEBES/tfBFNnIirvh2wIBt4TZ32
+N32fWvzVcq/k+GPuWccm6ecxaZLTZVxampwWVqxc/e6d5jZSD86pqq+wio6HOaop
+ltUYWUdYQ7zMNk+7O51ynX9+Qjah667q0OFAe3bDuf4BuBx1iRy/nxaldEPqkY+m
+U9qSMtc+cVjjo26GxRtowzecVkFJ/+dSWwpAzE5VXIdyVhryr348iS72Pr+c390F
+cQP2sKXtkadC5Bs9dQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ehsaweb.wusm.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ehsaweb.wusm.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ehsaweb.wusm.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ehsaweb.wusm.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://gis.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 643, expires on Sun Sep 4 17:55:40 2011 GMT -->
+ <ds:X509Certificate>
+MIIFBzCCA++gAwIBAgICAoMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkwMzE3NTU0MFoXDTExMDkw
+NDE3NTU0MFowGDEWMBQGA1UEAxMNZ2lzLnd1c3RsLmVkdTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEAvJN0rwCMSxUGz9FNgViSAPw3nGQgEX9BMLUOgt50+EVq
+KvaNXug93R/RSa8JtFydOWMNqsFKFHorPkagrYScCxy35NiFE0uRUSTBQj3MxjHf
+bqP6qMVI2mJANBQgjpuBKAZXRNhFUg5m+iOAPtx6E1Q7fFPjR2j8scJs+tCj0XMC
+AwEAAaOCAp8wggKbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUDxp2k5JAITSAnKTV
+4Toli9ULRw0wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INZ2lzLnd1
+c3RsLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAs96oK5nRhYcprDm01jMvVSjUnRdw
+FTig4k2amSMD4GIM3e9U24shWLw3NeXnnY0tMarXiUFuJ46Og3OBtjeG6rkk4SZt
+dORGXNWqLVFdlUy2gUJANdMomPMvzNHrSCTYe/X9fZCq7EMkxdfaI/WLKUl1pgjA
+aFiaekGNwrTMB/7B+vmVGlFHHVXC8TCPp5vw0IESGqgEoYH2Gh1dG+HCnUZMP/u6
+B3UnrXJQ0UdQ7pajCHU1VLdLv8m4jOYrpjlrxVV2ceWSH4BavQt00Z5obEuH2p5Y
+M1LYpyuE6/0y/Oqqw7vgk0P7V0nwfIK+lCEmP3b9Gdos2W8v/PgxkMiDng==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://gis.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://gis.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://gis.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://gis.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://istbilling.wustl.edu/selfservice/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 594, expires on Sat Jul 16 17:55:24 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAlIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNTE3NTUyNFoXDTExMDcx
+NjE3NTUyNFowHzEdMBsGA1UEAxMUaXN0YmlsbGluZy53dXN0bC5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAKRi1P8o8ZEADZ+OCLfibdZyqITuCtt6j2W8
+NdH6cUHM30YHbh2bg1vchtPSYVuuK/up507oIf4kx1Y7cxdYFa26w8hiUt0YG0KW
+lxlxvZeuhjqsJXGYWhBxKZeDhB9W01LHRk2+DUa/FkkwFB3I3u+Zvih2TzSvGTdL
+4VrzZ/SnAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFGIERk5B
+ZAo48gH1wu09EdHeQVwhMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FGlzdGJpbGxpbmcud3VzdGwuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAABg04Mf86
+hF0Lo6RbwJk609iNSmiOQ1A1yXS1v6g3KvLRLKMqJTcaNn5N0el79m5V+l9wrGFD
+s3L+Cx/FrUkPnxZDAg786ozIZbM1QdbSaPTY+HNysfloDJwqpokel/keEkyK92Ny
+1RGLMK88GsqtnfMBQ2lVetMUlXcGgr2pq44A9U6IjMYAwl0r2gJZh4CElvuOCaGc
+LOSsIr7ae5toMJLE/n3tIiVxCrV/u8pB1VflkdT4/XjMC59OyHmdlVS5n+Y7pvQp
+660XzjOygi785AGnyj2MNPE1G02sZo9uGmesEESQupSucA/8z6OuDingIgC66MN4
+PUTzmn3cOlgm
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://istbilling.wustl.edu/selfservice/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://istbilling.wustl.edu/selfservice/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://istbilling.wustl.edu/selfservice/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://istbilling.wustl.edu/selfservice/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://istest.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 595, expires on Sat Jul 16 17:55:26 2011 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAlMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNTE3NTUyNloXDTExMDcx
+NjE3NTUyNlowGzEZMBcGA1UEAxMQaXN0ZXN0Lnd1c3RsLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAxN9v4IZVnQ7NlIXXJ8oSC0/VBkW5c4pgoa4lqcZk
+sdLNeN1l2HNXRFpQKwvm6zWM/Oana7kCohWkyTyqZeriYBTPPwr94xWg323cYqlH
+qvAGzu2QuzSs9cmKuiadGQJgEfgJXm0xA7rT+uKvEopBzjgH+uwj3hVgzlci5HHz
+EZkCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUvJhisOuRHYRI
+g7NfExUUYOJW24wwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQaXN0
+ZXN0Lnd1c3RsLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAShplUJb6XP4+bmlqlYGv
+sqWBl0uyosGfBmSWae6ll9AQkGtsc7jEc4ZSs+Mbd6LAQlKedzzTX2G6Q/pKhxpX
+pT/tpHMmPI/2YbfntTR5YfJohl4IzjN6aA326aO2W1FCmEmWU05TTwt9JpGq9HPw
++V6aaxuZAXd0HEoxTqMD/YaA6QwTZQjGNWBn9JTJOsIAng4OFyDJ9sd59P377Vh4
+KNDGxGR1eM9HZPCj1twgR2wkJu3YiEXJMl8V/ZvgbA3AOseZJaGE09s/Jig6HPJI
+5qm6c0do51HOvAeShHCjxQxw+8pEMrTjp9wHQOT/Vxwteyflj+GzVA+IxUYPcP6Z
+HQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://istest.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://istest.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://istest.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://istest.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://telesis.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 592, expires on Sat Jul 16 17:55:21 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAlAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNTE3NTUyMVoXDTExMDcx
+NjE3NTUyMVowHTEbMBkGA1UEAxMSYWNhZGluZm8ud3VzdGwuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQDvKVzUNPG0QAw8ueBmBdDKOJOZtXnNwrygf1XV
+hyiMmWQWUVmt1I6+KPhYVxP5XUGU8AbyQQz4EBo4kEOhlouEILuqUHL0JZOAp1+x
+wBVBiupCiPgNgyAUp16Ty7uow0kcsQWqtkKNkXRJIgupPZIWyJGFY4DL/SgfYuSJ
+5XtUzwIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSA67jhRkUo
+h5lD6D2mN+wE3flU4DB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJh
+Y2FkaW5mby53dXN0bC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAJlIdG4DAHjTuXtJ
+5iw7ql1VfNaC+g1M3uLbH3DDrbPgXPV6dPz6IXotssDcV0Nr6HGhA/MaPVhRwFOq
+HNltoghGj+BgI/iYle7aS6NH6jFDx/sIi5/qskMTWcXGxVEglx9CMGoqOt7dtoLS
+BTwTvRqQjaNiod7Qt26vh5zMjym4hYEZ4fKy3XWzDeH0elP5weJkgdCooBC6efFy
+t8P/yzTFkOYt/mISrYpePnZztajP7k0jCkLTcmEg52rhHFznXPndO6xShsDkNriU
+c89UjhysEIk1bPXU37JZkjAHYVwdl0++1FqBQM/yx8szknN5wMSsCcwVp3qoF+5j
+6CqHxOs=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://telesis.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://telesis.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://telesis.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://telesis.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Humboldt State University -->
+<EntityDescriptor entityID="urn:mace:incommon:humboldt.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">humboldt.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 549, expires on Mon May 30 18:46:48 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICAiUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyOTE4NDY0OFoXDTExMDUz
+MDE4NDY0OFowGzEZMBcGA1UEAxMQaWRwLmh1bWJvbGR0LmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAIobfOptbMRmZfxAr5j5iDpNzctKRRn+f105
+qejIvk2diU5AYo5pDNcbEBEixdV0ikWwqHh2PH2D2FvpQDikQU7CPcLHCcuSbviy
+pIyJIuGM1cfnirzFSkCjhgKqIjgTEKkCJzZgNKFqikWnEGf3ptn27z3H0GRZCC+B
+5ahmBJSO17iBuyQ71Qp+3pH2Pq0ffoOpRuTutfQUpsM2Qw1t5AG7j1F/fvw3vzrc
+HxwlWpyuDtcOlSiCezrcIJdx7ejK+G0aoqihe8HuHrD2Wg7vmRFsC/N9/S+7A+sV
++uAaxI1JSt0M+twXDiMuPvcdlh82kiEB56njXsDcJm5UrskYR5ECAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUKdif1++SY7RXkOHiEkduH4q/e/Yw
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQaWRwLmh1bWJvbGR0LmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAOcwPpeqe61hu63uwC9PVYZNOyxzc2f2h0ii/
+SNLOlbbolZfxMKbuxLXcYCpy1IXxlzBx4hieTRYTksHehIHcDK2dM52F1AMumRo3
+EMSh1TTRn9Z6xK9ACypa3Ah42+qdvCXDT3je/DCQK4gkTlXd9KE2hv06IemHD9V+
+Eo7yhlY9Nd2oOVWCLV6+hNqrR56gio6b0SWf97B1LAlkPTW0iLaldmLui1dW6EV0
+8pWQYq0T+m/F/Hzj730ntKD9AYN+VBCYxIPKXNPqBsKkBqNO8622mYNPcS5rbfUj
+MA1WuRhoHwRbAV7L/wak8BuONBWFl1zr3+/hOj3F1/Xpeomhag==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 546, expires on Mon May 30 18:29:21 2011 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAiIwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyOTE4MjkyMVoXDTExMDUz
+MDE4MjkyMVowGzEZMBcGA1UEAxMQaWRwLmh1bWJvbGR0LmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEAsVpXWRlwe1M2y5c+D5PjH4KG2ObTsfTVop2a7v4W
+/KyqWMWepoq0/RW6MqYEH0JlOrQfnn+AuCtdT0CAo7fBab5iZruVowHUJ7FDqFvH
+gHj+02iUeFPZh6Esb2xZGa1/PMKjC9cCTf/kROapeQ22BcDTEuLx/zVB7tmIMvqt
+xWECAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUZCbAzIYOtLiB
+EkPzceG8+zswT28wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQaWRw
+Lmh1bWJvbGR0LmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAXHsHlfLGU3TUWRYGwyB1
+mFVnsWhi/qfk9lLUCHk+95zM8loJ19R8XlWdlbWtLDpu+64peRCXRvHmjeZXCwP2
+NUl/34LzaUNY8Bnpou5Bfy9KIb1AUyA/IhOO3QX4Fe7MEwWEGPFTpMoCVZciWV90
+BdKcWw+zk4oNMJhEdp4nAunheUviT2lRt4eoEZfL+27HRwaWhAQ96N0F/DdPAOYh
+Y1L22Q+6A0zQlNEO3KKaNnZ0OIDhyQA8rm0P+ZAwAb1aXUXOoZqCA4/KCLa9Dc6R
+zGZ/8LHjegpQqTCefnIX47KSVTRhlKgkvAnUDYnUzi8r9JK3jExGLE4v72oHvYAJ
+BA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.humboldt.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.humboldt.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.humboldt.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.humboldt.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.humboldt.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">humboldt.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 549, expires on Mon May 30 18:46:48 2011 GMT -->
+ <ds:X509Certificate>
+MIIFkTCCBHmgAwIBAgICAiUwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyOTE4NDY0OFoXDTExMDUz
+MDE4NDY0OFowGzEZMBcGA1UEAxMQaWRwLmh1bWJvbGR0LmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAIobfOptbMRmZfxAr5j5iDpNzctKRRn+f105
+qejIvk2diU5AYo5pDNcbEBEixdV0ikWwqHh2PH2D2FvpQDikQU7CPcLHCcuSbviy
+pIyJIuGM1cfnirzFSkCjhgKqIjgTEKkCJzZgNKFqikWnEGf3ptn27z3H0GRZCC+B
+5ahmBJSO17iBuyQ71Qp+3pH2Pq0ffoOpRuTutfQUpsM2Qw1t5AG7j1F/fvw3vzrc
+HxwlWpyuDtcOlSiCezrcIJdx7ejK+G0aoqihe8HuHrD2Wg7vmRFsC/N9/S+7A+sV
++uAaxI1JSt0M+twXDiMuPvcdlh82kiEB56njXsDcJm5UrskYR5ECAwEAAaOCAqIw
+ggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUKdif1++SY7RXkOHiEkduH4q/e/Yw
+fgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYT
+AlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNv
+bW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUw
+gaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKG
+Q2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRn
+ZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDov
+L2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMu
+Y3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBE
+MEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQaWRwLmh1bWJvbGR0LmVk
+dTANBgkqhkiG9w0BAQUFAAOCAQEAOcwPpeqe61hu63uwC9PVYZNOyxzc2f2h0ii/
+SNLOlbbolZfxMKbuxLXcYCpy1IXxlzBx4hieTRYTksHehIHcDK2dM52F1AMumRo3
+EMSh1TTRn9Z6xK9ACypa3Ah42+qdvCXDT3je/DCQK4gkTlXd9KE2hv06IemHD9V+
+Eo7yhlY9Nd2oOVWCLV6+hNqrR56gio6b0SWf97B1LAlkPTW0iLaldmLui1dW6EV0
+8pWQYq0T+m/F/Hzj730ntKD9AYN+VBCYxIPKXNPqBsKkBqNO8622mYNPcS5rbfUj
+MA1WuRhoHwRbAV7L/wak8BuONBWFl1zr3+/hOj3F1/Xpeomhag==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.humboldt.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.humboldt.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Humboldt State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Humboldt State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.humboldt.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Mark Hendricks</GivenName>
+ <EmailAddress>mark.hendricks@humboldt.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Peter Johnson</GivenName>
+ <EmailAddress>peter.johnson@humboldt.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Systems Group</GivenName>
+ <EmailAddress>sysadmin@humboldt.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Monterey Bay -->
+<EntityDescriptor entityID="https://sso.csumb.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csumb.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 667, expires on Mon Oct 10 17:08:32 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICApswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwOTE3MDgzMloXDTExMTAx
+MDE3MDgzMlowGDEWMBQGA1UEAxMNc3NvLmNzdW1iLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALN8+nYi1O6eOdWM45pGEgSG/K94eRIYWJybavJx
+42YE6ekJGSPPmU92L+M5E+ESFUu+oXy0YWfEvOuI5PSoRvfBjeS6jMofcnHRnzvv
++vfoEQdIKjkDiTp/tB/9ggX9V6MWxpP+hXB7wgqv7V+0R4FMs6lcHONqRdNrfdE0
+K6teorVEiWiJq8CJuUHzGq6Jxt1YArVrFn8CcZsPgy0B218Q0xDj5mp9wwQAi6ax
+6FaPPuKUgbPOYv8VzovwLaCZxFo9su0oOSW+GxQnCqeMgkOZCLQTCaNY7wdeNXp+
+2gn7mvC67O4uWf6ZJRIUobzLU7lo18Dm8X6MqPLUiR4SgqUCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUC6KlCB98bz+RaJydZyq3ZqyNXKswfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc3NvLmNzdW1iLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEADINiuOQSVU3QnFlJEDsUNFZQf7LEhoj1S2NDNwALQ8Q6
+rKG/CDg1V5ves3tX8xwsM8FhW+KPJR1wKd6QnxsQvt+BEGxSV1jsOhpQjKa0oDmQ
+9Sn+YdfJn9f3iTn17B6tgZI5ngOY6HkZnhGtYrQ0KJ24hNBMQs7CqTYbA1eDxXaS
+Vlrb/LPwut26OfziQnj+97HTDz4ex2pTkzOuskC7csDQDX4elWGMjYJIDN2dswZI
+NZkp1RZ6ac9X9y7eu9yI5eZGL8Oc9o5btU0A02TwZAheryrarsITh4FLKtVgivk2
+hrxoBGH+jmibPK4kGAdYItS9gF2QBBH+wRoIBWdBkw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sso.csumb.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://sso.csumb.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sso.csumb.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://sso.csumb.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sso.csumb.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sso.csumb.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csumb.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 667, expires on Mon Oct 10 17:08:32 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICApswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwOTE3MDgzMloXDTExMTAx
+MDE3MDgzMlowGDEWMBQGA1UEAxMNc3NvLmNzdW1iLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBALN8+nYi1O6eOdWM45pGEgSG/K94eRIYWJybavJx
+42YE6ekJGSPPmU92L+M5E+ESFUu+oXy0YWfEvOuI5PSoRvfBjeS6jMofcnHRnzvv
++vfoEQdIKjkDiTp/tB/9ggX9V6MWxpP+hXB7wgqv7V+0R4FMs6lcHONqRdNrfdE0
+K6teorVEiWiJq8CJuUHzGq6Jxt1YArVrFn8CcZsPgy0B218Q0xDj5mp9wwQAi6ax
+6FaPPuKUgbPOYv8VzovwLaCZxFo9su0oOSW+GxQnCqeMgkOZCLQTCaNY7wdeNXp+
+2gn7mvC67O4uWf6ZJRIUobzLU7lo18Dm8X6MqPLUiR4SgqUCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUC6KlCB98bz+RaJydZyq3ZqyNXKswfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INc3NvLmNzdW1iLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEADINiuOQSVU3QnFlJEDsUNFZQf7LEhoj1S2NDNwALQ8Q6
+rKG/CDg1V5ves3tX8xwsM8FhW+KPJR1wKd6QnxsQvt+BEGxSV1jsOhpQjKa0oDmQ
+9Sn+YdfJn9f3iTn17B6tgZI5ngOY6HkZnhGtYrQ0KJ24hNBMQs7CqTYbA1eDxXaS
+Vlrb/LPwut26OfziQnj+97HTDz4ex2pTkzOuskC7csDQDX4elWGMjYJIDN2dswZI
+NZkp1RZ6ac9X9y7eu9yI5eZGL8Oc9o5btU0A02TwZAheryrarsITh4FLKtVgivk2
+hrxoBGH+jmibPK4kGAdYItS9gF2QBBH+wRoIBWdBkw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://sso.csumb.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sso.csumb.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Monterey Bay</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Monterey Bay</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://csumb.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Isaac Davis-King</GivenName>
+ <EmailAddress>idavis-king@csumb.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Chico -->
+<EntityDescriptor entityID="https://shibboleth.csuchico.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csuchico.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 524, expires on Mon May 2 16:55:18 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAgwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwMTE2NTUxOFoXDTExMDUw
+MjE2NTUxOFowIjEgMB4GA1UEAxMXc2hpYmJvbGV0aC5jc3VjaGljby5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALLz5MPOM+UZdDp0+eIxLN45E8eebqRp
+/vPAtH+7+qdkD07kPhosMdQWNXK0cs4fvtkBPXzYnNsS3LvBL0SxBQIRPrWY37VL
+GLpldGJukfmRxvAgsfuDDYwp9xKyHk/h+n9ptD/58eSwPDwJu9fJmiNV0iIGA1XQ
+98MI6lVTi6TnAgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFPd4
+Ng7xy2F6Zkap6lhe1vNEKIOiMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF3NoaWJib2xldGguY3N1Y2hpY28uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCc
+MnWydUHTtxIKboj9a6ycZDUrBC2Hx4StyFWpTF7mQoIYhbN3Mk7SWSny/k3eHWLo
+f7zyMYQzYgHklusRDNHKtEOIni2B71LuAxeAAJul7POcF+OcSow0KXNUh4amALg4
+FeViVK/M4ordpbJ31976Fo8q2FQ8FbF9dN6yn0khGpDCzMgAlKAZLAGbykKCeTRd
+/2W23OOd6Jb94N2g63ZlcagoQz4F2d3ER4v6cfCQ4u2FiyNI7iOYEbOS1s0iuVtG
+qYSjsTcTPHY2iP4nn3zNPbNSh3AjS6yteQqt3HeGNuaPOZT+6IXLPb7I93tuS1lf
+rERJHh2BwFv6qmMYJzLn
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.csuchico.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.csuchico.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.csuchico.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.csuchico.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth.csuchico.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.csuchico.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csuchico.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 524, expires on Mon May 2 16:55:18 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGzCCBAOgAwIBAgICAgwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUwMTE2NTUxOFoXDTExMDUw
+MjE2NTUxOFowIjEgMB4GA1UEAxMXc2hpYmJvbGV0aC5jc3VjaGljby5lZHUwgZ8w
+DQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALLz5MPOM+UZdDp0+eIxLN45E8eebqRp
+/vPAtH+7+qdkD07kPhosMdQWNXK0cs4fvtkBPXzYnNsS3LvBL0SxBQIRPrWY37VL
+GLpldGJukfmRxvAgsfuDDYwp9xKyHk/h+n9ptD/58eSwPDwJu9fJmiNV0iIGA1XQ
+98MI6lVTi6TnAgMBAAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFPd4
+Ng7xy2F6Zkap6lhe1vNEKIOiMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rn
+ymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJh
+dGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmC
+AQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21t
+b25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2Vy
+dHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8E
+gYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3Js
+Mi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARX
+MFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9u
+Y2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQb
+MBmCF3NoaWJib2xldGguY3N1Y2hpY28uZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQCc
+MnWydUHTtxIKboj9a6ycZDUrBC2Hx4StyFWpTF7mQoIYhbN3Mk7SWSny/k3eHWLo
+f7zyMYQzYgHklusRDNHKtEOIni2B71LuAxeAAJul7POcF+OcSow0KXNUh4amALg4
+FeViVK/M4ordpbJ31976Fo8q2FQ8FbF9dN6yn0khGpDCzMgAlKAZLAGbykKCeTRd
+/2W23OOd6Jb94N2g63ZlcagoQz4F2d3ER4v6cfCQ4u2FiyNI7iOYEbOS1s0iuVtG
+qYSjsTcTPHY2iP4nn3zNPbNSh3AjS6yteQqt3HeGNuaPOZT+6IXLPb7I93tuS1lf
+rERJHh2BwFv6qmMYJzLn
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.csuchico.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.csuchico.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Chico</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Chico</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csuchico.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>David Fuhs</GivenName>
+ <EmailAddress>dfuhs@csuchico.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Learn.com -->
+<EntityDescriptor entityID="https://shibboleth.learn.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 558, expires on Mon Jun 13 17:53:01 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAi4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxMjE3NTMwMVoXDTExMDYx
+MzE3NTMwMVowGjEYMBYGA1UEAxMPdWF0NjgubGVhcm4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCVby0r1RQgN9TEik5qYFdTz4KutHCd5g5oHloE2Vao
+Ke7SCmMHq0o57qVJJQ9qBHC+BmS1rtJGC9zsmjFZL6OHngNNmrrl+LCN9lYmpEGb
+K5euwAUDFNSlRdWwKywdg2J98FX+n4KGxCdIhRPtk+LRbjUE17XDzmc4FH4eYEaT
+WQIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ8CvL7b+2ltKPR
+14d94rhYgiSs2DB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg91YXQ2
+OC5sZWFybi5jb20wDQYJKoZIhvcNAQEFBQADggEBALhdcfgJI0Sh4CekKdZUyuqE
+mucNrGiUnMO/XoGNZHLmu2YvpOjcKKFVk0qw1uAvuL/PEyEfn5fLXJXVPGXH9QXT
+CpOXxxDqHGaRmJA9Oy1dNjc3hm3QL9Alo0OcaCl3R+z76yseNMlZBW1F8P5tUAbU
+qleB8irYhGHKptALY3wviPiHN9msc0nImxDYoH9+nAOKZDaQVcVT8RSmQO1Sgiz2
+Exj7JLEGtzvn/6M5SgqOSNOOcIRyQIcpPuhT5w61aOBwTdohDOQ9plkqBkbau77h
+sQkuqjHioF5ZXDJzje+8u83lXjk0Ir2dsid5Zv9FBQmN4JlOFMTGKB/c05HMN1w=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.learn.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Learn.com</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Learn.com</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://learn.com/learncenter.asp?id=178409</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ulises Castillo</GivenName>
+ <EmailAddress>ulises.castillo@learn.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://uat68.learn.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 558, expires on Mon Jun 13 17:53:01 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCzCCA/OgAwIBAgICAi4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxMjE3NTMwMVoXDTExMDYx
+MzE3NTMwMVowGjEYMBYGA1UEAxMPdWF0NjgubGVhcm4uY29tMIGfMA0GCSqGSIb3
+DQEBAQUAA4GNADCBiQKBgQCVby0r1RQgN9TEik5qYFdTz4KutHCd5g5oHloE2Vao
+Ke7SCmMHq0o57qVJJQ9qBHC+BmS1rtJGC9zsmjFZL6OHngNNmrrl+LCN9lYmpEGb
+K5euwAUDFNSlRdWwKywdg2J98FX+n4KGxCdIhRPtk+LRbjUE17XDzmc4FH4eYEaT
+WQIDAQABo4ICoTCCAp0wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQ8CvL7b+2ltKPR
+14d94rhYgiSs2DB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgw
+VjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAn
+BgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggr
+BgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+g
+PaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+Y3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysG
+AQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAaBgNVHREEEzARgg91YXQ2
+OC5sZWFybi5jb20wDQYJKoZIhvcNAQEFBQADggEBALhdcfgJI0Sh4CekKdZUyuqE
+mucNrGiUnMO/XoGNZHLmu2YvpOjcKKFVk0qw1uAvuL/PEyEfn5fLXJXVPGXH9QXT
+CpOXxxDqHGaRmJA9Oy1dNjc3hm3QL9Alo0OcaCl3R+z76yseNMlZBW1F8P5tUAbU
+qleB8irYhGHKptALY3wviPiHN9msc0nImxDYoH9+nAOKZDaQVcVT8RSmQO1Sgiz2
+Exj7JLEGtzvn/6M5SgqOSNOOcIRyQIcpPuhT5w61aOBwTdohDOQ9plkqBkbau77h
+sQkuqjHioF5ZXDJzje+8u83lXjk0Ir2dsid5Zv9FBQmN4JlOFMTGKB/c05HMN1w=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://uat68.learn.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Learn.com</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Learn.com</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://learn.com/learncenter.asp?id=178409</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ulises Castillo</GivenName>
+ <EmailAddress>ulises.castillo@learn.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State Polytechnic University, Pomona -->
+<EntityDescriptor entityID="https://shibboleth.csupomona.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csupomona.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 552, expires on Sat Jun 4 17:56:49 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAigwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYwMzE3NTY0OVoXDTExMDYw
+NDE3NTY0OVowIzEhMB8GA1UEAxMYc2hpYmJvbGV0aC5jc3Vwb21vbmEuZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQlvZO3j34/q9dRY/o66xAlT
+l9Kc/q1+MTrpvzpbIUF0l4Pr+1Z+PWtD/0asqmBx7izqvwDtr4hPzI5Wxb2bD440
+6QOpucwgZTalWbJE+GOl55PHRcxm+4SEYmrYIzdPrUj/hZ2nExawT/mTRSLXnNDe
+ZeLQIhXc7GOzv/9TR6TfTjcsOkObwizscbDRDul5VdnF7hOvABvy3alJFxaWf9H3
+YnFMYea3vrNC/vC3Few6V0NJs/mPJSf0BhdHkV5xoUDrMLz33ur+aLzo6R5fUzX/
+S2xKs0lkfJk5lToZHgmSfv2/XEt3mLHKnnMf3EN9rlxxYejPDOtfq0njYPbC9wID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTyLRaJ9dg1yDV58UGl
+A8KALHtHWjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhzaGliYm9s
+ZXRoLmNzdXBvbW9uYS5lZHUwDQYJKoZIhvcNAQEFBQADggEBACDywTXv0OKxXooD
+IjXpSmq8fQRsj9bPe0gDdFaQM4LETxUgABaX+Xi+cwM+lLaEaNXa7LrnwYJF6EYG
+N2+LrK91WnCXU52UPByycx+wAN6tHYrENORCp4I7Q+PDJmWO3ZoZvCc2O13KAgdh
+ENw9omYx9zxjP25Rpt30EOERidBejVoZ09Nag1nPtExnfOWdNWWIj0xaOkY164wt
+xMXmXrhKtgKxleJUwZTPdqTtFcMzLI3Gxz/SWPR/HUIYU9uoa9wP1NKMpj0kQExS
+0jjj7/wsUiEsyUW76KKbT1KyTixYM/DZpaExJRtjzpOEEBgBO95aFyfjc8UC4AYE
+7uWxk9I=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.csupomona.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.csupomona.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.csupomona.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.csupomona.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth.csupomona.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.csupomona.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csupomona.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 552, expires on Sat Jun 4 17:56:49 2011 GMT -->
+ <ds:X509Certificate>
+MIIFoTCCBImgAwIBAgICAigwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYwMzE3NTY0OVoXDTExMDYw
+NDE3NTY0OVowIzEhMB8GA1UEAxMYc2hpYmJvbGV0aC5jc3Vwb21vbmEuZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQlvZO3j34/q9dRY/o66xAlT
+l9Kc/q1+MTrpvzpbIUF0l4Pr+1Z+PWtD/0asqmBx7izqvwDtr4hPzI5Wxb2bD440
+6QOpucwgZTalWbJE+GOl55PHRcxm+4SEYmrYIzdPrUj/hZ2nExawT/mTRSLXnNDe
+ZeLQIhXc7GOzv/9TR6TfTjcsOkObwizscbDRDul5VdnF7hOvABvy3alJFxaWf9H3
+YnFMYea3vrNC/vC3Few6V0NJs/mPJSf0BhdHkV5xoUDrMLz33ur+aLzo6R5fUzX/
+S2xKs0lkfJk5lToZHgmSfv2/XEt3mLHKnnMf3EN9rlxxYejPDOtfq0njYPbC9wID
+AQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0l
+BBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTyLRaJ9dg1yDV58UGl
+A8KALHtHWjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjEL
+MAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNV
+BAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEF
+BQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggr
+BgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7
+hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3Js
+L2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQB
+riMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREEHDAaghhzaGliYm9s
+ZXRoLmNzdXBvbW9uYS5lZHUwDQYJKoZIhvcNAQEFBQADggEBACDywTXv0OKxXooD
+IjXpSmq8fQRsj9bPe0gDdFaQM4LETxUgABaX+Xi+cwM+lLaEaNXa7LrnwYJF6EYG
+N2+LrK91WnCXU52UPByycx+wAN6tHYrENORCp4I7Q+PDJmWO3ZoZvCc2O13KAgdh
+ENw9omYx9zxjP25Rpt30EOERidBejVoZ09Nag1nPtExnfOWdNWWIj0xaOkY164wt
+xMXmXrhKtgKxleJUwZTPdqTtFcMzLI3Gxz/SWPR/HUIYU9uoa9wP1NKMpj0kQExS
+0jjj7/wsUiEsyUW76KKbT1KyTixYM/DZpaExJRtjzpOEEBgBO95aFyfjc8UC4AYE
+7uWxk9I=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.csupomona.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.csupomona.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State Polytechnic University, Pomona</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State Polytechnic University, Pomona</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csupomona.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul Henson</GivenName>
+ <EmailAddress>henson@csupomona.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Dominguez Hills -->
+<EntityDescriptor entityID="https://idp.csudh.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csudh.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 621, expires on Thu Aug 11 17:53:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAm0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxMDE3NTMxNFoXDTExMDgx
+MTE3NTMxNFowGDEWMBQGA1UEAxMNaWRwLmNzdWRoLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKfAyfjcPsk/7da74lfelxUZZ8sHUsakoVd+94TL
+T53OzSsZrCz0GgH1ECzYbYrojfv6L3dZmBCwJzssmK0sziUTyoxPT1/IwpG1Nfmn
+V7UKCZcDVB3FCUkjdjhp9gnmfRHHF3GOp2PbLM23gAqKJasKyAPBrvIE0YEr1vnN
+8KPI36lPmDkZ+poY70RGLt4oT72Ezzt7muvUQrTc/KEG4BbhUCzcJegVIQvMLMu8
+PgHwB2Qc2riUSDUkL3ZXzGunHEsdvGGLmBF1DyVa2T8lDAfW6rhFqewSo7IzWQtN
+QbqsJ4jX8f7DSYGHbphcVLgd/5NrDr7KeMgBIUMwnrgROBsCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUwqZaeiLSv2CSUIBYNHS6xPRSkIUwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INaWRwLmNzdWRoLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEAIJVMQA/nHK/g2Cl2Q18Es9TZYwOX9uT7IvoTwIFl/Yq0
+untwsTmtPA2R6nEm5vl57Un0Fx3ngOg5UcKeMc9mV/uRrm2E9ODRZzynYEn4H54p
+2O3C2zN0oVniMjcvVh390EykGYIFNazPvKpl2SYSFALALW5meas8K3vFus71oqu+
+r3cf52wnQAsbE5cXL4Mf9wDvAFOlK+pgkstgJvpibk/JfUesgSCvmZwGyrQGK1lR
+0wPmWZthqEjNQhZ6UVb1sSFijfYNnsrPZS+xujaKqzJrSXLR09VtAUYPuP20PY/N
+YzlLClhgY9axf7qCtv/2rUKxME2tnK8GLNnGXGkvTg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.csudh.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.csudh.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csudh.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 621, expires on Thu Aug 11 17:53:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFizCCBHOgAwIBAgICAm0wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxMDE3NTMxNFoXDTExMDgx
+MTE3NTMxNFowGDEWMBQGA1UEAxMNaWRwLmNzdWRoLmVkdTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAKfAyfjcPsk/7da74lfelxUZZ8sHUsakoVd+94TL
+T53OzSsZrCz0GgH1ECzYbYrojfv6L3dZmBCwJzssmK0sziUTyoxPT1/IwpG1Nfmn
+V7UKCZcDVB3FCUkjdjhp9gnmfRHHF3GOp2PbLM23gAqKJasKyAPBrvIE0YEr1vnN
+8KPI36lPmDkZ+poY70RGLt4oT72Ezzt7muvUQrTc/KEG4BbhUCzcJegVIQvMLMu8
+PgHwB2Qc2riUSDUkL3ZXzGunHEsdvGGLmBF1DyVa2T8lDAfW6rhFqewSo7IzWQtN
+QbqsJ4jX8f7DSYGHbphcVLgd/5NrDr7KeMgBIUMwnrgROBsCAwEAAaOCAp8wggKb
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUwqZaeiLSv2CSUIBYNHS6xPRSkIUwfgYD
+VR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJbkNvbW1v
+biBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEEgaUwgaIw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUHMAKGQ2h0
+dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9j
+ZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0cDovL2lu
+Y29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3Js
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQBATBEMEIG
+CCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INaWRwLmNzdWRoLmVkdTANBgkq
+hkiG9w0BAQUFAAOCAQEAIJVMQA/nHK/g2Cl2Q18Es9TZYwOX9uT7IvoTwIFl/Yq0
+untwsTmtPA2R6nEm5vl57Un0Fx3ngOg5UcKeMc9mV/uRrm2E9ODRZzynYEn4H54p
+2O3C2zN0oVniMjcvVh390EykGYIFNazPvKpl2SYSFALALW5meas8K3vFus71oqu+
+r3cf52wnQAsbE5cXL4Mf9wDvAFOlK+pgkstgJvpibk/JfUesgSCvmZwGyrQGK1lR
+0wPmWZthqEjNQhZ6UVb1sSFijfYNnsrPZS+xujaKqzJrSXLR09VtAUYPuP20PY/N
+YzlLClhgY9axf7qCtv/2rUKxME2tnK8GLNnGXGkvTg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.csudh.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Dominguez Hills</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Dominguez Hills</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csudh.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Edgar Lazarian</GivenName>
+ <EmailAddress>elazarian@csudh.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Oklahoma State University Main Campus -->
+<EntityDescriptor entityID="https://stwidp01.okstate.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ad.okstate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 587, expires on Mon Jul 11 17:57:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAkswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxMDE3NTcwMFoXDTExMDcx
+MTE3NTcwMFowHzEdMBsGA1UEAxMUc3R3aWRwMDEub2tzdGF0ZS5lZHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIZbrvOWlubb9sEvg7e2LiyuFi9rbl
+Io6YM8n5Hmuj3ImqBGbaucz26f19pp7ANrBWqPGcjBYViXLZBUP82Y6bNj0yq/XF
+pjjy6V4p22elV3NNxOAhbY9MC73jHusE/RJLa32Z2I/E+I/ZIhmfpWoWcS4KNW+c
+weqilP73djA3t/hGYgkx1w8wWRfN6bQfqLCTiiZBn8vefHJKvyHXqMNR8B55MVW5
+xu7bEUa2c5k5drM8nZuKIt6H8smzB3yHhbN1WjooDcsFpmUfWXYk9aii9VZH3csW
+/YexWLpVG9NV8Yz/2v7mpnI49SPA9Nlzj4W+mh4CkWT6JNxw+C7YT5l1AgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBSqr4cd81yLq52r4mBjdi5t
+m3aVMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFHN0d2lkcDAxLm9r
+c3RhdGUuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQB3jtWQKuB15Bj7yzkCosJ4Bbxc
+LL3gcrl61MjbOlN1oqd+HccaUTX2i1s8s/DJX3e70nT8Wr6JOmqCj8/uDZdXPzcO
+WfStHm1odQHDf8kC9N4AOjSvMka/qzPA7NmizoKqSSXHWxy85SeVwDZ9dzhSHcZc
+anp3oATy+bhhRXI4nifuuk36SqTqdtA2X2/9W8nuNncPEhJ1025+vdKH/Bn+PV9y
+66H/8w4Nk7Myl/q03HiYbJdDEC1mSJ1HhtTLbQPJMpEtExGaxZn2Rj5VOcjFrp2E
+pT/nz3WdsqkQTwYec0PikheoA++KPj1DlJyHfgWvkH/S5E3ecq562QfPDTRv
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://stwidp01.okstate.edu:443/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ad.okstate.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 587, expires on Mon Jul 11 17:57:00 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAkswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxMDE3NTcwMFoXDTExMDcx
+MTE3NTcwMFowHzEdMBsGA1UEAxMUc3R3aWRwMDEub2tzdGF0ZS5lZHUwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCIZbrvOWlubb9sEvg7e2LiyuFi9rbl
+Io6YM8n5Hmuj3ImqBGbaucz26f19pp7ANrBWqPGcjBYViXLZBUP82Y6bNj0yq/XF
+pjjy6V4p22elV3NNxOAhbY9MC73jHusE/RJLa32Z2I/E+I/ZIhmfpWoWcS4KNW+c
+weqilP73djA3t/hGYgkx1w8wWRfN6bQfqLCTiiZBn8vefHJKvyHXqMNR8B55MVW5
+xu7bEUa2c5k5drM8nZuKIt6H8smzB3yHhbN1WjooDcsFpmUfWXYk9aii9VZH3csW
+/YexWLpVG9NV8Yz/2v7mpnI49SPA9Nlzj4W+mh4CkWT6JNxw+C7YT5l1AgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFBSqr4cd81yLq52r4mBjdi5t
+m3aVMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFHN0d2lkcDAxLm9r
+c3RhdGUuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQB3jtWQKuB15Bj7yzkCosJ4Bbxc
+LL3gcrl61MjbOlN1oqd+HccaUTX2i1s8s/DJX3e70nT8Wr6JOmqCj8/uDZdXPzcO
+WfStHm1odQHDf8kC9N4AOjSvMka/qzPA7NmizoKqSSXHWxy85SeVwDZ9dzhSHcZc
+anp3oATy+bhhRXI4nifuuk36SqTqdtA2X2/9W8nuNncPEhJ1025+vdKH/Bn+PV9y
+66H/8w4Nk7Myl/q03HiYbJdDEC1mSJ1HhtTLbQPJMpEtExGaxZn2Rj5VOcjFrp2E
+pT/nz3WdsqkQTwYec0PikheoA++KPj1DlJyHfgWvkH/S5E3ecq562QfPDTRv
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://stwidp01.okstate.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Oklahoma State University Main Campus</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Oklahoma State University Main Campus</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://osu.okstate.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>BJ Hoffman</GivenName>
+ <EmailAddress>bj.hoffman@okstate.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Rockingham County Schools -->
+<EntityDescriptor entityID="urn:mace:incommon:rock.k12.nc.us">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">rock.k12.nc.us</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 519, expires on Sun May 1 17:47:56 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlzCCBH+gAwIBAgICAgcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQzMDE3NDc1NloXDTExMDUw
+MTE3NDc1NlowHjEcMBoGA1UEAxMTc2hpYi5yb2NrLmsxMi5uYy51czCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJQWXc1ZGPqo178kEkPjlgOn0xYL7ZgG
+VsPSiLOSLy9La4zsDGS4xmFs1KUXIq2/RFulywuQNmVvxblXyB2Du9BDnM8/u6Vu
+IfCUx24XZt56gtTlnkb90aSi9DfjBwVSFftxfOcT6VlalU86XjwPfB0SmiZIyz7X
+Jh1mKwNfo+o1FyKXTrOASrssEAkxetjR6Lzcle0Pg6tsd0Zl0TUjQqG14L42tY15
+wgyElbY+dlA7I2QvFjjSm0Pkce6lpRRmKogie+5tPq4+xwg2sSFguas0Un2PE9Qy
+JzVEvG0edPiYVe+nCM4L5KvStbr5WaF5ADHaNbeBtqLUyQvB450kb3cCAwEAAaOC
+AqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUruM5s76Piz3hAqGOEkjj+R5z
+JIowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEE
+gaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUH
+MAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYITc2hpYi5yb2NrLmsx
+Mi5uYy51czANBgkqhkiG9w0BAQUFAAOCAQEAir8tmZbDFXlbj3JcpCEB8DZ5WWBE
+T3OoJsYj17YDeedxr59411sBFFbgFDavelruim14RLb49OtUtv+FiuMLwO5pIEZq
+LvMhQYdNQCP8g/8YtGcOfsIHOUaNsM/tHU1dGe/lRK4XzmcMJt4/6oO+1BsKb8zs
+rcN6doZxG6EelZNbov9ZngKGCbvdW/ZwFf6Kjt0xA6B3Q5+wqQpXyVczK3gi+lCa
+gg2gXxXrSgrQA8H1tQAgLAIgyTOFf6dnAoub1BTbXiJv+IneI40hHtVtFb9eTQEg
+ZqxDMqqSp5YTIIBY9YPs36Y+gpRUZ2HPlRRg9B9ha95ly7BRnMhdIng0TQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.rock.k12.nc.us:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.rock.k12.nc.us:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.rock.k12.nc.us/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib.rock.k12.nc.us/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib.rock.k12.nc.us/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib.rock.k12.nc.us/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">rock.k12.nc.us</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 519, expires on Sun May 1 17:47:56 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlzCCBH+gAwIBAgICAgcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDQzMDE3NDc1NloXDTExMDUw
+MTE3NDc1NlowHjEcMBoGA1UEAxMTc2hpYi5yb2NrLmsxMi5uYy51czCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAJQWXc1ZGPqo178kEkPjlgOn0xYL7ZgG
+VsPSiLOSLy9La4zsDGS4xmFs1KUXIq2/RFulywuQNmVvxblXyB2Du9BDnM8/u6Vu
+IfCUx24XZt56gtTlnkb90aSi9DfjBwVSFftxfOcT6VlalU86XjwPfB0SmiZIyz7X
+Jh1mKwNfo+o1FyKXTrOASrssEAkxetjR6Lzcle0Pg6tsd0Zl0TUjQqG14L42tY15
+wgyElbY+dlA7I2QvFjjSm0Pkce6lpRRmKogie+5tPq4+xwg2sSFguas0Un2PE9Qy
+JzVEvG0edPiYVe+nCM4L5KvStbr5WaF5ADHaNbeBtqLUyQvB450kb3cCAwEAAaOC
+AqUwggKhMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUruM5s76Piz3hAqGOEkjj+R5z
+JIowfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJBgNV
+BAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQDEyBJ
+bkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUHAQEE
+gaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYBBQUH
+MAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Jy
+aWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5aHR0
+cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNy
+bHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4jAQQB
+ATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwHgYDVR0RBBcwFYITc2hpYi5yb2NrLmsx
+Mi5uYy51czANBgkqhkiG9w0BAQUFAAOCAQEAir8tmZbDFXlbj3JcpCEB8DZ5WWBE
+T3OoJsYj17YDeedxr59411sBFFbgFDavelruim14RLb49OtUtv+FiuMLwO5pIEZq
+LvMhQYdNQCP8g/8YtGcOfsIHOUaNsM/tHU1dGe/lRK4XzmcMJt4/6oO+1BsKb8zs
+rcN6doZxG6EelZNbov9ZngKGCbvdW/ZwFf6Kjt0xA6B3Q5+wqQpXyVczK3gi+lCa
+gg2gXxXrSgrQA8H1tQAgLAIgyTOFf6dnAoub1BTbXiJv+IneI40hHtVtFb9eTQEg
+ZqxDMqqSp5YTIIBY9YPs36Y+gpRUZ2HPlRRg9B9ha95ly7BRnMhdIng0TQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.rock.k12.nc.us:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.rock.k12.nc.us:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Rockingham County Schools</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Rockingham County Schools</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.rock.k12.nc.us/rockingham/site/default.asp</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Lee Cummings</GivenName>
+ <EmailAddress>lcummings@rock.k12.nc.us</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Lee Cummings</GivenName>
+ <EmailAddress>lca@rock.k12.nc.us</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- The H.W. Wilson Company -->
+<EntityDescriptor entityID="https://vnweb.hwwilsonweb.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 538, expires on Mon May 16 18:40:37 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAhowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxNTE4NDAzN1oXDTExMDUx
+NjE4NDAzN1owIDEeMBwGA1UEAxMVdm53ZWIuaHd3aWxzb253ZWIuY29tMIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQClu959QKuledB0HNdQp7VjaTyw9Cqnpekr
+iC4OX58uKKr5S6VFRs3dPf4fPmIVG/RPpFO/6K2ZxgkgKK9l7IusckcitLTu70B+
+PtWXsN5LFTrxy/4bBD1Iy0xhwAHNkeN9FLg9aEUyxSpAbMe+Tg5fLsmJq951TYAI
+FuLOM8XPCQIDAQABo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBS3id4d
+0PUdL0ZubS3EWvESoIfIXjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAX
+ghV2bndlYi5od3dpbHNvbndlYi5jb20wDQYJKoZIhvcNAQEFBQADggEBAIH/2irb
+V8TNf79pUSdLIslsYVr1Q8zJVv4cZdjJkOmhyZiCTrJ4w62GrASFM3J1NeBRBhkZ
+NosliT4+fws73UtbSFs0qUKuP6LSTjDQh79MqNi6SjAdLYVeNKRkXESXP6KlWlfL
+lKpuhXddBhg0A8WggeWSGcOqlGCb2bwKmcOy8T+TJpZqFrNfIKJCTvZ0YVx4Fkgo
+BT7a3MrumRKXPsamNR10DHN/vBGIvSGd+NUk876LCWn3LFAKqPA7uvQvdoxlgjAN
+G102rh3jwdJ4KCjdMecume7d+T9pj6be08UBIUJN5IP/kf7imczRVbED3YxPiKmX
+IptoJtpA0aVqbeo=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vnweb.hwwilsonweb.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://vnweb.hwwilsonweb.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The H.W. Wilson Company</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The H.W. Wilson Company</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hwwilson.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ronald Miller </GivenName>
+ <EmailAddress>rmiller@hwwilson.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Yagnesh Shah</GivenName>
+ <EmailAddress>yshah@hwwilson.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kathy Brush</GivenName>
+ <EmailAddress>techmail@hwwilson.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://webdev.hwwilsonweb.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 539, expires on Mon May 16 18:40:39 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAhswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUxNTE4NDAzOVoXDTExMDUx
+NjE4NDAzOVowITEfMB0GA1UEAxMWd2ViZGV2Lmh3d2lsc29ud2ViLmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApbvefUCrpXnQdBzXUKe1Y2k8sPQqp6Xp
+K4guDl+fLiiq+UulRUbN3T3+Hz5iFRv0T6RTv+itmcYJICivZeyLrHJHIrS07u9A
+fj7Vl7DeSxU68cv+GwQ9SMtMYcABzZHjfRS4PWhFMsUqQGzHvk4OXy7JiavedU2A
+CBbizjPFzwkCAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUt4ne
+HdD1HS9Gbm0txFrxEqCHyF4wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWd2ViZGV2Lmh3d2lsc29ud2ViLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEATEKP
+3jwsrTOurEUmpHFTGuIYTAWWNAUCSsh2qLPXIndV7+cDkYWjt9qVXFFAt0SoI4Fr
+6pi0SkMN5yrNWc2xeNd3VgrYvxO8wNq94pjagxdCBUh18ER2zLe48z6Bb++JUMgf
+HtuHGNj0vLmpU/loR/Lu1+am5lw29DY6pXVlFHfvCS9+tAwWvAOMFgJebMqKoWfd
+D610A2rw5d5gbDB+6x72SClndzd93N+RSB4GnazvnRBnwiqnwU4zxBmfNfPHUYhD
+adsZUxma2BYPiAyu+HOVDOoxKe4iymcIO08/ySmWi++L+72fmV/+qjMun1FDBM3R
+Kg8ye9ub0EyxM5L9+Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://webdev.hwwilsonweb.com/Shibboleth.sso/SAML/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://webdev.hwwilsonweb.com/Shibboleth.sso/SAML/Artifact" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">The H.W. Wilson Company</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The H.W. Wilson Company</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hwwilson.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ronald Miller </GivenName>
+ <EmailAddress>rmiller@hwwilson.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Yagnesh Shah</GivenName>
+ <EmailAddress>yshah@hwwilson.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kathy Brush</GivenName>
+ <EmailAddress>techmail@hwwilson.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Blatant Media Corporation -->
+<EntityDescriptor entityID="https://nyu.absorbtraining.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 602, expires on Fri Jul 22 17:59:04 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAlowDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcyMTE3NTkwNFoXDTExMDcy
+MjE3NTkwNFowITEfMB0GA1UEAxMWbnl1LmFic29yYnRyYWluaW5nLmNvbTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOVGselQhPtNrtcF8gUxsqO+pLti
+ya7qlKbOuhsZndp3s4E/z9lijqLOJ8svoFqo1OqkquH5y2ghMA3p23tqahfpGWdY
+9CTo4156PGTLR1VZM9Lp/gB/9i9GQYCZbXAHB4dj2swHscexlnv0S8u2P1MK66rO
+4KCCOBKARsawk16Dmvd4ibOq4MXgpzjDwnWOwSLF9PPoU6Fwe+9WKAf/HPZcEdIa
+qh+yzPytmvwtEJT0VS7s4o6j3ejWrz+sL83VDWIM8FnLFY548625Mn7XYQC7UM3+
+3txc9ojsh6rWrgAo9huZ+XI8up1gnrkrMaj7O3m8USlottd1uu+yuotYZm8CAwEA
+AaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU+frnI1pA6lSOeRE5weOH
+5gd5vMwwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBowGIIWbnl1LmFic29y
+YnRyYWluaW5nLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAKSCQ8XkkF0ERSzxBEo+U
+32kQw/+XwMh1WRSfDEQqEOaEfgT1yunNYoChpdLe9lx1H3bJ/Q16mhWdOYez2XKw
+oBgmyK5bIrYpFsu7yRYGWH5BVND3yru1a0STRxz8zK1KzEKwq2kpsvzxqENCwIL3
+nXm0DA3FJwlBLQbuI/N7pgNq6T3VpQ7XpMc0qun8fEd1zwFL/OyCxEPHbZZSDdj2
+JaXnqSC9DKjWPwhbxGsrE4NZpgYxZ5Bf50uoB0jBIcZdena2xJO3Aa+gYIDrm7NI
+fykpJWSZaZ2e4zBU2hmdeCLlZwGXaR6ZLJ6HPxRxnKcmGQ+NGkwQp7tecis3GGg0
+RQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nyu.absorbtraining.com/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://nyu.absorbtraining.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Blatant Media Corporation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Blatant Media Corporation</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.blatant.ca/default.asp</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Lowell Kuan</GivenName>
+ <EmailAddress>lowell.kuan@blatant.ca</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Pennsylvania -->
+<EntityDescriptor entityID="https://weblogin.pennkey.upenn.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">upenn.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 641, expires on Fri Sep 2 14:50:37 2011 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAoEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkwMTE0NTAzN1oXDTExMDkw
+MjE0NTAzN1owJTEjMCEGA1UEAxMad2VibG9naW4ucGVubmtleS51cGVubi5lZHUw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALP9NGpryb+AO7WI073PRyFf/Ubj
+/6BdnQ4eyGWCQXdIBm3o6n2ebXl5a4ILivng66NIXB5PRYcrRPzjWnwIhySKc9ha
+nI9KISm8gDBZmsWH0co+E7XSmx8Qk29K4z8CmS5/9QjFsWqzd/j6vKKwIrzpgQ3D
+mtclQuC9xSaoJtEbAgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FAHrEeQAS2Sbb1oJGYXx6hiHHasSMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCUGA1Ud
+EQQeMByCGndlYmxvZ2luLnBlbm5rZXkudXBlbm4uZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQAim2fbrN+fASgiKbyS4CQFig8QlDq3/mgNYNXGMPFeXSz5UArbp1IhkoKN
+AqWd5dvw421Y9SI1qYfj4tw/dTAnEWu4U/TdFxSXUz0O++Fxybpgr5fm9Oyr6oqK
+SPpFy2FbXIDs2sPrLBReSN+2YP6rd5l7q4R5aiE9ssrxSPwNlH4R7BJ1c7lxKjKM
+TpUm/dcj6YHTIdgr6UFbZSWXIZncKZtb1y2QFAY+j2It2PX69zmVB7BMsK7AuFUw
+glyXhqM+eD6g7/Ir5lXcFdmhYM3vkadOFUjANmGUNbFZwp+s3xsgnAiQ75IbFVDF
+othoG4ur7QyTlqI1EgkVbZVBaSaZ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://weblogin.pennkey.upenn.edu/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://weblogin.pennkey.upenn.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">upenn.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 641, expires on Fri Sep 2 14:50:37 2011 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAoEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkwMTE0NTAzN1oXDTExMDkw
+MjE0NTAzN1owJTEjMCEGA1UEAxMad2VibG9naW4ucGVubmtleS51cGVubi5lZHUw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALP9NGpryb+AO7WI073PRyFf/Ubj
+/6BdnQ4eyGWCQXdIBm3o6n2ebXl5a4ILivng66NIXB5PRYcrRPzjWnwIhySKc9ha
+nI9KISm8gDBZmsWH0co+E7XSmx8Qk29K4z8CmS5/9QjFsWqzd/j6vKKwIrzpgQ3D
+mtclQuC9xSaoJtEbAgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FAHrEeQAS2Sbb1oJGYXx6hiHHasSMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCUGA1Ud
+EQQeMByCGndlYmxvZ2luLnBlbm5rZXkudXBlbm4uZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQAim2fbrN+fASgiKbyS4CQFig8QlDq3/mgNYNXGMPFeXSz5UArbp1IhkoKN
+AqWd5dvw421Y9SI1qYfj4tw/dTAnEWu4U/TdFxSXUz0O++Fxybpgr5fm9Oyr6oqK
+SPpFy2FbXIDs2sPrLBReSN+2YP6rd5l7q4R5aiE9ssrxSPwNlH4R7BJ1c7lxKjKM
+TpUm/dcj6YHTIdgr6UFbZSWXIZncKZtb1y2QFAY+j2It2PX69zmVB7BMsK7AuFUw
+glyXhqM+eD6g7/Ir5lXcFdmhYM3vkadOFUjANmGUNbFZwp+s3xsgnAiQ75IbFVDF
+othoG4ur7QyTlqI1EgkVbZVBaSaZ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://weblogin.pennkey.upenn.edu/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://weblogin.pennkey.upenn.edu/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Pennsylvania</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Pennsylvania</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.upenn.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>UPenn WebLogin Support</GivenName>
+ <EmailAddress>weblogin-help@isc.upenn.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>UPenn WebLogin Support</GivenName>
+ <EmailAddress>weblogin-help@isc.upenn.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>UPenn WebLogin Support</GivenName>
+ <EmailAddress>weblogin-help@isc.upenn.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Fullerton -->
+<EntityDescriptor entityID="https://shibboleth.fullerton.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">fullerton.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 547, expires on Mon May 30 18:29:23 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAiMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyOTE4MjkyM1oXDTExMDUz
+MDE4MjkyM1owIzEhMB8GA1UEAxMYc2hpYmJvbGV0aC5mdWxsZXJ0b24uZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9KRT9dYGUHDgmp2h1Sawi3tSZVtYy
+aud/18ePQAfiVrq4ldGhUCz1eG6hDFGQHf5saHRsQMBrM59ghNn1D34QIOgkjLcT
+pHmVaTfRLa4HkG6NTDfiF0GAIuoYWdTraXUX9L0cUYQSBxlqO8i1IdrOVG+LSv/6
++AqSEa7u6+kLgwIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQJ
+03m0157zbkqXYHYOlCezQM5TezB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhzaGliYm9sZXRoLmZ1bGxlcnRvbi5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AGOJaWQApOSDQ0ShpKLwRBO0xP3Ib0jRIBaJTizkz/hoqVaEXT6y2T7zkOEV8eTY
+03/j8ZPe2LiQPvoxy7jUu5j9bzuW1nxkLo2kvUmcIzesFeSvETTTq+Mwg+FIbRFf
+m49aR/3xX6qqmDMBqnJHX3XW7KjPR03C+4Q5mqPkxUPL0kydfH7fnQd8tT3ibSs7
+2OUmRcImynx9DkWx9UXxySSBxUAvgVexahfixhpR0/BSMto/ZQAeUO9fzIOqJekB
+1hC7XMCLLFaG1FUq/1689iZopiegVVWQcWI7u6jDepl9LIdeYl68zxW04cSI4nvr
+lxm5OkGfxyyCrC3a5/HXcpI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.fullerton.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.fullerton.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.fullerton.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.fullerton.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth.fullerton.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.fullerton.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">fullerton.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 547, expires on Mon May 30 18:29:23 2011 GMT -->
+ <ds:X509Certificate>
+MIIFHTCCBAWgAwIBAgICAiMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDUyOTE4MjkyM1oXDTExMDUz
+MDE4MjkyM1owIzEhMB8GA1UEAxMYc2hpYmJvbGV0aC5mdWxsZXJ0b24uZWR1MIGf
+MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9KRT9dYGUHDgmp2h1Sawi3tSZVtYy
+aud/18ePQAfiVrq4ldGhUCz1eG6hDFGQHf5saHRsQMBrM59ghNn1D34QIOgkjLcT
+pHmVaTfRLa4HkG6NTDfiF0GAIuoYWdTraXUX9L0cUYQSBxlqO8i1IdrOVG+LSv/6
++AqSEa7u6+kLgwIDAQABo4ICqjCCAqYwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB
+/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQJ
+03m0157zbkqXYHYOlCezQM5TezB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO6
+58pjRaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVy
+YXRpb24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5
+ggEAMIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29t
+bW9uY2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNl
+cnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0f
+BIGFMIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNy
+bDIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAE
+VzBVMFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1v
+bmNhLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAjBgNVHREE
+HDAaghhzaGliYm9sZXRoLmZ1bGxlcnRvbi5lZHUwDQYJKoZIhvcNAQEFBQADggEB
+AGOJaWQApOSDQ0ShpKLwRBO0xP3Ib0jRIBaJTizkz/hoqVaEXT6y2T7zkOEV8eTY
+03/j8ZPe2LiQPvoxy7jUu5j9bzuW1nxkLo2kvUmcIzesFeSvETTTq+Mwg+FIbRFf
+m49aR/3xX6qqmDMBqnJHX3XW7KjPR03C+4Q5mqPkxUPL0kydfH7fnQd8tT3ibSs7
+2OUmRcImynx9DkWx9UXxySSBxUAvgVexahfixhpR0/BSMto/ZQAeUO9fzIOqJekB
+1hC7XMCLLFaG1FUq/1689iZopiegVVWQcWI7u6jDepl9LIdeYl68zxW04cSI4nvr
+lxm5OkGfxyyCrC3a5/HXcpI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.fullerton.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.fullerton.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Fullerton</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Fullerton</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.fullerton.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>James O'Dell</GivenName>
+ <EmailAddress>jodell@fullerton.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Sacramento -->
+<EntityDescriptor entityID="https://idp.csus.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://idp.csus.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csus.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 671, expires on Fri Oct 14 17:59:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFiTCCBHGgAwIBAgICAp8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAxMzE3NTkwOFoXDTExMTAx
+NDE3NTkwOFowFzEVMBMGA1UEAxMMaWRwLmNzdXMuZWR1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAsK3s8yjwINisx1tBv8/BaXvdawmKEnpOzAkz5G8H
+cca8nP1Rlp+tSXFTcnm8fdMj10TO1XLNbF6xOYtFXZ2pZykRz6tBeM4cxNUPLafP
+YQTCkKRZ7OXXqhacnZ7X2nUl+6JZYZpNAAjAl5pX0jznXCltQzHUx0DCE4z0CTny
+mVQ+6Q9Ou2w4giJEVEtgFvtUZFccxBM7ifV376GeRQKz83OMwWcvQZNvbHthbxc/
+1+Xhv4XgJhYMqXHYNG5Fkg4rX/dAsQHff4Ncdh+cCjGSzCQvxvKZNENFIwPPV2Cw
+1LXJEGy5R8dnG5KTZ9pmoF6whN7+70GUBxUJ3ENsiBqvvQIDAQABo4ICnjCCApow
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQA+XJi1NGtvakAmNAlHsMDqC2G7jB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0
+cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYI
+KwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggxpZHAuY3N1cy5lZHUwDQYJKoZI
+hvcNAQEFBQADggEBAFglriksNFsyek2Q8Cmtkr98MAVA7Hw9IcNkoZ8d886nPcud
+ATOziI1uHF/eavbd0n7voFgk3zOTnNTPpGKdiFvhqCx4PvsRm4UFuKcrU1Pl1OoY
+KivxKK2xGYlmJDEqbLu+k8Puta1AGfMNJq54xdv8bTKJMkxlR8ATJA7DlJd2YYy1
+0KLNf6rTBgNvL4EndNGD7sUHXyGsNea7ERSdYhP1VbC703V6dn6Qinhm2qwthgm3
+ehMZ8k1NjYWDUUWO3GzrWr0L7ay9XgMSr6/5A3L2IVBaaPbhC2/XAVAl+YLpqaDw
+ZGqHp4D/LP3T5x1Tr5iE1zNrNAVeaetMeqA2PGI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.csus.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.csus.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.csus.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.csus.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.csus.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.csus.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csus.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 671, expires on Fri Oct 14 17:59:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFiTCCBHGgAwIBAgICAp8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAxMzE3NTkwOFoXDTExMTAx
+NDE3NTkwOFowFzEVMBMGA1UEAxMMaWRwLmNzdXMuZWR1MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAsK3s8yjwINisx1tBv8/BaXvdawmKEnpOzAkz5G8H
+cca8nP1Rlp+tSXFTcnm8fdMj10TO1XLNbF6xOYtFXZ2pZykRz6tBeM4cxNUPLafP
+YQTCkKRZ7OXXqhacnZ7X2nUl+6JZYZpNAAjAl5pX0jznXCltQzHUx0DCE4z0CTny
+mVQ+6Q9Ou2w4giJEVEtgFvtUZFccxBM7ifV376GeRQKz83OMwWcvQZNvbHthbxc/
+1+Xhv4XgJhYMqXHYNG5Fkg4rX/dAsQHff4Ncdh+cCjGSzCQvxvKZNENFIwPPV2Cw
+1LXJEGy5R8dnG5KTZ9pmoF6whN7+70GUBxUJ3ENsiBqvvQIDAQABo4ICnjCCApow
+DgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUH
+AwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQA+XJi1NGtvakAmNAlHsMDqC2G7jB+BgNV
+HSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSBpTCBojBP
+BggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcwAoZDaHR0
+cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2Nl
+cnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRwOi8vaW5j
+b21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmww
+P6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEBMEQwQgYI
+KwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvcHJhY3RpY2VzLnBkZjAXBgNVHREEEDAOggxpZHAuY3N1cy5lZHUwDQYJKoZI
+hvcNAQEFBQADggEBAFglriksNFsyek2Q8Cmtkr98MAVA7Hw9IcNkoZ8d886nPcud
+ATOziI1uHF/eavbd0n7voFgk3zOTnNTPpGKdiFvhqCx4PvsRm4UFuKcrU1Pl1OoY
+KivxKK2xGYlmJDEqbLu+k8Puta1AGfMNJq54xdv8bTKJMkxlR8ATJA7DlJd2YYy1
+0KLNf6rTBgNvL4EndNGD7sUHXyGsNea7ERSdYhP1VbC703V6dn6Qinhm2qwthgm3
+ehMZ8k1NjYWDUUWO3GzrWr0L7ay9XgMSr6/5A3L2IVBaaPbhC2/XAVAl+YLpqaDw
+ZGqHp4D/LP3T5x1Tr5iE1zNrNAVeaetMeqA2PGI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.csus.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.csus.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Sacramento</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Sacramento</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csus.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brennan Pike</GivenName>
+ <EmailAddress>idm@csus.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Wake Tech Community College -->
+<EntityDescriptor entityID="https://incommon.waketech.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">waketech.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 588, expires on Thu Jul 14 18:07:43 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAkwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxMzE4MDc0M1oXDTExMDcx
+NDE4MDc0M1owIDEeMBwGA1UEAxMVaW5jb21tb24ud2FrZXRlY2guZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywYizDVlLYscsoXViEtxnkeACAzo
+VTTVfYq8xDU5nGyN8bjGwRoMqHZhN43zHVX+S6wawUVi0qJ4RqHcGoAc42HSn/hV
+Fcnsrx3QFmPi3zdliqZzSOdobbpCKXuxhZJpGToUQQETEL2jciKR4haqWSXQEt5B
+auQkBvq6a1Xbgtrjg7qGOjyXladiJPWqreqm3T++lyMIU2wxehklcHnp8nCx3RfG
+cMqxna2cinAOlF7YXBL1+HNvYFxSg0nhxUYVZOjIPqcYS7nVKDLrF9uXzPK8zp2M
+2VHdMfaEzWDDMw6LolU3mkiSfRVypX7kiesVKsW1gxQ+kxckNUkciMTsYwIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQRoJKk/XQo21bNEq96i77f
+sH3SWTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVpbmNvbW1vbi53
+YWtldGVjaC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAAXC9+MK91LaEDCTTYuyyfuS
+HDN74NQPY0qanbwY65Y+X936heg6oQK50lu3o1XQ1m3enqtvaoFJkNrKWnWQmq09
+tQkvA+d3u3Uz1xhd/OqlyCqeD8mARWsO4S+ohLTXfFP+jjZOqYcNyhcbIyVNUh1V
+G5TO90j6RX3J83fbja7hrhe/t/KJDP/HvYk9+3g8CzSlnOxhC1DtcoLcDgmra79D
+LH6sol2j4f9BLkTvqL9Xncu2eITnhWTsdogeOT/Ej9F4sXgcjMDWCp6aOHP4slv+
+GVt9/N84tKDbCN6niAHzwJB89NoWcUWIKBzVGU8yTUMTRD5d9nHsqjS1qkYDQd4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://incommon.waketech.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://incommon.waketech.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">waketech.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 588, expires on Thu Jul 14 18:07:43 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmzCCBIOgAwIBAgICAkwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxMzE4MDc0M1oXDTExMDcx
+NDE4MDc0M1owIDEeMBwGA1UEAxMVaW5jb21tb24ud2FrZXRlY2guZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywYizDVlLYscsoXViEtxnkeACAzo
+VTTVfYq8xDU5nGyN8bjGwRoMqHZhN43zHVX+S6wawUVi0qJ4RqHcGoAc42HSn/hV
+Fcnsrx3QFmPi3zdliqZzSOdobbpCKXuxhZJpGToUQQETEL2jciKR4haqWSXQEt5B
+auQkBvq6a1Xbgtrjg7qGOjyXladiJPWqreqm3T++lyMIU2wxehklcHnp8nCx3RfG
+cMqxna2cinAOlF7YXBL1+HNvYFxSg0nhxUYVZOjIPqcYS7nVKDLrF9uXzPK8zp2M
+2VHdMfaEzWDDMw6LolU3mkiSfRVypX7kiesVKsW1gxQ+kxckNUkciMTsYwIDAQAB
+o4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
+FAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQRoJKk/XQo21bNEq96i77f
+sH3SWTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkG
+A1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMT
+IEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcB
+AQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEF
+BQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcv
+YnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlo
+dHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2Vl
+Y3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMB
+BAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAXghVpbmNvbW1vbi53
+YWtldGVjaC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAAXC9+MK91LaEDCTTYuyyfuS
+HDN74NQPY0qanbwY65Y+X936heg6oQK50lu3o1XQ1m3enqtvaoFJkNrKWnWQmq09
+tQkvA+d3u3Uz1xhd/OqlyCqeD8mARWsO4S+ohLTXfFP+jjZOqYcNyhcbIyVNUh1V
+G5TO90j6RX3J83fbja7hrhe/t/KJDP/HvYk9+3g8CzSlnOxhC1DtcoLcDgmra79D
+LH6sol2j4f9BLkTvqL9Xncu2eITnhWTsdogeOT/Ej9F4sXgcjMDWCp6aOHP4slv+
+GVt9/N84tKDbCN6niAHzwJB89NoWcUWIKBzVGU8yTUMTRD5d9nHsqjS1qkYDQd4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://incommon.waketech.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Wake Tech Community College</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Wake Tech Community College</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.waketech.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Wake Tech Help Desk</GivenName>
+ <EmailAddress>helpdesk@waketech.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Alaska Statewide System -->
+<EntityDescriptor entityID="urn:mace:incommon:alaska.edu">
+ <IDPSSODescriptor errorURL="https://idp.alaska.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">alaska.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 579, expires on Sun Jul 10 17:53:09 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAkMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwOTE3NTMwOVoXDTExMDcx
+MDE3NTMwOVowGTEXMBUGA1UEAxMOaWRwLmFsYXNrYS5lZHUwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAJNy9+V3dSoU9OKJTfTLBuy0ubmKwEX5Wp4/9KzbwlkO
+Eh2xSR1GOggbS3qIuOgktj6RIAW1BGhNRQy9GeqvEWPXYGGC8uMyadX7k6sssA9p
+43tmSaFX0uHonf1iXBtsIFUxqf/ru9+0IXDXoiQuccfpqtqL9Janv/rAKQjMrOKP
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFPnx7B21oXfTANOO
+RIqexEOYNA89MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmlkcC5h
+bGFza2EuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBv1B/LW6mAVbPwHmYESHaFcPiT
+4Gu7TFYLNYPXGs4TH0usvVLNht6sMNuX8O24HA9MRSozDY9GAeTdtI4oYqtoeNoV
+MCp+k3oVrHqel5L3L6uAb2cqNk2hq00UtP1nE9ugl7G+TsjqI4v2y9BFvLxIY8cI
+5rsqcn9Kz+rZo8zhqOOr7MJjS1d2Otm8LIWboVrFUUOW62Wpdc/Sr+uyONXbrkEe
+oMv9OIOq/DquepSwmwKgvrITORtkvI3BJK8O59jeo3GMP2XQ/DUpF1YFUP+iNoVu
+snD4+dIy9fzbSmwwxh7qkPoKnYtiyxliOplxXc2H7JxeLQOon8Zq2KT6g+fv
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.alaska.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.alaska.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.alaska.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.alaska.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.alaska.edu/idp/profile/SAML2/POST-SimipleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.alaska.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">alaska.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 579, expires on Sun Jul 10 17:53:09 2011 GMT -->
+ <ds:X509Certificate>
+MIIFCTCCA/GgAwIBAgICAkMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwOTE3NTMwOVoXDTExMDcx
+MDE3NTMwOVowGTEXMBUGA1UEAxMOaWRwLmFsYXNrYS5lZHUwgZ8wDQYJKoZIhvcN
+AQEBBQADgY0AMIGJAoGBAJNy9+V3dSoU9OKJTfTLBuy0ubmKwEX5Wp4/9KzbwlkO
+Eh2xSR1GOggbS3qIuOgktj6RIAW1BGhNRQy9GeqvEWPXYGGC8uMyadX7k6sssA9p
+43tmSaFX0uHonf1iXBtsIFUxqf/ru9+0IXDXoiQuccfpqtqL9Janv/rAKQjMrOKP
+AgMBAAGjggKgMIICnDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNV
+HSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFPnx7B21oXfTANOO
+RIqexEOYNA89MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBW
+MQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcG
+A1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsG
+AQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8G
+CCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9
+oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9j
+cmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYB
+BAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDmlkcC5h
+bGFza2EuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQBv1B/LW6mAVbPwHmYESHaFcPiT
+4Gu7TFYLNYPXGs4TH0usvVLNht6sMNuX8O24HA9MRSozDY9GAeTdtI4oYqtoeNoV
+MCp+k3oVrHqel5L3L6uAb2cqNk2hq00UtP1nE9ugl7G+TsjqI4v2y9BFvLxIY8cI
+5rsqcn9Kz+rZo8zhqOOr7MJjS1d2Otm8LIWboVrFUUOW62Wpdc/Sr+uyONXbrkEe
+oMv9OIOq/DquepSwmwKgvrITORtkvI3BJK8O59jeo3GMP2XQ/DUpF1YFUP+iNoVu
+snD4+dIy9fzbSmwwxh7qkPoKnYtiyxliOplxXc2H7JxeLQOon8Zq2KT6g+fv
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.alaska.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.alaska.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Alaska Statewide System</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Alaska Statewide System</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.alaska.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>David Bantz</GivenName>
+ <EmailAddress>Q@Alaska.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>David Bantz</GivenName>
+ <EmailAddress>db@Alaska.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Support Center</GivenName>
+ <EmailAddress>helpdesk@alaska.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Louisiana State University -->
+<EntityDescriptor entityID="https://webauth.shib.lsu.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">lsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 164832432597753374183816, expires on Thu Dec 9 19:40:50 2010 GMT -->
+ <ds:X509Certificate>
+MIIF7DCCBNSgAwIBAgIKIueVhgAAAAARiDANBgkqhkiG9w0BAQUFADBcMRMwEQYK
+CZImiZPyLGQBGRYDZWR1MRMwEQYKCZImiZPyLGQBGRYDbHN1MTAwLgYDVQQDEydM
+b3Vpc2lhbmEgU3RhdGUgVW5pdmVyc2l0eSBJc3N1aW5nIENBIDEwHhcNMDkxMjA5
+MTk0MDUwWhcNMTAxMjA5MTk0MDUwWjCBpTELMAkGA1UEBhMCVVMxEjAQBgNVBAgT
+CUxvdWlzaWFuYTEUMBIGA1UEBxMLQmF0b24gUm91Z2UxIzAhBgNVBAoTGkxvdWlz
+aWFuYSBTdGF0ZSBVbml2ZXJzaXR5MSgwJgYDVQQLEx9JbmZvcm1hdGlvbiBUZWNo
+bm9sb2d5IFNlcnZpY2VzMR0wGwYDVQQDExR3ZWJhdXRoLnNoaWIubHN1LmVkdTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKKkgUJehrb41DW06Khl0czH
+DBI9iUyCYEJ5uBFrJIeA4QztUIis/6E9ywuASqRcuL3dG61eIL0+RT4b1UqB1T8I
+6XB24RQ65OZB0luA3Q0VKPKn8SslZ+7AYXw06e5Emo8mVLYjv8nqvcko78IfR43l
+QuKOi9qLqi+bTXiSNNv1XaIvHQSiiWWjSMuw6iUjdrO3A6sVUofXZ9o7WdhMoKcN
+W2rl3CHQvz9fXtmNhAhHc1Aj1OJSHLNf02oKGP6omoQY+45FhWSlr77EMrFn4OfX
+ifi9w7OuzIpXMKaL4sFQFZY8Kq3HlfkFDYQ7XPK92hcmsZUdpkBx8UsCzeVqY1cC
+AwEAAaOCAmQwggJgMB0GA1UdDgQWBBSNYkdQ+Zo140Pp3KlN48AbclnJyTAfBgNV
+HSMEGDAWgBTfud+iJMYZCy2D1yRCp34Vx0XuITCBkQYDVR0fBIGJMIGGMIGDoIGA
+oH6GPWh0dHA6Ly93d3cubHN1LmVkdS9wa2kvTG91aXNpYW5hU3RhdGVVbml2ZXJz
+aXR5SXNzdWluZ0NBMS5jcmyGPWh0dHA6Ly9wa2kubHN1LmVkdS9DRFAvTG91aXNp
+YW5hU3RhdGVVbml2ZXJzaXR5SXNzdWluZ0NBMS5jcmwwgaYGCCsGAQUFBwEBBIGZ
+MIGWMEkGCCsGAQUFBzAChj1odHRwOi8vd3d3LmxzdS5lZHUvcGtpL0xvdWlzaWFu
+YVN0YXRlVW5pdmVyc2l0eUlzc3VpbmdDQTEuY3J0MEkGCCsGAQUFBzAChj1odHRw
+Oi8vcGtpLmxzdS5lZHUvQ0RQL0xvdWlzaWFuYVN0YXRlVW5pdmVyc2l0eUlzc3Vp
+bmdDQTEuY3J0MAsGA1UdDwQEAwIFoDA/BgkrBgEEAYI3FQcEMjAwBigrBgEEAYI3
+FQiChJo1gYSCIITJmyWk+V6F/OVugTuK+MHDQomd0axeAgFkAgEEMBMGA1UdJQQM
+MAoGCCsGAQUFBwMBMGEGA1UdIARaMFgwTgYmKwYBBAGCNxUIgoSaNYGEgiCEyZsl
+pPlehfzlboE7g+u3KYGZ5UUwJDAiBggrBgEFBQcCARYWaHR0cDovL3d3dy5sc3Uu
+ZWR1L3BraTAGBgRVHSAAMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwEwDQYJ
+KoZIhvcNAQEFBQADggEBAFRwId1cCJ/s5pts46u3zt2bU/K5Ej16hu3E7NlEqd15
+Tw+YL6iI9BbSFmz8lwTs2j7b8a5NDOc1ei1WFCojVdZmSmq+9aNZxfdvP948mKHz
+PQkLzvKS2oGz8qnSHFIrsEA2yJqCMFp5XwiOiI+SdoaL3NRlCS/rnBoMDmQtd6VA
+dz/GLaU1Vse3V3v4xgOTFfGvxNS4Z3/30zGkzHDLUWwlQJ0qKcqrTnQLbd8YLJJC
+XcLLZgteuNjGDa/+9Jztxs0jlnLOvidon4w4cOUh93yjuAzHC5mefERM23U9ltjh
+i6aajaAeZZnwTZJm2/U26BZmbZsH6rz2/aND2OhLTNc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.shib.lsu.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webauth.shib.lsu.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://webauth.shib.lsu.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">lsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 164832432597753374183816, expires on Thu Dec 9 19:40:50 2010 GMT -->
+ <ds:X509Certificate>
+MIIF7DCCBNSgAwIBAgIKIueVhgAAAAARiDANBgkqhkiG9w0BAQUFADBcMRMwEQYK
+CZImiZPyLGQBGRYDZWR1MRMwEQYKCZImiZPyLGQBGRYDbHN1MTAwLgYDVQQDEydM
+b3Vpc2lhbmEgU3RhdGUgVW5pdmVyc2l0eSBJc3N1aW5nIENBIDEwHhcNMDkxMjA5
+MTk0MDUwWhcNMTAxMjA5MTk0MDUwWjCBpTELMAkGA1UEBhMCVVMxEjAQBgNVBAgT
+CUxvdWlzaWFuYTEUMBIGA1UEBxMLQmF0b24gUm91Z2UxIzAhBgNVBAoTGkxvdWlz
+aWFuYSBTdGF0ZSBVbml2ZXJzaXR5MSgwJgYDVQQLEx9JbmZvcm1hdGlvbiBUZWNo
+bm9sb2d5IFNlcnZpY2VzMR0wGwYDVQQDExR3ZWJhdXRoLnNoaWIubHN1LmVkdTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKKkgUJehrb41DW06Khl0czH
+DBI9iUyCYEJ5uBFrJIeA4QztUIis/6E9ywuASqRcuL3dG61eIL0+RT4b1UqB1T8I
+6XB24RQ65OZB0luA3Q0VKPKn8SslZ+7AYXw06e5Emo8mVLYjv8nqvcko78IfR43l
+QuKOi9qLqi+bTXiSNNv1XaIvHQSiiWWjSMuw6iUjdrO3A6sVUofXZ9o7WdhMoKcN
+W2rl3CHQvz9fXtmNhAhHc1Aj1OJSHLNf02oKGP6omoQY+45FhWSlr77EMrFn4OfX
+ifi9w7OuzIpXMKaL4sFQFZY8Kq3HlfkFDYQ7XPK92hcmsZUdpkBx8UsCzeVqY1cC
+AwEAAaOCAmQwggJgMB0GA1UdDgQWBBSNYkdQ+Zo140Pp3KlN48AbclnJyTAfBgNV
+HSMEGDAWgBTfud+iJMYZCy2D1yRCp34Vx0XuITCBkQYDVR0fBIGJMIGGMIGDoIGA
+oH6GPWh0dHA6Ly93d3cubHN1LmVkdS9wa2kvTG91aXNpYW5hU3RhdGVVbml2ZXJz
+aXR5SXNzdWluZ0NBMS5jcmyGPWh0dHA6Ly9wa2kubHN1LmVkdS9DRFAvTG91aXNp
+YW5hU3RhdGVVbml2ZXJzaXR5SXNzdWluZ0NBMS5jcmwwgaYGCCsGAQUFBwEBBIGZ
+MIGWMEkGCCsGAQUFBzAChj1odHRwOi8vd3d3LmxzdS5lZHUvcGtpL0xvdWlzaWFu
+YVN0YXRlVW5pdmVyc2l0eUlzc3VpbmdDQTEuY3J0MEkGCCsGAQUFBzAChj1odHRw
+Oi8vcGtpLmxzdS5lZHUvQ0RQL0xvdWlzaWFuYVN0YXRlVW5pdmVyc2l0eUlzc3Vp
+bmdDQTEuY3J0MAsGA1UdDwQEAwIFoDA/BgkrBgEEAYI3FQcEMjAwBigrBgEEAYI3
+FQiChJo1gYSCIITJmyWk+V6F/OVugTuK+MHDQomd0axeAgFkAgEEMBMGA1UdJQQM
+MAoGCCsGAQUFBwMBMGEGA1UdIARaMFgwTgYmKwYBBAGCNxUIgoSaNYGEgiCEyZsl
+pPlehfzlboE7g+u3KYGZ5UUwJDAiBggrBgEFBQcCARYWaHR0cDovL3d3dy5sc3Uu
+ZWR1L3BraTAGBgRVHSAAMBsGCSsGAQQBgjcVCgQOMAwwCgYIKwYBBQUHAwEwDQYJ
+KoZIhvcNAQEFBQADggEBAFRwId1cCJ/s5pts46u3zt2bU/K5Ej16hu3E7NlEqd15
+Tw+YL6iI9BbSFmz8lwTs2j7b8a5NDOc1ei1WFCojVdZmSmq+9aNZxfdvP948mKHz
+PQkLzvKS2oGz8qnSHFIrsEA2yJqCMFp5XwiOiI+SdoaL3NRlCS/rnBoMDmQtd6VA
+dz/GLaU1Vse3V3v4xgOTFfGvxNS4Z3/30zGkzHDLUWwlQJ0qKcqrTnQLbd8YLJJC
+XcLLZgteuNjGDa/+9Jztxs0jlnLOvidon4w4cOUh93yjuAzHC5mefERM23U9ltjh
+i6aajaAeZZnwTZJm2/U26BZmbZsH6rz2/aND2OhLTNc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://webauth.shib.lsu.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webauth.shib.lsu.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Louisiana State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Louisiana State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lsu.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Quang Le</GivenName>
+ <EmailAddress>qle3@lsu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Craig Callender</GivenName>
+ <EmailAddress>ccalle2@lsu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Brian Nichols</GivenName>
+ <EmailAddress>bnichols@lsu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://its-tiefighter.lsu.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://its-tiefighter.lsu.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 9769784825131229489, expires on Mon Sep 16 21:59:34 2019 GMT -->
+ <ds:X509Certificate>
+MIIDCTCCAfGgAwIBAgIJAIeVP4kx8uExMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNV
+BAMTFml0cy10aWVmaWdodGVyLmxzdS5lZHUwHhcNMDkwOTE4MjE1OTM0WhcNMTkw
+OTE2MjE1OTM0WjAhMR8wHQYDVQQDExZpdHMtdGllZmlnaHRlci5sc3UuZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox0+jxwn91BZ9EldgFvjR/TG
+Pzng2JvI3SLesrwmfGraSIG9L5I41BDP1+8NKVgXykD2o3Lsg+0WF2tgsmqyD8gu
+L7xJXC8R7c84fuDMTeZh08wtfjUKAZ5JC4ZHErQ24JYkjdR21Nx6XW05gFzGGs/T
+HoF/kwfYY8VDRw6H2UkNuXbMq4T0Xi3oZorC7Fm66KqMPIiraZ9b3AtTnEFrDrb+
+1cl0TfqrsRGEZJeGxxVJQfIUzFOC+W/uCqtsu19FGh6Nl5npuwPitQLDJV1LjVZd
+FAG/B7CdCOuCd1YE7JqIgy6Pvw4G/xkA8RsUDG6iFtEuWeVksfCKwEPZ527pqQID
+AQABo0QwQjAhBgNVHREEGjAYghZpdHMtdGllZmlnaHRlci5sc3UuZWR1MB0GA1Ud
+DgQWBBQHTHDF/FCI37styekmVNlCkDRxOTANBgkqhkiG9w0BAQUFAAOCAQEAoweA
+ClueM7VjQQw+oPdlKl5yL2cQRso9W2RcCP52G6CzvC6CiZ4tDAXeHL6ziBIwtjY9
+3m8iKr6WLZ8nfy97QHSM064vpo2BqVgWTuwOO/2u+9K1koFG53TnuRWej8rmkHr0
+QYIs5eZcxRzum5iOooBsopvHi0JLIfK2P2ZoXIEqym4NBotl14o0L8A4K5h4asd6
+D6a7WpU0hGuyBwEzahroDmUQSmCHa6sI0txf0feJqM0JBd3/aPVciu7RVyYrLsgy
+2JLMhhrZhbT2W2BIfzZagvaAXWsQKONpN25ut6ZGDU30VZtHUxoQ+nTYp6YPZXgO
+3PNiOFfZFJk7Lk5Liw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://its-tiefighter.lsu.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://its-tiefighter.lsu.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://its-tiefighter.lsu.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://its-tiefighter.lsu.edu/Shibboleth.sso/SAML2/ECP" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://its-tiefighter.lsu.edu/Shibboleth.sso/SAML/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://its-tiefighter.lsu.edu/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Louisiana State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Louisiana State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lsu.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Quang Le</GivenName>
+ <EmailAddress>qle3@lsu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- North Carolina Department of Public Instruction -->
+<EntityDescriptor entityID="https://peidp01.dpi.state.nc.us/idp/shibboleth">
+ <IDPSSODescriptor errorURL="http://www.dpi.state.nc.us/404.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">dpi.state.nc.us</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 601, expires on Thu Jul 21 17:57:05 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAlkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcyMDE3NTcwNVoXDTExMDcy
+MTE3NTcwNVowIjEgMB4GA1UEAxMXcGVpZHAwMS5kcGkuc3RhdGUubmMudXMwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu8RGxd3tSQwjbrNNifZXz20VE
+AqXUkkTKmONoPkWdoQ9KzramKRRqWRRzShGu2trVr11Fi0LIYqa1X4Ux9jSHkJ4J
+XZzZ2g84sG/UlS+JSyYd+eUfV90A9ecO0A+zdX91cB2OIBX7S82m9nYx710ln8tK
+andkmbbf+1Fztu9OqR0bS3JyPeVacsRRfMC0wD59EhBQPQd/2uNkw5BqT8PtSejK
+yfz3B/QydqKhax9FJiTH0NAqma0Z+GtFo2yJ2GzhlzJSkj9iG9sMdW7QClMAR9bE
+GLpe0Zg87/EA6zAGpUEjw2xBV/EEeb5xiSEERvSNeNRbh2Bd3bEEfbOpvnmfAgMB
+AAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFDugOyl/9tnrtavEgKJl
+zi8toNiFMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQbMBmCF3BlaWRwMDEu
+ZHBpLnN0YXRlLm5jLnVzMA0GCSqGSIb3DQEBBQUAA4IBAQAIampESsJYwt9zQ0RW
+7ut/QZfr2VZQypgJRyXUOPOFPE+vEK/dDcuXN111CBJVtSSFr3OEK/vEx1M6hFbg
+osOEw6v3laEmjGZJjULplgYgu6bz/d/J2ZoqHfLQbXSh04y3eb1evHtx7ouIYw5p
+iP8eM9az1h5vf58uvqDHQUxVpdTNu1vSyYduJz6nasZTNtounXiAY459jN2Wn5qL
+FAeClf3R3mGjZMtaFLgtcgzgxrhbhsLONQIOo14vEHPzbnhFMOj4m/H9aIP0YNqM
+67diP7rZKwSaRiN06tggKYxcBjGupRUMqS2KPlCaOSCM+s9YitLh4NJYHOF4gAtA
+X2xk
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://peidp01.dpi.state.nc.us:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://peidp01.dpi.state.nc.us/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">dpi.state.nc.us</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 601, expires on Thu Jul 21 17:57:05 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnzCCBIegAwIBAgICAlkwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcyMDE3NTcwNVoXDTExMDcy
+MTE3NTcwNVowIjEgMB4GA1UEAxMXcGVpZHAwMS5kcGkuc3RhdGUubmMudXMwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu8RGxd3tSQwjbrNNifZXz20VE
+AqXUkkTKmONoPkWdoQ9KzramKRRqWRRzShGu2trVr11Fi0LIYqa1X4Ux9jSHkJ4J
+XZzZ2g84sG/UlS+JSyYd+eUfV90A9ecO0A+zdX91cB2OIBX7S82m9nYx710ln8tK
+andkmbbf+1Fztu9OqR0bS3JyPeVacsRRfMC0wD59EhBQPQd/2uNkw5BqT8PtSejK
+yfz3B/QydqKhax9FJiTH0NAqma0Z+GtFo2yJ2GzhlzJSkj9iG9sMdW7QClMAR9bE
+GLpe0Zg87/EA6zAGpUEjw2xBV/EEeb5xiSEERvSNeNRbh2Bd3bEEfbOpvnmfAgMB
+AAGjggKpMIICpTAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUE
+FjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFDugOyl/9tnrtavEgKJl
+zi8toNiFMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQsw
+CQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UE
+AxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUF
+BwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsG
+AQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9y
+Zy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuG
+OWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwv
+ZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGu
+IwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCIGA1UdEQQbMBmCF3BlaWRwMDEu
+ZHBpLnN0YXRlLm5jLnVzMA0GCSqGSIb3DQEBBQUAA4IBAQAIampESsJYwt9zQ0RW
+7ut/QZfr2VZQypgJRyXUOPOFPE+vEK/dDcuXN111CBJVtSSFr3OEK/vEx1M6hFbg
+osOEw6v3laEmjGZJjULplgYgu6bz/d/J2ZoqHfLQbXSh04y3eb1evHtx7ouIYw5p
+iP8eM9az1h5vf58uvqDHQUxVpdTNu1vSyYduJz6nasZTNtounXiAY459jN2Wn5qL
+FAeClf3R3mGjZMtaFLgtcgzgxrhbhsLONQIOo14vEHPzbnhFMOj4m/H9aIP0YNqM
+67diP7rZKwSaRiN06tggKYxcBjGupRUMqS2KPlCaOSCM+s9YitLh4NJYHOF4gAtA
+X2xk
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://peidp01.dpi.state.nc.us:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">North Carolina Department of Public Instruction</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">North Carolina Department of Public Instruction</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.dpi.state.nc.us/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>James Guntow</GivenName>
+ <EmailAddress>jguntow@dpi.state.nc.us</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Robin Burley</GivenName>
+ <EmailAddress>rburley@dpi.state.nc.us</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Help Desk (919) 807-4357</GivenName>
+ <EmailAddress>help@dpi.state.nc.us</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://pesp01.dpi.state.nc.us/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 672, expires on Fri Oct 14 17:59:16 2011 GMT -->
+ <ds:X509Certificate>
+MIIFnTCCBIWgAwIBAgICAqAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAxMzE3NTkxNloXDTExMTAx
+NDE3NTkxNlowITEfMB0GA1UEAxMWcGVzcDAxLmRwaS5zdGF0ZS5uYy51czCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM0pS/ZvBJT5yHIHA8/RYn7sWmDQ
+lYrNVn0nvw6dtV6MK/yKQybpYyIw9gBIQqDbn12rOMGOvh5hVU9zs2DvwOK3Rj+g
+sfx/bg4HCYwD1LzIfYq+PLblCpocVzTnGiy9igwRCTrqq0vH03jtkB2bZgacVkG9
+Xp4lc/OYo3GaM0/hR25GsCvJPshVXT5KFaenf9l2pfo05W6f3zvA7A4EreVe8C5J
+ROHrsz2EFm+IsPzvtwpvtqE1RdqxycKtICdQ6xIugO2AjwNzAXwPgvN1p8XBrDXh
+SuDvLSYfsVxnAbF2HmOHxWteCeiFRRb4fs6pAuBaFynUjuWlAk9klx3HKcECAwEA
+AaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUE16kkkBNd2s4jj+pWRZG
+5LNsNc8wfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYxCzAJ
+BgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYDVQQD
+EyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYBBQUH
+AQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYIKwYB
+BQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2gO4Y5
+aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9l
+ZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEEAa4j
+AQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBowGIIWcGVzcDAxLmRw
+aS5zdGF0ZS5uYy51czANBgkqhkiG9w0BAQUFAAOCAQEAAFVCw+7YDagfbfiIik8o
+mZWke4kl7eUOshzDKIBkZW4fydzWAyUbiVi9h2uqeLt8VTcUBbERwFM7SNpkXFrV
+VjkqxXT9HnY1nSjYL2cesgrWFpVaJMHyK9mUBfhwjLFUwzga2I+jWnBRix4kOrvT
+Of47yu04zXFoYCw16s3GC1HoHlyOo9Jc6B4Sfn0KbqSb4QeRb0DQV2HMIYdxdvOT
+KqAO3MoCGobkKIHzpZ7Y+Q58o6lyV8TPmD3MGpcWkPyi0CSHRz5Yso/vwKUDqLoB
+fH25XazHIQvT9RWpmuv6jdS2D8SfnnSuWjChpx6PUZ0zX29eKeWV9P4Zd6F30v4v
+Ng==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pesp01.dpi.state.nc.us/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pesp01.dpi.state.nc.us/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">North Carolina Department of Public Instruction</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">North Carolina Department of Public Instruction</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.dpi.state.nc.us/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Julien Alhour</GivenName>
+ <EmailAddress>jalhour@dpi.state.nc.us</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Sonoma State University -->
+<EntityDescriptor entityID="https://login.sonoma.edu/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">sonoma.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 676, expires on Fri Oct 21 17:55:03 2011 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAqQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAyMDE3NTUwM1oXDTExMTAy
+MTE3NTUwM1owGzEZMBcGA1UEAxMQbG9naW4uc29ub21hLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA3svX5H2eksb1VtnTg8smbBsk523fXiDhNG4RxS/Q
+Hvxpozz9x9VYAs8GUzQ8eU+vgbY0WkPZfpA8WiZgbJ2OCOVz2hitOREZ6Ph+w1x3
+ldhlod8xVy7CBp4VmhWKKs9spshAuoJt/u3cadAf7LjCwAmYS9YFZR2OQlhvymK1
+JmcCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUgob05PfQQ8BA
+t2kIoJR+Vb5C6ngwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQbG9n
+aW4uc29ub21hLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAkQuuqCRruLNPdwAKEG9w
+/jGlmLjfZU/DexRwX7uw4szk/w0bgCGI5YTxVme1ajJOc1gmwKJBPv6Quw8DaTSe
+y2SP1yxRV804LQavkTdOiBtaSWRAfgH1cbwDjfbFUhiKE61ynZtwRl6FUy8XOl4v
+fehE5znohxCazHPN05vfIt6c8O9eYVy+a52crVKAOBXK+et5kUlnLNW0BY9GF9fJ
+ZDZ7jA3qEp4w4sQqYUziYZiumzD3CSctFlNUlSRZ1YeZAqYV8DtvhDWf72C2afNp
+Z6bJ3ryL6TRro65AH9zwyjfPIHKIBFedCEa5hRMC1s1CN+hEv9ZOaOcYRLNc24Gx
+DQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.sonoma.edu:9443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.sonoma.edu:9443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.sonoma.edu:8443/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.sonoma.edu:8443/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.sonoma.edu:8443/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://login.sonoma.edu:8443/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">sonoma.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 676, expires on Fri Oct 21 17:55:03 2011 GMT -->
+ <ds:X509Certificate>
+MIIFDTCCA/WgAwIBAgICAqQwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAyMDE3NTUwM1oXDTExMTAy
+MTE3NTUwM1owGzEZMBcGA1UEAxMQbG9naW4uc29ub21hLmVkdTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA3svX5H2eksb1VtnTg8smbBsk523fXiDhNG4RxS/Q
+Hvxpozz9x9VYAs8GUzQ8eU+vgbY0WkPZfpA8WiZgbJ2OCOVz2hitOREZ6Ph+w1x3
+ldhlod8xVy7CBp4VmhWKKs9spshAuoJt/u3cadAf7LjCwAmYS9YFZR2OQlhvymK1
+JmcCAwEAAaOCAqIwggKeMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0G
+A1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUgob05PfQQ8BA
+t2kIoJR+Vb5C6ngwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRY
+MFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkw
+JwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYI
+KwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2Iw
+TwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/
+oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3Jn
+L2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29t
+bW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsr
+BgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGwYDVR0RBBQwEoIQbG9n
+aW4uc29ub21hLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEAkQuuqCRruLNPdwAKEG9w
+/jGlmLjfZU/DexRwX7uw4szk/w0bgCGI5YTxVme1ajJOc1gmwKJBPv6Quw8DaTSe
+y2SP1yxRV804LQavkTdOiBtaSWRAfgH1cbwDjfbFUhiKE61ynZtwRl6FUy8XOl4v
+fehE5znohxCazHPN05vfIt6c8O9eYVy+a52crVKAOBXK+et5kUlnLNW0BY9GF9fJ
+ZDZ7jA3qEp4w4sQqYUziYZiumzD3CSctFlNUlSRZ1YeZAqYV8DtvhDWf72C2afNp
+Z6bJ3ryL6TRro65AH9zwyjfPIHKIBFedCEa5hRMC1s1CN+hEv9ZOaOcYRLNc24Gx
+DQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.sonoma.edu:9443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.sonoma.edu:9443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Sonoma State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Sonoma State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sonoma.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Andru Luvisi</GivenName>
+ <EmailAddress>andru.luvisi@sonoma.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University-San Bernardino -->
+<EntityDescriptor entityID="https://idp.csusb.edu/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csusb.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 663, expires on Mon Oct 10 17:08:07 2011 GMT -->
+ <ds:X509Certificate>
+MIIFBzCCA++gAwIBAgICApcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwOTE3MDgwN1oXDTExMTAx
+MDE3MDgwN1owGDEWMBQGA1UEAxMNaWRwLmNzdXNiLmVkdTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA6xg0E6eEpkNPP2ARXNbpDs6x0hU126ThzicqFuif1ZS7
+91pC4WQjPYEgn1vqT7grUCfcjkuu8WSLszLzd6+RcM9MpSm/k3HG/D5eab4+ve2k
+E/nOomtCnLaFgkKmCW+yvtg/mE3hXC1a4sTrY4aBGj2t7WnFS3QkPN+f5jAqkfUC
+AwEAAaOCAp8wggKbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUIb/Jn0eHLPalHXKv
+XsSTIvvLPbkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INaWRwLmNz
+dXNiLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEArc+gK8afn7Fx8ga7LrMymmSS/O27
+GrAEvVRp46M+EivNxgTfINbVs9OcHlEbOhELtu4E8DiVq80S34oVCfAzfVynBfB5
+fOZTkWPYpUtGStMswR3VdAFKS554xHjfCc+vyP/1VbyQ3p4GjocHwSuaBbjTTTtL
+Xfr2SMHQ0C1uDlPWrs9xPlnH3BsGetejh6mPvM+xZySWxKOKDz77l7F25q5hsZ6g
+gS1J15A4BX2/xZfkwGiYEfLIQEWNf19a1EqrA8rNxDnteTqUVsJJ3+rOmSAkg/+a
+TF6boac88Sm2v2DV5w+/HKyf+NMCOI93NvWe8HQgwXG1yGpG5Jq2nWAYGQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.csusb.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.csusb.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csusb.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 663, expires on Mon Oct 10 17:08:07 2011 GMT -->
+ <ds:X509Certificate>
+MIIFBzCCA++gAwIBAgICApcwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MTAwOTE3MDgwN1oXDTExMTAx
+MDE3MDgwN1owGDEWMBQGA1UEAxMNaWRwLmNzdXNiLmVkdTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA6xg0E6eEpkNPP2ARXNbpDs6x0hU126ThzicqFuif1ZS7
+91pC4WQjPYEgn1vqT7grUCfcjkuu8WSLszLzd6+RcM9MpSm/k3HG/D5eab4+ve2k
+E/nOomtCnLaFgkKmCW+yvtg/mE3hXC1a4sTrY4aBGj2t7WnFS3QkPN+f5jAqkfUC
+AwEAAaOCAp8wggKbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUIb/Jn0eHLPalHXKv
+XsSTIvvLPbkwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufKY0WhWqRYMFYx
+CzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0aW9uMSkwJwYD
+VQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIBADCBsgYIKwYB
+BQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMS5pbmNv
+bW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwTwYI
+KwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSBhTCBgjA/oD2g
+O4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2Ny
+bC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwyLmluY29tbW9u
+ZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcwVTBTBgsrBgEE
+Aa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25jYS5pbmNvbW1v
+bmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwGAYDVR0RBBEwD4INaWRwLmNz
+dXNiLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEArc+gK8afn7Fx8ga7LrMymmSS/O27
+GrAEvVRp46M+EivNxgTfINbVs9OcHlEbOhELtu4E8DiVq80S34oVCfAzfVynBfB5
+fOZTkWPYpUtGStMswR3VdAFKS554xHjfCc+vyP/1VbyQ3p4GjocHwSuaBbjTTTtL
+Xfr2SMHQ0C1uDlPWrs9xPlnH3BsGetejh6mPvM+xZySWxKOKDz77l7F25q5hsZ6g
+gS1J15A4BX2/xZfkwGiYEfLIQEWNf19a1EqrA8rNxDnteTqUVsJJ3+rOmSAkg/+a
+TF6boac88Sm2v2DV5w+/HKyf+NMCOI93NvWe8HQgwXG1yGpG5Jq2nWAYGQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.csusb.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.csusb.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University-San Bernardino</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University-San Bernardino</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csusb.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Javier Torner</GivenName>
+ <EmailAddress>jtorner@csusb.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Sunny Lin</GivenName>
+ <EmailAddress>slin@csusb.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>James Macdonell</GivenName>
+ <EmailAddress>jmacdone@csusb.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Lynda.com -->
+<EntityDescriptor entityID="https://shib.lynda.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 598, expires on Sun Jul 17 17:56:08 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAlYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcxNjE3NTYwOFoXDTExMDcx
+NzE3NTYwOFowGTEXMBUGA1UEAxMOc2hpYi5seW5kYS5jb20wggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDErsgujNMSGD5Xqf0/yywU0L4Dj+INoeft8Jvp
+kQCM/WLEtshu6cACcFKsGvTFmNgxsB34M3X5gTZYe8e5FZPoUD7DvHOXGGPj/F2+
+ry9/oSP898UmiEj3ulTFmxDPMYIBnIDHeKuHdKzFH3vDvaUjY+1S2nM89WhWXOM5
+JUFW81COu0G2HCJIi1hawTDeLs1cukcjVEZbc/JALsb52W5pSNeo3F8TFvQ0oHuK
+8Law1dLbt2wwo8oq8IU51yHWTXUQ0OMa+6i5gEuPfm/9jET95UigVN97EGkd7sD3
+Yvcu+r+FMyh/dr+NZQ1tWKj+Ew+zDq4nZCuQkShrTS8p/2rvAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFB1eG7TklyzL086VUT9rRTSIxPF3MH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDnNoaWIubHluZGEuY29tMA0G
+CSqGSIb3DQEBBQUAA4IBAQBSw5nTyai6gfDZ5yjXaK9h1apTOMpENEnyMDhKg/Ec
+GefI+RaI5dedPTpIw1+kfn60+pf+WqerGz7nMIZjz+DdSDAeKTDpAD+tafYlaz1U
+G6NT2jWHsUHzNQvMVLR5sUunuHZY8nEXUBRbcPDG/Pw9w9O1CQlZ3Z9HWTDnYak9
+fSITE342EgeHB/ntH8CzwSqBLJgqDnFS3Ua0pJ73Fg8ppiW+jDB7Zt4LrhwnDmjD
+6pWa3M5fEtdGDjcmCY96yq5sN4kQPc81dqx8P3OChIDc/vRz1x142kwjZ2fsI0af
+zf5fedKS5bPvaLcRbsZVeXVH06H5EYqP7ZpL0l9rCnyZ
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib.lynda.com/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib.lynda.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shib.lynda.com/Shibboleth.sso" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Lynda.com</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lynda.com</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lynda.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mike Flynn</GivenName>
+ <EmailAddress>mflynn@lynda.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Davie County Schools -->
+<EntityDescriptor entityID="urn:mace:incommon:davie.k12.nc.us">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">davie.k12.nc.us</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 561, expires on Sun Jun 19 17:55:58 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAjEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxODE3NTU1OFoXDTExMDYx
+OTE3NTU1OFowHzEdMBsGA1UEAxMUc2hpYi5kYXZpZS5rMTIubmMudXMwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAAvA1qBlvNxvk9w/So2K3i7PLScp3
+uE0RrpCKvgXFXuLBD1ia2otjRaee5juaTAoLH4hmazOpIZ4TdFkNWlR4Mi7sduHI
+LBra/VXACCSqt0mC9fE88fRT6AFJaVZL3wlnH2EjIqqkJugnXlQ4CzrFyMla3BZ0
+tS/arKWMIccojMJU2DJ18tI8HVmtDWMw3u8dtyp7eZERl3mHYo/PP1ZteHDELfag
+2r+EYG0xbi1QFYszcR2AzNIqsNSEvfDR/7vRXPUpnkElkOjhFfmlvMfGNHKxsip2
+I/FDb1I60qTXJFmMkHU0BGul0SEE3Cmk9CL0X+e/BSy6v0fDUhdOM/vXAgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFKLbTF2hhfanXQq7atqPQfCn
+Pq6KMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFHNoaWIuZGF2aWUu
+azEyLm5jLnVzMA0GCSqGSIb3DQEBBQUAA4IBAQC2BTUrZ/L74nEyeiIaewwPi28q
+HLhFGTZOS/tmIdmqtAvUxqBOCYpymkM0SYhHI0CrSg3wsetbIL8NdYxDFP48PhOj
+mRYIJMqbn0MjIkVN/CMls3UMnjtTfzsBIFK/a1YOTdtTL/zatidewlkVKDyIZHv5
+Fd19RGuKTsgXDigEH23TDTR6Ye6Z9JlbKpzm8DgsAAH6Qa+x+B5Xr92wKMXBdUz4
+e5Ctlpia0I5oLfFfe90Si+lEc5kiprV1v8PHh+wK5YPXif+g0/+V298WVFhjNjcW
+W6IbGuvnMP/5vwH15ejLFSQ8FEvfCNb+qX3NougnAThMS6PAoULPt3iJmfMT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.davie.k12.nc.us/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">davie.k12.nc.us</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 561, expires on Sun Jun 19 17:55:58 2011 GMT -->
+ <ds:X509Certificate>
+MIIFmTCCBIGgAwIBAgICAjEwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDYxODE3NTU1OFoXDTExMDYx
+OTE3NTU1OFowHzEdMBsGA1UEAxMUc2hpYi5kYXZpZS5rMTIubmMudXMwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDAAvA1qBlvNxvk9w/So2K3i7PLScp3
+uE0RrpCKvgXFXuLBD1ia2otjRaee5juaTAoLH4hmazOpIZ4TdFkNWlR4Mi7sduHI
+LBra/VXACCSqt0mC9fE88fRT6AFJaVZL3wlnH2EjIqqkJugnXlQ4CzrFyMla3BZ0
+tS/arKWMIccojMJU2DJ18tI8HVmtDWMw3u8dtyp7eZERl3mHYo/PP1ZteHDELfag
+2r+EYG0xbi1QFYszcR2AzNIqsNSEvfDR/7vRXPUpnkElkOjhFfmlvMfGNHKxsip2
+I/FDb1I60qTXJFmMkHU0BGul0SEE3Cmk9CL0X+e/BSy6v0fDUhdOM/vXAgMBAAGj
+ggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFKLbTF2hhfanXQq7atqPQfCn
+Pq6KMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYD
+VQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMg
+SW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEB
+BIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25m
+ZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUF
+BzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9i
+cmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0
+dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVj
+cmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVy
+YXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEE
+AQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaCFHNoaWIuZGF2aWUu
+azEyLm5jLnVzMA0GCSqGSIb3DQEBBQUAA4IBAQC2BTUrZ/L74nEyeiIaewwPi28q
+HLhFGTZOS/tmIdmqtAvUxqBOCYpymkM0SYhHI0CrSg3wsetbIL8NdYxDFP48PhOj
+mRYIJMqbn0MjIkVN/CMls3UMnjtTfzsBIFK/a1YOTdtTL/zatidewlkVKDyIZHv5
+Fd19RGuKTsgXDigEH23TDTR6Ye6Z9JlbKpzm8DgsAAH6Qa+x+B5Xr92wKMXBdUz4
+e5Ctlpia0I5oLfFfe90Si+lEc5kiprV1v8PHh+wK5YPXif+g0/+V298WVFhjNjcW
+W6IbGuvnMP/5vwH15ejLFSQ8FEvfCNb+qX3NougnAThMS6PAoULPt3iJmfMT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.davie.k12.nc.us:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Davie County Schools</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Davie County Schools</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.davie.k12.nc.us/Admin/index.cfm</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Eddie Greene</GivenName>
+ <EmailAddress>greenee@davie.k12.nc.us</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Butch Rooney</GivenName>
+ <EmailAddress>rooneyb@davie.k12.nc.us</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Mary Orr</GivenName>
+ <EmailAddress>orrm@davie.k12.nc.us</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Digital Measures -->
+<EntityDescriptor entityID="https://www.digitalmeasures.com/shibboleth-sp/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 10339915411699557388, expires on Sat Nov 30 18:55:03 2019 GMT -->
+ <ds:X509Certificate>
+MIIEwTCCA6mgAwIBAgIJAI9+wkih8GQMMA0GCSqGSIb3DQEBBQUAMIGbMQswCQYD
+VQQGEwJVUzESMBAGA1UECBMJV2lzY29uc2luMRIwEAYDVQQHEwlNaWx3YXVrZWUx
+GTAXBgNVBAoTEERpZ2l0YWwgTWVhc3VyZXMxIDAeBgNVBAMTF3d3dy5kaWdpdGFs
+bWVhc3VyZXMuY29tMScwJQYJKoZIhvcNAQkBFhh0ZWNoQGRpZ2l0YWxtZWFzdXJl
+cy5jb20wHhcNMDkxMjAyMTg1NTAzWhcNMTkxMTMwMTg1NTAzWjCBmzELMAkGA1UE
+BhMCVVMxEjAQBgNVBAgTCVdpc2NvbnNpbjESMBAGA1UEBxMJTWlsd2F1a2VlMRkw
+FwYDVQQKExBEaWdpdGFsIE1lYXN1cmVzMSAwHgYDVQQDExd3d3cuZGlnaXRhbG1l
+YXN1cmVzLmNvbTEnMCUGCSqGSIb3DQEJARYYdGVjaEBkaWdpdGFsbWVhc3VyZXMu
+Y29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdU5Pa3MRsljSruF
++oUUNr7KAUeRh8kJRdvHQIUQKDrLUrgGDJxVFEd4kAO0jd+cljJ+Ks8blQtZpqz3
+8HBpwDV1p5Vh+pne0p6lUCiUY9ZhqC7b6nZhuZMJGsROfYcnzS4fYrLV8MmTJ4hU
+CDfyIXCLIlNAwuOwRLWJ6Kg3C9vOdP72z0BWxGzFUsNMSixWVSl5hcehkPskezLd
+sHZFC1bfTWrmIuVdvKRp1XWnqC0Ha6HyAXfkKosWg9f71KCMwpTKqXwtj47cXMgA
+wmShTH8OwQ1C2rXxVPWzNjfE5xFI/7Fo26mftzQGwkJ2laaRbioygZhGgpfEP1Mk
+Z0a0swIDAQABo4IBBDCCAQAwHQYDVR0OBBYEFHyhAmBoAKyaxI2a6+6vknnzbtI0
+MIHQBgNVHSMEgcgwgcWAFHyhAmBoAKyaxI2a6+6vknnzbtI0oYGhpIGeMIGbMQsw
+CQYDVQQGEwJVUzESMBAGA1UECBMJV2lzY29uc2luMRIwEAYDVQQHEwlNaWx3YXVr
+ZWUxGTAXBgNVBAoTEERpZ2l0YWwgTWVhc3VyZXMxIDAeBgNVBAMTF3d3dy5kaWdp
+dGFsbWVhc3VyZXMuY29tMScwJQYJKoZIhvcNAQkBFhh0ZWNoQGRpZ2l0YWxtZWFz
+dXJlcy5jb22CCQCPfsJIofBkDDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA
+A4IBAQAeUkRH04tZvqAcBCxmQyRdIDEvBw8+IG6zzL8Ap4dJLSBc4D9uUZtIq8Xu
+ZDnrOcQ9O2Udsno523aONEOsiCTazJRhNJKTGkXXeQiJhGnzXmOokkIeGJI9efNJ
+4GAVI9ZrxEh+ZgKQpLuZpCO+d/RwKqtbOJWL8u4QccYH2stK1dO4M6yUe7b9PnwP
+F2HUBMtW7B3xfRZyy1qQTpJ3oVp2nPTDtStIioPuqB1y+sl76jR503ABPnz77wyV
+vh8D4o/W5q32axmmKH3s85TeSyUoQ4RS7/NgsjYQI7lnODeVSgWcUl1+c+NfPNiu
+1vpIbPTlEVEvmNPl69Zi3A9T7I/p
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.digitalmeasures.com/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.digitalmeasures.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Digital Measures</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Digital Measures</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.digitalmeasures.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Digital Measures</GivenName>
+ <EmailAddress>info@digitalmeasures.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Fairfield University -->
+<EntityDescriptor entityID="https://authentication1.fairfield.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">fairfield.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 798176, expires on Wed Jul 30 03:08:55 2014 GMT -->
+ <ds:X509Certificate>
+MIIDnzCCAwigAwIBAgIDDC3gMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
+MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
+aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDkwNzI5MDMwNzQwWhcNMTQwNzMwMDMwODU1
+WjCBpTELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0MRIwEAYDVQQH
+EwlGYWlyZmllbGQxHTAbBgNVBAoTFEZhaXJmaWVsZCBVbml2ZXJzaXR5MSUwIwYD
+VQQLFBxDb21wdXRpbmcgJiBOZXR3b3JrIFNlcnZpY2VzMSYwJAYDVQQDEx1hdXRo
+ZW50aWNhdGlvbjEuZmFpcmZpZWxkLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANvbRmKou9/hAlaQrRuV88D+jUMOVqefdVBzXYXGaKrbBciHKHqO
+I67MFP6lE29XhfGrH1IgHK4CTbfWzAKwVr+q+ENfS9wJcc5hgigyoW3/oPxaJDbD
+taU7V83cRipftGiAacJYIRFKbXgS5GBoMACgD8c9WbgGDthD84tDf+PQLsXvXN8X
+AMXB8spyvuRB8p2p9vxBFudYR84grUGo2tZIahxm5Ycpm/iR2Vyqc3wgNsxNhrIs
+KBt4FJ+dBR9gYp0kGOe4Oxod9yPuY4QPg6oY1xdjsHDEz+Z+NsQMfCQPJ8JUiH5a
+/ZQwen8tlbk7pTOQRLeCFNAWpSwR319y/icCAwEAAaOBrjCBqzAOBgNVHQ8BAf8E
+BAMCBPAwHQYDVR0OBBYEFMTwrqy6VAfLLzCjU7LBTWtihxefMDoGA1UdHwQzMDEw
+L6AtoCuGKWh0dHA6Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybHMvc2VjdXJlY2EuY3Js
+MB8GA1UdIwQYMBaAFEjmaPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQUFAAOBgQBwmZ6zzl755udcdEt5
+Bs2G5e1MRQpDucsDa8E22mNZIFB1aj5f3cH2RxPsSJj+Gg+Im7fPJmLwP0IueHeA
+ZjTN8Ci3hP5XCJvX4a90x72fbKmrnnX11IIsa5jF+eB3hxguhcQdMt6ywySwkUW6
+OaBQVjA2FSrHHGiA4I/xvp5E4g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://authentication1.fairfield.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://authentication1.fairfield.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://authentication1.fairfield.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://authentication1.fairfield.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">fairfield.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 798176, expires on Wed Jul 30 03:08:55 2014 GMT -->
+ <ds:X509Certificate>
+MIIDnzCCAwigAwIBAgIDDC3gMA0GCSqGSIb3DQEBBQUAME4xCzAJBgNVBAYTAlVT
+MRAwDgYDVQQKEwdFcXVpZmF4MS0wKwYDVQQLEyRFcXVpZmF4IFNlY3VyZSBDZXJ0
+aWZpY2F0ZSBBdXRob3JpdHkwHhcNMDkwNzI5MDMwNzQwWhcNMTQwNzMwMDMwODU1
+WjCBpTELMAkGA1UEBhMCVVMxFDASBgNVBAgTC0Nvbm5lY3RpY3V0MRIwEAYDVQQH
+EwlGYWlyZmllbGQxHTAbBgNVBAoTFEZhaXJmaWVsZCBVbml2ZXJzaXR5MSUwIwYD
+VQQLFBxDb21wdXRpbmcgJiBOZXR3b3JrIFNlcnZpY2VzMSYwJAYDVQQDEx1hdXRo
+ZW50aWNhdGlvbjEuZmFpcmZpZWxkLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBANvbRmKou9/hAlaQrRuV88D+jUMOVqefdVBzXYXGaKrbBciHKHqO
+I67MFP6lE29XhfGrH1IgHK4CTbfWzAKwVr+q+ENfS9wJcc5hgigyoW3/oPxaJDbD
+taU7V83cRipftGiAacJYIRFKbXgS5GBoMACgD8c9WbgGDthD84tDf+PQLsXvXN8X
+AMXB8spyvuRB8p2p9vxBFudYR84grUGo2tZIahxm5Ycpm/iR2Vyqc3wgNsxNhrIs
+KBt4FJ+dBR9gYp0kGOe4Oxod9yPuY4QPg6oY1xdjsHDEz+Z+NsQMfCQPJ8JUiH5a
+/ZQwen8tlbk7pTOQRLeCFNAWpSwR319y/icCAwEAAaOBrjCBqzAOBgNVHQ8BAf8E
+BAMCBPAwHQYDVR0OBBYEFMTwrqy6VAfLLzCjU7LBTWtihxefMDoGA1UdHwQzMDEw
+L6AtoCuGKWh0dHA6Ly9jcmwuZ2VvdHJ1c3QuY29tL2NybHMvc2VjdXJlY2EuY3Js
+MB8GA1UdIwQYMBaAFEjmaPkr0rKV10fYIyAQTzOYkJ/UMB0GA1UdJQQWMBQGCCsG
+AQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQUFAAOBgQBwmZ6zzl755udcdEt5
+Bs2G5e1MRQpDucsDa8E22mNZIFB1aj5f3cH2RxPsSJj+Gg+Im7fPJmLwP0IueHeA
+ZjTN8Ci3hP5XCJvX4a90x72fbKmrnnX11IIsa5jF+eB3hxguhcQdMt6ywySwkUW6
+OaBQVjA2FSrHHGiA4I/xvp5E4g==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://authentication1.fairfield.edu/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://authentication1.fairfield.edu/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Fairfield University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Fairfield University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.fairfield.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Eli Kharaz</GivenName>
+ <EmailAddress>ekharaz@fairfield.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Fresno -->
+<EntityDescriptor entityID="https://shib-idp.its.csufresno.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csufresno.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 630, expires on Fri Aug 19 17:55:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAnYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxODE3NTUxNFoXDTExMDgx
+OTE3NTUxNFowJTEjMCEGA1UEAxMac2hpYi1pZHAuaXRzLmNzdWZyZXNuby5lZHUw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANZJvpUG8NaayqHzmd8j9d2BjB56
+6pLEU1YEKyWiFuwG9EF9pt/rVpQzWgsvbdPbBFZH9UfQy55s7GWx2ycuPVREywdN
+oz1n8er+008tGeNj63GmSVOX0MPulRsW41h1TCD9D4BfAQAgbHMUlV62Sw7fqwcG
+KfOTXLlS4qI485SHAgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FAwhBkHQ/MJLngMMElxPsxZOlSJ/MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCUGA1Ud
+EQQeMByCGnNoaWItaWRwLml0cy5jc3VmcmVzbm8uZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBVknTbTcSCaSBC2imP+bwP7RU/Xr9cvLvyPKsLsavssV+sBhvjx/y/eSUn
+8rsC++bvkiTvhnISBitVvwJYRRBQ55IYaozSgfzf2bNjNMguRmp1611VrtDaJJHe
+kRUvIFjHHbX2nX56h00ENCwfjzFnuBQfC5pTK1kJ8t2f3EMEteF8OaDMQ4v0ahLZ
+kMFKB/G2ZLpx1pUpbNQTimwML2IuhmkSTbdSqv7nI8KN4WQn07blbvaXrQ4jIBh4
+ZOe6N55pvw9FCEYrcmVKmcYI4YI1mmy7wN2QEWRzndSmthvOisxIqMFCkE6L1RyB
+RzPS8Av9U64cNzikMGQjHSWYo9hT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp.its.csufresno.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib-idp.its.csufresno.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csufresno.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 630, expires on Fri Aug 19 17:55:14 2011 GMT -->
+ <ds:X509Certificate>
+MIIFITCCBAmgAwIBAgICAnYwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxODE3NTUxNFoXDTExMDgx
+OTE3NTUxNFowJTEjMCEGA1UEAxMac2hpYi1pZHAuaXRzLmNzdWZyZXNuby5lZHUw
+gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANZJvpUG8NaayqHzmd8j9d2BjB56
+6pLEU1YEKyWiFuwG9EF9pt/rVpQzWgsvbdPbBFZH9UfQy55s7GWx2ycuPVREywdN
+oz1n8er+008tGeNj63GmSVOX0MPulRsW41h1TCD9D4BfAQAgbHMUlV62Sw7fqwcG
+KfOTXLlS4qI485SHAgMBAAGjggKsMIICqDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0T
+AQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYE
+FAwhBkHQ/MJLngMMElxPsxZOlSJ/MH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2N
+k7rnymNFoVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVk
+ZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3Jp
+dHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5j
+b21tb25jYTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2Et
+Y2VydHMucDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21t
+b25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNV
+HR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9u
+Y3JsMi5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1Ud
+IARXMFUwUwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29t
+bW9uY2EuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMCUGA1Ud
+EQQeMByCGnNoaWItaWRwLml0cy5jc3VmcmVzbm8uZWR1MA0GCSqGSIb3DQEBBQUA
+A4IBAQBVknTbTcSCaSBC2imP+bwP7RU/Xr9cvLvyPKsLsavssV+sBhvjx/y/eSUn
+8rsC++bvkiTvhnISBitVvwJYRRBQ55IYaozSgfzf2bNjNMguRmp1611VrtDaJJHe
+kRUvIFjHHbX2nX56h00ENCwfjzFnuBQfC5pTK1kJ8t2f3EMEteF8OaDMQ4v0ahLZ
+kMFKB/G2ZLpx1pUpbNQTimwML2IuhmkSTbdSqv7nI8KN4WQn07blbvaXrQ4jIBh4
+ZOe6N55pvw9FCEYrcmVKmcYI4YI1mmy7wN2QEWRzndSmthvOisxIqMFCkE6L1RyB
+RzPS8Av9U64cNzikMGQjHSWYo9hT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp.its.csufresno.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Fresno</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Fresno</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csufresno.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>ITS Systems Group</GivenName>
+ <EmailAddress>sysadmin@csufresno.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Mike Garvey</GivenName>
+ <EmailAddress>mikeg@csufresno.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- NC Live -->
+<EntityDescriptor entityID="https://www.nclive.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 651, expires on Mon Sep 19 17:55:49 2011 GMT -->
+ <ds:X509Certificate>
+MIIFjTCCBHWgAwIBAgICAoswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDkxODE3NTU0OVoXDTExMDkx
+OTE3NTU0OVowGTEXMBUGA1UEAxMOd2ViLm5jbGl2ZS5vcmcwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDDT7Vn9xW54KvWI/2DawQ0EyNOU4VLEVL4traX
+TqZCklGE6vovxgzOI3Nd2VJDAfsDe7PrcYCOGWCLXdSJgh5exBU8yAKnUk4Vje2s
+RmEv+sQpG0OVLlQjTF0Pb8BK1JtCngLWVRCqVXOGyrAelfeT5sGjDMzhcyITlkf7
+jsfJ21mS23Hm2zQWJh1SIkFq8YHXeZPXdT8ZABlezmhZnmnr2zUvIgIHC+a6acRA
+yGw0GQjSqSl7ON+nX6FoStiVposcS0G4PELxtYqgL2ee30aNjqm8deJZjuWPGhsg
+vI+1Ito89U83lDaI70ot2KjsOeLYbY9Gj2Bd+iaC9Fa1ZAqtAgMBAAGjggKgMIIC
+nDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJYNVktaROPvdmEHRSwpIyHcggKfMH4G
+A1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNFoVqkWDBWMQswCQYDVQQGEwJV
+UzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlvbjEpMCcGA1UEAxMgSW5Db21t
+b24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAwgbIGCCsGAQUFBwEBBIGlMIGi
+ME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTEuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiME8GCCsGAQUFBzAChkNo
+dHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2Uv
+Y2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUwgYIwP6A9oDuGOWh0dHA6Ly9p
+bmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNy
+bDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5pbmNvbW1vbmZlZGVyYXRpb24u
+b3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUwUwYLKwYBBAGuIwEEAQEwRDBC
+BggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2EuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9wcmFjdGljZXMucGRmMBkGA1UdEQQSMBCCDndlYi5uY2xpdmUub3JnMA0G
+CSqGSIb3DQEBBQUAA4IBAQA6ExvKKfOBwopou6iDhkbSPvnBhokjNVKwGU5YFzBd
+c+HC1xnz3NdbLnwx2O/31N+Kr+5FSCwcPzoAf5wWGss7tu8YAiWqkWcA1lLYPZYH
+td5YfkhZhKTjf1fbwW49+HTRU2JLj5SjlDj3gJNyUoQ4Y3aivVon+jeF+/U4v0gr
+Eb/GKHGqPeZBrXcjqLZJBo9Mpd1vythSYKLkhfZofRHAJe7nFm3MbYjc3zKWr+jf
+plJBqOm0KjL6adGVeGhyvEafBxoMVbzuaEPtdyGHcJpG/xvJpfPu+/Gb2EePMTeF
+qyqIn3P8O/Mii0SvHj5PoiEd7Q4ktYBJn7kJ18ZgglmH
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.nclive.org/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.nclive.org/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">NC Live</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">NC Live</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nclive.org/authhome.phtml</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Scott Ross</GivenName>
+ <EmailAddress>scott@nclive.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Washington University in St. Louis -->
+<EntityDescriptor entityID="https://logindev.wustl.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://connectdev.wustl.edu/selfservice/" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">wustl.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 575, expires on Fri Jul 8 19:16:32 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAj8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwNzE5MTYzMloXDTExMDcw
+ODE5MTYzMlowHTEbMBkGA1UEAxMSbG9naW5kZXYud3VzdGwuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCwRHDmaf8QzAlEeNecFnYIJddLeEX9sKqDRQgr
+5C7Tlya1nEWN63Qku1AScBz9cANDj8V1t1J1UAEEOvjxWVdPcVVuhn4y1MDPSOrn
+Sj+5Y8cG+r5IPGO1UdGimyKe0+iKsphLTFrmPTvP3S7F7YIOC+Ezu7DEtYJq3kD4
+xA9KBQIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSMTVS6NNmv
+lbjEi3421bu/E332zDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJs
+b2dpbmRldi53dXN0bC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAFyAqyc1Fumuppzy
+FZW04xInMfGPVVg7O+W0PHn/WlwXF93CijdTZZhcXqV35AwZ7xvNgNOvAXi1R54s
+SUa/IGlmTAfLh2nJftgenslb8XioLhWprhqHfV2vbkylIZki9O3KSwI3Tzu2QFRt
+zAga5S/m1DYIwncnXsVD9JEK+nSqI/P2ZBHq9eD2FQMqniRLH4i7EJRarMKg+Tzn
+JhrfoAH9KfkHVciww5mC6GE7QGQDPVxqIs/E9ubuXeWQxjJxM+iqVi9rps5e6tfM
+1NYqlS9q3SlCek4tI02rUWUI29qP+efqQj85abdFPYICvmSknxLXDkQUkPS5LO37
+pY2d/gA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://logindev.wustl.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.wustl.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">wustl.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 575, expires on Fri Jul 8 19:16:32 2011 GMT -->
+ <ds:X509Certificate>
+MIIFETCCA/mgAwIBAgICAj8wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwNzE5MTYzMloXDTExMDcw
+ODE5MTYzMlowHTEbMBkGA1UEAxMSbG9naW5kZXYud3VzdGwuZWR1MIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQCwRHDmaf8QzAlEeNecFnYIJddLeEX9sKqDRQgr
+5C7Tlya1nEWN63Qku1AScBz9cANDj8V1t1J1UAEEOvjxWVdPcVVuhn4y1MDPSOrn
+Sj+5Y8cG+r5IPGO1UdGimyKe0+iKsphLTFrmPTvP3S7F7YIOC+Ezu7DEtYJq3kD4
+xA9KBQIDAQABo4ICpDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBSMTVS6NNmv
+lbjEi3421bu/E332zDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFa
+pFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24x
+KTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGy
+BggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2Ex
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3
+YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGC
+MD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5v
+cmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5j
+b21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMG
+CysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmlu
+Y29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJs
+b2dpbmRldi53dXN0bC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAFyAqyc1Fumuppzy
+FZW04xInMfGPVVg7O+W0PHn/WlwXF93CijdTZZhcXqV35AwZ7xvNgNOvAXi1R54s
+SUa/IGlmTAfLh2nJftgenslb8XioLhWprhqHfV2vbkylIZki9O3KSwI3Tzu2QFRt
+zAga5S/m1DYIwncnXsVD9JEK+nSqI/P2ZBHq9eD2FQMqniRLH4i7EJRarMKg+Tzn
+JhrfoAH9KfkHVciww5mC6GE7QGQDPVxqIs/E9ubuXeWQxjJxM+iqVi9rps5e6tfM
+1NYqlS9q3SlCek4tI02rUWUI29qP+efqQj85abdFPYICvmSknxLXDkQUkPS5LO37
+pY2d/gA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://logindev.wustl.edu/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://logindev.wustl.edu/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">zTest_Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://aiswikitest.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://aiswikitest.wustl.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://aiswikitest.wustl.edu/Shibboleth.sso/WAYF" index="2"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 627, expires on Thu Aug 18 18:13:12 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAnMwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDgxNzE4MTMxMloXDTExMDgx
+ODE4MTMxMlowIDEeMBwGA1UEAxMVYWlzd2lraXRlc3Qud3VzdGwuZWR1MIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlvpCak9jouIQ+MirUdMh41OenlUIQiAEW
+HFfuyTDhx80ecWQLldnwz3v1HFyFgNYgpCfanihUxdWHvwm2ytgvsEzyqkTJ8rI4
+/5g6Yn3WgLVcm+pV/Zh8gkWyQ2QQF6KmwYGmyKwCw4J6MwLSOqy0kb3gh6kriQ4v
+H9PwNzwiJQIDAQABo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBTzJadb
+N51V7xWh/YfomWDe/VdLMDB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAX
+ghVhaXN3aWtpdGVzdC53dXN0bC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAIHbMry6
+IwV6hVwqDsIumuyB5rgPJvdiruSSS3wNgR7LIdMGe1I7MX4e3waaLqeIJ/ZQcOmS
+U9ElzTYDTMGpLm/1Ytc1ZQVfE5RgW92DEw+sP/Wt92BLXcM/SeyTZ8AkqwpYCvLo
+RLqEBaHM8HaSUOeXHukp5A4vX+N78V49p/2Dq/p+o+/6TObdh6eQEVkPRBwx97zk
+RyCLb7yujxHlBYE1L7jsIaHFKQ2KpaTKP/LYm3U8n9WdTg4cVtJcjppfaNCCRVcL
+0TiuWQ7WJF/E/LR4Cy89ZEACamaF1Z+yfKrqkd2ythdu8hZrTuRrbigYqgmy89vb
+ReFuM40SXkDmm5w=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aiswikitest.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aiswikitest.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aiswikitest.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aiswikitest.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">zTest_Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://connectdev.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 572, expires on Fri Jul 8 19:16:20 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFTCCA/2gAwIBAgICAjwwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwNzE5MTYyMFoXDTExMDcw
+ODE5MTYyMFowHzEdMBsGA1UEAxMUY29ubmVjdGRldi53dXN0bC5lZHUwgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAK2q7nNVXhiW/TPNevrVIWvXHwvHm227Uwjt
+EbzAIOGdE5ZdXUYoCtNnjPGenlRCM0AOX8LaNNrXk2YB7QEKNJ/496nz6pyApiZp
+WGpXvPlbhnpXkNPXcE8FHHefgnumqFuJjSKvpTStAic00E01Lhyx1TLSliHnw2/T
+CCsAmvKNAgMBAAGjggKmMIICojAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIw
+ADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFGLIlCnG
+RK6PLVvuOdITQbkWh/GVMH4GA1UdIwR3MHWAFJMtyGEYrWPjm2Wznd2Nk7rnymNF
+oVqkWDBWMQswCQYDVQQGEwJVUzEcMBoGA1UEChMTSW5Db21tb24gRmVkZXJhdGlv
+bjEpMCcGA1UEAxMgSW5Db21tb24gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCAQAw
+gbIGCCsGAQUFBwEBBIGlMIGiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25j
+YTEuaW5jb21tb25mZWRlcmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMu
+cDdiME8GCCsGAQUFBzAChkNodHRwOi8vaW5jb21tb25jYTIuaW5jb21tb25mZWRl
+cmF0aW9uLm9yZy9icmlkZ2UvY2VydHMvY2EtY2VydHMucDdiMIGNBgNVHR8EgYUw
+gYIwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDEuaW5jb21tb25mZWRlcmF0aW9u
+Lm9yZy9jcmwvZWVjcmxzLmNybDA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMi5p
+bmNvbW1vbmZlZGVyYXRpb24ub3JnL2NybC9lZWNybHMuY3JsMF4GA1UdIARXMFUw
+UwYLKwYBBAGuIwEEAQEwRDBCBggrBgEFBQcCARY2aHR0cDovL2luY29tbW9uY2Eu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9wcmFjdGljZXMucGRmMB8GA1UdEQQYMBaC
+FGNvbm5lY3RkZXYud3VzdGwuZWR1MA0GCSqGSIb3DQEBBQUAA4IBAQAe8jp9qQuH
+235Q0t51qDozSPl+f3aFHGZ1OGbaYsDV6nufRTfG6gfguDoi52aliR0TIxCEl6l8
+XOkrUGopNd53nMNHFMelSVPUiLel+TNb9IRikJiSVsphqq1kWg8Msp/XoktdIc1b
+UQ9B4CgnFZFExdkcYgGnrIEiF//yH2uoKk+p237LbP86UqwDHbFf8Wa9xHEHvcvt
+KiEOlP/El5e3SfX3uVO5q8EndREVT0n8Kk5md0WUvUstm42LYNAmHKF/lLcg/nBc
+eCjwHE1NYaUJsYGGiC7lpqHxVqCDKoPoxNqkCvCSRMsrsATJ5mYz9mX1HuzOaTaj
+GKwygO5+q+3U
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connectdev.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://connectdev.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connectdev.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://connectdev.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">zTest_Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ehsdev.wusm.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 606, expires on Sun Jul 31 18:34:39 2011 GMT -->
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgICAl4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDczMDE4MzQzOVoXDTExMDcz
+MTE4MzQzOVowIDEeMBwGA1UEAxMVZWhzZGV2Lnd1c20ud3VzdGwuZWR1MIGfMA0G
+CSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6+Ye1RzhDjhcbZH4FQUOFfVbSgWhkHqQ0
+ye0sgY6vdTARFwo7Rh85WmZucR/HVYfYP16KkX/kSqf+TWDk+0ilWW8yg9PoI2FQ
+L/xic0U+zQT/pNWNsdvWS7SSFM3gD2y1GOHacfd8OfRWC3dCABsHk/DQWwfxNHWp
+GxhDJGlcwwIDAQABo4ICpzCCAqMwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQC
+MAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBR6APZN
+2O9UnANo+Did+2vC/KRtvjB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pj
+RaFapFgwVjELMAkGA1UEBhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRp
+b24xKTAnBgNVBAMTIEluQ29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEA
+MIGyBggrBgEFBQcBAQSBpTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9u
+Y2ExLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRz
+LnA3YjBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGF
+MIGCMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlv
+bi5vcmcvY3JsL2VlY3Jscy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIu
+aW5jb21tb25mZWRlcmF0aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBV
+MFMGCysGAQQBriMBBAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNh
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAgBgNVHREEGTAX
+ghVlaHNkZXYud3VzbS53dXN0bC5lZHUwDQYJKoZIhvcNAQEFBQADggEBAMmBuqrD
+ey2Pk0HMEt9Yn0KGM6bXA9GR8vGhmO7GitFgpDtX3BHpvZEgIzWHVYApGFNoKVIE
+i9egf4oRiH+B1ctD5Zu5tl/oFFHFohy122ifwZ2ikoBK7NvkDs0H5LhBHOa5MQN4
+JzABUTQrcTNk+QFdoEiQ3CXiy8B8KiM/TBHHrHiK/T0EV51SF18ybh6ZF4dG79IC
+TZQ8Ptev4uNBjxB5cjqt4UlZiYwbjf8wsFY0cLR1Gb44a7IrYpRXG5o8kKL2SVQV
+KCR2DRx4vXPDJwslp0Hjla1J1RkHLrxR753nQeEhMgMz0V+POP0zi1c/m+VuqcjA
+jzlqv1d+GjCr4gQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ehsdev.wusm.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ehsdev.wusm.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ehsdev.wusm.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ehsdev.wusm.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">zTest_Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://istbillingtest.wustl.edu/selfservice/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 91924706130645891458112183404495935212135321768, expires on Thu Feb 2 22:15:06 2012 GMT -->
+ <ds:X509Certificate>
+MIIG/TCCBeWgAwIBAgIUEBoL3+TYyLbx428DK/Ac9TUfEKgwDQYJKoZIhvcNAQEF
+BQAwgbAxCzAJBgNVBAYTAkVTMQ8wDQYDVQQIEwZNQURSSUQxDzANBgNVBAcTBk1B
+RFJJRDEkMCIGA1UEChMbaXBzIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRgwFgYD
+VQQLEw9DZXJ0aWZpY2FjaW9uZXMxGTAXBgNVBAMTEGlwc0NBIExldmVsIDEgQ0Ex
+JDAiBgkqhkiG9w0BCQEWFWlwc2NhbGV2ZWwxQGlwc2NhLmNvbTAeFw0xMDAxMjgy
+MjE1MDZaFw0xMjAyMDIyMjE1MDZaMIGxMQswCQYDVQQGEwJVUzERMA8GA1UECAwI
+TWlzc291cmkxEjAQBgNVBAcMCVN0LiBMb3VpczEeMBwGA1UECgwVV2FzaGluZ3Rv
+biBVbml2ZXJzaXR5MQ0wCwYDVQQLDARJUyZUMSEwHwYDVQQDDBhpc3RiaWxsaW5n
+dGVzdC53dXN0bC5lZHUxKTAnBgkqhkiG9w0BCQEWGlNTTF9UZWFtQGFpc21haWwu
+d3VzdGwuZWR1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruZSWNO6
+bshv8cWrYT534ibSmlNwmFDemf2tKMlU2KiEeqyxGK30Ehkb5ed1drc1laFlnX9F
+I43v+/fx2Rm85oEBB+y0XRHChV38TPxGrq2ES2pw/mz/CMfnPBJ83wEdOCcbCSbp
+3uxKG5C3OltMaeqH2CrKGhd3XaHiHHCOv1GibsVLvliHw2TuCtBN+JqkYSkNHwBn
+cn3aiRT57sLhArBUFsN1pp6CNVD/snjkFU1b2H8N8uxQ+9gMWClCrGwfPvYx/MB0
+W8rDECKDthbKvcB9xX2UIuCeFrnoOHXq/5N4l0jfqqcdzT8xr8q16TZzI33Ul60B
+6Krblrfh7384UQIDAQABo4IDCjCCAwYwCQYDVR0TBAIwADARBglghkgBhvhCAQEE
+BAMCBkAwCwYDVR0PBAQDAgWgMBMGA1UdJQQMMAoGCCsGAQUFBwMBMB0GA1UdDgQW
+BBToiFa6++ZMuU7CK03atCgsNHilZTAfBgNVHSMEGDAWgBR9nmsO/BPhxIunf2Gu
+YCHPzaDTBjAlBgNVHREEHjAcgRpTU0xfVGVhbUBhaXNtYWlsLnd1c3RsLmVkdTAJ
+BgNVHRIEAjAAMHEGCWCGSAGG+EIBDQRkFmJPcmdhbml6YXRpb24gSW5mb3JtYXRp
+b24gTk9UIFZBTElEQVRFRC4gTEVWRUwxIFNlcnZlciBDZXJ0aWZpY2F0ZSBpc3N1
+ZWQgYnkgaHR0cHM6Ly93d3cuaXBzY2EuY29tLzApBglghkgBhvhCAQIEHBYaaHR0
+cDovL2xldmVsMTAxLmlwc2NhLmNvbS8wPAYJYIZIAYb4QgEEBC8WLWh0dHA6Ly9s
+ZXZlbDEwMS5pcHNjYS5jb20vY3JsL2lwc2NhbGV2ZWwxLmNybDBDBglghkgBhvhC
+AQMENhY0aHR0cDovL2xldmVsMTAxLmlwc2NhLmNvbS9jcmwvcmV2b2NhdGlvbkxF
+VkVMMS5odG1sPzBABglghkgBhvhCAQcEMxYxaHR0cDovL2xldmVsMTAxLmlwc2Nh
+LmNvbS9jcmwvcmVuZXdhbExFVkVMMS5odG1sPzA+BglghkgBhvhCAQgEMRYvaHR0
+cDovL2xldmVsMTAxLmlwc2NhLmNvbS9jcmwvcG9saWN5TEVWRUwxLmh0bWwwcwYD
+VR0fBGwwajAzoDGgL4YtaHR0cDovL2xldmVsMTAxLmlwc2NhLmNvbS9jcmwvaXBz
+Y2FsZXZlbDEuY3JsMDOgMaAvhi1odHRwOi8vbGV2ZWwxMDIuaXBzY2EuY29tL2Ny
+bC9pcHNjYWxldmVsMS5jcmwwOgYIKwYBBQUHAQEELjAsMCoGCCsGAQUFBzABhh5o
+dHRwOi8vb2NzcGxldmVsMTAxLmlwc2NhLmNvbS8wDQYJKoZIhvcNAQEFBQADggEB
+ACHp3w4A3uEj+AuJqJvP6NjIxk691S7P1J3ZexUu8SF7wKK2w8J2/kYkX1VUFWjN
+snNsM2zmeKla7Ghqe/dHY1Z8Y4RdPf2swITrurkBBm8INwpV0Fxy+CvinuNS7kwZ
+/6ar3DdEPsoyK3RESuMh7rFo6GjrtWi6DaO2oDBPir5yem+f24J44/6xoMpBHs+F
+HnPNg33gcYX3dJqT4YJhG2mqwVhzp7KAO8soqf2fyOEMloDdHoj+PjLDtQd4k3sj
+in/BlsLEVGhtzEAPWCXSVM+AD6YMnRfyMd7XtkQrQO1HtkcULi0MXVdAjvvzCvbt
+bhSLlHyMj7lklTBcEp9eFuI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://istbillingtest.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://istbillingtest.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://istbillingtest.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://istbillingtest.wustl.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">zTest_Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://shibtestwusm.wustl.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 576, expires on Fri Jul 8 19:16:34 2011 GMT -->
+ <ds:X509Certificate>
+MIIFGTCCBAGgAwIBAgICAkAwDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcwNzE5MTYzNFoXDTExMDcw
+ODE5MTYzNFowITEfMB0GA1UEAxMWc2hpYnRlc3R3dXNtLnd1c3RsLmVkdTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs9LDODYVMucKbywak7ZATUywHPmWflGc
+8TQ6YrmIQw5naBP8djB4fyYltnb49whf1R4xRoO8rvGRtiFACRYkOGvApPJE2mQw
+1jbXms6CKzfAwCYKJyCLd77g4rlhe7B2j7XF1BgEZr2UcpzYKGl1C79fzRuCiUsk
+UNYmZxvr4c0CAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUMFsI
+OmUSnYk55WzZlLnQiolnS4MwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc2hpYnRlc3R3dXNtLnd1c3RsLmVkdTANBgkqhkiG9w0BAQUFAAOCAQEA0BwV
+qCY/tJAFlj0VIRMvL/lZ3KZ86nOBr5CzjCamfRSCL7605szlwz6Rf4c/y9pgr6eL
+yGM5pxc/4aJYeXcfCY+6jAVJ9A7pPv+KI9cgaklG99l/b3R2gvrdyCUSNuqnesWf
+PW/jb3x0JNI8EWFqjQLUW8mPTlRJX4NQe+iFbGFgDYqjqSF0VuOqVBgGheztAiI9
+yxRLFLaKkUQH30XwVd89pl0lKzmlHpByEgVbvAG4Bp/QUnxeZTUaBDQrci5R/JMw
+3gcKWCIlOocf/QQ+vcQA26yOINoK3bCQ19CFF8A2fK0iVtfz36svPGfQufhVxyu5
+5I2GWYpHK/pt+TvyYg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibtestwusm.wustl.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibtestwusm.wustl.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://shibtestwusm.wustl.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Washington University in St. Louis</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">zTest_Washington University in St. Louis</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.wustl.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Ken Koch</GivenName>
+ <EmailAddress>Ken.Koch@wustl.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Daniel Zweifel</GivenName>
+ <EmailAddress>danz@wustl.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Illinois at Chicago -->
+<EntityDescriptor entityID="https://shibboleth.uic.edu/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uic.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 603, expires on Sun Jul 24 17:54:55 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAlswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcyMzE3NTQ1NVoXDTExMDcy
+NDE3NTQ1NVowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC51aWMuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qeQ0J7DVHtuJ4HtrJDbFRx7QCr7VGwB
+/WoNSb1Dgj/oxJpOc/0D/MQPPCBy8pUM/AnT3LO+UlNqqUCXiashW0CzXYRF4F11
+mUVAINLSFppJVHWCe3N+XVZ4tGsy4E3PiW1olO3DX08vAS2tlenW75v9Er58SPEY
+Y1yVn8ZRUnZj8Pp6wzSjRJDepOQgpkkqjf5eKcHVO+iN7R7GvrlDALEezrVggJDs
+FaDe/EQ6wT/spxZKHeR3Wd7OCpOHT4QITIr+4SotTIE81Pve3l7m3tdA6ehSfH49
+eDtRTEWaUMYPaOrmygDyDMoa1Fg5lM2gHl+n6cMybW4J6uOXuert6wIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQHXKQOVxdSn3/d8otl0uf+ZQV/
+MTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJzaGliYm9sZXRoLnVp
+Yy5lZHUwDQYJKoZIhvcNAQEFBQADggEBAEoW0vmgyW2rPSch5We43YWal7hfNiMD
+wrZQJN8YnYYHrVyL1VC3RxAAIo1wf964FrCk24fTr5pK+Ic8QD6bx6kXxn+CJGG3
+PzLPkANoXMJJTGPeIwwvo8cAbIjqDKIvVPBQDPjV7QfrKLV9fvlR4GeGpEDMBNdh
+aeQUFMz9aQU3zxVODLQMp/cBbWuqlPncTWakg37u4yqMBum9avXDwQYlyVkpCVUr
+ARYGaDqWgfHr/Iz/dim83nsXe2JHB5H1+n7UhRXdd8EcePE2fS/vRk96JKVCWZ5Z
+fvs8lqah2kFUCHUOdqu1iaHmNwEGWutcwURX0BWEOE1jsT3ZlnYsJfA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.uic.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uic.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 603, expires on Sun Jul 24 17:54:55 2011 GMT -->
+ <ds:X509Certificate>
+MIIFlTCCBH2gAwIBAgICAlswDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA5MDcyMzE3NTQ1NVoXDTExMDcy
+NDE3NTQ1NVowHTEbMBkGA1UEAxMSc2hpYmJvbGV0aC51aWMuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qeQ0J7DVHtuJ4HtrJDbFRx7QCr7VGwB
+/WoNSb1Dgj/oxJpOc/0D/MQPPCBy8pUM/AnT3LO+UlNqqUCXiashW0CzXYRF4F11
+mUVAINLSFppJVHWCe3N+XVZ4tGsy4E3PiW1olO3DX08vAS2tlenW75v9Er58SPEY
+Y1yVn8ZRUnZj8Pp6wzSjRJDepOQgpkkqjf5eKcHVO+iN7R7GvrlDALEezrVggJDs
+FaDe/EQ6wT/spxZKHeR3Wd7OCpOHT4QITIr+4SotTIE81Pve3l7m3tdA6ehSfH49
+eDtRTEWaUMYPaOrmygDyDMoa1Fg5lM2gHl+n6cMybW4J6uOXuert6wIDAQABo4IC
+pDCCAqAwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdDgQWBBQHXKQOVxdSn3/d8otl0uf+ZQV/
+MTB+BgNVHSMEdzB1gBSTLchhGK1j45tls53djZO658pjRaFapFgwVjELMAkGA1UE
+BhMCVVMxHDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIElu
+Q29tbW9uIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggEAMIGyBggrBgEFBQcBAQSB
+pTCBojBPBggrBgEFBQcwAoZDaHR0cDovL2luY29tbW9uY2ExLmluY29tbW9uZmVk
+ZXJhdGlvbi5vcmcvYnJpZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjBPBggrBgEFBQcw
+AoZDaHR0cDovL2luY29tbW9uY2EyLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvYnJp
+ZGdlL2NlcnRzL2NhLWNlcnRzLnA3YjCBjQYDVR0fBIGFMIGCMD+gPaA7hjlodHRw
+Oi8vaW5jb21tb25jcmwxLmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Js
+cy5jcmwwP6A9oDuGOWh0dHA6Ly9pbmNvbW1vbmNybDIuaW5jb21tb25mZWRlcmF0
+aW9uLm9yZy9jcmwvZWVjcmxzLmNybDBeBgNVHSAEVzBVMFMGCysGAQQBriMBBAEB
+MEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9pbmNvbW1vbmNhLmluY29tbW9uZmVkZXJh
+dGlvbi5vcmcvcHJhY3RpY2VzLnBkZjAdBgNVHREEFjAUghJzaGliYm9sZXRoLnVp
+Yy5lZHUwDQYJKoZIhvcNAQEFBQADggEBAEoW0vmgyW2rPSch5We43YWal7hfNiMD
+wrZQJN8YnYYHrVyL1VC3RxAAIo1wf964FrCk24fTr5pK+Ic8QD6bx6kXxn+CJGG3
+PzLPkANoXMJJTGPeIwwvo8cAbIjqDKIvVPBQDPjV7QfrKLV9fvlR4GeGpEDMBNdh
+aeQUFMz9aQU3zxVODLQMp/cBbWuqlPncTWakg37u4yqMBum9avXDwQYlyVkpCVUr
+ARYGaDqWgfHr/Iz/dim83nsXe2JHB5H1+n7UhRXdd8EcePE2fS/vRk96JKVCWZ5Z
+fvs8lqah2kFUCHUOdqu1iaHmNwEGWutcwURX0BWEOE1jsT3ZlnYsJfA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.uic.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Illinois at Chicago</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Illinois at Chicago</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uic.edu/index.html/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Robert Goldstein</GivenName>
+ <EmailAddress>bobg@uic.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Roberto Ullfig</GivenName>
+ <EmailAddress>rullfig@uic.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>James O'Leary</GivenName>
+ <EmailAddress>joleary@uic.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Oregon Health & Science University -->
+<EntityDescriptor entityID="https://www.ohsu.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://www.ohsu.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ohsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 962190287882208892812393052516202943471851381772, expires on Sat Nov 17 22:50:52 2029 GMT -->
+ <ds:X509Certificate>
+MIIDHDCCAgSgAwIBAgIVAKiKGs+N1BpUHsMJYEAJU0TUP6QMMA0GCSqGSIb3DQEB
+BQUAMBcxFTATBgNVBAMTDHd3dy5vaHN1LmVkdTAeFw0wOTExMTcyMjUwNTJaFw0y
+OTExMTcyMjUwNTJaMBcxFTATBgNVBAMTDHd3dy5vaHN1LmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALghy62gm5RH9WP/KL0b+haTbG1H6sSYngn5
+BAFt3N/ETXm0FXf43XG3aCCuhAQQeHumEkebZZkJJxRDy7VBLiYDCrodTwZjG3Ux
+TMrErx+yrfgPcp4GyOFXcsdGUmlK7q+Z9VT9nFFgxoXkCwJ+E9kccmvREnWnuFxZ
+cyU7TU2KO9YbNkgmo6wOUOCStGfUKWgVNZdyuOpZPtY5RIxQM60mCd1XgwhReSAH
+3nU75XVrONn5vrYzCxFtandaJDfggrN2KTZE3t5UGNtFVK8WTR/hjCIaI8ibfpZn
+wcQtcrNjzGib3gS5mQlOGtKXYesb4sLbOTFky3gKrWM0nNoDq70CAwEAAaNfMF0w
+PAYDVR0RBDUwM4IMd3d3Lm9oc3UuZWR1hiNodHRwczovL3d3dy5vaHN1LmVkdS9p
+ZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUb/kidTpnbE/d8egtfWTwn3CVKAIwDQYJ
+KoZIhvcNAQEFBQADggEBAIYzjl2+3amoiguDweqoRwmfxnmd0rNijcOcvp0FJCUw
+3vn/0UbsbeXOxKz6cncAY/tmJOUZ1MSK/7s7NVECWjtNwmx5Im7N/FXdNcEYEcMl
+W/6gWu6ZwUAgXaV/8klbrTGX3NWJ5jJsWQwHqA1yY9wba58okkWOjoIjI070IsHj
+udBseAs0D9Q9aL0OofrcQLcNdaGsJzLilDVM/UU7cSCwKATWuuLJGKgNlepjyq5Q
+z2lDp/HktHga9plFDjee7YRsH4N/9e1Z+3mKzs9QRANCAfDeTz9iFo8lJqo4sRdp
+SHajk3KEnqZKbsvlZC70uJpwvS9dn3E0G9esB/ps3tM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://www.ohsu.edu/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.ohsu.edu/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://www.ohsu.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.ohsu.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ohsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 962190287882208892812393052516202943471851381772, expires on Sat Nov 17 22:50:52 2029 GMT -->
+ <ds:X509Certificate>
+MIIDHDCCAgSgAwIBAgIVAKiKGs+N1BpUHsMJYEAJU0TUP6QMMA0GCSqGSIb3DQEB
+BQUAMBcxFTATBgNVBAMTDHd3dy5vaHN1LmVkdTAeFw0wOTExMTcyMjUwNTJaFw0y
+OTExMTcyMjUwNTJaMBcxFTATBgNVBAMTDHd3dy5vaHN1LmVkdTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALghy62gm5RH9WP/KL0b+haTbG1H6sSYngn5
+BAFt3N/ETXm0FXf43XG3aCCuhAQQeHumEkebZZkJJxRDy7VBLiYDCrodTwZjG3Ux
+TMrErx+yrfgPcp4GyOFXcsdGUmlK7q+Z9VT9nFFgxoXkCwJ+E9kccmvREnWnuFxZ
+cyU7TU2KO9YbNkgmo6wOUOCStGfUKWgVNZdyuOpZPtY5RIxQM60mCd1XgwhReSAH
+3nU75XVrONn5vrYzCxFtandaJDfggrN2KTZE3t5UGNtFVK8WTR/hjCIaI8ibfpZn
+wcQtcrNjzGib3gS5mQlOGtKXYesb4sLbOTFky3gKrWM0nNoDq70CAwEAAaNfMF0w
+PAYDVR0RBDUwM4IMd3d3Lm9oc3UuZWR1hiNodHRwczovL3d3dy5vaHN1LmVkdS9p
+ZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUb/kidTpnbE/d8egtfWTwn3CVKAIwDQYJ
+KoZIhvcNAQEFBQADggEBAIYzjl2+3amoiguDweqoRwmfxnmd0rNijcOcvp0FJCUw
+3vn/0UbsbeXOxKz6cncAY/tmJOUZ1MSK/7s7NVECWjtNwmx5Im7N/FXdNcEYEcMl
+W/6gWu6ZwUAgXaV/8klbrTGX3NWJ5jJsWQwHqA1yY9wba58okkWOjoIjI070IsHj
+udBseAs0D9Q9aL0OofrcQLcNdaGsJzLilDVM/UU7cSCwKATWuuLJGKgNlepjyq5Q
+z2lDp/HktHga9plFDjee7YRsH4N/9e1Z+3mKzs9QRANCAfDeTz9iFo8lJqo4sRdp
+SHajk3KEnqZKbsvlZC70uJpwvS9dn3E0G9esB/ps3tM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.ohsu.edu/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://www.ohsu.edu/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Oregon Health &amp; Science University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Oregon Health &amp; Science University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ohsu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Alex Bakman</GivenName>
+ <EmailAddress>bakmana@ohsu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Damon Gentry</GivenName>
+ <EmailAddress>gentryd@ohsu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, San Marcos -->
+<EntityDescriptor entityID="https://idp.csusm.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csusm.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 388648608319389456546693700975219181891236930142, expires on Fri Aug 24 17:45:06 2029 GMT -->
+ <ds:X509Certificate>
+MIIDHzCCAgegAwIBAgIURBObONYB1aVZUkchbN9Vm7i8Il4wDQYJKoZIhvcNAQEF
+BQAwGDEWMBQGA1UEAxMNaWRwLmNzdXNtLmVkdTAeFw0wOTA4MjQxNzQ1MDZaFw0y
+OTA4MjQxNzQ1MDZaMBgxFjAUBgNVBAMTDWlkcC5jc3VzbS5lZHUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNxuYDajoiDXTQ4TvPcWGZy167mRRwlH1i
+rfxHV90o0XHKoL/FTJ3sh/Zj7S/7bCTPVB8mEXmIeTfGURUkwM8dSVeVLpX3j8jz
+DdtVhEGBxQUPtZsQPWt7vP+mk+w5t85nA8ShbKmvPNVS1kFBfb9+EYVVBwaN8aXH
+f0jXKVnt041DxOAXWGz958SaIetTVqa/P6XsBz6E9heulp3CgXSBLBlBQ/EKYcPz
++NtLYG5iKbH9u6ka3zfTbefsZ1W/7fe8j416TgZdgUaKN7GNsgU9O/jCqHkGVURt
+pN9/rtkN0feQhpcW8ZKWN727zmqbUIka6kPA8N0h8IVEMpgvzYCTAgMBAAGjYTBf
+MD4GA1UdEQQ3MDWCDWlkcC5jc3VzbS5lZHWGJGh0dHBzOi8vaWRwLmNzdXNtLmVk
+dS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUUWLdnhv2ZxtBMXDDAlaFWeDgDaYw
+DQYJKoZIhvcNAQEFBQADggEBAEuAj7CnXZppeRZ149EiZ4T54Gq6GNlIFzWfoD8Z
+sxiIOxcJbM/lJ9rXGtHwV5RE1cxNXncLMfA7XAtDoRtHIDQ+KL0JEd7hqjZFz2/1
+jNXMxjNO8oQnTEqtwuo6yH8fKuAxHGAoLK1/ZXOC4MV4Gj265hhR2vUOp7WzRWKk
+IUnVPqjV3HQd+eTL4yQQM1s4NANaMsCoQ/u0C/j5C92ERrYmKZ3axgVh5iuEMcRI
+noZH8nkxLFKIpQhm5kJlWq5YOKrdyTUF9lF7lD3YqacBcK/gctKBxbAmHwPqn2kc
+erUVBDmnMbYvO+WkO29HAl4Q0MbsXjQOm0C8cdFfI7gnehE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.csusm.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.csusm.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.csusm.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.csusm.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csusm.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 388648608319389456546693700975219181891236930142, expires on Fri Aug 24 17:45:06 2029 GMT -->
+ <ds:X509Certificate>
+MIIDHzCCAgegAwIBAgIURBObONYB1aVZUkchbN9Vm7i8Il4wDQYJKoZIhvcNAQEF
+BQAwGDEWMBQGA1UEAxMNaWRwLmNzdXNtLmVkdTAeFw0wOTA4MjQxNzQ1MDZaFw0y
+OTA4MjQxNzQ1MDZaMBgxFjAUBgNVBAMTDWlkcC5jc3VzbS5lZHUwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCNxuYDajoiDXTQ4TvPcWGZy167mRRwlH1i
+rfxHV90o0XHKoL/FTJ3sh/Zj7S/7bCTPVB8mEXmIeTfGURUkwM8dSVeVLpX3j8jz
+DdtVhEGBxQUPtZsQPWt7vP+mk+w5t85nA8ShbKmvPNVS1kFBfb9+EYVVBwaN8aXH
+f0jXKVnt041DxOAXWGz958SaIetTVqa/P6XsBz6E9heulp3CgXSBLBlBQ/EKYcPz
++NtLYG5iKbH9u6ka3zfTbefsZ1W/7fe8j416TgZdgUaKN7GNsgU9O/jCqHkGVURt
+pN9/rtkN0feQhpcW8ZKWN727zmqbUIka6kPA8N0h8IVEMpgvzYCTAgMBAAGjYTBf
+MD4GA1UdEQQ3MDWCDWlkcC5jc3VzbS5lZHWGJGh0dHBzOi8vaWRwLmNzdXNtLmVk
+dS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUUWLdnhv2ZxtBMXDDAlaFWeDgDaYw
+DQYJKoZIhvcNAQEFBQADggEBAEuAj7CnXZppeRZ149EiZ4T54Gq6GNlIFzWfoD8Z
+sxiIOxcJbM/lJ9rXGtHwV5RE1cxNXncLMfA7XAtDoRtHIDQ+KL0JEd7hqjZFz2/1
+jNXMxjNO8oQnTEqtwuo6yH8fKuAxHGAoLK1/ZXOC4MV4Gj265hhR2vUOp7WzRWKk
+IUnVPqjV3HQd+eTL4yQQM1s4NANaMsCoQ/u0C/j5C92ERrYmKZ3axgVh5iuEMcRI
+noZH8nkxLFKIpQhm5kJlWq5YOKrdyTUF9lF7lD3YqacBcK/gctKBxbAmHwPqn2kc
+erUVBDmnMbYvO+WkO29HAl4Q0MbsXjQOm0C8cdFfI7gnehE=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.csusm.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.csusm.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, San Marcos</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, San Marcos</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csusm.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>April Grommo</GivenName>
+ <EmailAddress>agrommo@csusm.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Jonathan Fischer</GivenName>
+ <EmailAddress>jfischer@csusm.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Clemson University -->
+<EntityDescriptor entityID="https://idp.raidp.org/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">raidp.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1231540791252619521215972737916917557992663454971, expires on Fri Jul 7 19:24:55 2028 GMT -->
+ <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVANe4MvNPyP7NcMJiRmbfGStF9pT7MA0GCSqGSIb3DQEB
+BQUAMBgxFjAUBgNVBAMTDWlkcC5yYWlkcC5vcmcwHhcNMDgwNzA3MTkyNDU1WhcN
+MjgwNzA3MTkyNDU1WjAYMRYwFAYDVQQDEw1pZHAucmFpZHAub3JnMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKxvSUmtufH5z2l9X1N1OeGlyaknMTeZ
+/yD+ytFXWp1uBkZVy1bQePcrzJcMI2BwaV5c6gykwKx4CGRuXOAp0lvOAk+xf9RK
+HsRWDJpZwcfKwEPjOnVIZTsPPkZJXr0xGNraKtIHHV15F8eX5h6QK5koruiFQ3hY
+fmQ6GA0+0v38pcBa91IiCQiKScSoDn1Xxl0HawgisdDP09kBDDry6CNTcZa+7paS
+rQp8/zE1V8xKa8Ujbz1garXxXkxrmNWER24PCqkhVdAzkyClAgXqMZ2RrKN/X5ng
+5LacsEJ5TEAFKnoqefnJrOvFXFNSSTzr87IovPKt25OGubF7Qpb8TwIDAQABo2Ew
+XzA+BgNVHREENzA1gg1pZHAucmFpZHAub3JnhiRodHRwczovL2lkcC5yYWlkcC5v
+cmcvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFEdXLarmprvb0PEchR5fnwA5HQWS
+MA0GCSqGSIb3DQEBBQUAA4IBAQAlSIyY5LjRdak1q6J+I17p17+qomJDvuB0jDZj
++XTPmPkDQ2aaSutB1JbpeFSbI8qFu6FoOEduN7IG5MGPKaxqfka+3d/zOVMQ9uoy
+TCSJIelMlaDdZ4idiNG3EfXSNfCFKMnjuoKdtgVw0eq7Hi0ZIX1zMfhcVl/5gH3f
+og+scNolB7CeplqmlNMaOlWgA+fCVieGvR4PqVlWxhnJA9RUugM/cXttpdtJuGej
+ksFr3hTtLjGHNDF5BaWGFL7Gpi9dW8Z81RI0mE13rfc5COle+TI6gmevZaxz7H0m
+iwmEilmeoV/3V9UVw8F1NSi65seZ1V9DGJfeqeOEPlVG+RYn
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.raidp.org:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.raidp.org/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">raidp.org</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1231540791252619521215972737916917557992663454971, expires on Fri Jul 7 19:24:55 2028 GMT -->
+ <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVANe4MvNPyP7NcMJiRmbfGStF9pT7MA0GCSqGSIb3DQEB
+BQUAMBgxFjAUBgNVBAMTDWlkcC5yYWlkcC5vcmcwHhcNMDgwNzA3MTkyNDU1WhcN
+MjgwNzA3MTkyNDU1WjAYMRYwFAYDVQQDEw1pZHAucmFpZHAub3JnMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKxvSUmtufH5z2l9X1N1OeGlyaknMTeZ
+/yD+ytFXWp1uBkZVy1bQePcrzJcMI2BwaV5c6gykwKx4CGRuXOAp0lvOAk+xf9RK
+HsRWDJpZwcfKwEPjOnVIZTsPPkZJXr0xGNraKtIHHV15F8eX5h6QK5koruiFQ3hY
+fmQ6GA0+0v38pcBa91IiCQiKScSoDn1Xxl0HawgisdDP09kBDDry6CNTcZa+7paS
+rQp8/zE1V8xKa8Ujbz1garXxXkxrmNWER24PCqkhVdAzkyClAgXqMZ2RrKN/X5ng
+5LacsEJ5TEAFKnoqefnJrOvFXFNSSTzr87IovPKt25OGubF7Qpb8TwIDAQABo2Ew
+XzA+BgNVHREENzA1gg1pZHAucmFpZHAub3JnhiRodHRwczovL2lkcC5yYWlkcC5v
+cmcvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFEdXLarmprvb0PEchR5fnwA5HQWS
+MA0GCSqGSIb3DQEBBQUAA4IBAQAlSIyY5LjRdak1q6J+I17p17+qomJDvuB0jDZj
++XTPmPkDQ2aaSutB1JbpeFSbI8qFu6FoOEduN7IG5MGPKaxqfka+3d/zOVMQ9uoy
+TCSJIelMlaDdZ4idiNG3EfXSNfCFKMnjuoKdtgVw0eq7Hi0ZIX1zMfhcVl/5gH3f
+og+scNolB7CeplqmlNMaOlWgA+fCVieGvR4PqVlWxhnJA9RUugM/cXttpdtJuGej
+ksFr3hTtLjGHNDF5BaWGFL7Gpi9dW8Z81RI0mE13rfc5COle+TI6gmevZaxz7H0m
+iwmEilmeoV/3V9UVw8F1NSi65seZ1V9DGJfeqeOEPlVG+RYn
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.raidp.org:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.raidp.org:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Clemson University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Clemson's Research Affiliate Identity Provider</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.raidp.org</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Barry Johnson</GivenName>
+ <EmailAddress>hbj@clemson.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Kathy Wright</GivenName>
+ <EmailAddress>kewrig@clemson.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- EDUCAUSE -->
+<EntityDescriptor entityID="https://www.educause.edu/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 10082733419442074757, expires on Sun Feb 9 20:43:39 2020 GMT -->
+ <ds:X509Certificate>
+MIIC+jCCAeKgAwIBAgIJAIvtEJ/WzfSFMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEXdlYjIuZWR1Y2F1c2UuZWR1MB4XDTEwMDIxMTIwNDMzOVoXDTIwMDIwOTIw
+NDMzOVowHDEaMBgGA1UEAxMRd2ViMi5lZHVjYXVzZS5lZHUwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCzgPJVHyNowHVXbbTAir2BzZZkUsYGj7cBMhWM
+JHC76rK9e2j1Z7GFP5Mq6SPffGZMEgb7YDwqSqnMInCY6NPkrodOCT+t2VVAPxjI
+ixlMRpAP7nvtOuJRLZnneing6Fdt+o7w8APKVYSMrjwQJvVeR6kgL6rvmbhON//o
+N0xnZfLJpnOEisLe5ZpCWitVNNGrqDhDnlaQTrfZni34/pCrnwNBkQieO2gKLC3C
+zndRM2Upjas5rqQ16bHyp1s455vmLBzi4ohiWi1ugqLLUyvuJD6o19x/ORnWzd3Q
+QAyMRFo79Chs+3Yav6uC0jVdjBMti8MYCmTjFTR1Merk4m8vAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEXdlYjIuZWR1Y2F1c2UuZWR1MB0GA1UdDgQWBBTRgTYu352dTt4k
+KNIztd3cxt5JLDANBgkqhkiG9w0BAQUFAAOCAQEAaPmTpsktXwBy/I/sOjeWa9l+
+ZrA5tDx/1OtNnbWaJ3qOl90qXd7Zg7YVsBliWnugVbCJPqzY+gzzpiNNojKbWqp9
+t9zywDDdVsnHGy9+xqmdm0iEiAqeXbAPYiIU/yRvd6NYqdmNImsjeLeNPBJfk5VC
+8FihZs3H7H4twtaqxcHZBiDut0WEQCvqQMtYCZ5Im8cYAI497sv8Co4LmItve6C2
+kUSqUeF7bstXx3oaQTQsmkIpyWwO7ej1jhNj+vHi+TEDksKdyyeERdKXqq0aajIv
+sGs5NsAYALehn48INhvTYDKKMUMAI21YmBHXLDEb4IrhSa1/oGcYK3Ghe527RA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.educause.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.educause.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.educause.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.educause.edu/Shibboleth.sso/SAML/POST" index="4"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">EDUCAUSE</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">EDUCAUSE</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.educause.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Matt Pasiewicz</GivenName>
+ <EmailAddress>matt@educause.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>EDUCAUSE Support</GivenName>
+ <EmailAddress>support@educause.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Becky Granger</GivenName>
+ <EmailAddress>rgranger@educause.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Texas System -->
+<EntityDescriptor entityID="https://idp.utsystem.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://idm.utsystem.edu/error.html" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">utsystem.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1251296733715548325357054589585701937994591869507, expires on Wed Jun 20 21:27:22 2029 GMT -->
+ <ds:X509Certificate>
+MIIDLDCCAhSgAwIBAgIVANsuFgw2Z5XryWlzufSAgriNo5pDMA0GCSqGSIb3DQEB
+BQUAMBsxGTAXBgNVBAMTEGlkcC51dHN5c3RlbS5lZHUwHhcNMDkwNjIwMjEyNzIy
+WhcNMjkwNjIwMjEyNzIyWjAbMRkwFwYDVQQDExBpZHAudXRzeXN0ZW0uZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUJ9hGEJw0EIBIL2InLhCsZZ
+7maurudIUPt9NVQxPFHI7DwhTXwEjhYbTCnNYHS1JjEdnqzYLZitKfLYMkxPapVu
+fEDVBoLCnabRjKuOjLgIraYX5/rdvzgJPGAn7chL76ut5S3EuQNQ7LDD0KWR71qH
+y3TjZD3RXImFCRXvjLOlZR9+jVA1bKLzcafWUyHTv9wW8s/EyN+33ghOwRNzuH9W
+4ZUvUU2/22MYDlHwbCmwfvF8cYoHfk9WK+fgN+5BGGk+YJvjTAdek6tqeLPsFcR5
+cxvDwjyq00sZPb/xDRCTEgtx3StEYSEXqU1Z62/uHmlZ/oeFW21j59ls/CRp3wID
+AQABo2cwZTBEBgNVHREEPTA7ghBpZHAudXRzeXN0ZW0uZWR1hidodHRwczovL2lk
+cC51dHN5c3RlbS5lZHUvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFErG8hS4tDz7
+5KwTs0pGvgb1DeR7MA0GCSqGSIb3DQEBBQUAA4IBAQAO4uo9SuOK3/uLJozn+W0L
+MymzQ6OLLZHuOX2lr/+2+I4YXzp8uqdwp8M7+GVlKDU+7JVEfFl+d7mtPrtThdYz
+aSjip2XjOQdaE/+vY/oD/G750YAZsxOsWQQKPZIC4LClHjLz2H36Wc8nuTKxZzV+
+FLOa1rOT3iYnL2rY+Mzqet3mwz/yoPq8M1/0J/HtvEWyhRkt7SBPnoNZbMt0y33H
+DbzkGdzI4NTA/flqEuAXBrjkg64qktKR7YTkFRWvy1pl44MqiVmP5nvZgVZZmRYg
+BaqXA+v1pIIo2tL8IuUiQxH1KsnDCXE/F74PcEu2CDCVKEgaVEB1v6tGFZwYr2V7
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.utsystem.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.utsystem.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.utsystem.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.utsystem.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.utsystem.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.utsystem.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">utsystem.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1251296733715548325357054589585701937994591869507, expires on Wed Jun 20 21:27:22 2029 GMT -->
+ <ds:X509Certificate>
+MIIDLDCCAhSgAwIBAgIVANsuFgw2Z5XryWlzufSAgriNo5pDMA0GCSqGSIb3DQEB
+BQUAMBsxGTAXBgNVBAMTEGlkcC51dHN5c3RlbS5lZHUwHhcNMDkwNjIwMjEyNzIy
+WhcNMjkwNjIwMjEyNzIyWjAbMRkwFwYDVQQDExBpZHAudXRzeXN0ZW0uZWR1MIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUJ9hGEJw0EIBIL2InLhCsZZ
+7maurudIUPt9NVQxPFHI7DwhTXwEjhYbTCnNYHS1JjEdnqzYLZitKfLYMkxPapVu
+fEDVBoLCnabRjKuOjLgIraYX5/rdvzgJPGAn7chL76ut5S3EuQNQ7LDD0KWR71qH
+y3TjZD3RXImFCRXvjLOlZR9+jVA1bKLzcafWUyHTv9wW8s/EyN+33ghOwRNzuH9W
+4ZUvUU2/22MYDlHwbCmwfvF8cYoHfk9WK+fgN+5BGGk+YJvjTAdek6tqeLPsFcR5
+cxvDwjyq00sZPb/xDRCTEgtx3StEYSEXqU1Z62/uHmlZ/oeFW21j59ls/CRp3wID
+AQABo2cwZTBEBgNVHREEPTA7ghBpZHAudXRzeXN0ZW0uZWR1hidodHRwczovL2lk
+cC51dHN5c3RlbS5lZHUvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFErG8hS4tDz7
+5KwTs0pGvgb1DeR7MA0GCSqGSIb3DQEBBQUAA4IBAQAO4uo9SuOK3/uLJozn+W0L
+MymzQ6OLLZHuOX2lr/+2+I4YXzp8uqdwp8M7+GVlKDU+7JVEfFl+d7mtPrtThdYz
+aSjip2XjOQdaE/+vY/oD/G750YAZsxOsWQQKPZIC4LClHjLz2H36Wc8nuTKxZzV+
+FLOa1rOT3iYnL2rY+Mzqet3mwz/yoPq8M1/0J/HtvEWyhRkt7SBPnoNZbMt0y33H
+DbzkGdzI4NTA/flqEuAXBrjkg64qktKR7YTkFRWvy1pl44MqiVmP5nvZgVZZmRYg
+BaqXA+v1pIIo2tL8IuUiQxH1KsnDCXE/F74PcEu2CDCVKEgaVEB1v6tGFZwYr2V7
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.utsystem.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.utsystem.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Texas System</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Texas System</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.utsystem.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Network Admin</GivenName>
+ <EmailAddress>netadmin@utsystem.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Paul Caskey</GivenName>
+ <EmailAddress>pcaskey@utsystem.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Help Desk</GivenName>
+ <EmailAddress>help@utsystem.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- San Francisco State University -->
+<EntityDescriptor entityID="https://idp.sfsu.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">sfsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 601360562168917016067484663509425922728323527717, expires on Sat Jan 12 17:58:49 2030 GMT -->
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUaVXwsxeZ7HtpgzDRqkb/SXmxNCUwDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMaWRwLnNmc3UuZWR1MB4XDTEwMDExMjE3NTg0OVoXDTMw
+MDExMjE3NTg0OVowFzEVMBMGA1UEAxMMaWRwLnNmc3UuZWR1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM2TW44FPEMlaZShdBub38iLLGtpvvtTZVvC
+tLo6xRQx0YCPYIQua2hxjf5lYFMe2KlwehxuCfujsTbegBX8TNg86NaN2s5iTFk7
+Q7BKY0o1UGEHhmELKZx/BVSH1AB0qwk1ZF9jGyynTITRwRGsr1yLvFM3aTH1tB4s
+iMpTTp7U4HfWcfCsAepxVJw8o8Nvgujgi6E8Mh4emTz+PdNmx0cgpiu7EpvruUEk
+ELlHifyFRhCCBUeOtxgsJXvXgqIYxLlxcz7aGnsylTCgX8fN2WABkJte90Cv06EU
+mkCnB4x8pKLxSfVkLDRDImpqPwnTjmizD6neSRQ5ano4qdAm9wIDAQABo18wXTA8
+BgNVHREENTAzggxpZHAuc2ZzdS5lZHWGI2h0dHBzOi8vaWRwLnNmc3UuZWR1L2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBT7bbal9a/eJjoYsQd6Stdkk9D6uTANBgkq
+hkiG9w0BAQUFAAOCAQEAB2UmDPQkEVR8YPNCUZS2+XjA5Pw7vdswtZpqLbN4x2RG
+AFnaUFs4Qw5/9RScVOdfuSKjbB32LSJzOTLUc2LA2zUhAcieprD9wBcW2gIVnpPC
+PQxMSI7vD7YuF6erW/qFh+gZwBod/PPmP30wy4uDAcWfW09f79wWv67v8ePXS/PA
+Ww8M8pNXffLcYo8NAdTY1ZddhYsqcAduFzL4Q0u/+QpV4K2qpMOK57sJ/4GuI0i4
+TF+IPVqP9ibO/PX7scYZDBm8wGCQ3G3UwADAQxJlSTJzyP7PthgH3ublYb3IbrY6
+OQKTDUHTSx//VpESlGrhleDG/BalOfbtxZka2UF05A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.sfsu.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.sfsu.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.sfsu.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.sfsu.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.sfsu.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.sfsu.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">sfsu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 601360562168917016067484663509425922728323527717, expires on Sat Jan 12 17:58:49 2030 GMT -->
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUaVXwsxeZ7HtpgzDRqkb/SXmxNCUwDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMaWRwLnNmc3UuZWR1MB4XDTEwMDExMjE3NTg0OVoXDTMw
+MDExMjE3NTg0OVowFzEVMBMGA1UEAxMMaWRwLnNmc3UuZWR1MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM2TW44FPEMlaZShdBub38iLLGtpvvtTZVvC
+tLo6xRQx0YCPYIQua2hxjf5lYFMe2KlwehxuCfujsTbegBX8TNg86NaN2s5iTFk7
+Q7BKY0o1UGEHhmELKZx/BVSH1AB0qwk1ZF9jGyynTITRwRGsr1yLvFM3aTH1tB4s
+iMpTTp7U4HfWcfCsAepxVJw8o8Nvgujgi6E8Mh4emTz+PdNmx0cgpiu7EpvruUEk
+ELlHifyFRhCCBUeOtxgsJXvXgqIYxLlxcz7aGnsylTCgX8fN2WABkJte90Cv06EU
+mkCnB4x8pKLxSfVkLDRDImpqPwnTjmizD6neSRQ5ano4qdAm9wIDAQABo18wXTA8
+BgNVHREENTAzggxpZHAuc2ZzdS5lZHWGI2h0dHBzOi8vaWRwLnNmc3UuZWR1L2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBT7bbal9a/eJjoYsQd6Stdkk9D6uTANBgkq
+hkiG9w0BAQUFAAOCAQEAB2UmDPQkEVR8YPNCUZS2+XjA5Pw7vdswtZpqLbN4x2RG
+AFnaUFs4Qw5/9RScVOdfuSKjbB32LSJzOTLUc2LA2zUhAcieprD9wBcW2gIVnpPC
+PQxMSI7vD7YuF6erW/qFh+gZwBod/PPmP30wy4uDAcWfW09f79wWv67v8ePXS/PA
+Ww8M8pNXffLcYo8NAdTY1ZddhYsqcAduFzL4Q0u/+QpV4K2qpMOK57sJ/4GuI0i4
+TF+IPVqP9ibO/PX7scYZDBm8wGCQ3G3UwADAQxJlSTJzyP7PthgH3ublYb3IbrY6
+OQKTDUHTSx//VpESlGrhleDG/BalOfbtxZka2UF05A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.sfsu.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.sfsu.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">San Francisco State University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">San Francisco State University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sfsu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Supakit Kiatrungrit</GivenName>
+ <EmailAddress>supakitk@sfsu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Joellen Fung</GivenName>
+ <EmailAddress>jfung@sfsu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Technical support</GivenName>
+ <EmailAddress>systems@sfsu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Texas Health Science Center At Houston -->
+<EntityDescriptor entityID="urn:mace:utsystem.edu:shib-idp.uth.tmc.edu">
+ <IDPSSODescriptor errorURL="http://www.uthouston.edu/index/contact-mailing.htm" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uth.tmc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 10288359606426606431, expires on Sun Nov 17 17:27:56 2019 GMT -->
+ <ds:X509Certificate>
+MIIFazCCBFOgAwIBAgIJAI7HmI1OiRtfMA0GCSqGSIb3DQEBBQUAMIHTMQswCQYD
+VQQGEwJVUzEOMAwGA1UECBMFVGV4YXMxJzAlBgNVBAoTHlRoZSBVbml2ZXJzaXR5
+IG9mIFRleGFzIFN5c3RlbTFEMEIGA1UECxM7VGhlIFVuaXZlcnNpdHkgb2YgVGV4
+YXMgYXQgSG91c3RvbiBIZWFsdGggU2NpZW5jZSBDZW50ZXIgQ0ExHTAbBgNVBAMT
+FHNoaWItaWRwLnV0aC50bWMuZWR1MSYwJAYJKoZIhvcNAQkBFhdpdF91bml4dGVh
+bUB1dGgudG1jLmVkdTAeFw0wOTExMTkxNzI3NTZaFw0xOTExMTcxNzI3NTZaMIHT
+MQswCQYDVQQGEwJVUzEOMAwGA1UECBMFVGV4YXMxJzAlBgNVBAoTHlRoZSBVbml2
+ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTFEMEIGA1UECxM7VGhlIFVuaXZlcnNpdHkg
+b2YgVGV4YXMgYXQgSG91c3RvbiBIZWFsdGggU2NpZW5jZSBDZW50ZXIgQ0ExHTAb
+BgNVBAMTFHNoaWItaWRwLnV0aC50bWMuZWR1MSYwJAYJKoZIhvcNAQkBFhdpdF91
+bml4dGVhbUB1dGgudG1jLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKUSXqpCGrOHDhTqSAbpo9SMr+syFCRr+AR55gDJNXPlDfzy0PcfpmRqDj5m
+tcF58g2tfHJkmZJbX3Ok/YJn+MjzgR82XuxxSJX4Ixc1uVmfIGtYbUASQPLzTJO6
+dPk1D0x/qYe3So16G/n+FOHkWP5++6gvmiYyxW25CvaYg3IEyLX3mpXAPiek/+OY
+vzysj7ySVxNMT9844aVz36MkspFM4Husd8k4mqlxlZWEovQJdMErmPIfU+weJBJw
+CpIemKYPxXn7Ors8hg50R2T8xXxasAhD9KGOG7jtTvqA1aFQob6A8oxb2EFkz1O0
+GGnM6rgQ0+gZ6zZOzOfmDIPgqnUCAwEAAaOCAT4wggE6MB0GA1UdDgQWBBRxmLnn
+FGpBw79vZh40jh3Okq6xNzCCAQkGA1UdIwSCAQAwgf2AFHGYuecUakHDv29mHjSO
+Hc6SrrE3oYHZpIHWMIHTMQswCQYDVQQGEwJVUzEOMAwGA1UECBMFVGV4YXMxJzAl
+BgNVBAoTHlRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTFEMEIGA1UECxM7
+VGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgYXQgSG91c3RvbiBIZWFsdGggU2NpZW5j
+ZSBDZW50ZXIgQ0ExHTAbBgNVBAMTFHNoaWItaWRwLnV0aC50bWMuZWR1MSYwJAYJ
+KoZIhvcNAQkBFhdpdF91bml4dGVhbUB1dGgudG1jLmVkdYIJAI7HmI1OiRtfMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHAulo/uWpw87yrfgfdrTq88
+fgZVxKoegsGRJWuICTn17qz+Z7tr397N7ZR69VXLkKlk5c2LNCik9l+1lWCHPyv6
++kCiK/VkLtiWiS8V5d1gzL7CbAN9YG5WKU6IguytnEufMyB8fovf7xXvWDVRIAiI
+e6t9zJlwcd1Vn0wsrdR4bMUgdimeKbYK0jRN/03I34z9+mFsmk6gDEGgh2oumdEo
+dmPog4SnvDHURvBT6uB7Sp3pNe5B1FuUyJ9y8YsJs/Y4Ml19sSuKnf99miqYTHvV
+uxOdfM68EubmuKvkUwzGF0Zc1pqBlers2MhTkzSbQ0t1QKkfrbA6tmQ1cbhifck=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib-idp.uth.tmc.edu/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uth.tmc.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 10288359606426606431, expires on Sun Nov 17 17:27:56 2019 GMT -->
+ <ds:X509Certificate>
+MIIFazCCBFOgAwIBAgIJAI7HmI1OiRtfMA0GCSqGSIb3DQEBBQUAMIHTMQswCQYD
+VQQGEwJVUzEOMAwGA1UECBMFVGV4YXMxJzAlBgNVBAoTHlRoZSBVbml2ZXJzaXR5
+IG9mIFRleGFzIFN5c3RlbTFEMEIGA1UECxM7VGhlIFVuaXZlcnNpdHkgb2YgVGV4
+YXMgYXQgSG91c3RvbiBIZWFsdGggU2NpZW5jZSBDZW50ZXIgQ0ExHTAbBgNVBAMT
+FHNoaWItaWRwLnV0aC50bWMuZWR1MSYwJAYJKoZIhvcNAQkBFhdpdF91bml4dGVh
+bUB1dGgudG1jLmVkdTAeFw0wOTExMTkxNzI3NTZaFw0xOTExMTcxNzI3NTZaMIHT
+MQswCQYDVQQGEwJVUzEOMAwGA1UECBMFVGV4YXMxJzAlBgNVBAoTHlRoZSBVbml2
+ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTFEMEIGA1UECxM7VGhlIFVuaXZlcnNpdHkg
+b2YgVGV4YXMgYXQgSG91c3RvbiBIZWFsdGggU2NpZW5jZSBDZW50ZXIgQ0ExHTAb
+BgNVBAMTFHNoaWItaWRwLnV0aC50bWMuZWR1MSYwJAYJKoZIhvcNAQkBFhdpdF91
+bml4dGVhbUB1dGgudG1jLmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAKUSXqpCGrOHDhTqSAbpo9SMr+syFCRr+AR55gDJNXPlDfzy0PcfpmRqDj5m
+tcF58g2tfHJkmZJbX3Ok/YJn+MjzgR82XuxxSJX4Ixc1uVmfIGtYbUASQPLzTJO6
+dPk1D0x/qYe3So16G/n+FOHkWP5++6gvmiYyxW25CvaYg3IEyLX3mpXAPiek/+OY
+vzysj7ySVxNMT9844aVz36MkspFM4Husd8k4mqlxlZWEovQJdMErmPIfU+weJBJw
+CpIemKYPxXn7Ors8hg50R2T8xXxasAhD9KGOG7jtTvqA1aFQob6A8oxb2EFkz1O0
+GGnM6rgQ0+gZ6zZOzOfmDIPgqnUCAwEAAaOCAT4wggE6MB0GA1UdDgQWBBRxmLnn
+FGpBw79vZh40jh3Okq6xNzCCAQkGA1UdIwSCAQAwgf2AFHGYuecUakHDv29mHjSO
+Hc6SrrE3oYHZpIHWMIHTMQswCQYDVQQGEwJVUzEOMAwGA1UECBMFVGV4YXMxJzAl
+BgNVBAoTHlRoZSBVbml2ZXJzaXR5IG9mIFRleGFzIFN5c3RlbTFEMEIGA1UECxM7
+VGhlIFVuaXZlcnNpdHkgb2YgVGV4YXMgYXQgSG91c3RvbiBIZWFsdGggU2NpZW5j
+ZSBDZW50ZXIgQ0ExHTAbBgNVBAMTFHNoaWItaWRwLnV0aC50bWMuZWR1MSYwJAYJ
+KoZIhvcNAQkBFhdpdF91bml4dGVhbUB1dGgudG1jLmVkdYIJAI7HmI1OiRtfMAwG
+A1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAHAulo/uWpw87yrfgfdrTq88
+fgZVxKoegsGRJWuICTn17qz+Z7tr397N7ZR69VXLkKlk5c2LNCik9l+1lWCHPyv6
++kCiK/VkLtiWiS8V5d1gzL7CbAN9YG5WKU6IguytnEufMyB8fovf7xXvWDVRIAiI
+e6t9zJlwcd1Vn0wsrdR4bMUgdimeKbYK0jRN/03I34z9+mFsmk6gDEGgh2oumdEo
+dmPog4SnvDHURvBT6uB7Sp3pNe5B1FuUyJ9y8YsJs/Y4Ml19sSuKnf99miqYTHvV
+uxOdfM68EubmuKvkUwzGF0Zc1pqBlers2MhTkzSbQ0t1QKkfrbA6tmQ1cbhifck=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp.uth.tmc.edu:8443/shibboleth-idp/AA"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Texas Health Science Center At Houston</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Texas Health Science Center At Houston</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uth.tmc.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Fagon Istre</GivenName>
+ <EmailAddress>Fagon.M.Istre@uth.tmc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OAC Support</GivenName>
+ <EmailAddress>support@uth.tmc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>IdM Support</GivenName>
+ <EmailAddress>idm-support@utsystem.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ctsabbc-test.uth.tmc.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ctsabbc-test.uth.tmc.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 15182757802638712929, expires on Mon Mar 18 10:36:15 2019 GMT -->
+ <ds:X509Certificate>
+MIIDHjCCAgagAwIBAgIJANKz/cehEiBhMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNV
+BAMTHWN0c2FiYmMtdGVzdC5zaGlzLnV0aC50bWMuZWR1MB4XDTA5MDMyMDEwMzYx
+NVoXDTE5MDMxODEwMzYxNVowKDEmMCQGA1UEAxMdY3RzYWJiYy10ZXN0LnNoaXMu
+dXRoLnRtYy5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDatxCN
+DiKpnEIJp6WT2lQTbKRYsKE2SW7No+QSMi2ALGsQxXMAXe0QsczdcPOnrwEumRsa
+eQyi0N1GJG0ieSfosuYlvJzY1Ic4oYpOvzvCdl2OCBEz3jP+3wAGMVBNteSPagkh
+GuUrV562Zm6EL44uROqdZJGMt1VblzEkMVa0m7yS70LB4UTxzi7C6j+pQoUZQBwp
+jNRURjdGcOrHthSwzQS30Z4e7xriyd26YjE457s0ZFFQKjhhB1fQ1widVx66ByBi
+DAgFUg8seWy7QZEcCRgpau8IodrRdhcYUzZuZFzspXfIunUkt8z5zm3rX/23+HbY
+A7n3LYNC7+cNEEN1AgMBAAGjSzBJMCgGA1UdEQQhMB+CHWN0c2FiYmMtdGVzdC5z
+aGlzLnV0aC50bWMuZWR1MB0GA1UdDgQWBBQ8pVA50wtJrbEMUQiDSA8aOiraADAN
+BgkqhkiG9w0BAQUFAAOCAQEAbeeel31EXuK/LZWxqtJjGLGyrOlc50qzJQ3DTlm1
+0mFA4o1LpIWvWocThWXJ9HNBj+B4I5ekVo/I2U3jvGBMBld/i17ZQHelrZV43wU9
+dJMh2i9YTeFDBjoothoSocC9zhVaiIftF04Oc4CFAW2wGeiJR1Inl7W24p5QbV01
+2m7UXl842lTgGEPq8pe+yQdJ0C2/8JpSJX7UsPYs8Mc8NrKbvDRUffTaPEcXUa6u
+mJM0k6HAe/mbc+pAD9IcKP1BLdSEVvWCqSfDrnTzqs9tGSLnFrNybeZvTrA0GjjW
+FDahCvoIglsrn2CBFyVhSRvzWlaqa/ZgpN0erBx0FdFyuQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ctsabbc-test.uth.tmc.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ctsabbc-test.uth.tmc.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ctsabbc-test.uth.tmc.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ctsabbc-test.uth.tmc.edu/Shibboleth.sso/SAML2/ECP" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ctsabbc-test.uth.tmc.edu/Shibboleth.sso/SAML/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ctsabbc-test.uth.tmc.edu/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Texas Health Science Center At Houston</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Texas Health Science Center At Houston</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uth.tmc.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>OAC Support</GivenName>
+ <EmailAddress>support@uth.tmc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Fagon Istre</GivenName>
+ <EmailAddress>Fagon.M.Istre@uth.tmc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://ctsabbc.uth.tmc.edu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ctsabbc.uth.tmc.edu/Shibboleth.sso/DS" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 10854344725547995771, expires on Mon Mar 18 08:16:30 2019 GMT -->
+ <ds:X509Certificate>
+MIIDADCCAeigAwIBAgIJAJaiYQTj7FJ7MA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2N0c2FiYmMudXRoLnRtYy5lZHUwHhcNMDkwMzIwMDgxNjMwWhcNMTkwMzE4
+MDgxNjMwWjAeMRwwGgYDVQQDExNjdHNhYmJjLnV0aC50bWMuZWR1MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviHX2Y48UW+wM8H2fGNJSoaENAXJkgID
++/zZytL0IzvKoy0IlNai/GpkWbYP3Ree6T3YOvZ4wq3b/+KsMCXfFMutkXeAxJ7q
+Y9+g9hPlV/ocDhOBxluz3mtO6FL9L1Xh0EIItEQLkbEEqMbAIfnf1hEoteJUo02V
+ji9yWC1EpAqq8hhzkpmfI+0cao6DpNQ6ZsEVkO0OCWwv0/2/NwGK9gj5L1aQpyYU
+GdlsIHa0buTRi4L5Gux6oK1vFrQ/kdAhaA89k5INI/K8veKr0udqacYwkeFRKs+E
+gP6rXN3ZT3Qf8+6qs70FvNzIFx6jzf3A79hQM82u0RptFKaShIirtwIDAQABo0Ew
+PzAeBgNVHREEFzAVghNjdHNhYmJjLnV0aC50bWMuZWR1MB0GA1UdDgQWBBQAISNx
+fvgHw+drUdczCtZ5Rh6liTANBgkqhkiG9w0BAQUFAAOCAQEAqSNBEnKNC2VuGDSA
+rQZik+0qQb+Mrsvuwgr5AZy5B6zBuEPjixeUy6pLJNrC1NLC3kphiGczno4l/ZSh
+ibO7evEh2Iel5yIujs9QhY2HwioJDYnIkA7PegcDCowZdt95aZ/F0QHcCrR6mO/o
+ZIbllhfeJjyThgAq/hEnzCFwNX6e7KIX4WXfinsRg/TnJaY3qGvslvwyNj3KA6ZM
+H+HtJYLVweMn1QdfPCRHi8stm6Bq4VXI808Y5GL3CSVY3BVfwvwSerFsG1gnZs7N
+jFETksl3dj/ldSTIxVSrWbgBPnjnrl4krdxPQhDHEBsz7zfNKP9/gIj5B59V5/da
+iPsxBA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ctsabbc.uth.tmc.edu/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ctsabbc.uth.tmc.edu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ctsabbc.uth.tmc.edu/Shibboleth.sso/SAML2/Artifact" index="3"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ctsabbc.uth.tmc.edu/Shibboleth.sso/SAML2/ECP" index="4"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ctsabbc.uth.tmc.edu/Shibboleth.sso/SAML/POST" index="5"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ctsabbc.uth.tmc.edu/Shibboleth.sso/SAML/Artifact" index="6"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Texas Health Science Center At Houston</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Texas Health Science Center At Houston</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uth.tmc.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Fagon Istre</GivenName>
+ <EmailAddress>Fagon.M.Istre@uth.tmc.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>OAC Support</GivenName>
+ <EmailAddress>support@uth.tmc.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Texas at San Antonio -->
+<EntityDescriptor entityID="https://idm.it.utsa.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://idm.it.utsa.edu/idp/shibboleth" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">utsa.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 786336288640740626405102917659854304420114851456, expires on Tue Jan 23 19:37:28 2029 GMT -->
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAIm8iebcALQTq84UE4AvzlgKieaAMA0GCSqGSIb3DQEB
+BQUAMBoxGDAWBgNVBAMTD2lkbS5pdC51dHNhLmVkdTAeFw0wOTAxMjMxOTM3Mjha
+Fw0yOTAxMjMxOTM3MjhaMBoxGDAWBgNVBAMTD2lkbS5pdC51dHNhLmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOsKHxRDUp3WNFrCwi+c4NjNzVP
+DW+jX4dC6mz9AGxvVmKUVSozFl2pQpQAvG3Qc95Ou68ylnm6MNxAwOlaBfjLy3Xb
+N//T7AVJl2iEsQv5EzZ85iyDOb+ih6U2+WK2WxQVYLVNGKdvqZSLkZ4VJw8j1PVf
+q7wPKWV6y2++Jkhz+3/KG24UpdJ+ja0ipBB8ZhONba+CD7Tw9xD5FBUEhTUGQs/H
+yDArojsyGNVBlriSIFxK3VLab1KzOrwAD55B8yATDg5/X9Gvxvy8RhUjwhOnj+wx
+IvA8cuzYHKmFrYMhw5MedFVvCxqMmbkadWaOWVn15kzuI4laecjM+QxiLn0CAwEA
+AaNlMGMwQgYDVR0RBDswOYIPaWRtLml0LnV0c2EuZWR1hiZodHRwczovL2lkbS5p
+dC51dHNhLmVkdS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUcD2eJNEbgvmbSn57
+AU9miq3KM/gwDQYJKoZIhvcNAQEFBQADggEBAL+y6u4qvPx7+nQN71UP+nXqInkO
+LmELPK+uxZo/+03KSutQkq/ymU+GK2pdaLR8jvDAiBzC/RoheWk8kF4MoIUjIxFC
+DkALegQvA+HioqBhSBnU2AeSrUfV3lDhQ7mIRrhBONFHf3qvKRTyUO7waZJtLWvo
+T6C6aoDNtUaStiR4SLZ3TeFK6ha9uxsgG09YW/Zze1Qt9bTclLICbhqgeeLqMLgj
+ME5BRC6w5hN37trvZnAijYuFllMZtFl41igv9dyKU5zuguK1NLSSa+RiHTORIDYb
+mWNvmsYec7Jd9q6GnUX3lVUrGz5X5/7UL2GPTh7Ups8kZW2Rt20pIT4PIJA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idm.it.utsa.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idm.it.utsa.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idm.it.utsa.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idm.it.utsa.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idm.it.utsa.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idm.it.utsa.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">utsa.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 786336288640740626405102917659854304420114851456, expires on Tue Jan 23 19:37:28 2029 GMT -->
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAIm8iebcALQTq84UE4AvzlgKieaAMA0GCSqGSIb3DQEB
+BQUAMBoxGDAWBgNVBAMTD2lkbS5pdC51dHNhLmVkdTAeFw0wOTAxMjMxOTM3Mjha
+Fw0yOTAxMjMxOTM3MjhaMBoxGDAWBgNVBAMTD2lkbS5pdC51dHNhLmVkdTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANOsKHxRDUp3WNFrCwi+c4NjNzVP
+DW+jX4dC6mz9AGxvVmKUVSozFl2pQpQAvG3Qc95Ou68ylnm6MNxAwOlaBfjLy3Xb
+N//T7AVJl2iEsQv5EzZ85iyDOb+ih6U2+WK2WxQVYLVNGKdvqZSLkZ4VJw8j1PVf
+q7wPKWV6y2++Jkhz+3/KG24UpdJ+ja0ipBB8ZhONba+CD7Tw9xD5FBUEhTUGQs/H
+yDArojsyGNVBlriSIFxK3VLab1KzOrwAD55B8yATDg5/X9Gvxvy8RhUjwhOnj+wx
+IvA8cuzYHKmFrYMhw5MedFVvCxqMmbkadWaOWVn15kzuI4laecjM+QxiLn0CAwEA
+AaNlMGMwQgYDVR0RBDswOYIPaWRtLml0LnV0c2EuZWR1hiZodHRwczovL2lkbS5p
+dC51dHNhLmVkdS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUcD2eJNEbgvmbSn57
+AU9miq3KM/gwDQYJKoZIhvcNAQEFBQADggEBAL+y6u4qvPx7+nQN71UP+nXqInkO
+LmELPK+uxZo/+03KSutQkq/ymU+GK2pdaLR8jvDAiBzC/RoheWk8kF4MoIUjIxFC
+DkALegQvA+HioqBhSBnU2AeSrUfV3lDhQ7mIRrhBONFHf3qvKRTyUO7waZJtLWvo
+T6C6aoDNtUaStiR4SLZ3TeFK6ha9uxsgG09YW/Zze1Qt9bTclLICbhqgeeLqMLgj
+ME5BRC6w5hN37trvZnAijYuFllMZtFl41igv9dyKU5zuguK1NLSSa+RiHTORIDYb
+mWNvmsYec7Jd9q6GnUX3lVUrGz5X5/7UL2GPTh7Ups8kZW2Rt20pIT4PIJA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idm.it.utsa.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idm.it.utsa.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Texas at San Antonio</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Texas at San Antonio</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.utsa.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>OIT Unix Group</GivenName>
+ <EmailAddress>unix@utsa.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Texas Health Science Center At San Antonio -->
+<EntityDescriptor entityID="https://shib.uthscsa.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="http://ims.uthscsa.edu/TechSuppt/HelpDesk.aspx" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uthscsa.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 320071908023492093342270847436429038487984666177, expires on Fri Oct 19 15:50:08 2029 GMT -->
+ <ds:X509Certificate>
+MIIDKzCCAhOgAwIBAgIUOBCFT1ioD0RKc/AB856Jnvb79kEwDQYJKoZIhvcNAQEF
+BQAwGzEZMBcGA1UEAxMQc2hpYi51dGhzY3NhLmVkdTAeFw0wOTEwMTkxNTUwMDha
+Fw0yOTEwMTkxNTUwMDhaMBsxGTAXBgNVBAMTEHNoaWIudXRoc2NzYS5lZHUwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWW8cEBcuG3QBhlSVu7WSbvxAw
+8QLM51Dpg/QsJvUes6hjZGetH/WV9u6LjlCGc6sVr5uXpd0IFkpvVFikLszqlOrH
+p62jO8uomSAlI5nDjG51HAd2lGYx+aTO+ioc5BU9RnMo/VA6VcBsySGlTbWEbf59
+u87fvyTktNRjPOr5mMztZsrb5twYy3e4XfdFTiWJYIccZvjfsZZOwa7vu+JnfUl2
+M2q2jsO/dgCMk2nIAcYOYKEd5F0exwY4qjFHUCPm8s315I9+RZBPFGVB+Y77Rg2e
+VS4Q+9CoTTFLY2LZ4isR3a0RbBr+2TFqMv0ES0aUt3YC8sqWOvxiIhclvCHXAgMB
+AAGjZzBlMEQGA1UdEQQ9MDuCEHNoaWIudXRoc2NzYS5lZHWGJ2h0dHBzOi8vc2hp
+Yi51dGhzY3NhLmVkdS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUqadoMe9LA6OA
+NuWMvOkr+fZCuwowDQYJKoZIhvcNAQEFBQADggEBAGWZjR5NFsdiB+IY1eb89+zQ
+txFy3a8Jct9Dv+nRePNOc5YCF0FLx+BRYfc4L0+yGxhAjyq3XlRe7e4YVpQ/Qy0e
+dqFClRLNXYAVXku2/8zkGNVh+wMDpxOiILoKN1wi+wQ8WnnS7iQPiT2h9ypnrvbf
+RDu+MTSSlVM/XbDOUxtoLWV0YnhhFksN6cseeqW5sUK+4pbj9as+PgTLSt+pxLzY
+WNfu12cY6+Qjam6zo6qiYXfqrvqoVvWf971mJWgf7APZqdp5GrLpMqQoa3XSgfQ6
+sZemi2r9GnG7yy/S/oAW5ZJjeHjRkp+4IBAjCVy8XmRkqx9Lbvq/eincPQjhDjQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.uthscsa.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.uthscsa.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib.uthscsa.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib.uthscsa.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib.uthscsa.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib.uthscsa.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uthscsa.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 320071908023492093342270847436429038487984666177, expires on Fri Oct 19 15:50:08 2029 GMT -->
+ <ds:X509Certificate>
+MIIDKzCCAhOgAwIBAgIUOBCFT1ioD0RKc/AB856Jnvb79kEwDQYJKoZIhvcNAQEF
+BQAwGzEZMBcGA1UEAxMQc2hpYi51dGhzY3NhLmVkdTAeFw0wOTEwMTkxNTUwMDha
+Fw0yOTEwMTkxNTUwMDhaMBsxGTAXBgNVBAMTEHNoaWIudXRoc2NzYS5lZHUwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWW8cEBcuG3QBhlSVu7WSbvxAw
+8QLM51Dpg/QsJvUes6hjZGetH/WV9u6LjlCGc6sVr5uXpd0IFkpvVFikLszqlOrH
+p62jO8uomSAlI5nDjG51HAd2lGYx+aTO+ioc5BU9RnMo/VA6VcBsySGlTbWEbf59
+u87fvyTktNRjPOr5mMztZsrb5twYy3e4XfdFTiWJYIccZvjfsZZOwa7vu+JnfUl2
+M2q2jsO/dgCMk2nIAcYOYKEd5F0exwY4qjFHUCPm8s315I9+RZBPFGVB+Y77Rg2e
+VS4Q+9CoTTFLY2LZ4isR3a0RbBr+2TFqMv0ES0aUt3YC8sqWOvxiIhclvCHXAgMB
+AAGjZzBlMEQGA1UdEQQ9MDuCEHNoaWIudXRoc2NzYS5lZHWGJ2h0dHBzOi8vc2hp
+Yi51dGhzY3NhLmVkdS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUqadoMe9LA6OA
+NuWMvOkr+fZCuwowDQYJKoZIhvcNAQEFBQADggEBAGWZjR5NFsdiB+IY1eb89+zQ
+txFy3a8Jct9Dv+nRePNOc5YCF0FLx+BRYfc4L0+yGxhAjyq3XlRe7e4YVpQ/Qy0e
+dqFClRLNXYAVXku2/8zkGNVh+wMDpxOiILoKN1wi+wQ8WnnS7iQPiT2h9ypnrvbf
+RDu+MTSSlVM/XbDOUxtoLWV0YnhhFksN6cseeqW5sUK+4pbj9as+PgTLSt+pxLzY
+WNfu12cY6+Qjam6zo6qiYXfqrvqoVvWf971mJWgf7APZqdp5GrLpMqQoa3XSgfQ6
+sZemi2r9GnG7yy/S/oAW5ZJjeHjRkp+4IBAjCVy8XmRkqx9Lbvq/eincPQjhDjQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib.uthscsa.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib.uthscsa.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Texas Health Science Center At San Antonio</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Texas Health Science Center At San Antonio</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uthscsa.edu</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Brian Purcell</GivenName>
+ <EmailAddress>purcell@uthscsa.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Baylor University -->
+<EntityDescriptor entityID="https://shibboleth-2.baylor.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">baylor.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 891575916460207048935946270948187121314969169004, expires on Tue Oct 10 15:51:52 2028 GMT -->
+ <ds:X509Certificate>
+MIIDSDCCAjCgAwIBAgIVAJwrpZTSCIpBHJObNPrSziMptCxsMA0GCSqGSIb3DQEB
+BQUAMCIxIDAeBgNVBAMTF3NoaWJib2xldGgtMi5iYXlsb3IuZWR1MB4XDTA4MTAx
+MDE1NTE1MloXDTI4MTAxMDE1NTE1MlowIjEgMB4GA1UEAxMXc2hpYmJvbGV0aC0y
+LmJheWxvci5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxLhS3
+FaukoY9w6xx2ScH9t+VBKN3SgpoNCtlSTA+c+EzlFN1U8JT/TM7frLCW5hw9iCZE
+skLYrWlp6h//hukAf6O+WVNrDD3KnCF3Tnf29Rvf0xM0Xe8Vu7l/O87B6UA5a8+L
+Cw1+7OGBX5Ji6PB/sBDbCCs76G/EA4PqbHFomS03z7Qo8vJaAF5eEoq14FPt154G
++1mL4MUzrDIB4obFZqFRkJgh8dl13cDFsew5hMQbRVMHnOKIBPspaHJauYHK15SB
+5WRCUdkkn/+cfriS2w+LXPttPryaZNelNmwAEcDdY8WBE6fKRU1O2aYSXt6fPdlB
+5ood0aDV4RjWJ5uTAgMBAAGjdTBzMFIGA1UdEQRLMEmCF3NoaWJib2xldGgtMi5i
+YXlsb3IuZWR1hi5odHRwczovL3NoaWJib2xldGgtMi5iYXlsb3IuZWR1L2lkcC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBTCaiA6Ojg47/4ar0uw2B3+ATl8DDANBgkqhkiG
+9w0BAQUFAAOCAQEAmQ+aPuw0MMuCKdkpBJslXyNI+lKUqdnY/aaMsOwN2M1TGiOL
+pi5thbpX5CTte366j/F+vePY2cQjte2z8h5bZTPr9/v9HaEQqon3uX6cANlXd0CB
+qojrtBlaiI5Ij7xYoO0uqbh2jXs6gJ58DVOHma20spm+qELlaD+lqaTIA1Ge5rma
+JtRoJmSugC0tc/E1FuSWyRkdzxra1ZZjakUbEZBYO0x5STmrFWZ0E6ewMLu6u/X2
+wp8io5JHRYH74kW3WeXaR0/hi2wiaVBsOACQ75dFrlJZTb4oMWGothemjzQV3K3Q
+xXawYVydT5jy18eqkAFFtBDOlRVFXEqY/oOetw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth-2.baylor.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth-2.baylor.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">baylor.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 891575916460207048935946270948187121314969169004, expires on Tue Oct 10 15:51:52 2028 GMT -->
+ <ds:X509Certificate>
+MIIDSDCCAjCgAwIBAgIVAJwrpZTSCIpBHJObNPrSziMptCxsMA0GCSqGSIb3DQEB
+BQUAMCIxIDAeBgNVBAMTF3NoaWJib2xldGgtMi5iYXlsb3IuZWR1MB4XDTA4MTAx
+MDE1NTE1MloXDTI4MTAxMDE1NTE1MlowIjEgMB4GA1UEAxMXc2hpYmJvbGV0aC0y
+LmJheWxvci5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxLhS3
+FaukoY9w6xx2ScH9t+VBKN3SgpoNCtlSTA+c+EzlFN1U8JT/TM7frLCW5hw9iCZE
+skLYrWlp6h//hukAf6O+WVNrDD3KnCF3Tnf29Rvf0xM0Xe8Vu7l/O87B6UA5a8+L
+Cw1+7OGBX5Ji6PB/sBDbCCs76G/EA4PqbHFomS03z7Qo8vJaAF5eEoq14FPt154G
++1mL4MUzrDIB4obFZqFRkJgh8dl13cDFsew5hMQbRVMHnOKIBPspaHJauYHK15SB
+5WRCUdkkn/+cfriS2w+LXPttPryaZNelNmwAEcDdY8WBE6fKRU1O2aYSXt6fPdlB
+5ood0aDV4RjWJ5uTAgMBAAGjdTBzMFIGA1UdEQRLMEmCF3NoaWJib2xldGgtMi5i
+YXlsb3IuZWR1hi5odHRwczovL3NoaWJib2xldGgtMi5iYXlsb3IuZWR1L2lkcC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBTCaiA6Ojg47/4ar0uw2B3+ATl8DDANBgkqhkiG
+9w0BAQUFAAOCAQEAmQ+aPuw0MMuCKdkpBJslXyNI+lKUqdnY/aaMsOwN2M1TGiOL
+pi5thbpX5CTte366j/F+vePY2cQjte2z8h5bZTPr9/v9HaEQqon3uX6cANlXd0CB
+qojrtBlaiI5Ij7xYoO0uqbh2jXs6gJ58DVOHma20spm+qELlaD+lqaTIA1Ge5rma
+JtRoJmSugC0tc/E1FuSWyRkdzxra1ZZjakUbEZBYO0x5STmrFWZ0E6ewMLu6u/X2
+wp8io5JHRYH74kW3WeXaR0/hi2wiaVBsOACQ75dFrlJZTb4oMWGothemjzQV3K3Q
+xXawYVydT5jy18eqkAFFtBDOlRVFXEqY/oOetw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth-2.baylor.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth-2.baylor.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Baylor University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Baylor University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.baylor.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Tommy Roberson</GivenName>
+ <EmailAddress>tommy_roberson@baylor.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Becky King</GivenName>
+ <EmailAddress>becky_king@baylor.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Ray Nazzario</GivenName>
+ <EmailAddress>ray_nazzario@baylor.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Carnegie Mellon University -->
+<EntityDescriptor entityID="https://shibboleth.andrew.cmu.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://shibboleth.andrew.cmu.edu/error" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">cmu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 18303354989175301994, expires on Fri Jan 13 20:12:59 2012 GMT -->
+ <ds:X509Certificate>
+MIIExDCCA6ygAwIBAgIJAP4ClGMnqudqMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1
+cmdoMRgwFgYDVQQKEw9DYXJuZWdpZSBNZWxsb24xGzAZBgNVBAsTEkNvbXB1dGlu
+ZyBTZXJ2aWNlczEqMCgGA1UEAxMhQ2FybmVnaWUgTWVsbG9uIElkZW50aXR5IFBy
+b3ZpZGVyMB4XDTEwMDExMzIwMTI1OVoXDTEyMDExMzIwMTI1OVowgZwxCzAJBgNV
+BAYTAlVTMRUwEwYDVQQIEwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVy
+Z2gxGDAWBgNVBAoTD0Nhcm5lZ2llIE1lbGxvbjEbMBkGA1UECxMSQ29tcHV0aW5n
+IFNlcnZpY2VzMSowKAYDVQQDEyFDYXJuZWdpZSBNZWxsb24gSWRlbnRpdHkgUHJv
+dmlkZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3B2Vv7k2LjG+i
+8LZCqQluZS08iU1kTnnclLz/OQHMPyJ9agiitK0PpVhsqOjMOZzbl+8xWX5EzsRN
+zYICfRPz3GuR9zBTLcVrHpe/iW5WC4DesN0Kop0zNZm+tJKrKfR9DWrC2O/R9YCD
+xr8gB7ZfHCGDKkPxTn2w0PkINEIRRsnhRDZ/O2fDIE5A5SxA7ju4y59HOREpMKib
+oNAN8qg4gWROyu9G32eBjaelDdF7mPyLTZoEdswpWTWFWaUcL57D7Eg9ymmTskW+
+q0/BvnJOeP6ZshMn+r2NKMPk8fXyqboTkKwbHdxRu6gokOw/gSSLP57MmQRxbuQa
+8FHhHjCTAgMBAAGjggEFMIIBATAdBgNVHQ4EFgQUeIinvzWeb+dCBoabnQAMxQOQ
+W84wgdEGA1UdIwSByTCBxoAUeIinvzWeb+dCBoabnQAMxQOQW86hgaKkgZ8wgZwx
+CzAJBgNVBAYTAlVTMRUwEwYDVQQIEwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBp
+dHRzYnVyZ2gxGDAWBgNVBAoTD0Nhcm5lZ2llIE1lbGxvbjEbMBkGA1UECxMSQ29t
+cHV0aW5nIFNlcnZpY2VzMSowKAYDVQQDEyFDYXJuZWdpZSBNZWxsb24gSWRlbnRp
+dHkgUHJvdmlkZXKCCQD+ApRjJ6rnajAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
+BQUAA4IBAQBHRy62mzquDwGyCGRlTL3BkUYsIaEpWC3vDkc49QGD53kvk3mYvNdt
+sX8p5fw6oMCJDj1LJkZPnMH3XfCWIAfx78PeIXK9cOczBjdD6AhJgY9SjJywLj6F
+svKV19DtKWApkqtTSf9Ri15Qj6vmapUPqdwOoSnXE8BhRJ5cR90j/EosudHsiN6R
+lFwum4qrdFzLCcDTmoGvEKMiaDBck6nZ+f0W25AU9iSq7eJ8CNj/VPI011LCjVMs
+c5b/2BqyelYgwNr1qImQRv22UPPFg3O9fU0N66D0Mfnr8m7Bta35nk75z3IH6p4S
+QwSKdOyYNp3WOhrHL0VgfsSlj6W3l8Aq
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.andrew.cmu.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.andrew.cmu.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">cmu.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 18303354989175301994, expires on Fri Jan 13 20:12:59 2012 GMT -->
+ <ds:X509Certificate>
+MIIExDCCA6ygAwIBAgIJAP4ClGMnqudqMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
+VQQGEwJVUzEVMBMGA1UECBMMUGVubnN5bHZhbmlhMRMwEQYDVQQHEwpQaXR0c2J1
+cmdoMRgwFgYDVQQKEw9DYXJuZWdpZSBNZWxsb24xGzAZBgNVBAsTEkNvbXB1dGlu
+ZyBTZXJ2aWNlczEqMCgGA1UEAxMhQ2FybmVnaWUgTWVsbG9uIElkZW50aXR5IFBy
+b3ZpZGVyMB4XDTEwMDExMzIwMTI1OVoXDTEyMDExMzIwMTI1OVowgZwxCzAJBgNV
+BAYTAlVTMRUwEwYDVQQIEwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBpdHRzYnVy
+Z2gxGDAWBgNVBAoTD0Nhcm5lZ2llIE1lbGxvbjEbMBkGA1UECxMSQ29tcHV0aW5n
+IFNlcnZpY2VzMSowKAYDVQQDEyFDYXJuZWdpZSBNZWxsb24gSWRlbnRpdHkgUHJv
+dmlkZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC3B2Vv7k2LjG+i
+8LZCqQluZS08iU1kTnnclLz/OQHMPyJ9agiitK0PpVhsqOjMOZzbl+8xWX5EzsRN
+zYICfRPz3GuR9zBTLcVrHpe/iW5WC4DesN0Kop0zNZm+tJKrKfR9DWrC2O/R9YCD
+xr8gB7ZfHCGDKkPxTn2w0PkINEIRRsnhRDZ/O2fDIE5A5SxA7ju4y59HOREpMKib
+oNAN8qg4gWROyu9G32eBjaelDdF7mPyLTZoEdswpWTWFWaUcL57D7Eg9ymmTskW+
+q0/BvnJOeP6ZshMn+r2NKMPk8fXyqboTkKwbHdxRu6gokOw/gSSLP57MmQRxbuQa
+8FHhHjCTAgMBAAGjggEFMIIBATAdBgNVHQ4EFgQUeIinvzWeb+dCBoabnQAMxQOQ
+W84wgdEGA1UdIwSByTCBxoAUeIinvzWeb+dCBoabnQAMxQOQW86hgaKkgZ8wgZwx
+CzAJBgNVBAYTAlVTMRUwEwYDVQQIEwxQZW5uc3lsdmFuaWExEzARBgNVBAcTClBp
+dHRzYnVyZ2gxGDAWBgNVBAoTD0Nhcm5lZ2llIE1lbGxvbjEbMBkGA1UECxMSQ29t
+cHV0aW5nIFNlcnZpY2VzMSowKAYDVQQDEyFDYXJuZWdpZSBNZWxsb24gSWRlbnRp
+dHkgUHJvdmlkZXKCCQD+ApRjJ6rnajAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEB
+BQUAA4IBAQBHRy62mzquDwGyCGRlTL3BkUYsIaEpWC3vDkc49QGD53kvk3mYvNdt
+sX8p5fw6oMCJDj1LJkZPnMH3XfCWIAfx78PeIXK9cOczBjdD6AhJgY9SjJywLj6F
+svKV19DtKWApkqtTSf9Ri15Qj6vmapUPqdwOoSnXE8BhRJ5cR90j/EosudHsiN6R
+lFwum4qrdFzLCcDTmoGvEKMiaDBck6nZ+f0W25AU9iSq7eJ8CNj/VPI011LCjVMs
+c5b/2BqyelYgwNr1qImQRv22UPPFg3O9fU0N66D0Mfnr8m7Bta35nk75z3IH6p4S
+QwSKdOyYNp3WOhrHL0VgfsSlj6W3l8Aq
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.andrew.cmu.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Carnegie Mellon University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Carnegie Mellon University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.cmu.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Russell J. Yount</GivenName>
+ <EmailAddress>rjy@cmu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Craig Miron</GivenName>
+ <EmailAddress>cmiron@cmu.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Shibboleth Support Team</GivenName>
+ <EmailAddress>shibboleth-team@andrew.cmu.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of South Dakota -->
+<EntityDescriptor entityID="https://usd-shibboleth.usd.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="http://usd-shibboleth.usd.edu/idp/login-error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">usd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 267857410254980987267730220567839503936670879055, expires on Mon Oct 1 14:20:54 2029 GMT -->
+ <ds:X509Certificate>
+MIIDQzCCAiugAwIBAgIULuskRXOYdINQmnMUs7XmxM7LTU8wDQYJKoZIhvcNAQEF
+BQAwITEfMB0GA1UEAxMWdXNkLXNoaWJib2xldGgudXNkLmVkdTAeFw0wOTEwMDEx
+NDIwNTRaFw0yOTEwMDExNDIwNTRaMCExHzAdBgNVBAMTFnVzZC1zaGliYm9sZXRo
+LnVzZC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWcrvsncj3
+2KdOrxOgKjToNN6dEp7pNdt7LvlcFzcRU67ieuf2Gm/9PrL8Dh1rN4aIx/OmmI73
+p6Oh9AMGfPkHNhGWx/wkrCg1K95HhqC7yayyPRr/mEidgTqMbsE3JLCiyJZnjIMk
+jTQFFSKX8weFPJOFRjc/OqTlRlnWujhhaDCNHhSnvGGgpWKEUiETnehT/No/udNu
+eNXULFNykKhxnbthQPEn3v4AQGnHquJskIk9QnLryLpqsi/C17YUKU23Zr+Ozl6s
+r5a6DTvx/4yn9ygFbgu9nJpTjiGudDdxHy0pFq3RDl867YlQ73s1BdUVhyycq5Uz
+7SxnbAzHHqN1AgMBAAGjczBxMFAGA1UdEQRJMEeCFnVzZC1zaGliYm9sZXRoLnVz
+ZC5lZHWGLWh0dHBzOi8vdXNkLXNoaWJib2xldGgudXNkLmVkdS9pZHAvc2hpYmJv
+bGV0aDAdBgNVHQ4EFgQUPesQMqnc+/176xNlHiK1LoS1AFgwDQYJKoZIhvcNAQEF
+BQADggEBAAlr4i7FIzdUfLVuHuKuQJ53fkSN3tlNtzzqfuVhUlim6wLm5EVNYduU
+mKXdlkp+2raqdnl0pJyf72n0Eu5rddaEa+ea9PX6/N2+QfihuFHrRQgWfnMq7Enk
+RhqEgaoddTC+n7w1JrBPFPJXqXr/jarAdZ7oQFFOT/mZdfF++t7ROnbA2jLjBUJW
+camG6mRgxV0CMRJGLBg3N6KpVlrIM83jwN5qyNwI5HYxywyjZ6dmuC0vklpujKw9
+PJ2nsIRFAvihzLVBI+X0FRN9hlymEDg9JMjck8fSM/+LEY3L+cDsqhypovAzM7/w
+Xw6GxAVFIfDzBljOspTm6s2jymodlmM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://usd-shibboleth.usd.edu:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://usd-shibboleth.usd.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">usd.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 267857410254980987267730220567839503936670879055, expires on Mon Oct 1 14:20:54 2029 GMT -->
+ <ds:X509Certificate>
+MIIDQzCCAiugAwIBAgIULuskRXOYdINQmnMUs7XmxM7LTU8wDQYJKoZIhvcNAQEF
+BQAwITEfMB0GA1UEAxMWdXNkLXNoaWJib2xldGgudXNkLmVkdTAeFw0wOTEwMDEx
+NDIwNTRaFw0yOTEwMDExNDIwNTRaMCExHzAdBgNVBAMTFnVzZC1zaGliYm9sZXRo
+LnVzZC5lZHUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCWcrvsncj3
+2KdOrxOgKjToNN6dEp7pNdt7LvlcFzcRU67ieuf2Gm/9PrL8Dh1rN4aIx/OmmI73
+p6Oh9AMGfPkHNhGWx/wkrCg1K95HhqC7yayyPRr/mEidgTqMbsE3JLCiyJZnjIMk
+jTQFFSKX8weFPJOFRjc/OqTlRlnWujhhaDCNHhSnvGGgpWKEUiETnehT/No/udNu
+eNXULFNykKhxnbthQPEn3v4AQGnHquJskIk9QnLryLpqsi/C17YUKU23Zr+Ozl6s
+r5a6DTvx/4yn9ygFbgu9nJpTjiGudDdxHy0pFq3RDl867YlQ73s1BdUVhyycq5Uz
+7SxnbAzHHqN1AgMBAAGjczBxMFAGA1UdEQRJMEeCFnVzZC1zaGliYm9sZXRoLnVz
+ZC5lZHWGLWh0dHBzOi8vdXNkLXNoaWJib2xldGgudXNkLmVkdS9pZHAvc2hpYmJv
+bGV0aDAdBgNVHQ4EFgQUPesQMqnc+/176xNlHiK1LoS1AFgwDQYJKoZIhvcNAQEF
+BQADggEBAAlr4i7FIzdUfLVuHuKuQJ53fkSN3tlNtzzqfuVhUlim6wLm5EVNYduU
+mKXdlkp+2raqdnl0pJyf72n0Eu5rddaEa+ea9PX6/N2+QfihuFHrRQgWfnMq7Enk
+RhqEgaoddTC+n7w1JrBPFPJXqXr/jarAdZ7oQFFOT/mZdfF++t7ROnbA2jLjBUJW
+camG6mRgxV0CMRJGLBg3N6KpVlrIM83jwN5qyNwI5HYxywyjZ6dmuC0vklpujKw9
+PJ2nsIRFAvihzLVBI+X0FRN9hlymEDg9JMjck8fSM/+LEY3L+cDsqhypovAzM7/w
+Xw6GxAVFIfDzBljOspTm6s2jymodlmM=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://usd-shibboleth.usd.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of South Dakota</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of South Dakota</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.usd.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jason Askew</GivenName>
+ <EmailAddress>jaskew@usd.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Don Ticknor</GivenName>
+ <EmailAddress>dticknor@usd.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Channel Islands -->
+<EntityDescriptor entityID="https://mckinley.csuci.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csuci.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 173038506385546796217821882251074643115874878471, expires on Sat Dec 15 14:35:42 2029 GMT -->
+ <ds:X509Certificate>
+MIIDMzCCAhugAwIBAgIUHk9QotPMplSUhYpSvuYG29XyhAcwDQYJKoZIhvcNAQEF
+BQAwHTEbMBkGA1UEAxMSbWNraW5sZXkuY3N1Y2kuZWR1MB4XDTA5MTIxNTE0MzU0
+MloXDTI5MTIxNTE0MzU0MlowHTEbMBkGA1UEAxMSbWNraW5sZXkuY3N1Y2kuZWR1
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBu6KkNBzS5FBHcadtCH
+7YizwI5m5i1upU/0BfcGbRqX73vxWsel6faOKV2uTh4z0L5u4fWf5eLKRL+csuvd
+/KhJyLHpf4TF9Qb6YKjoM8zBWfsQ09U6Cm7/80BF0Vt6aFZ1MlnnA64PkJIto0IQ
+4C0gy1/X/4GIGOQKEKCHQcZ6q1PW7RxOSQgC063QTgsQi1PmvHeFrJ41wuLjmMhC
+PHAv28hPgpvPdQ3Tf0a/mGF0ICVD7UCgmqt62LfzcT6+5aeKxOGc1FqkNnGgiNS9
+KGyRVzU9KHf6nHvD6bb2yJEuwDDNn8qNBjm1A6b/3FK9C8uBWVecE0BMrK28Girr
+WQIDAQABo2swaTBIBgNVHREEQTA/ghJtY2tpbmxleS5jc3VjaS5lZHWGKWh0dHBz
+Oi8vbWNraW5sZXkuY3N1Y2kuZWR1L2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRH
+o1fMC9uSJXS0PCu+GX3vFk8vTDANBgkqhkiG9w0BAQUFAAOCAQEAcuQTlh1jKAQu
+Wh04QJ8nUrbUd/o/iuzmSlGFcc+jt2oQGKUUPrdVQ56m4nUrz6EZr5pSBJP6kCxM
+1dbdpSHMB3sOeIpIAIn6gv0KqVn+SVxdT9101//+5t85p0qnyqymO6hWNHIZWEbI
+xZOrsBrFc/3KHEyOBxXSyzLEri1mxvYNBN3lYxAfnXvL2TfFMfSDzi9SItwTnHFG
+ZVhecPvNBMDCBul++UU34rYeovvJQ29UDocwicHEn5n9f3G9rUs4xM9k3DucsZz9
+yvIPFDYPMKI9Z5ZyyInFao5y7ZRI0Odmn24AZkBPzTT2pczIP+JVC/k1e+1sDGbW
+mzdNnyU+tA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mckinley.csuci.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mckinley.csuci.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">csuci.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 173038506385546796217821882251074643115874878471, expires on Sat Dec 15 14:35:42 2029 GMT -->
+ <ds:X509Certificate>
+MIIDMzCCAhugAwIBAgIUHk9QotPMplSUhYpSvuYG29XyhAcwDQYJKoZIhvcNAQEF
+BQAwHTEbMBkGA1UEAxMSbWNraW5sZXkuY3N1Y2kuZWR1MB4XDTA5MTIxNTE0MzU0
+MloXDTI5MTIxNTE0MzU0MlowHTEbMBkGA1UEAxMSbWNraW5sZXkuY3N1Y2kuZWR1
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiBu6KkNBzS5FBHcadtCH
+7YizwI5m5i1upU/0BfcGbRqX73vxWsel6faOKV2uTh4z0L5u4fWf5eLKRL+csuvd
+/KhJyLHpf4TF9Qb6YKjoM8zBWfsQ09U6Cm7/80BF0Vt6aFZ1MlnnA64PkJIto0IQ
+4C0gy1/X/4GIGOQKEKCHQcZ6q1PW7RxOSQgC063QTgsQi1PmvHeFrJ41wuLjmMhC
+PHAv28hPgpvPdQ3Tf0a/mGF0ICVD7UCgmqt62LfzcT6+5aeKxOGc1FqkNnGgiNS9
+KGyRVzU9KHf6nHvD6bb2yJEuwDDNn8qNBjm1A6b/3FK9C8uBWVecE0BMrK28Girr
+WQIDAQABo2swaTBIBgNVHREEQTA/ghJtY2tpbmxleS5jc3VjaS5lZHWGKWh0dHBz
+Oi8vbWNraW5sZXkuY3N1Y2kuZWR1L2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRH
+o1fMC9uSJXS0PCu+GX3vFk8vTDANBgkqhkiG9w0BAQUFAAOCAQEAcuQTlh1jKAQu
+Wh04QJ8nUrbUd/o/iuzmSlGFcc+jt2oQGKUUPrdVQ56m4nUrz6EZr5pSBJP6kCxM
+1dbdpSHMB3sOeIpIAIn6gv0KqVn+SVxdT9101//+5t85p0qnyqymO6hWNHIZWEbI
+xZOrsBrFc/3KHEyOBxXSyzLEri1mxvYNBN3lYxAfnXvL2TfFMfSDzi9SItwTnHFG
+ZVhecPvNBMDCBul++UU34rYeovvJQ29UDocwicHEn5n9f3G9rUs4xM9k3DucsZz9
+yvIPFDYPMKI9Z5ZyyInFao5y7ZRI0Odmn24AZkBPzTT2pczIP+JVC/k1e+1sDGbW
+mzdNnyU+tA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://mckinley.csuci.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mckinley.csuci.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Channel Islands</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Channel Islands</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csuci.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Peter Scamardo</GivenName>
+ <EmailAddress>peter.scamardo@csuci.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Arkansas for Medical Sciences -->
+<EntityDescriptor entityID="https://shibboleth.uams.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uams.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1, expires on Sun Jan 19 20:20:19 2020 GMT -->
+ <ds:X509Certificate>
+MIIF6DCCA9ACAQEwDQYJKoZIhvcNAQEFBQAwgbkxCzAJBgNVBAYTAlVTMREwDwYD
+VQQIEwhBcmthbnNhczEUMBIGA1UEBxMLTGl0dGxlIFJvY2sxNDAyBgNVBAoTK1Vu
+aXZlcnNpdHkgb2YgQXJrYW5zYXMgZm9yIE1lZGljYWwgU2NpZW5jZXMxCzAJBgNV
+BAsTAklUMRwwGgYDVQQDExNzaGliYm9sZXRoLnVhbXMuZWR1MSAwHgYJKoZIhvcN
+AQkBFhFrYXBvd2VsbEB1YW1zLmVkdTAeFw0xMDAxMjEyMDIwMTlaFw0yMDAxMTky
+MDIwMTlaMIG5MQswCQYDVQQGEwJVUzERMA8GA1UECBMIQXJrYW5zYXMxFDASBgNV
+BAcTC0xpdHRsZSBSb2NrMTQwMgYDVQQKEytVbml2ZXJzaXR5IG9mIEFya2Fuc2Fz
+IGZvciBNZWRpY2FsIFNjaWVuY2VzMQswCQYDVQQLEwJJVDEcMBoGA1UEAxMTc2hp
+YmJvbGV0aC51YW1zLmVkdTEgMB4GCSqGSIb3DQEJARYRa2Fwb3dlbGxAdWFtcy5l
+ZHUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD5Hc8JIuSngcQzhmkZ
+hjJy5R1d/7zlBNEHuBrHw21UE1y7lpVAJUAk1wDj4twxLjrkzTuWcClvr+8DU+ov
+Kvd8as3UmxcLtUdzpgDPGNggLyyNn5kdJP0Ds0eQ7RzIVMOq4tU87eL0TjIFY6Kg
+4898Now4GKkcb+D13d+a3mXWSUAi1HfnUtKoAwZIj1awc/P7C5lO+sq+rgB4+EAl
+TcjB+vS1puUbk+eKBLWfp4iQfwpmRVtTRhQT/fDxvvebbW/in2GoRUDLHsgkxLLk
+cIVPw965w3bek93EOj/nJeZ8FtGgByQhIONOyXWgLgIzSb6q+r0aO7cGYOeTD2fd
+ckJxFIu6lrk25pdWE7heUCwmFiOpG5i4Dn/Zyfbk5Mf2rrEOimzNLQGMXoXrSo2x
+w8Md5hQTa2hgkEhOAqYCYVeZEkpPJkj9yeYvnYF1pOvzRvUVbje93SV9Mp1Umt4A
+kmGR7PWBYnRO+ibspy5KTt2wZvwm8Nnz9FMa4KY93/HdS55OYPzUZ0U6J1Qb66Co
+jjD0/7DAKNWyP2rDxor1HAP94tYwkkM5N/nmGh7rp5/ky0UYN46dVruLozO6CvC0
+HL4Jv3oAByDM3mA9zEWUFnPLGSel87N6Bghp7y+NSbop6QxDThgKJom3BZdoFrRd
+IVpTEW1a4Bkx0n4/HN+wVSuaiQIDAQABMA0GCSqGSIb3DQEBBQUAA4ICAQAVSKZp
+WRiiI/GMwP8J1qLpPYps9GAg8K3SSamNTZjFb4Bx1U9BX2oVfhFzWUHlkEZ4I9Kn
+pHy1DoajsUMXGihIAW7nE4QB7Scg0/j72qWD8RTYJf45LOMmYjwaFzh6nx8ZW8nr
+jQFlZ3FZqrdxRlc09QGj+/1EAB8zsl1TwY5LLHKXmxrrzxgcjlEJQj5W1QsxY+cp
+qR7U2FTIUHWPYIuk32j+4D0cADEgSPRoWQvhQ4yv6ObXnnysmQyL80vMy4qWRkQW
+EZzValhP7+c1HlX/3ZFE5oyfa4MIArxQ2cD6wCxhGLauMOCAGkWw2OBSTsNrAQ9k
+Z5w7ZkB+dkZjTLbMpXEBEjInQraA6daFGpHn0XZWt0yUrPv8yuwrPZPEhCulnCwz
+jPT8ic+thGwdiyXVouxToFoDS+IHHhQXkH4tNTZSVK8g8do5V5mxSJLq2QiySAKj
+8HCKUSg+5YT9hghvD/DZg7AIG7x15WB7tguybmEZ0ZQTMbXfxW8++ennnMv0YB08
+0TcaZVLkzfGqpa7LViMTg+DMOxrbxDPyWwmJYIp1wctIwD/0Mt1GLO24SCpsL0Xi
+/oQmUfmngWJ89KOYIv/FBO1yVwq3LUuwc1bDS+6zYsmOTIdNTjl+HGmq07Nu5IEV
+5CGF3Xf3OCIcIPuFxeF6aJA+h9o82twJq3mwpw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.uams.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.uams.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.uams.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">uams.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 1, expires on Sun Jan 19 20:20:19 2020 GMT -->
+ <ds:X509Certificate>
+MIIF6DCCA9ACAQEwDQYJKoZIhvcNAQEFBQAwgbkxCzAJBgNVBAYTAlVTMREwDwYD
+VQQIEwhBcmthbnNhczEUMBIGA1UEBxMLTGl0dGxlIFJvY2sxNDAyBgNVBAoTK1Vu
+aXZlcnNpdHkgb2YgQXJrYW5zYXMgZm9yIE1lZGljYWwgU2NpZW5jZXMxCzAJBgNV
+BAsTAklUMRwwGgYDVQQDExNzaGliYm9sZXRoLnVhbXMuZWR1MSAwHgYJKoZIhvcN
+AQkBFhFrYXBvd2VsbEB1YW1zLmVkdTAeFw0xMDAxMjEyMDIwMTlaFw0yMDAxMTky
+MDIwMTlaMIG5MQswCQYDVQQGEwJVUzERMA8GA1UECBMIQXJrYW5zYXMxFDASBgNV
+BAcTC0xpdHRsZSBSb2NrMTQwMgYDVQQKEytVbml2ZXJzaXR5IG9mIEFya2Fuc2Fz
+IGZvciBNZWRpY2FsIFNjaWVuY2VzMQswCQYDVQQLEwJJVDEcMBoGA1UEAxMTc2hp
+YmJvbGV0aC51YW1zLmVkdTEgMB4GCSqGSIb3DQEJARYRa2Fwb3dlbGxAdWFtcy5l
+ZHUwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQD5Hc8JIuSngcQzhmkZ
+hjJy5R1d/7zlBNEHuBrHw21UE1y7lpVAJUAk1wDj4twxLjrkzTuWcClvr+8DU+ov
+Kvd8as3UmxcLtUdzpgDPGNggLyyNn5kdJP0Ds0eQ7RzIVMOq4tU87eL0TjIFY6Kg
+4898Now4GKkcb+D13d+a3mXWSUAi1HfnUtKoAwZIj1awc/P7C5lO+sq+rgB4+EAl
+TcjB+vS1puUbk+eKBLWfp4iQfwpmRVtTRhQT/fDxvvebbW/in2GoRUDLHsgkxLLk
+cIVPw965w3bek93EOj/nJeZ8FtGgByQhIONOyXWgLgIzSb6q+r0aO7cGYOeTD2fd
+ckJxFIu6lrk25pdWE7heUCwmFiOpG5i4Dn/Zyfbk5Mf2rrEOimzNLQGMXoXrSo2x
+w8Md5hQTa2hgkEhOAqYCYVeZEkpPJkj9yeYvnYF1pOvzRvUVbje93SV9Mp1Umt4A
+kmGR7PWBYnRO+ibspy5KTt2wZvwm8Nnz9FMa4KY93/HdS55OYPzUZ0U6J1Qb66Co
+jjD0/7DAKNWyP2rDxor1HAP94tYwkkM5N/nmGh7rp5/ky0UYN46dVruLozO6CvC0
+HL4Jv3oAByDM3mA9zEWUFnPLGSel87N6Bghp7y+NSbop6QxDThgKJom3BZdoFrRd
+IVpTEW1a4Bkx0n4/HN+wVSuaiQIDAQABMA0GCSqGSIb3DQEBBQUAA4ICAQAVSKZp
+WRiiI/GMwP8J1qLpPYps9GAg8K3SSamNTZjFb4Bx1U9BX2oVfhFzWUHlkEZ4I9Kn
+pHy1DoajsUMXGihIAW7nE4QB7Scg0/j72qWD8RTYJf45LOMmYjwaFzh6nx8ZW8nr
+jQFlZ3FZqrdxRlc09QGj+/1EAB8zsl1TwY5LLHKXmxrrzxgcjlEJQj5W1QsxY+cp
+qR7U2FTIUHWPYIuk32j+4D0cADEgSPRoWQvhQ4yv6ObXnnysmQyL80vMy4qWRkQW
+EZzValhP7+c1HlX/3ZFE5oyfa4MIArxQ2cD6wCxhGLauMOCAGkWw2OBSTsNrAQ9k
+Z5w7ZkB+dkZjTLbMpXEBEjInQraA6daFGpHn0XZWt0yUrPv8yuwrPZPEhCulnCwz
+jPT8ic+thGwdiyXVouxToFoDS+IHHhQXkH4tNTZSVK8g8do5V5mxSJLq2QiySAKj
+8HCKUSg+5YT9hghvD/DZg7AIG7x15WB7tguybmEZ0ZQTMbXfxW8++ennnMv0YB08
+0TcaZVLkzfGqpa7LViMTg+DMOxrbxDPyWwmJYIp1wctIwD/0Mt1GLO24SCpsL0Xi
+/oQmUfmngWJ89KOYIv/FBO1yVwq3LUuwc1bDS+6zYsmOTIdNTjl+HGmq07Nu5IEV
+5CGF3Xf3OCIcIPuFxeF6aJA+h9o82twJq3mwpw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.uams.edu/idp/profile/SAML2/POST/SSO"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Arkansas for Medical Sciences</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Arkansas for Medical Sciences</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uams.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Keith A. Powell</GivenName>
+ <EmailAddress>kapowell@uams.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Greg A. Freeman</GivenName>
+ <EmailAddress>gfreeman@uams.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Steve W. Cochran</GivenName>
+ <EmailAddress>CochranStephenW@uams.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California State University, Northridge -->
+<EntityDescriptor entityID="urn.mace.incommon.codlet.csun.edu">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">codlet.csun.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 567589024390665291381070551708329548006115414975, expires on Mon Jul 30 16:11:50 2029 GMT -->
+ <ds:X509Certificate>
+MIIDJzCCAg+gAwIBAgIUY2uSdWZf8iUsvSq94OJMJ4nik78wDQYJKoZIhvcNAQEF
+BQAwGjEYMBYGA1UEAxMPY29kbGV0LmNzdW4uZWR1MB4XDTA5MDczMDE2MTE1MFoX
+DTI5MDczMDE2MTE1MFowGjEYMBYGA1UEAxMPY29kbGV0LmNzdW4uZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcIJNc9pBDyp7afaRauK/6BaWEj8
+pCNlJew9KniMreB6kFLeKVtMXeV3ucoem+RlsWTyMrfkVEzGOV7o/ONv+lNH+I6E
+wPzL1cNToMY+N7sb/BMAundO5qbVpFclFWkgg8R5fyqv25ropAoXYaMHxpdU4aJq
+wMndxHdQSteaQiLD9n+cEM06hnrxaB0yvl4NBKRgTECNpR4ArxzrRA5DocV3CDCG
+v6OmbDPu5qF2j653JCpoYD/yXr9k0zZA3fc7Od0Jhy8Lcbo3LC/Y+MtBAoipfxts
+q6JAbGAFhaeGr+oaSvMzFsiI63Yrg/Q4+ykRvmOpnX4qAAONHuVFbk+UGQIDAQAB
+o2UwYzBCBgNVHREEOzA5gg9jb2RsZXQuY3N1bi5lZHWGJmh0dHBzOi8vY29kbGV0
+LmNzdW4uZWR1L2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRbdJgHXpfz22+xZ4Zw
+/Xf8fCnARjANBgkqhkiG9w0BAQUFAAOCAQEAc6CsTPazYg64kzcnGU3NHzpz//Fz
+M6BsoqTYeJBlAzyq/n6bTws+Ii1Awf8QDWK8CokJz2z6jFd6RbOpQjA1Eu3P8kK8
+OuW9XQt4u6ovT6ht8oZZr3CRczSLoJG+Y02p0logf00u5NMH6skjkAllYQmcJ+rm
+ECBgb3NgBX2PFRZeC29gH20w5H0eTU9uORUTuINxASL42C48GIOScGawhoQsuoF9
+/OV1ae3LnYM8uqGzgYcC7I4KTxND5pPWdIQxlwoiX7ltroxhFVK74fFW65Hb9vdV
+gQxt3E011CLn6QqiHbbvGZoTTd9MJ1kPsejqryDgepMfD9VX2z+ieVsdgw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://codlet.csun.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://codlet.csun.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">codlet.csun.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 567589024390665291381070551708329548006115414975, expires on Mon Jul 30 16:11:50 2029 GMT -->
+ <ds:X509Certificate>
+MIIDJzCCAg+gAwIBAgIUY2uSdWZf8iUsvSq94OJMJ4nik78wDQYJKoZIhvcNAQEF
+BQAwGjEYMBYGA1UEAxMPY29kbGV0LmNzdW4uZWR1MB4XDTA5MDczMDE2MTE1MFoX
+DTI5MDczMDE2MTE1MFowGjEYMBYGA1UEAxMPY29kbGV0LmNzdW4uZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcIJNc9pBDyp7afaRauK/6BaWEj8
+pCNlJew9KniMreB6kFLeKVtMXeV3ucoem+RlsWTyMrfkVEzGOV7o/ONv+lNH+I6E
+wPzL1cNToMY+N7sb/BMAundO5qbVpFclFWkgg8R5fyqv25ropAoXYaMHxpdU4aJq
+wMndxHdQSteaQiLD9n+cEM06hnrxaB0yvl4NBKRgTECNpR4ArxzrRA5DocV3CDCG
+v6OmbDPu5qF2j653JCpoYD/yXr9k0zZA3fc7Od0Jhy8Lcbo3LC/Y+MtBAoipfxts
+q6JAbGAFhaeGr+oaSvMzFsiI63Yrg/Q4+ykRvmOpnX4qAAONHuVFbk+UGQIDAQAB
+o2UwYzBCBgNVHREEOzA5gg9jb2RsZXQuY3N1bi5lZHWGJmh0dHBzOi8vY29kbGV0
+LmNzdW4uZWR1L2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRbdJgHXpfz22+xZ4Zw
+/Xf8fCnARjANBgkqhkiG9w0BAQUFAAOCAQEAc6CsTPazYg64kzcnGU3NHzpz//Fz
+M6BsoqTYeJBlAzyq/n6bTws+Ii1Awf8QDWK8CokJz2z6jFd6RbOpQjA1Eu3P8kK8
+OuW9XQt4u6ovT6ht8oZZr3CRczSLoJG+Y02p0logf00u5NMH6skjkAllYQmcJ+rm
+ECBgb3NgBX2PFRZeC29gH20w5H0eTU9uORUTuINxASL42C48GIOScGawhoQsuoF9
+/OV1ae3LnYM8uqGzgYcC7I4KTxND5pPWdIQxlwoiX7ltroxhFVK74fFW65Hb9vdV
+gQxt3E011CLn6QqiHbbvGZoTTd9MJ1kPsejqryDgepMfD9VX2z+ieVsdgw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://codlet.csun.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California State University, Northridge</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California State University, Northridge</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.csun.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Kevin Krzewinski</GivenName>
+ <EmailAddress>kevin.krzewinski@csun.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Iowa State University -->
+
+<!-- Princeton University -->
+<EntityDescriptor entityID="https://idp.princeton.edu/idp/shibboleth">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">princeton.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 285306870299062821967435432909517087784234182588, expires on Tue Oct 30 12:51:39 2029 GMT -->
+ <ds:X509Certificate>
+MIIDLzCCAhegAwIBAgIUMfmaP7flCY4+d5Gnju4bntgM57wwDQYJKoZIhvcNAQEF
+BQAwHDEaMBgGA1UEAxMRaWRwLnByaW5jZXRvbi5lZHUwHhcNMDkxMDMwMTI1MTM5
+WhcNMjkxMDMwMTI1MTM5WjAcMRowGAYDVQQDExFpZHAucHJpbmNldG9uLmVkdTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJE0moHwKJGyg9z94dvN0HCB
+klHGPvRdIB0nvzAJxo9KaF81zFaqHpvprwNEoB3Pfy18hIbtnDSv/sV/j6pnKnBw
+XXsf7QJOOF81klkGHZh4C9VnjUL5ok9Ahx1zPgaLcCgvZeGRG7DiRPnOgxVzuwoB
+WFnEWBCoLaqcZUl2njnawRB+LXt8mO+HPhsMO8c7ASJ50hF/l9cGaCs3ucEcwp9d
+FoxSiVy2TMyatszHTHZknaqVyqR+WNCxE/Jpcwfi1oq6k3V5T372GE8WTKclgvpg
+IYV8ISROBHpVlYz9v3N0nnpOn+Io6zuUOS3YNmuX52vaSciaYNoPcmBxYMEG2jcC
+AwEAAaNpMGcwRgYDVR0RBD8wPYIRaWRwLnByaW5jZXRvbi5lZHWGKGh0dHBzOi8v
+aWRwLnByaW5jZXRvbi5lZHUvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFPQsLxgr
+W14zmCfogqfOscaIPOtoMA0GCSqGSIb3DQEBBQUAA4IBAQAqkhYwrjjwi31OYkDK
+jeKyss835BrdLVTqqEfssT3lvYW/SGyRMLCr2hS21p9zbt8dJO67C9RYEjJ/05p2
+Keo+ZQj3ehOP80/phxk0r+Je/fNdpO/HbQG9/DfcYp5sLUXk9koYrXrOHq6KnkVh
+rmikDRb9izfU9nDttB8hWGLiX0WhIvk9xkIAW5ueyL5QxcQmRYNcaT3BUpjkGiBu
+FEsLXa42F1nmdBDGrI2woHNEr2diujL5EOxqIsunquUXuu2dFuNtqA0HRK6wj32b
+fsZT9KwTEdLv/oAbgQ8zlVXErx54GJFg1ksGAJY3lsGY+XdvcUaKuVD2IWOrbCtP
+qZfT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.princeton.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.princeton.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.princeton.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.princeton.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.princeton.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">princeton.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 285306870299062821967435432909517087784234182588, expires on Tue Oct 30 12:51:39 2029 GMT -->
+ <ds:X509Certificate>
+MIIDLzCCAhegAwIBAgIUMfmaP7flCY4+d5Gnju4bntgM57wwDQYJKoZIhvcNAQEF
+BQAwHDEaMBgGA1UEAxMRaWRwLnByaW5jZXRvbi5lZHUwHhcNMDkxMDMwMTI1MTM5
+WhcNMjkxMDMwMTI1MTM5WjAcMRowGAYDVQQDExFpZHAucHJpbmNldG9uLmVkdTCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJE0moHwKJGyg9z94dvN0HCB
+klHGPvRdIB0nvzAJxo9KaF81zFaqHpvprwNEoB3Pfy18hIbtnDSv/sV/j6pnKnBw
+XXsf7QJOOF81klkGHZh4C9VnjUL5ok9Ahx1zPgaLcCgvZeGRG7DiRPnOgxVzuwoB
+WFnEWBCoLaqcZUl2njnawRB+LXt8mO+HPhsMO8c7ASJ50hF/l9cGaCs3ucEcwp9d
+FoxSiVy2TMyatszHTHZknaqVyqR+WNCxE/Jpcwfi1oq6k3V5T372GE8WTKclgvpg
+IYV8ISROBHpVlYz9v3N0nnpOn+Io6zuUOS3YNmuX52vaSciaYNoPcmBxYMEG2jcC
+AwEAAaNpMGcwRgYDVR0RBD8wPYIRaWRwLnByaW5jZXRvbi5lZHWGKGh0dHBzOi8v
+aWRwLnByaW5jZXRvbi5lZHUvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFPQsLxgr
+W14zmCfogqfOscaIPOtoMA0GCSqGSIb3DQEBBQUAA4IBAQAqkhYwrjjwi31OYkDK
+jeKyss835BrdLVTqqEfssT3lvYW/SGyRMLCr2hS21p9zbt8dJO67C9RYEjJ/05p2
+Keo+ZQj3ehOP80/phxk0r+Je/fNdpO/HbQG9/DfcYp5sLUXk9koYrXrOHq6KnkVh
+rmikDRb9izfU9nDttB8hWGLiX0WhIvk9xkIAW5ueyL5QxcQmRYNcaT3BUpjkGiBu
+FEsLXa42F1nmdBDGrI2woHNEr2diujL5EOxqIsunquUXuu2dFuNtqA0HRK6wj32b
+fsZT9KwTEdLv/oAbgQ8zlVXErx54GJFg1ksGAJY3lsGY+XdvcUaKuVD2IWOrbCtP
+qZfT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.princeton.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.princeton.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Princeton University</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Princeton University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.princeton.edu/index.shtml</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Steven Niedzwiecki</GivenName>
+ <EmailAddress>steven@princeton.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Security and Data Protection</GivenName>
+ <EmailAddress>sdp@princeton.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Zimride, Inc. -->
+<EntityDescriptor entityID="https://www.zimride.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12813546599160278816, expires on Sat Dec 22 21:04:07 2012 GMT -->
+ <ds:X509Certificate>
+MIIDMjCCAhqgAwIBAgIJALHS3L4r3O8gMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD3d3dy56aW1yaWRlLmNvbTAeFw0wOTEyMjMyMTA0MDdaFw0xMjEyMjIyMTA0
+MDdaMBoxGDAWBgNVBAMTD3d3dy56aW1yaWRlLmNvbTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALekemUM1SMHdb8S6D/t4UOb1zOEPTdIBlalJt54soWy
+KomuW4Pj/MqtXu5TiW0EBgXhLK2hvAF5OTMgi2DmegX8rbX4Jz++D+1eYU7F12gj
+3GE0N7Tyi3MUTVknN5T0VlCe76y5xGPbzuyiQLYT+GzD72Sdwv3CUxEKR2ZNVZbx
+7fITgfmR0kNDtqBfwNQLFAX3bi+3blqh0wnPb2CO5YizQ2t966GtePWBHlh2CjrI
+rD2k5l+H3YpL3LM4w6T2FKDXU56rAgAn+iMdWTD5A7roy9n1cSjb9llcZhFCtIJ6
+xdlR729baxZ5qlyalMOLFpb/qtsYqbyeelpAbo3klhECAwEAAaN7MHkwHQYDVR0O
+BBYEFHaFq6OjhJ20qwXkS7ZWkZW+JlbnMEoGA1UdIwRDMEGAFHaFq6OjhJ20qwXk
+S7ZWkZW+JlbnoR6kHDAaMRgwFgYDVQQDEw93d3cuemltcmlkZS5jb22CCQCx0ty+
+K9zvIDAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQAL8NIMBPZgqFOF
+sR/m+c175/IetIKKcLtYxVh3ux6Op4uXmV1nCg1+/zdh6HXZQFALSIw/MIAI1vKY
+dv7PsIPZUh7uJIJoJBsxkLLpEpBmJMNxPuJOYfyX+EfIF5r1h7WBzI02XT552hfh
+KorYUVwk4cxSSCyQOUgMlbCwFpmrm3pf2nV+EtfXSNK8qzJHYkf7RXqTyUFIcFn1
+8puMz4r4BCddIfpSop9+bImir0waOEJt5SFBIKDhkBIroCK0blEGDnpNC4Uh9SfH
+g+AK//pH5g02ng5dUQQOYETY75O3yMo5LoMHcsBgVxqENAXJKh5u2LvlvqApUIWE
+4rZ5DpaO
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.zimride.com/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.zimride.com/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Zimride, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Zimride, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.zimride.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jason Rosenfeld</GivenName>
+ <EmailAddress>jason@zimride.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- California Institute of Technology -->
+<EntityDescriptor entityID="https://idp.caltech.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://idp.caltech.edu/idp/profile/error" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">caltech.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 64370492486943557358580814171600805460449288146, expires on Mon Feb 4 00:38:14 2030 GMT -->
+ <ds:X509Certificate>
+MIIDJzCCAg+gAwIBAgIUC0Z5A7Hz0aGgHdvfgWBw/TW939IwDQYJKoZIhvcNAQEF
+BQAwGjEYMBYGA1UEAxMPaWRwLmNhbHRlY2guZWR1MB4XDTEwMDIwNDAwMzgxNFoX
+DTMwMDIwNDAwMzgxNFowGjEYMBYGA1UEAxMPaWRwLmNhbHRlY2guZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUfvISEj5BkXO8k4dKr7C1NdlDIs
+osNxbjP39/8oVwgGaMSnkfMhY6xct9gnxTzCRXe49MU+UyVRlljTqTeIJf8VG0K2
+aPSRk9xpzWje/fEkUHgpOjLDM0TNB2tWIQbHQwHz7HsuB/Au870PBMv4EfVz4us8
+yTmYvY2ZJPe192BnIbNyLub138HXjr7TrLBxMg7KulnanGnN75UrVjueRzAvFZlE
+lAZ+shDsjVYAoceEaFn7TF37ehVdjbXwOegtu+vU0kjjCS3cQUXXOs1Ojz6Vood/
+oP1SOisW3bEhboKMUCWEcDckUXHVd/qCekbUsJEt5KAK6Gmf5Ygha748kQIDAQAB
+o2UwYzBCBgNVHREEOzA5gg9pZHAuY2FsdGVjaC5lZHWGJmh0dHBzOi8vaWRwLmNh
+bHRlY2guZWR1L2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRlqKQBRnVFASGfdigd
+a/ihuq365zANBgkqhkiG9w0BAQUFAAOCAQEAck8P9JfpOWTpgc4LCyaY3WiJFIGe
+WT25D+6Gj7ADxj7+o2UZCcB2sI5LvyFJaetQSB/7p0F+hmU8/csunwoWARnbOcJt
+SmbyiJQ6eKUXOklOEqxEpGZRa2MbRwukfVx+v6U3N75JxoyuNfqC/G3tKzOIo4qz
+uxiE+1ntesuGTmWuLx9dIKILJ6XuD/rmGSkeKWljLC1jNQEjHioskqIFhcF1JxDv
+qnn8IBfnaoc4GX6AV3fEHifdQEOu7GdicUeA8o+cKqddCZf1PoUTSPby1NcFeDO6
+PPYq4pWYGD1Sc8SOXB+99YOD8hJObGIcskF0VRwv1Kg7rrTBqPLic7kcRA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.caltech.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.caltech.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">caltech.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 64370492486943557358580814171600805460449288146, expires on Mon Feb 4 00:38:14 2030 GMT -->
+ <ds:X509Certificate>
+MIIDJzCCAg+gAwIBAgIUC0Z5A7Hz0aGgHdvfgWBw/TW939IwDQYJKoZIhvcNAQEF
+BQAwGjEYMBYGA1UEAxMPaWRwLmNhbHRlY2guZWR1MB4XDTEwMDIwNDAwMzgxNFoX
+DTMwMDIwNDAwMzgxNFowGjEYMBYGA1UEAxMPaWRwLmNhbHRlY2guZWR1MIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjUfvISEj5BkXO8k4dKr7C1NdlDIs
+osNxbjP39/8oVwgGaMSnkfMhY6xct9gnxTzCRXe49MU+UyVRlljTqTeIJf8VG0K2
+aPSRk9xpzWje/fEkUHgpOjLDM0TNB2tWIQbHQwHz7HsuB/Au870PBMv4EfVz4us8
+yTmYvY2ZJPe192BnIbNyLub138HXjr7TrLBxMg7KulnanGnN75UrVjueRzAvFZlE
+lAZ+shDsjVYAoceEaFn7TF37ehVdjbXwOegtu+vU0kjjCS3cQUXXOs1Ojz6Vood/
+oP1SOisW3bEhboKMUCWEcDckUXHVd/qCekbUsJEt5KAK6Gmf5Ygha748kQIDAQAB
+o2UwYzBCBgNVHREEOzA5gg9pZHAuY2FsdGVjaC5lZHWGJmh0dHBzOi8vaWRwLmNh
+bHRlY2guZWR1L2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRlqKQBRnVFASGfdigd
+a/ihuq365zANBgkqhkiG9w0BAQUFAAOCAQEAck8P9JfpOWTpgc4LCyaY3WiJFIGe
+WT25D+6Gj7ADxj7+o2UZCcB2sI5LvyFJaetQSB/7p0F+hmU8/csunwoWARnbOcJt
+SmbyiJQ6eKUXOklOEqxEpGZRa2MbRwukfVx+v6U3N75JxoyuNfqC/G3tKzOIo4qz
+uxiE+1ntesuGTmWuLx9dIKILJ6XuD/rmGSkeKWljLC1jNQEjHioskqIFhcF1JxDv
+qnn8IBfnaoc4GX6AV3fEHifdQEOu7GdicUeA8o+cKqddCZf1PoUTSPby1NcFeDO6
+PPYq4pWYGD1Sc8SOXB+99YOD8hJObGIcskF0VRwv1Kg7rrTBqPLic7kcRA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.caltech.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">California Institute of Technology</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">California Institute of Technology</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.caltech.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Zailo Leite</GivenName>
+ <EmailAddress>zleite@caltech.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>RuthAnne Bevier</GivenName>
+ <EmailAddress>ruthanne@caltech.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- E-academy, Inc. -->
+<EntityDescriptor entityID="https://e5demo.onthehub.com/Incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 15569305192845516274, expires on Sat Feb 16 22:05:33 2013 GMT -->
+ <ds:X509Certificate>
+MIIDJTCCAg2gAwIBAgIJANgRSJVLM53yMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2U1ZGVtby5vblRoZUh1Yi5jb20wHhcNMTAwMjE3MjIwNTMzWhcNMTMwMjE2
+MjIwNTMzWjAeMRwwGgYDVQQDExNlNWRlbW8ub25UaGVIdWIuY29tMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycrEtnlOCkIN96yPhS0PcIVY5vPeY1Jv
++UjTt9GesIniyup7Y5zazoi0qijxh15mZOPKSCtAq5zR0WbE8q+9hJ05e2DMAVLr
+knJPxAqz5SuY+wV0Zo/ZprYlNHrsY36eBfvmYW53qeWfw2LiutLy7frnNusGyOfB
+R7FFJmyPDNOpgc5TMoSZAytDYCNn8f6kYJjzV5ikzyZ9zQoYHs3UZ3p2pRoaTgOU
+ZeX8FNbm5ej07HrugFLm6LOHZUKxhMucEBi69Y3ik6qTo8tGFU+AFrZe7k0vnWuQ
+NoU97XalAmMax080Q1PiRBk88rSEQTx0rY6WH5NJTvmOeCaH/mhmgQIDAQABo2Yw
+ZDBDBgNVHREEPDA6ghNlNWRlbW8ub25UaGVIdWIuY29thiNodHRwczovL2U1ZGVt
+by5vblRoZUh1Yi5jb20vQUFJVGVzdDAdBgNVHQ4EFgQUHI1mReD5CXBWP4yzs+GJ
+ijeWfswwDQYJKoZIhvcNAQEFBQADggEBAIKk2WMNM26GqUJqsG9xK65YQW3/rP97
+eaYn34OptGXvJRRvqkPDQWEwKBKnU0Rm9y+itLGIyR1pB2LYU1Q5B0Yy1yGf7wU+
+MYW5xAtX/NTavQ7EenSA+6vGCFAAjaadVF3vhq1UdpNNGzuNYRJNzwURJ6jXzW3W
+3XQ1XZDN63Of5NczPzOnNIB9vEnGr0Lavgcwa5jrq5EKSWlwHOM99aPvbS+yGXdH
+2l8LN+gIlYmE2LFyithGf6D8T9I6dm5eLlIN3cwe6CJYe8qXGH5njBdgxrIjFzfl
+pNkHpTcYV1wma11MZT6x+8cpYKNMUp5uKtXA/pHXhXas2LKQWb0bgAA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://e5demo.onthehub.com" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">E-academy, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">E-academy, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.e-academy.com/index.cfm</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Islam Gomaa</GivenName>
+ <EmailAddress>InCommon@e-academy.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Islam Gomaa</GivenName>
+ <EmailAddress>InCommon@e-academy.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Islam Gomaa</GivenName>
+ <EmailAddress>InCommon@e-academy.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://e5.onthehub.com/Incommon">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 14374691372096980487, expires on Sun Feb 24 04:50:18 2013 GMT -->
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIJAMd9KaR9toYHMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2U1Lm9udGhlaHViLmNvbTAeFw0xMDAyMjUwNDUwMThaFw0xMzAyMjQwNDUw
+MThaMBoxGDAWBgNVBAMTD2U1Lm9udGhlaHViLmNvbTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANKTnziKTdgcivrTYF19r+9rtlW3uTyUYl2tcIum3/ps
+QRK8QQfI9sJthy+ZnffeY3z3+CidJDUaWT48xlbH50mpio/LjJxBtPp3P5z4EySd
+Nhd4vnJc4oRuvXGG4jicvHtcqHVKxFGARNSrh5vmt1+Hl/+QcatXgeNehIsWJLsL
+TNNDiajMDdMmMSOhTSijfLsBUvW/ICu0oOHnGDczE3i01Ndwlxv1beK+gpApxSW0
+gQmDsK0yKg9p7Le5X01/Zy3ZrD7RfLEPnn7ih9nKKumQYM2GWLjPX8VYF06S8DsK
+s+Y4dMyMmH+m+hXiS9eBok5tVJk2rtGeEPO+r7SbHykCAwEAAaNgMF4wPQYDVR0R
+BDYwNIIPZTUub250aGVodWIuY29thiFodHRwczovL2U1Lk9uVGhlSHViLmNvbS9T
+V0lUQ0hhYWkwHQYDVR0OBBYEFHj+ExVzTMWcAnF8tCl430KUWcnBMA0GCSqGSIb3
+DQEBBQUAA4IBAQBQvFAmxzM6xMAkDjpwsA8bFfsVQPBPYHjsxSJe5SjwnkvJXsu+
+xKkOi5pYCpBabVj6aAAb46blyww/P+c85CPdVcNatWpl7tw4vvsChFn6qAIF3J/s
+m/3HQvXTciz1PAOz6iM/TOMtPADZMaaB9x0B+8ZSAX+kM65qZ36FpzDhWd/qfjsA
+Tw16q1YI/XDmdYIpd5ucf0a3hsGkh6N4p1sRpU48KbI9RP8FtO+b5rvGcF5/wRie
+GS8vMv1+KR0K7bArdlfPSkWS6ZQYtACIcgHFMVbXU1r98Fat66Indq1wr1fHVWhe
+Uftswq8/KxUOm70wY6wpeCVYgiTJTynd2anb
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://e5.onthehub.com" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">E-academy, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">E-academy, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.e-academy.com/index.cfm</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Islam Gomaa</GivenName>
+ <EmailAddress>InCommon@e-academy.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Islam Gomaa</GivenName>
+ <EmailAddress>InCommon@e-academy.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Islam Gomaa</GivenName>
+ <EmailAddress>InCommon@e-academy.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Atlas Systems, Inc. -->
+<EntityDescriptor entityID="https://northwestern.ares.atlas-sys.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://northwestern.ares.atlas-sys.com/ares/Shibboleth.sso/Login" index="1"></DiscoveryResponse>
+ </md:Extensions>
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 16590101687594533622, expires on Sat Feb 16 15:13:50 2013 GMT -->
+ <ds:X509Certificate>
+MIIDZDCCAkygAwIBAgIJAOY74ZY0rkL2MA0GCSqGSIb3DQEBBQUAMCoxKDAmBgNV
+BAMTH25vcnRod2VzdGVybi5hcmVzLmF0bGFzLXN5cy5jb20wHhcNMTAwMjE3MTUx
+MzUwWhcNMTMwMjE2MTUxMzUwWjAqMSgwJgYDVQQDEx9ub3J0aHdlc3Rlcm4uYXJl
+cy5hdGxhcy1zeXMuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+0vK4YJ6A2RJqEjElnI2u8rW8FnkebX5bzWHaoLVWfbSgD4YWSpQcclZXv5xDcmeY
+orYt0WYoCDrEJ8o+X/r7NJUKDDb4DG7O21tBDL4xQ0S3kj432Mfq1HWnk/JZ361M
+HctkWIIkSdoswfP/4O3KVGtMShA80J77r9NeKa4O+fKPLlTTwwLxcpX0oe8ROCfZ
+IVyVj46Xi8+MxWOPrECtjlsP7tx+SlIQ0IV6arItkA1CcnQ/rBrLLPNFOcsQ0CDm
+Vi4dzOIoqa2hEE/iJSKTrV0hHDSfe5gLmhhy7ar+KXvxiaBONKF67k/2Kj9blFw5
+JntB4gClMkFyZBSx63d6EQIDAQABo4GMMIGJMB0GA1UdDgQWBBSCS/dy7loh9x7N
+8mOacJ+kW/9q4jBaBgNVHSMEUzBRgBSCS/dy7loh9x7N8mOacJ+kW/9q4qEupCww
+KjEoMCYGA1UEAxMfbm9ydGh3ZXN0ZXJuLmFyZXMuYXRsYXMtc3lzLmNvbYIJAOY7
+4ZY0rkL2MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAE+n0D46FBWh
+5JBvxAdURmrnW3/px4Lz7apfd+X0+DnJj5XLXJa6AwutUfo/fyTLtnW8NryDcq9m
+OTvuP1eRfaV942wdn+y0+vK9MuKhvdLeLp6lgB8AjL7qf/URcfaALz06XCFji4o8
+s74WGSUr3kdRpE+q2DWRB9sofhZr3qJ0PvNJvJhFOVyKWDY/mbvwRrw6R593bQly
++Wlyjf1NCDtBpp8X4C7sfTMsgV5hUP9DV646tnnXMswF3jb/TOcyS+Mv8KqgCL8u
+ONAz7wodoY9Wx0gbc+l3JAG0uR9qPSHylck0zU+P++1xmdN0rQcA/HtwTRH7qYeX
+eyJBVb37hCQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://northwestern.ares.atlas-sys.com/ares/Shibboleth.sso/SAML2/POST" index="1"></md:AssertionConsumerService>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://northwestern.ares.atlas-sys.com/ares/Shibboleth.sso/SAML/POST" index="2"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Atlas Systems, Inc.</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Atlas Systems, Inc.</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.atlas-sys.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Curtis Poston</GivenName>
+ <EmailAddress>cposton@atlas-sys.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Kathy Poston</GivenName>
+ <EmailAddress>kposton@atlas-sys.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- Ebooks Corporation Limited -->
+<EntityDescriptor entityID="https://sp.eblib.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 13449763680232031088, expires on Tue Aug 4 05:34:04 2015 GMT -->
+ <ds:X509Certificate>
+MIIDKTCCAhGgAwIBAgIJALqnKM6pLkNwMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDHNwLmVibGliLmNvbTAeFw0xMDAyMTEwNTM0MDRaFw0xNTA4MDQwNTM0MDRa
+MBcxFTATBgNVBAMTDHNwLmVibGliLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAJZV6beFb089RwJMkMg36np2UzRbUVrL8sIzBWNt01pFzDyYxhM/
+p0B768wQrXbMWBE9iK1LZctH8q9La2Pkzeh5k285Me3HpFD3jtvGNekhvQSlOQUU
+gzz9vZZaftSTl4Ik+ExCKEQQYK9nSxjiXJTEPIARpSYvHEXJzx0f5lHofMsmipcB
+cJyEDNKl/ZAxyjwB0Sd27Jf4g1hR9NcWs7qotgEfoV288KVuFMJmK21FPTpwODzO
+SjIBCDb0I1eYaE69ztGfxT8h5Xx5GbxGVB9C3y8QxYGv8gz8GT6HoroOtFII1eRT
+dkvvNDJuHrnO6GM2LuS7iwihTtupKPkhTNUCAwEAAaN4MHYwHQYDVR0OBBYEFOO2
+FIOQFaY9Ba0RpGoM+w7TJZ/zMEcGA1UdIwRAMD6AFOO2FIOQFaY9Ba0RpGoM+w7T
+JZ/zoRukGTAXMRUwEwYDVQQDEwxzcC5lYmxpYi5jb22CCQC6pyjOqS5DcDAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQCQ+GwyE39IJwGwgorBlRZDbZ7i
+oqSVMdisQ6hGjY6CmwZphiRemdk9nZHFUu+y9UGulRGH38F0/OPPBDLHCTL8DQiF
+86SPRdSrZYLiKlOjPjp9LlLo2qatv0rydifJXPnLSUjSce2/Bt9+lNncgx+dmqYZ
+hKgEsDAyqsXZ+jSdnDBbn6W8w5OFfYXS5KcWhdb9bcdTpoWwqSXP2jr1Z7q7KcVQ
+mGcjWn0WcHv8NnPhkJ9GYrGlOgzDowjsAlaxHSRsuEozjrX0bSD9KOEwhnuCkCvp
+X2Z7oPraBw9viS3veLbISqB2b3t3nm4Pc+LSdrkfOq53zEjQyyRAYbZ4AuQT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.eblib.com/Shibboleth.sso" index="1"></md:AssertionConsumerService>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Ebooks Corporation Limited</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Ebook Library - EBL</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ebookscorporation.com/index.html</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Dean Herbert</GivenName>
+ <EmailAddress>dean.herbert@eblib.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName>Drew Watson</GivenName>
+ <EmailAddress>drew.watson@eblib.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Kari Paulson</GivenName>
+ <EmailAddress>kari.paulson@eblib.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+
+<!-- University of Pittsburgh -->
+<EntityDescriptor entityID="https://idp.pitt.edu/idp/shibboleth">
+ <IDPSSODescriptor errorURL="https://idp.pitt.edu/idp/error.jsp" protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">pitt.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12675058562829665935, expires on Sat Feb 23 21:15:44 2013 GMT -->
+ <ds:X509Certificate>
+MIIDKTCCAhGgAwIBAgIJAK/m2puIvEaPMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDGlkcC5waXR0LmVkdTAeFw0xMDAyMjQyMTE1NDRaFw0xMzAyMjMyMTE1NDRa
+MBcxFTATBgNVBAMTDGlkcC5waXR0LmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAPf6lCv9nQN+Fn7ebs+68OhI804i1tn4STw9D9guwsE7Me1bGd4F
+FcIIniLFpt2rj8mmgtZ2klLNiAQlnx/GXpn/76BjSj4YvMEzW/dMmaBIP76bAnQ7
+cKmbFk8leBYGaunz6tqZWmaUFxEGr5ahleS4YWe+dVX86P3+/waPhiXklNeLLM2W
+ZNa1dEDbvMbSuXFKuFWtiaayIiACIhi02pzIVBc/VO7z/uZKkN4g87wGVrlvwSmU
+eI2jchW+CggBVQttF1TNBd+HTHb3J+MONZBGrWA4ZGXhlzFXeP9/PqmrpxRR2soW
+qryVCPr5EsIgJzQVSUXdgDXlrtpR4LZbdpcCAwEAAaN4MHYwHQYDVR0OBBYEFLKs
+08YJmnk/5jSuFpS3fjD6EZMqMEcGA1UdIwRAMD6AFLKs08YJmnk/5jSuFpS3fjD6
+EZMqoRukGTAXMRUwEwYDVQQDEwxpZHAucGl0dC5lZHWCCQCv5tqbiLxGjzAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBR8/mBNuAza6eX2kPXul2zVRzr
+ksZQsPuShBYEp+FN84/gvg55sY2ZOLkGVH55toyyMcouhepsCtqZg/qHsxAv2qaG
+pUNRzRlUBhr5WjMQSmGC1SxeFO8EIZCv/prDi8jvARJwC85Q4mixs/mR8Ys0GWFk
+YhVUcKSUzBNlGJdSYl4CDXWt+e6EVvnyWvAmk4psrqlXeGzBxhSjHrJGQqEDuBjZ
+Rf8ZaY9CbLGbOm/g++Szj1E+1s1cyiBQ5D316JimJ3U5Io2NHV+nSUdYOC8256+j
+dalrcnm0K9z3483QueZhUmPtapzeJz617znahr+cgz1fLZJTtP34AmIUOiVu
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.pitt.edu:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.pitt.edu/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.pitt.edu/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.pitt.edu/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.pitt.edu/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">pitt.edu</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <!-- Serial No. 12675058562829665935, expires on Sat Feb 23 21:15:44 2013 GMT -->
+ <ds:X509Certificate>
+MIIDKTCCAhGgAwIBAgIJAK/m2puIvEaPMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDGlkcC5waXR0LmVkdTAeFw0xMDAyMjQyMTE1NDRaFw0xMzAyMjMyMTE1NDRa
+MBcxFTATBgNVBAMTDGlkcC5waXR0LmVkdTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAPf6lCv9nQN+Fn7ebs+68OhI804i1tn4STw9D9guwsE7Me1bGd4F
+FcIIniLFpt2rj8mmgtZ2klLNiAQlnx/GXpn/76BjSj4YvMEzW/dMmaBIP76bAnQ7
+cKmbFk8leBYGaunz6tqZWmaUFxEGr5ahleS4YWe+dVX86P3+/waPhiXklNeLLM2W
+ZNa1dEDbvMbSuXFKuFWtiaayIiACIhi02pzIVBc/VO7z/uZKkN4g87wGVrlvwSmU
+eI2jchW+CggBVQttF1TNBd+HTHb3J+MONZBGrWA4ZGXhlzFXeP9/PqmrpxRR2soW
+qryVCPr5EsIgJzQVSUXdgDXlrtpR4LZbdpcCAwEAAaN4MHYwHQYDVR0OBBYEFLKs
+08YJmnk/5jSuFpS3fjD6EZMqMEcGA1UdIwRAMD6AFLKs08YJmnk/5jSuFpS3fjD6
+EZMqoRukGTAXMRUwEwYDVQQDEwxpZHAucGl0dC5lZHWCCQCv5tqbiLxGjzAMBgNV
+HRMEBTADAQH/MA0GCSqGSIb3DQEBBQUAA4IBAQBR8/mBNuAza6eX2kPXul2zVRzr
+ksZQsPuShBYEp+FN84/gvg55sY2ZOLkGVH55toyyMcouhepsCtqZg/qHsxAv2qaG
+pUNRzRlUBhr5WjMQSmGC1SxeFO8EIZCv/prDi8jvARJwC85Q4mixs/mR8Ys0GWFk
+YhVUcKSUzBNlGJdSYl4CDXWt+e6EVvnyWvAmk4psrqlXeGzBxhSjHrJGQqEDuBjZ
+Rf8ZaY9CbLGbOm/g++Szj1E+1s1cyiBQ5D316JimJ3U5Io2NHV+nSUdYOC8256+j
+dalrcnm0K9z3483QueZhUmPtapzeJz617znahr+cgz1fLZJTtP34AmIUOiVu
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.pitt.edu:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.pitt.edu:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Pittsburgh</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Pittsburgh</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.pitt.edu/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Christopher Keslar</GivenName>
+ <EmailAddress>crk4@pitt.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Anthony Jones</GivenName>
+ <EmailAddress>abj@pitt.edu</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>EJ Monti</GivenName>
+ <EmailAddress>ejmonti@pitt.edu</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+</EntitiesDescriptor> \ No newline at end of file
diff --git a/tests/aa_conf.py b/tests/aa_conf.py
new file mode 100644
index 00000000..fb601279
--- /dev/null
+++ b/tests/aa_conf.py
@@ -0,0 +1,50 @@
+
+from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, NAME_FORMAT_URI
+BASE = "http://localhost:8089/"
+
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+CONFIG={
+ "service":{
+ "aa":{
+ "endpoints" : {
+ "attribute_service" : [(BASE + "as", BINDING_HTTP_REDIRECT)],
+ "single_logout_service": [(BASE+"slo", BINDING_SOAP)]
+ },
+ "release_policy": {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None, # means all I have
+ "name_form": NAME_FORMAT_URI,
+ },
+ },
+ "subject_data": "aa.db",
+ }
+ },
+ "entityid" : BASE+ "aa",
+ "name" : "Rolands AA",
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["metadata.xml", "vo_metadata.xml"],
+ },
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": "Exempel AB",
+ "display_name": [("Exempel AB","se"),("Example Co.","en")],
+ "url":"http://www.example.com/roland",
+ },
+ "contact_person": [{
+ "given_name":"John",
+ "sur_name": "Smith",
+ "email_address": ["john.smith@example.com"],
+ "contact_type": "technical",
+ },
+ ],
+}
+
diff --git a/tests/attribute.map b/tests/attribute.map
new file mode 100644
index 00000000..a368742f
--- /dev/null
+++ b/tests/attribute.map
@@ -0,0 +1,7 @@
+urn:oid:2.5.4.4 surName urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+urn:oid:2.5.4.42 givenName urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+urn:oid:2.5.4.12 title urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+urn:oid:0.9.2342.19200300.100.1.1 uid urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+urn:oid:0.9.2342.19200300.100.1.3 mail urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+urn:oid:1.3.6.1.4.1.5923.1.1.1.1 eduPersonAffiliation urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+urn:oid:1.3.6.1.4.1.5923.1.1.1.7 eduPersonEntitlement urn:oasis:names:tc:SAML:2.0:attrname-format:uri
diff --git a/tests/attribute_statement_data.py b/tests/attribute_statement_data.py
new file mode 100644
index 00000000..6e11588b
--- /dev/null
+++ b/tests/attribute_statement_data.py
@@ -0,0 +1,175 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+"""Testdata for attribute converters """
+
+STATEMENT1 = """<?xml version="1.0" encoding="utf-8"?>
+<ns1:AttributeStatement xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">
+ <ns1:Attribute Name="eduPersonPrincipalName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>rohe0002@umu.se</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="eduPersonTargetedID"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>a139b2116ad1dd7b91c129a32a242fcc5fd9e821</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:displayName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>Hedberg, Roland</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:uid"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>rohe0002</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:eduPersonNickname"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>rohe0002</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:cn"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>Roland Hedberg</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:eduPersonAffiliation"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>member</ns1:AttributeValue>
+ <ns1:AttributeValue>employee</ns1:AttributeValue>
+ <ns1:AttributeValue>staff</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:street"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>Umeå universitet</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:postalCode"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>901 87</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:eduPersonScopedAffiliation"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>employee@umu.se</ns1:AttributeValue>
+ <ns1:AttributeValue>staff@umu.se</ns1:AttributeValue>
+ <ns1:AttributeValue>member@umu.se</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:physicalDeliveryOfficeName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>Västra flygeln, plan 4</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:employeeType"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>IT-arkitekt</ns1:AttributeValue>
+ <ns1:AttributeValue>övrig/annan befattning</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:ou"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>Ladokenheten</ns1:AttributeValue>
+ <ns1:AttributeValue>IT-enheten</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:givenName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>Roland</ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="urn:mace:dir:attribute-def:sn"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue>Hedberg</ns1:AttributeValue>
+ </ns1:Attribute>
+</ns1:AttributeStatement>"""
+
+
+STATEMENT2 = """<?xml version="1.0" encoding="utf-8"?>
+<saml2:AttributeStatement xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">
+ <saml2:Attribute FriendlyName="uid" Name="urn:oid:0.9.2342.19200300.100.1.1"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">demouser</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="swissEduPersonHomeOrganizationType"
+ Name="urn:oid:2.16.756.1.2.5.1.1.5"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">others</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="surname"
+ Name="urn:oid:2.5.4.4"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">SWITCHaai</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="givenName"
+ Name="urn:oid:2.5.4.42"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">Demouser</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="eduPersonAffiliation"
+ Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">staff</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="eduPersonEntitlement"
+ Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">http://example.org/res/99999</saml2:AttributeValue>
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">http://publisher-xy.com/e-journals</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute FriendlyName="mail"
+ Name="urn:oid:0.9.2342.19200300.100.1.3"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">demouser@example.org</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute
+ FriendlyName="swissEduPersonUniqueID"
+ Name="urn:oid:2.16.756.1.2.5.1.1.1"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">234567@example.org</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute
+ FriendlyName="swissEduPersonHomeOrganization"
+ Name="urn:oid:2.16.756.1.2.5.1.1.4"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <saml2:AttributeValue
+ xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:string">example.org</saml2:AttributeValue>
+ </saml2:Attribute>
+</saml2:AttributeStatement>"""
+
+STATEMENT3 = """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:AttributeStatement xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion">
+ <ns0:Attribute Name="umuselin">
+ <ns0:AttributeValue>1234567890</ns0:AttributeValue>
+ </ns0:Attribute>
+ <ns0:Attribute Name="edupersonaffiliation">
+ <ns0:AttributeValue>staff</ns0:AttributeValue>
+ </ns0:Attribute>
+ <ns0:Attribute FriendlyName="surname" Name="urn:oid:2.5.4.4"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
+ <ns0:AttributeValue>Hedberg</ns0:AttributeValue>
+ </ns0:Attribute>
+ <ns0:Attribute Name="uid">
+ <ns0:AttributeValue>roland</ns0:AttributeValue>
+ </ns0:Attribute>
+ <ns0:Attribute Name="givenname">
+ <ns0:AttributeValue>Roland</ns0:AttributeValue>
+ </ns0:Attribute>
+</ns0:AttributeStatement>"""
diff --git a/tests/attributemaps/basic.py b/tests/attributemaps/basic.py
new file mode 100644
index 00000000..9311d547
--- /dev/null
+++ b/tests/attributemaps/basic.py
@@ -0,0 +1,326 @@
+
+MAP = {
+ "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic",
+ "fro": {
+ 'urn:mace:dir:attribute-def:aRecord': 'aRecord',
+ 'urn:mace:dir:attribute-def:aliasedEntryName': 'aliasedEntryName',
+ 'urn:mace:dir:attribute-def:aliasedObjectName': 'aliasedObjectName',
+ 'urn:mace:dir:attribute-def:associatedDomain': 'associatedDomain',
+ 'urn:mace:dir:attribute-def:associatedName': 'associatedName',
+ 'urn:mace:dir:attribute-def:audio': 'audio',
+ 'urn:mace:dir:attribute-def:authorityRevocationList': 'authorityRevocationList',
+ 'urn:mace:dir:attribute-def:buildingName': 'buildingName',
+ 'urn:mace:dir:attribute-def:businessCategory': 'businessCategory',
+ 'urn:mace:dir:attribute-def:c': 'c',
+ 'urn:mace:dir:attribute-def:cACertificate': 'cACertificate',
+ 'urn:mace:dir:attribute-def:cNAMERecord': 'cNAMERecord',
+ 'urn:mace:dir:attribute-def:carLicense': 'carLicense',
+ 'urn:mace:dir:attribute-def:certificateRevocationList': 'certificateRevocationList',
+ 'urn:mace:dir:attribute-def:cn': 'cn',
+ 'urn:mace:dir:attribute-def:co': 'co',
+ 'urn:mace:dir:attribute-def:commonName': 'commonName',
+ 'urn:mace:dir:attribute-def:countryName': 'countryName',
+ 'urn:mace:dir:attribute-def:crossCertificatePair': 'crossCertificatePair',
+ 'urn:mace:dir:attribute-def:dITRedirect': 'dITRedirect',
+ 'urn:mace:dir:attribute-def:dSAQuality': 'dSAQuality',
+ 'urn:mace:dir:attribute-def:dc': 'dc',
+ 'urn:mace:dir:attribute-def:deltaRevocationList': 'deltaRevocationList',
+ 'urn:mace:dir:attribute-def:departmentNumber': 'departmentNumber',
+ 'urn:mace:dir:attribute-def:description': 'description',
+ 'urn:mace:dir:attribute-def:destinationIndicator': 'destinationIndicator',
+ 'urn:mace:dir:attribute-def:displayName': 'displayName',
+ 'urn:mace:dir:attribute-def:distinguishedName': 'distinguishedName',
+ 'urn:mace:dir:attribute-def:dmdName': 'dmdName',
+ 'urn:mace:dir:attribute-def:dnQualifier': 'dnQualifier',
+ 'urn:mace:dir:attribute-def:documentAuthor': 'documentAuthor',
+ 'urn:mace:dir:attribute-def:documentIdentifier': 'documentIdentifier',
+ 'urn:mace:dir:attribute-def:documentLocation': 'documentLocation',
+ 'urn:mace:dir:attribute-def:documentPublisher': 'documentPublisher',
+ 'urn:mace:dir:attribute-def:documentTitle': 'documentTitle',
+ 'urn:mace:dir:attribute-def:documentVersion': 'documentVersion',
+ 'urn:mace:dir:attribute-def:domainComponent': 'domainComponent',
+ 'urn:mace:dir:attribute-def:drink': 'drink',
+ 'urn:mace:dir:attribute-def:eduOrgHomePageURI': 'eduOrgHomePageURI',
+ 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI',
+ 'urn:mace:dir:attribute-def:eduOrgLegalName': 'eduOrgLegalName',
+ 'urn:mace:dir:attribute-def:eduOrgSuperiorURI': 'eduOrgSuperiorURI',
+ 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI': 'eduOrgWhitePagesURI',
+ 'urn:mace:dir:attribute-def:eduPersonAffiliation': 'eduPersonAffiliation',
+ 'urn:mace:dir:attribute-def:eduPersonEntitlement': 'eduPersonEntitlement',
+ 'urn:mace:dir:attribute-def:eduPersonNickname': 'eduPersonNickname',
+ 'urn:mace:dir:attribute-def:eduPersonOrgDN': 'eduPersonOrgDN',
+ 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN': 'eduPersonOrgUnitDN',
+ 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation',
+ 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN',
+ 'urn:mace:dir:attribute-def:eduPersonPrincipalName': 'eduPersonPrincipalName',
+ 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation': 'eduPersonScopedAffiliation',
+ 'urn:mace:dir:attribute-def:eduPersonTargetedID': 'eduPersonTargetedID',
+ 'urn:mace:dir:attribute-def:email': 'email',
+ 'urn:mace:dir:attribute-def:emailAddress': 'emailAddress',
+ 'urn:mace:dir:attribute-def:employeeNumber': 'employeeNumber',
+ 'urn:mace:dir:attribute-def:employeeType': 'employeeType',
+ 'urn:mace:dir:attribute-def:enhancedSearchGuide': 'enhancedSearchGuide',
+ 'urn:mace:dir:attribute-def:facsimileTelephoneNumber': 'facsimileTelephoneNumber',
+ 'urn:mace:dir:attribute-def:favouriteDrink': 'favouriteDrink',
+ 'urn:mace:dir:attribute-def:fax': 'fax',
+ 'urn:mace:dir:attribute-def:federationFeideSchemaVersion': 'federationFeideSchemaVersion',
+ 'urn:mace:dir:attribute-def:friendlyCountryName': 'friendlyCountryName',
+ 'urn:mace:dir:attribute-def:generationQualifier': 'generationQualifier',
+ 'urn:mace:dir:attribute-def:givenName': 'givenName',
+ 'urn:mace:dir:attribute-def:gn': 'gn',
+ 'urn:mace:dir:attribute-def:homePhone': 'homePhone',
+ 'urn:mace:dir:attribute-def:homePostalAddress': 'homePostalAddress',
+ 'urn:mace:dir:attribute-def:homeTelephoneNumber': 'homeTelephoneNumber',
+ 'urn:mace:dir:attribute-def:host': 'host',
+ 'urn:mace:dir:attribute-def:houseIdentifier': 'houseIdentifier',
+ 'urn:mace:dir:attribute-def:info': 'info',
+ 'urn:mace:dir:attribute-def:initials': 'initials',
+ 'urn:mace:dir:attribute-def:internationaliSDNNumber': 'internationaliSDNNumber',
+ 'urn:mace:dir:attribute-def:janetMailbox': 'janetMailbox',
+ 'urn:mace:dir:attribute-def:jpegPhoto': 'jpegPhoto',
+ 'urn:mace:dir:attribute-def:knowledgeInformation': 'knowledgeInformation',
+ 'urn:mace:dir:attribute-def:l': 'l',
+ 'urn:mace:dir:attribute-def:labeledURI': 'labeledURI',
+ 'urn:mace:dir:attribute-def:localityName': 'localityName',
+ 'urn:mace:dir:attribute-def:mDRecord': 'mDRecord',
+ 'urn:mace:dir:attribute-def:mXRecord': 'mXRecord',
+ 'urn:mace:dir:attribute-def:mail': 'mail',
+ 'urn:mace:dir:attribute-def:mailPreferenceOption': 'mailPreferenceOption',
+ 'urn:mace:dir:attribute-def:manager': 'manager',
+ 'urn:mace:dir:attribute-def:member': 'member',
+ 'urn:mace:dir:attribute-def:mobile': 'mobile',
+ 'urn:mace:dir:attribute-def:mobileTelephoneNumber': 'mobileTelephoneNumber',
+ 'urn:mace:dir:attribute-def:nSRecord': 'nSRecord',
+ 'urn:mace:dir:attribute-def:name': 'name',
+ 'urn:mace:dir:attribute-def:norEduOrgAcronym': 'norEduOrgAcronym',
+ 'urn:mace:dir:attribute-def:norEduOrgNIN': 'norEduOrgNIN',
+ 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion': 'norEduOrgSchemaVersion',
+ 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier',
+ 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber': 'norEduOrgUniqueNumber',
+ 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier',
+ 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber',
+ 'urn:mace:dir:attribute-def:norEduPersonBirthDate': 'norEduPersonBirthDate',
+ 'urn:mace:dir:attribute-def:norEduPersonLIN': 'norEduPersonLIN',
+ 'urn:mace:dir:attribute-def:norEduPersonNIN': 'norEduPersonNIN',
+ 'urn:mace:dir:attribute-def:o': 'o',
+ 'urn:mace:dir:attribute-def:objectClass': 'objectClass',
+ 'urn:mace:dir:attribute-def:organizationName': 'organizationName',
+ 'urn:mace:dir:attribute-def:organizationalStatus': 'organizationalStatus',
+ 'urn:mace:dir:attribute-def:organizationalUnitName': 'organizationalUnitName',
+ 'urn:mace:dir:attribute-def:otherMailbox': 'otherMailbox',
+ 'urn:mace:dir:attribute-def:ou': 'ou',
+ 'urn:mace:dir:attribute-def:owner': 'owner',
+ 'urn:mace:dir:attribute-def:pager': 'pager',
+ 'urn:mace:dir:attribute-def:pagerTelephoneNumber': 'pagerTelephoneNumber',
+ 'urn:mace:dir:attribute-def:personalSignature': 'personalSignature',
+ 'urn:mace:dir:attribute-def:personalTitle': 'personalTitle',
+ 'urn:mace:dir:attribute-def:photo': 'photo',
+ 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName': 'physicalDeliveryOfficeName',
+ 'urn:mace:dir:attribute-def:pkcs9email': 'pkcs9email',
+ 'urn:mace:dir:attribute-def:postOfficeBox': 'postOfficeBox',
+ 'urn:mace:dir:attribute-def:postalAddress': 'postalAddress',
+ 'urn:mace:dir:attribute-def:postalCode': 'postalCode',
+ 'urn:mace:dir:attribute-def:preferredDeliveryMethod': 'preferredDeliveryMethod',
+ 'urn:mace:dir:attribute-def:preferredLanguage': 'preferredLanguage',
+ 'urn:mace:dir:attribute-def:presentationAddress': 'presentationAddress',
+ 'urn:mace:dir:attribute-def:protocolInformation': 'protocolInformation',
+ 'urn:mace:dir:attribute-def:pseudonym': 'pseudonym',
+ 'urn:mace:dir:attribute-def:registeredAddress': 'registeredAddress',
+ 'urn:mace:dir:attribute-def:rfc822Mailbox': 'rfc822Mailbox',
+ 'urn:mace:dir:attribute-def:roleOccupant': 'roleOccupant',
+ 'urn:mace:dir:attribute-def:roomNumber': 'roomNumber',
+ 'urn:mace:dir:attribute-def:sOARecord': 'sOARecord',
+ 'urn:mace:dir:attribute-def:searchGuide': 'searchGuide',
+ 'urn:mace:dir:attribute-def:secretary': 'secretary',
+ 'urn:mace:dir:attribute-def:seeAlso': 'seeAlso',
+ 'urn:mace:dir:attribute-def:serialNumber': 'serialNumber',
+ 'urn:mace:dir:attribute-def:singleLevelQuality': 'singleLevelQuality',
+ 'urn:mace:dir:attribute-def:sn': 'sn',
+ 'urn:mace:dir:attribute-def:st': 'st',
+ 'urn:mace:dir:attribute-def:stateOrProvinceName': 'stateOrProvinceName',
+ 'urn:mace:dir:attribute-def:street': 'street',
+ 'urn:mace:dir:attribute-def:streetAddress': 'streetAddress',
+ 'urn:mace:dir:attribute-def:subtreeMaximumQuality': 'subtreeMaximumQuality',
+ 'urn:mace:dir:attribute-def:subtreeMinimumQuality': 'subtreeMinimumQuality',
+ 'urn:mace:dir:attribute-def:supportedAlgorithms': 'supportedAlgorithms',
+ 'urn:mace:dir:attribute-def:supportedApplicationContext': 'supportedApplicationContext',
+ 'urn:mace:dir:attribute-def:surname': 'surname',
+ 'urn:mace:dir:attribute-def:telephoneNumber': 'telephoneNumber',
+ 'urn:mace:dir:attribute-def:teletexTerminalIdentifier': 'teletexTerminalIdentifier',
+ 'urn:mace:dir:attribute-def:telexNumber': 'telexNumber',
+ 'urn:mace:dir:attribute-def:textEncodedORAddress': 'textEncodedORAddress',
+ 'urn:mace:dir:attribute-def:title': 'title',
+ 'urn:mace:dir:attribute-def:uid': 'uid',
+ 'urn:mace:dir:attribute-def:uniqueIdentifier': 'uniqueIdentifier',
+ 'urn:mace:dir:attribute-def:uniqueMember': 'uniqueMember',
+ 'urn:mace:dir:attribute-def:userCertificate': 'userCertificate',
+ 'urn:mace:dir:attribute-def:userClass': 'userClass',
+ 'urn:mace:dir:attribute-def:userPKCS12': 'userPKCS12',
+ 'urn:mace:dir:attribute-def:userPassword': 'userPassword',
+ 'urn:mace:dir:attribute-def:userSMIMECertificate': 'userSMIMECertificate',
+ 'urn:mace:dir:attribute-def:userid': 'userid',
+ 'urn:mace:dir:attribute-def:x121Address': 'x121Address',
+ 'urn:mace:dir:attribute-def:x500UniqueIdentifier': 'x500UniqueIdentifier',
+ },
+ "to": {
+ 'aRecord': 'urn:mace:dir:attribute-def:aRecord',
+ 'aliasedEntryName': 'urn:mace:dir:attribute-def:aliasedEntryName',
+ 'aliasedObjectName': 'urn:mace:dir:attribute-def:aliasedObjectName',
+ 'associatedDomain': 'urn:mace:dir:attribute-def:associatedDomain',
+ 'associatedName': 'urn:mace:dir:attribute-def:associatedName',
+ 'audio': 'urn:mace:dir:attribute-def:audio',
+ 'authorityRevocationList': 'urn:mace:dir:attribute-def:authorityRevocationList',
+ 'buildingName': 'urn:mace:dir:attribute-def:buildingName',
+ 'businessCategory': 'urn:mace:dir:attribute-def:businessCategory',
+ 'c': 'urn:mace:dir:attribute-def:c',
+ 'cACertificate': 'urn:mace:dir:attribute-def:cACertificate',
+ 'cNAMERecord': 'urn:mace:dir:attribute-def:cNAMERecord',
+ 'carLicense': 'urn:mace:dir:attribute-def:carLicense',
+ 'certificateRevocationList': 'urn:mace:dir:attribute-def:certificateRevocationList',
+ 'cn': 'urn:mace:dir:attribute-def:cn',
+ 'co': 'urn:mace:dir:attribute-def:co',
+ 'commonName': 'urn:mace:dir:attribute-def:commonName',
+ 'countryName': 'urn:mace:dir:attribute-def:countryName',
+ 'crossCertificatePair': 'urn:mace:dir:attribute-def:crossCertificatePair',
+ 'dITRedirect': 'urn:mace:dir:attribute-def:dITRedirect',
+ 'dSAQuality': 'urn:mace:dir:attribute-def:dSAQuality',
+ 'dc': 'urn:mace:dir:attribute-def:dc',
+ 'deltaRevocationList': 'urn:mace:dir:attribute-def:deltaRevocationList',
+ 'departmentNumber': 'urn:mace:dir:attribute-def:departmentNumber',
+ 'description': 'urn:mace:dir:attribute-def:description',
+ 'destinationIndicator': 'urn:mace:dir:attribute-def:destinationIndicator',
+ 'displayName': 'urn:mace:dir:attribute-def:displayName',
+ 'distinguishedName': 'urn:mace:dir:attribute-def:distinguishedName',
+ 'dmdName': 'urn:mace:dir:attribute-def:dmdName',
+ 'dnQualifier': 'urn:mace:dir:attribute-def:dnQualifier',
+ 'documentAuthor': 'urn:mace:dir:attribute-def:documentAuthor',
+ 'documentIdentifier': 'urn:mace:dir:attribute-def:documentIdentifier',
+ 'documentLocation': 'urn:mace:dir:attribute-def:documentLocation',
+ 'documentPublisher': 'urn:mace:dir:attribute-def:documentPublisher',
+ 'documentTitle': 'urn:mace:dir:attribute-def:documentTitle',
+ 'documentVersion': 'urn:mace:dir:attribute-def:documentVersion',
+ 'domainComponent': 'urn:mace:dir:attribute-def:domainComponent',
+ 'drink': 'urn:mace:dir:attribute-def:drink',
+ 'eduOrgHomePageURI': 'urn:mace:dir:attribute-def:eduOrgHomePageURI',
+ 'eduOrgIdentityAuthNPolicyURI': 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI',
+ 'eduOrgLegalName': 'urn:mace:dir:attribute-def:eduOrgLegalName',
+ 'eduOrgSuperiorURI': 'urn:mace:dir:attribute-def:eduOrgSuperiorURI',
+ 'eduOrgWhitePagesURI': 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI',
+ 'eduPersonAffiliation': 'urn:mace:dir:attribute-def:eduPersonAffiliation',
+ 'eduPersonEntitlement': 'urn:mace:dir:attribute-def:eduPersonEntitlement',
+ 'eduPersonNickname': 'urn:mace:dir:attribute-def:eduPersonNickname',
+ 'eduPersonOrgDN': 'urn:mace:dir:attribute-def:eduPersonOrgDN',
+ 'eduPersonOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN',
+ 'eduPersonPrimaryAffiliation': 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation',
+ 'eduPersonPrimaryOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN',
+ 'eduPersonPrincipalName': 'urn:mace:dir:attribute-def:eduPersonPrincipalName',
+ 'eduPersonScopedAffiliation': 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation',
+ 'eduPersonTargetedID': 'urn:mace:dir:attribute-def:eduPersonTargetedID',
+ 'email': 'urn:mace:dir:attribute-def:email',
+ 'emailAddress': 'urn:mace:dir:attribute-def:emailAddress',
+ 'employeeNumber': 'urn:mace:dir:attribute-def:employeeNumber',
+ 'employeeType': 'urn:mace:dir:attribute-def:employeeType',
+ 'enhancedSearchGuide': 'urn:mace:dir:attribute-def:enhancedSearchGuide',
+ 'facsimileTelephoneNumber': 'urn:mace:dir:attribute-def:facsimileTelephoneNumber',
+ 'favouriteDrink': 'urn:mace:dir:attribute-def:favouriteDrink',
+ 'fax': 'urn:mace:dir:attribute-def:fax',
+ 'federationFeideSchemaVersion': 'urn:mace:dir:attribute-def:federationFeideSchemaVersion',
+ 'friendlyCountryName': 'urn:mace:dir:attribute-def:friendlyCountryName',
+ 'generationQualifier': 'urn:mace:dir:attribute-def:generationQualifier',
+ 'givenName': 'urn:mace:dir:attribute-def:givenName',
+ 'gn': 'urn:mace:dir:attribute-def:gn',
+ 'homePhone': 'urn:mace:dir:attribute-def:homePhone',
+ 'homePostalAddress': 'urn:mace:dir:attribute-def:homePostalAddress',
+ 'homeTelephoneNumber': 'urn:mace:dir:attribute-def:homeTelephoneNumber',
+ 'host': 'urn:mace:dir:attribute-def:host',
+ 'houseIdentifier': 'urn:mace:dir:attribute-def:houseIdentifier',
+ 'info': 'urn:mace:dir:attribute-def:info',
+ 'initials': 'urn:mace:dir:attribute-def:initials',
+ 'internationaliSDNNumber': 'urn:mace:dir:attribute-def:internationaliSDNNumber',
+ 'janetMailbox': 'urn:mace:dir:attribute-def:janetMailbox',
+ 'jpegPhoto': 'urn:mace:dir:attribute-def:jpegPhoto',
+ 'knowledgeInformation': 'urn:mace:dir:attribute-def:knowledgeInformation',
+ 'l': 'urn:mace:dir:attribute-def:l',
+ 'labeledURI': 'urn:mace:dir:attribute-def:labeledURI',
+ 'localityName': 'urn:mace:dir:attribute-def:localityName',
+ 'mDRecord': 'urn:mace:dir:attribute-def:mDRecord',
+ 'mXRecord': 'urn:mace:dir:attribute-def:mXRecord',
+ 'mail': 'urn:mace:dir:attribute-def:mail',
+ 'mailPreferenceOption': 'urn:mace:dir:attribute-def:mailPreferenceOption',
+ 'manager': 'urn:mace:dir:attribute-def:manager',
+ 'member': 'urn:mace:dir:attribute-def:member',
+ 'mobile': 'urn:mace:dir:attribute-def:mobile',
+ 'mobileTelephoneNumber': 'urn:mace:dir:attribute-def:mobileTelephoneNumber',
+ 'nSRecord': 'urn:mace:dir:attribute-def:nSRecord',
+ 'name': 'urn:mace:dir:attribute-def:name',
+ 'norEduOrgAcronym': 'urn:mace:dir:attribute-def:norEduOrgAcronym',
+ 'norEduOrgNIN': 'urn:mace:dir:attribute-def:norEduOrgNIN',
+ 'norEduOrgSchemaVersion': 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion',
+ 'norEduOrgUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier',
+ 'norEduOrgUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber',
+ 'norEduOrgUnitUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier',
+ 'norEduOrgUnitUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber',
+ 'norEduPersonBirthDate': 'urn:mace:dir:attribute-def:norEduPersonBirthDate',
+ 'norEduPersonLIN': 'urn:mace:dir:attribute-def:norEduPersonLIN',
+ 'norEduPersonNIN': 'urn:mace:dir:attribute-def:norEduPersonNIN',
+ 'o': 'urn:mace:dir:attribute-def:o',
+ 'objectClass': 'urn:mace:dir:attribute-def:objectClass',
+ 'organizationName': 'urn:mace:dir:attribute-def:organizationName',
+ 'organizationalStatus': 'urn:mace:dir:attribute-def:organizationalStatus',
+ 'organizationalUnitName': 'urn:mace:dir:attribute-def:organizationalUnitName',
+ 'otherMailbox': 'urn:mace:dir:attribute-def:otherMailbox',
+ 'ou': 'urn:mace:dir:attribute-def:ou',
+ 'owner': 'urn:mace:dir:attribute-def:owner',
+ 'pager': 'urn:mace:dir:attribute-def:pager',
+ 'pagerTelephoneNumber': 'urn:mace:dir:attribute-def:pagerTelephoneNumber',
+ 'personalSignature': 'urn:mace:dir:attribute-def:personalSignature',
+ 'personalTitle': 'urn:mace:dir:attribute-def:personalTitle',
+ 'photo': 'urn:mace:dir:attribute-def:photo',
+ 'physicalDeliveryOfficeName': 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName',
+ 'pkcs9email': 'urn:mace:dir:attribute-def:pkcs9email',
+ 'postOfficeBox': 'urn:mace:dir:attribute-def:postOfficeBox',
+ 'postalAddress': 'urn:mace:dir:attribute-def:postalAddress',
+ 'postalCode': 'urn:mace:dir:attribute-def:postalCode',
+ 'preferredDeliveryMethod': 'urn:mace:dir:attribute-def:preferredDeliveryMethod',
+ 'preferredLanguage': 'urn:mace:dir:attribute-def:preferredLanguage',
+ 'presentationAddress': 'urn:mace:dir:attribute-def:presentationAddress',
+ 'protocolInformation': 'urn:mace:dir:attribute-def:protocolInformation',
+ 'pseudonym': 'urn:mace:dir:attribute-def:pseudonym',
+ 'registeredAddress': 'urn:mace:dir:attribute-def:registeredAddress',
+ 'rfc822Mailbox': 'urn:mace:dir:attribute-def:rfc822Mailbox',
+ 'roleOccupant': 'urn:mace:dir:attribute-def:roleOccupant',
+ 'roomNumber': 'urn:mace:dir:attribute-def:roomNumber',
+ 'sOARecord': 'urn:mace:dir:attribute-def:sOARecord',
+ 'searchGuide': 'urn:mace:dir:attribute-def:searchGuide',
+ 'secretary': 'urn:mace:dir:attribute-def:secretary',
+ 'seeAlso': 'urn:mace:dir:attribute-def:seeAlso',
+ 'serialNumber': 'urn:mace:dir:attribute-def:serialNumber',
+ 'singleLevelQuality': 'urn:mace:dir:attribute-def:singleLevelQuality',
+ 'sn': 'urn:mace:dir:attribute-def:sn',
+ 'st': 'urn:mace:dir:attribute-def:st',
+ 'stateOrProvinceName': 'urn:mace:dir:attribute-def:stateOrProvinceName',
+ 'street': 'urn:mace:dir:attribute-def:street',
+ 'streetAddress': 'urn:mace:dir:attribute-def:streetAddress',
+ 'subtreeMaximumQuality': 'urn:mace:dir:attribute-def:subtreeMaximumQuality',
+ 'subtreeMinimumQuality': 'urn:mace:dir:attribute-def:subtreeMinimumQuality',
+ 'supportedAlgorithms': 'urn:mace:dir:attribute-def:supportedAlgorithms',
+ 'supportedApplicationContext': 'urn:mace:dir:attribute-def:supportedApplicationContext',
+ 'surname': 'urn:mace:dir:attribute-def:surname',
+ 'telephoneNumber': 'urn:mace:dir:attribute-def:telephoneNumber',
+ 'teletexTerminalIdentifier': 'urn:mace:dir:attribute-def:teletexTerminalIdentifier',
+ 'telexNumber': 'urn:mace:dir:attribute-def:telexNumber',
+ 'textEncodedORAddress': 'urn:mace:dir:attribute-def:textEncodedORAddress',
+ 'title': 'urn:mace:dir:attribute-def:title',
+ 'uid': 'urn:mace:dir:attribute-def:uid',
+ 'uniqueIdentifier': 'urn:mace:dir:attribute-def:uniqueIdentifier',
+ 'uniqueMember': 'urn:mace:dir:attribute-def:uniqueMember',
+ 'userCertificate': 'urn:mace:dir:attribute-def:userCertificate',
+ 'userClass': 'urn:mace:dir:attribute-def:userClass',
+ 'userPKCS12': 'urn:mace:dir:attribute-def:userPKCS12',
+ 'userPassword': 'urn:mace:dir:attribute-def:userPassword',
+ 'userSMIMECertificate': 'urn:mace:dir:attribute-def:userSMIMECertificate',
+ 'userid': 'urn:mace:dir:attribute-def:userid',
+ 'x121Address': 'urn:mace:dir:attribute-def:x121Address',
+ 'x500UniqueIdentifier': 'urn:mace:dir:attribute-def:x500UniqueIdentifier',
+ }
+} \ No newline at end of file
diff --git a/tests/attributemaps/saml_uri.py b/tests/attributemaps/saml_uri.py
new file mode 100644
index 00000000..1c9d3730
--- /dev/null
+++ b/tests/attributemaps/saml_uri.py
@@ -0,0 +1,199 @@
+__author__ = 'rolandh'
+
+EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1."
+X500ATTR_OID = "urn:oid:2.5.4."
+NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1."
+NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1."
+UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.'
+PKCS_9 = "urn:oid:1.2.840.113549.1.9.1."
+UMICH = "urn:oid:1.3.6.1.4.1.250.1.57."
+
+MAP = {
+ "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "fro": {
+ EDUPERSON_OID+'2': 'eduPersonNickname',
+ EDUPERSON_OID+'9': 'eduPersonScopedAffiliation',
+ EDUPERSON_OID+'11': 'eduPersonAssurance',
+ EDUPERSON_OID+'10': 'eduPersonTargetedID',
+ EDUPERSON_OID+'4': 'eduPersonOrgUnitDN',
+ NOREDUPERSON_OID+'6': 'norEduOrgAcronym',
+ NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier',
+ NOREDUPERSON_OID+'4': 'norEduPersonLIN',
+ EDUPERSON_OID+'1': 'eduPersonAffiliation',
+ NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber',
+ NETSCAPE_LDAP+'40': 'userSMIMECertificate',
+ NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber',
+ NETSCAPE_LDAP+'241': 'displayName',
+ UCL_DIR_PILOT+'37': 'associatedDomain',
+ EDUPERSON_OID+'6': 'eduPersonPrincipalName',
+ NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier',
+ NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion',
+ X500ATTR_OID+'53': 'deltaRevocationList',
+ X500ATTR_OID+'52': 'supportedAlgorithms',
+ X500ATTR_OID+'51': 'houseIdentifier',
+ X500ATTR_OID+'50': 'uniqueMember',
+ X500ATTR_OID+'19': 'physicalDeliveryOfficeName',
+ X500ATTR_OID+'18': 'postOfficeBox',
+ X500ATTR_OID+'17': 'postalCode',
+ X500ATTR_OID+'16': 'postalAddress',
+ X500ATTR_OID+'15': 'businessCategory',
+ X500ATTR_OID+'14': 'searchGuide',
+ EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation',
+ X500ATTR_OID+'12': 'title',
+ X500ATTR_OID+'11': 'ou',
+ X500ATTR_OID+'10': 'o',
+ X500ATTR_OID+'37': 'cACertificate',
+ X500ATTR_OID+'36': 'userCertificate',
+ X500ATTR_OID+'31': 'member',
+ X500ATTR_OID+'30': 'supportedApplicationContext',
+ X500ATTR_OID+'33': 'roleOccupant',
+ X500ATTR_OID+'32': 'owner',
+ NETSCAPE_LDAP+'1': 'carLicense',
+ PKCS_9+'1': 'email',
+ NETSCAPE_LDAP+'3': 'employeeNumber',
+ NETSCAPE_LDAP+'2': 'departmentNumber',
+ X500ATTR_OID+'39': 'certificateRevocationList',
+ X500ATTR_OID+'38': 'authorityRevocationList',
+ NETSCAPE_LDAP+'216': 'userPKCS12',
+ EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN',
+ X500ATTR_OID+'9': 'street',
+ X500ATTR_OID+'8': 'st',
+ NETSCAPE_LDAP+'39': 'preferredLanguage',
+ EDUPERSON_OID+'7': 'eduPersonEntitlement',
+ X500ATTR_OID+'2': 'knowledgeInformation',
+ X500ATTR_OID+'7': 'l',
+ X500ATTR_OID+'6': 'c',
+ X500ATTR_OID+'5': 'serialNumber',
+ X500ATTR_OID+'4': 'sn',
+ UCL_DIR_PILOT+'60': 'jpegPhoto',
+ X500ATTR_OID+'65': 'pseudonym',
+ NOREDUPERSON_OID+'5': 'norEduPersonNIN',
+ UCL_DIR_PILOT+'3': 'mail',
+ UCL_DIR_PILOT+'25': 'dc',
+ X500ATTR_OID+'40': 'crossCertificatePair',
+ X500ATTR_OID+'42': 'givenName',
+ X500ATTR_OID+'43': 'initials',
+ X500ATTR_OID+'44': 'generationQualifier',
+ X500ATTR_OID+'45': 'x500UniqueIdentifier',
+ X500ATTR_OID+'46': 'dnQualifier',
+ X500ATTR_OID+'47': 'enhancedSearchGuide',
+ X500ATTR_OID+'48': 'protocolInformation',
+ X500ATTR_OID+'54': 'dmdName',
+ NETSCAPE_LDAP+'4': 'employeeType',
+ X500ATTR_OID+'22': 'teletexTerminalIdentifier',
+ X500ATTR_OID+'23': 'facsimileTelephoneNumber',
+ X500ATTR_OID+'20': 'telephoneNumber',
+ X500ATTR_OID+'21': 'telexNumber',
+ X500ATTR_OID+'26': 'registeredAddress',
+ X500ATTR_OID+'27': 'destinationIndicator',
+ X500ATTR_OID+'24': 'x121Address',
+ X500ATTR_OID+'25': 'internationaliSDNNumber',
+ X500ATTR_OID+'28': 'preferredDeliveryMethod',
+ X500ATTR_OID+'29': 'presentationAddress',
+ EDUPERSON_OID+'3': 'eduPersonOrgDN',
+ NOREDUPERSON_OID+'3': 'norEduPersonBirthDate',
+ UMICH+'57': 'labeledURI',
+ UCL_DIR_PILOT+'1': 'uid',
+ },
+ "to": {
+ 'roleOccupant': X500ATTR_OID+'33',
+ 'gn': X500ATTR_OID+'42',
+ 'norEduPersonNIN': NOREDUPERSON_OID+'5',
+ 'title': X500ATTR_OID+'12',
+ 'facsimileTelephoneNumber': X500ATTR_OID+'23',
+ 'mail': UCL_DIR_PILOT+'3',
+ 'postOfficeBox': X500ATTR_OID+'18',
+ 'fax': X500ATTR_OID+'23',
+ 'telephoneNumber': X500ATTR_OID+'20',
+ 'norEduPersonBirthDate': NOREDUPERSON_OID+'3',
+ 'rfc822Mailbox': UCL_DIR_PILOT+'3',
+ 'dc': UCL_DIR_PILOT+'25',
+ 'countryName': X500ATTR_OID+'6',
+ 'emailAddress': PKCS_9+'1',
+ 'employeeNumber': NETSCAPE_LDAP+'3',
+ 'organizationName': X500ATTR_OID+'10',
+ 'eduPersonAssurance': EDUPERSON_OID+'11',
+ 'norEduOrgAcronym': NOREDUPERSON_OID+'6',
+ 'registeredAddress': X500ATTR_OID+'26',
+ 'physicalDeliveryOfficeName': X500ATTR_OID+'19',
+ 'associatedDomain': UCL_DIR_PILOT+'37',
+ 'l': X500ATTR_OID+'7',
+ 'stateOrProvinceName': X500ATTR_OID+'8',
+ 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9',
+ 'pkcs9email': PKCS_9+'1',
+ 'givenName': X500ATTR_OID+'42',
+ 'givenname': X500ATTR_OID+'42',
+ 'x500UniqueIdentifier': X500ATTR_OID+'45',
+ 'eduPersonNickname': EDUPERSON_OID+'2',
+ 'houseIdentifier': X500ATTR_OID+'51',
+ 'street': X500ATTR_OID+'9',
+ 'supportedAlgorithms': X500ATTR_OID+'52',
+ 'preferredLanguage': NETSCAPE_LDAP+'39',
+ 'postalAddress': X500ATTR_OID+'16',
+ 'email': PKCS_9+'1',
+ 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8',
+ 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8',
+ 'c': X500ATTR_OID+'6',
+ 'teletexTerminalIdentifier': X500ATTR_OID+'22',
+ 'o': X500ATTR_OID+'10',
+ 'cACertificate': X500ATTR_OID+'37',
+ 'telexNumber': X500ATTR_OID+'21',
+ 'ou': X500ATTR_OID+'11',
+ 'initials': X500ATTR_OID+'43',
+ 'eduPersonOrgUnitDN': EDUPERSON_OID+'4',
+ 'deltaRevocationList': X500ATTR_OID+'53',
+ 'norEduPersonLIN': NOREDUPERSON_OID+'4',
+ 'supportedApplicationContext': X500ATTR_OID+'30',
+ 'eduPersonEntitlement': EDUPERSON_OID+'7',
+ 'generationQualifier': X500ATTR_OID+'44',
+ 'eduPersonAffiliation': EDUPERSON_OID+'1',
+ 'eduPersonPrincipalName': EDUPERSON_OID+'6',
+ 'edupersonprincipalname': EDUPERSON_OID+'6',
+ 'localityName': X500ATTR_OID+'7',
+ 'owner': X500ATTR_OID+'32',
+ 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2',
+ 'searchGuide': X500ATTR_OID+'14',
+ 'certificateRevocationList': X500ATTR_OID+'39',
+ 'organizationalUnitName': X500ATTR_OID+'11',
+ 'userCertificate': X500ATTR_OID+'36',
+ 'preferredDeliveryMethod': X500ATTR_OID+'28',
+ 'internationaliSDNNumber': X500ATTR_OID+'25',
+ 'uniqueMember': X500ATTR_OID+'50',
+ 'departmentNumber': NETSCAPE_LDAP+'2',
+ 'enhancedSearchGuide': X500ATTR_OID+'47',
+ 'userPKCS12': NETSCAPE_LDAP+'216',
+ 'eduPersonTargetedID': EDUPERSON_OID+'10',
+ 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1',
+ 'x121Address': X500ATTR_OID+'24',
+ 'destinationIndicator': X500ATTR_OID+'27',
+ 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5',
+ 'surname': X500ATTR_OID+'4',
+ 'jpegPhoto': UCL_DIR_PILOT+'60',
+ 'eduPersonScopedAffiliation': EDUPERSON_OID+'9',
+ 'edupersonscopedaffiliation': EDUPERSON_OID+'9',
+ 'protocolInformation': X500ATTR_OID+'48',
+ 'knowledgeInformation': X500ATTR_OID+'2',
+ 'employeeType': NETSCAPE_LDAP+'4',
+ 'userSMIMECertificate': NETSCAPE_LDAP+'40',
+ 'member': X500ATTR_OID+'31',
+ 'streetAddress': X500ATTR_OID+'9',
+ 'dmdName': X500ATTR_OID+'54',
+ 'postalCode': X500ATTR_OID+'17',
+ 'pseudonym': X500ATTR_OID+'65',
+ 'dnQualifier': X500ATTR_OID+'46',
+ 'crossCertificatePair': X500ATTR_OID+'40',
+ 'eduPersonOrgDN': EDUPERSON_OID+'3',
+ 'authorityRevocationList': X500ATTR_OID+'38',
+ 'displayName': NETSCAPE_LDAP+'241',
+ 'businessCategory': X500ATTR_OID+'15',
+ 'serialNumber': X500ATTR_OID+'5',
+ 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7',
+ 'st': X500ATTR_OID+'8',
+ 'carLicense': NETSCAPE_LDAP+'1',
+ 'presentationAddress': X500ATTR_OID+'29',
+ 'sn': X500ATTR_OID+'4',
+ 'domainComponent': UCL_DIR_PILOT+'25',
+ 'labeledURI': UMICH+'57',
+ 'uid': UCL_DIR_PILOT+'1'
+ }
+} \ No newline at end of file
diff --git a/tests/attributemaps/shibboleth_uri.py b/tests/attributemaps/shibboleth_uri.py
new file mode 100644
index 00000000..d26bf006
--- /dev/null
+++ b/tests/attributemaps/shibboleth_uri.py
@@ -0,0 +1,190 @@
+EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1."
+X500ATTR = "urn:oid:2.5.4."
+NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1."
+NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1."
+UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1."
+PKCS_9 = "urn:oid:1.2.840.113549.1.9."
+UMICH = "urn:oid:1.3.6.1.4.1.250.1.57."
+
+MAP = {
+ "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri",
+ "fro": {
+ EDUPERSON_OID+'2': 'eduPersonNickname',
+ EDUPERSON_OID+'9': 'eduPersonScopedAffiliation',
+ EDUPERSON_OID+'11': 'eduPersonAssurance',
+ EDUPERSON_OID+'10': 'eduPersonTargetedID',
+ EDUPERSON_OID+'4': 'eduPersonOrgUnitDN',
+ NOREDUPERSON_OID+'6': 'norEduOrgAcronym',
+ NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier',
+ NOREDUPERSON_OID+'4': 'norEduPersonLIN',
+ EDUPERSON_OID+'1': 'eduPersonAffiliation',
+ NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber',
+ NETSCAPE_LDAP+'40': 'userSMIMECertificate',
+ NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber',
+ NETSCAPE_LDAP+'241': 'displayName',
+ UCL_DIR_PILOT+'37': 'associatedDomain',
+ EDUPERSON_OID+'6': 'eduPersonPrincipalName',
+ NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier',
+ NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion',
+ X500ATTR+'53': 'deltaRevocationList',
+ X500ATTR+'52': 'supportedAlgorithms',
+ X500ATTR+'51': 'houseIdentifier',
+ X500ATTR+'50': 'uniqueMember',
+ X500ATTR+'19': 'physicalDeliveryOfficeName',
+ X500ATTR+'18': 'postOfficeBox',
+ X500ATTR+'17': 'postalCode',
+ X500ATTR+'16': 'postalAddress',
+ X500ATTR+'15': 'businessCategory',
+ X500ATTR+'14': 'searchGuide',
+ EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation',
+ X500ATTR+'12': 'title',
+ X500ATTR+'11': 'ou',
+ X500ATTR+'10': 'o',
+ X500ATTR+'37': 'cACertificate',
+ X500ATTR+'36': 'userCertificate',
+ X500ATTR+'31': 'member',
+ X500ATTR+'30': 'supportedApplicationContext',
+ X500ATTR+'33': 'roleOccupant',
+ X500ATTR+'32': 'owner',
+ NETSCAPE_LDAP+'1': 'carLicense',
+ PKCS_9+'1': 'email',
+ NETSCAPE_LDAP+'3': 'employeeNumber',
+ NETSCAPE_LDAP+'2': 'departmentNumber',
+ X500ATTR+'39': 'certificateRevocationList',
+ X500ATTR+'38': 'authorityRevocationList',
+ NETSCAPE_LDAP+'216': 'userPKCS12',
+ EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN',
+ X500ATTR+'9': 'street',
+ X500ATTR+'8': 'st',
+ NETSCAPE_LDAP+'39': 'preferredLanguage',
+ EDUPERSON_OID+'7': 'eduPersonEntitlement',
+ X500ATTR+'2': 'knowledgeInformation',
+ X500ATTR+'7': 'l',
+ X500ATTR+'6': 'c',
+ X500ATTR+'5': 'serialNumber',
+ X500ATTR+'4': 'sn',
+ UCL_DIR_PILOT+'60': 'jpegPhoto',
+ X500ATTR+'65': 'pseudonym',
+ NOREDUPERSON_OID+'5': 'norEduPersonNIN',
+ UCL_DIR_PILOT+'3': 'mail',
+ UCL_DIR_PILOT+'25': 'dc',
+ X500ATTR+'40': 'crossCertificatePair',
+ X500ATTR+'42': 'givenName',
+ X500ATTR+'43': 'initials',
+ X500ATTR+'44': 'generationQualifier',
+ X500ATTR+'45': 'x500UniqueIdentifier',
+ X500ATTR+'46': 'dnQualifier',
+ X500ATTR+'47': 'enhancedSearchGuide',
+ X500ATTR+'48': 'protocolInformation',
+ X500ATTR+'54': 'dmdName',
+ NETSCAPE_LDAP+'4': 'employeeType',
+ X500ATTR+'22': 'teletexTerminalIdentifier',
+ X500ATTR+'23': 'facsimileTelephoneNumber',
+ X500ATTR+'20': 'telephoneNumber',
+ X500ATTR+'21': 'telexNumber',
+ X500ATTR+'26': 'registeredAddress',
+ X500ATTR+'27': 'destinationIndicator',
+ X500ATTR+'24': 'x121Address',
+ X500ATTR+'25': 'internationaliSDNNumber',
+ X500ATTR+'28': 'preferredDeliveryMethod',
+ X500ATTR+'29': 'presentationAddress',
+ EDUPERSON_OID+'3': 'eduPersonOrgDN',
+ NOREDUPERSON_OID+'3': 'norEduPersonBirthDate',
+ },
+ "to":{
+ 'roleOccupant': X500ATTR+'33',
+ 'gn': X500ATTR+'42',
+ 'norEduPersonNIN': NOREDUPERSON_OID+'5',
+ 'title': X500ATTR+'12',
+ 'facsimileTelephoneNumber': X500ATTR+'23',
+ 'mail': UCL_DIR_PILOT+'3',
+ 'postOfficeBox': X500ATTR+'18',
+ 'fax': X500ATTR+'23',
+ 'telephoneNumber': X500ATTR+'20',
+ 'norEduPersonBirthDate': NOREDUPERSON_OID+'3',
+ 'rfc822Mailbox': UCL_DIR_PILOT+'3',
+ 'dc': UCL_DIR_PILOT+'25',
+ 'countryName': X500ATTR+'6',
+ 'emailAddress': PKCS_9+'1',
+ 'employeeNumber': NETSCAPE_LDAP+'3',
+ 'organizationName': X500ATTR+'10',
+ 'eduPersonAssurance': EDUPERSON_OID+'11',
+ 'norEduOrgAcronym': NOREDUPERSON_OID+'6',
+ 'registeredAddress': X500ATTR+'26',
+ 'physicalDeliveryOfficeName': X500ATTR+'19',
+ 'associatedDomain': UCL_DIR_PILOT+'37',
+ 'l': X500ATTR+'7',
+ 'stateOrProvinceName': X500ATTR+'8',
+ 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9',
+ 'pkcs9email': PKCS_9+'1',
+ 'givenName': X500ATTR+'42',
+ 'x500UniqueIdentifier': X500ATTR+'45',
+ 'eduPersonNickname': EDUPERSON_OID+'2',
+ 'houseIdentifier': X500ATTR+'51',
+ 'street': X500ATTR+'9',
+ 'supportedAlgorithms': X500ATTR+'52',
+ 'preferredLanguage': NETSCAPE_LDAP+'39',
+ 'postalAddress': X500ATTR+'16',
+ 'email': PKCS_9+'1',
+ 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8',
+ 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8',
+ 'c': X500ATTR+'6',
+ 'teletexTerminalIdentifier': X500ATTR+'22',
+ 'o': X500ATTR+'10',
+ 'cACertificate': X500ATTR+'37',
+ 'telexNumber': X500ATTR+'21',
+ 'ou': X500ATTR+'11',
+ 'initials': X500ATTR+'43',
+ 'eduPersonOrgUnitDN': EDUPERSON_OID+'4',
+ 'deltaRevocationList': X500ATTR+'53',
+ 'norEduPersonLIN': NOREDUPERSON_OID+'4',
+ 'supportedApplicationContext': X500ATTR+'30',
+ 'eduPersonEntitlement': EDUPERSON_OID+'7',
+ 'generationQualifier': X500ATTR+'44',
+ 'eduPersonAffiliation': EDUPERSON_OID+'1',
+ 'eduPersonPrincipalName': EDUPERSON_OID+'6',
+ 'localityName': X500ATTR+'7',
+ 'owner': X500ATTR+'32',
+ 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2',
+ 'searchGuide': X500ATTR+'14',
+ 'certificateRevocationList': X500ATTR+'39',
+ 'organizationalUnitName': X500ATTR+'11',
+ 'userCertificate': X500ATTR+'36',
+ 'preferredDeliveryMethod': X500ATTR+'28',
+ 'internationaliSDNNumber': X500ATTR+'25',
+ 'uniqueMember': X500ATTR+'50',
+ 'departmentNumber': NETSCAPE_LDAP+'2',
+ 'enhancedSearchGuide': X500ATTR+'47',
+ 'userPKCS12': NETSCAPE_LDAP+'216',
+ 'eduPersonTargetedID': EDUPERSON_OID+'10',
+ 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1',
+ 'x121Address': X500ATTR+'24',
+ 'destinationIndicator': X500ATTR+'27',
+ 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5',
+ 'surname': X500ATTR+'4',
+ 'jpegPhoto': UCL_DIR_PILOT+'60',
+ 'eduPersonScopedAffiliation': EDUPERSON_OID+'9',
+ 'protocolInformation': X500ATTR+'48',
+ 'knowledgeInformation': X500ATTR+'2',
+ 'employeeType': NETSCAPE_LDAP+'4',
+ 'userSMIMECertificate': NETSCAPE_LDAP+'40',
+ 'member': X500ATTR+'31',
+ 'streetAddress': X500ATTR+'9',
+ 'dmdName': X500ATTR+'54',
+ 'postalCode': X500ATTR+'17',
+ 'pseudonym': X500ATTR+'65',
+ 'dnQualifier': X500ATTR+'46',
+ 'crossCertificatePair': X500ATTR+'40',
+ 'eduPersonOrgDN': EDUPERSON_OID+'3',
+ 'authorityRevocationList': X500ATTR+'38',
+ 'displayName': NETSCAPE_LDAP+'241',
+ 'businessCategory': X500ATTR+'15',
+ 'serialNumber': X500ATTR+'5',
+ 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7',
+ 'st': X500ATTR+'8',
+ 'carLicense': NETSCAPE_LDAP+'1',
+ 'presentationAddress': X500ATTR+'29',
+ 'sn': X500ATTR+'4',
+ 'domainComponent': UCL_DIR_PILOT+'25',
+ }
+} \ No newline at end of file
diff --git a/tests/conftest.py b/tests/conftest.py
new file mode 100644
index 00000000..3a895627
--- /dev/null
+++ b/tests/conftest.py
@@ -0,0 +1,30 @@
+import os
+
+#TODO: On my system this function seems to be returning an incorrect location
+def pytest_funcarg__xmlsec(request):
+ for path in os.environ["PATH"].split(":"):
+ fil = os.path.join(path, "xmlsec1")
+ if os.access(fil,os.X_OK):
+ return fil
+
+ raise Exception("Can't find xmlsec1")
+
+def pytest_funcarg__AVA(request):
+ return [
+ {
+ "surName": ["Jeter"],
+ "givenName": ["Derek"],
+ },
+ {
+ "surName": ["Howard"],
+ "givenName": ["Ryan"],
+ },
+ {
+ "surName": ["Suzuki"],
+ "givenName": ["Ischiro"],
+ },
+ {
+ "surName": ["Hedberg"],
+ "givenName": ["Roland"],
+ },
+ ]
diff --git a/tests/ds_data.py b/tests/ds_data.py
new file mode 100644
index 00000000..71743852
--- /dev/null
+++ b/tests/ds_data.py
@@ -0,0 +1,357 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2007 SIOS Technology, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Test data for ds"""
+
+__author__ = 'tmatsuo@example.com (Takashi MATSUO)'
+
+TEST_OBJECT = """<?xml version="1.0" encoding="utf-8"?>
+<Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64"
+ xmlns="http://www.w3.org/2000/09/xmldsig#">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+</Object>
+"""
+
+TEST_MGMT_DATA = """<?xml version="1.0" encoding="utf-8"?>
+<MgmtData xmlns="http://www.w3.org/2000/09/xmldsig#">
+ mgmt data
+</MgmtData>
+"""
+
+TEST_SPKI_SEXP = """<?xml version="1.0" encoding="utf-8"?>
+<SPKISexp xmlns="http://www.w3.org/2000/09/xmldsig#">
+ spki sexp
+</SPKISexp>
+"""
+
+TEST_SPKI_DATA = """<?xml version="1.0" encoding="utf-8"?>
+<SPKIData xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+</SPKIData>
+"""
+
+TEST_PGP_DATA = """<?xml version="1.0" encoding="utf-8"?>
+<PGPData xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+</PGPData>
+"""
+
+TEST_X509_ISSUER_SERIAL = """<?xml version="1.0" encoding="utf-8"?>
+<X509IssuerSerial xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509SerialNumber>1</X509SerialNumber>
+</X509IssuerSerial>
+"""
+
+TEST_X509_DATA = """<?xml version="1.0" encoding="utf-8"?>
+<X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+</X509Data>
+"""
+
+TEST_TRANSFORM = """<?xml version="1.0" encoding="utf-8"?>
+<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"
+ xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <XPath>xpath</XPath>
+</Transform>
+"""
+
+TEST_TRANSFORMS = """<?xml version="1.0" encoding="utf-8"?>
+<Transforms xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+</Transforms>
+"""
+
+TEST_RETRIEVAL_METHOD = """<?xml version="1.0" encoding="utf-8"?>
+<RetrievalMethod xmlns="http://www.w3.org/2000/09/xmldsig#"
+ URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+</RetrievalMethod>
+"""
+
+TEST_RSA_KEY_VALUE = """<?xml version="1.0" encoding="utf-8"?>
+<RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <Modulus>modulus</Modulus>
+ <Exponent>exponent</Exponent>
+</RSAKeyValue>
+"""
+
+TEST_DSA_KEY_VALUE = """<?xml version="1.0" encoding="utf-8"?>
+<DSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+</DSAKeyValue>
+"""
+
+TEST_KEY_VALUE1 = """<?xml version="1.0" encoding="utf-8"?>
+<KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+</KeyValue>
+"""
+
+TEST_KEY_VALUE2 = """<?xml version="1.0" encoding="utf-8"?>
+<KeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <RSAKeyValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <Modulus>modulus</Modulus>
+ <Exponent>exponent</Exponent>
+ </RSAKeyValue>
+</KeyValue>
+"""
+
+TEST_KEY_NAME = """<?xml version="1.0" encoding="utf-8"?>
+<KeyName xmlns="http://www.w3.org/2000/09/xmldsig#">
+ key name
+</KeyName>
+"""
+
+TEST_KEY_INFO = """<?xml version="1.0" encoding="utf-8"?>
+<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+</KeyInfo>
+"""
+
+TEST_DIGEST_VALUE = """<?xml version="1.0" encoding="utf-8"?>
+<DigestValue xmlns="http://www.w3.org/2000/09/xmldsig#">
+ digest value
+</DigestValue>
+"""
+
+TEST_DIGEST_METHOD = """<?xml version="1.0" encoding="utf-8"?>
+<DigestMethod xmlns="http://www.w3.org/2000/09/xmldsig#"
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+"""
+
+TEST_REFERENCE = """<?xml version="1.0" encoding="utf-8"?>
+<Reference xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id"
+ URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+</Reference>
+"""
+
+TEST_SIGNATURE_METHOD = """<?xml version="1.0" encoding="utf-8"?>
+<SignatureMethod xmlns="http://www.w3.org/2000/09/xmldsig#"
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+</SignatureMethod>
+"""
+
+TEST_CANONICALIZATION_METHOD = """<?xml version="1.0" encoding="utf-8"?>
+<CanonicalizationMethod xmlns="http://www.w3.org/2000/09/xmldsig#"
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+</CanonicalizationMethod>
+"""
+
+TEST_SIGNED_INFO = """<?xml version="1.0" encoding="utf-8"?>
+<SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+</SignedInfo>
+"""
+
+TEST_SIGNATURE_VALUE = """<?xml version="1.0" encoding="utf-8"?>
+<SignatureValue xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ signature value
+</SignatureValue>
+"""
+
+TEST_SIGNATURE = """<?xml version="1.0" encoding="utf-8"?>
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+</Signature>
+"""
diff --git a/tests/ecp_soap.xml b/tests/ecp_soap.xml
new file mode 100644
index 00000000..4fa32f85
--- /dev/null
+++ b/tests/ecp_soap.xml
@@ -0,0 +1,28 @@
+<ns0:Envelope xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/"
+ xmlns:ns1="urn:liberty:paos:2003-08"
+ xmlns:ns2="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
+ xmlns:ns3="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:ns4="urn:oasis:names:tc:SAML:2.0:assertion">
+ <ns0:Header>
+ <ns1:Request responseConsumerURL="https://sp.example.org/PAOSConsumer"
+ service="urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp"
+ ns0:actor="http://schemas.xmlsoap.org/soap/actor/next"
+ ns0:mustUnderstand="1"/>
+ <ns2:Request ProviderName="Example Service Provider"
+ ns0:actor="http://schemas.xmlsoap.org/soap/actor/next"
+ ns0:mustUnderstand="1">
+ <ns3:IDPList>
+ <ns3:IDPEntry Loc="https://idp.example.org/saml2/sso"
+ Name="Example identity provider"
+ ProviderID="https://idp.example.org/entity"/>
+ </ns3:IDPList>
+ <ns4:Issuer>https://sp.example.org/entity</ns4:Issuer>
+ </ns2:Request>
+ <ns2:RelayState ns0:actor="http://schemas.xmlsoap.org/soap/actor/next"
+ ns0:mustUnderstand="1">ABCDEFGHI01234567
+ </ns2:RelayState>
+ </ns0:Header>
+ <ns0:Body>
+ <ns3:AuthnRequest/>
+ </ns0:Body>
+</ns0:Envelope> \ No newline at end of file
diff --git a/tests/edugain.pem b/tests/edugain.pem
new file mode 100644
index 00000000..1f40b87d
--- /dev/null
+++ b/tests/edugain.pem
@@ -0,0 +1,15 @@
+-----BEGIN CERTIFICATE-----
+MIICVzCCAcACCQDnwXdaJ4G3vTANBgkqhkiG9w0BAQUFADBwMQswCQYDVQQGEwJO
+TzESMBAGA1UECBMJVHJvbmRoZWltMRIwEAYDVQQHEwlUcm9uZGhlaW0xDjAMBgNV
+BAoTBUZlaWRlMQ4wDAYDVQQLEwVGZWlkZTEZMBcGA1UEAxMQZWR1Z2Fpbi5mZWlk
+ZS5ubzAeFw0wOTA4MzEwNjU2NDJaFw0zNzAxMTUwNjU2NDJaMHAxCzAJBgNVBAYT
+Ak5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEjAQBgNVBAcTCVRyb25kaGVpbTEOMAwG
+A1UEChMFRmVpZGUxDjAMBgNVBAsTBUZlaWRlMRkwFwYDVQQDExBlZHVnYWluLmZl
+aWRlLm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0/w1x1eIAbLYSVqCc
+OWiPC3lhWRNEBgRXFdCo/CFQt1DSAh6AYIw9nGWatqiKD0dtXhn+g4or36fF+l4t
+FlKwMjIRdB9EM3dp8ErhecauLTAXzJGI16YrfI5932UJr4NDJB/Wm1GKefyu5QIR
+w9NTEImw8CmUzzzmMd7TBM2epwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAJpIWdXn
+FL/j9Cm/Pdn6Yoxkf1mWy8L8WSwF8j9xfkvp53/GMd9IFkgkBbZo+F9CDH2la6H3
+vseA3ZJrXrxSn5RBhI5XJ85DGfdcMYJy3K42Y6mAUghVv1n+rf39w/cyuSRIW0IY
+XE3ANufnryezpDUffXpzdUltuTCpu2qfKEj2
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/tests/encrypted_attribute_statement.xml b/tests/encrypted_attribute_statement.xml
new file mode 100644
index 00000000..45c49041
--- /dev/null
+++ b/tests/encrypted_attribute_statement.xml
@@ -0,0 +1,147 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:AttributeStatement xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:ns1="http://www.w3.org/2001/04/xmlenc#"
+ xmlns:ns2="http://www.w3.org/2000/09/xmldsig#">
+ <ns0:EncryptedAttribute >
+ <ns1:EncryptedData ID="_dcf9eb6ed26d9332d940130e0cae1ba1"
+ Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <ns1:EncryptionMethod
+ Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <ns2:KeyInfo>
+ <ns2:RetrievalMethod Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+ URI="#_1234"/>
+ </ns2:KeyInfo>
+ <ns1:CipherData>
+ <ns1:CipherValue>
+ xj+8vbBX7wMflO5/Oiw19sXUNtAjIXU5F/EAojJWQq3HRNzI/8MAy03SUHwsYdxu
+ nj4Q1Wp8PpaQnOdtGlkyHMXOJxoZr8x2e5LJt4Tqbyr9V2S5QTYinkyr+3AAVET3
+ qNfDNvngHBIP3PsNLmZrts08UW5By8WmZwj/ZUAvR5+VfqbrXbyV8Cl3CI1QKzq0
+ WuZ//YTPuT39DyaAb7s1QGAN2LWlVJ/ytcQ8sA9V5FgZnAnU5x1xd9scwDzjsC6r
+ btVQGJ+Nn0rVT48nQbOImTrrCFT4g1/e0/qkdCx6MA95qZcXs7Ij+jEANKNsb/49
+ 8yBq4U19bqk+NS0Vs6Y2oG62P6uRBfzan3dbL8yrpwJNtrQt3cJRTl/8c7RKRR1g
+ TR4ecJaHw9aHexMqghCFi7Xpw1H/mQO1b4QUebgbRMQPNufmkr+NZrAj+8IJYzrO
+ QD0030NDdChObGMwUYs1/EsQPSa5nJs+
+ </ns1:CipherValue>
+ </ns1:CipherData>
+ </ns1:EncryptedData>
+ <ns1:EncryptedKey ID="_1234">
+ <ns1:EncryptionMethod
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <ns2:KeyInfo>
+ <ns2:KeyName/>
+ </ns2:KeyInfo>
+ <ns1:CipherData>
+ <ns1:CipherValue>
+ H57XM3+yhY5nHiTYmfTLmH9FBL9jTRcUQTx0fwSIQaYbsHVne9gvsu47unVwXASl
+ GjUzqbRuH2p7iGJsL1RH2wHYqU/P3pzJdt5EFpTso9JVwnTfxDlHBABDDGIk3jN+
+ 0WzqlrHsouUm5MAUC3x45F0TNZLWrS243Hnz7/MQTa8=
+ </ns1:CipherValue>
+ </ns1:CipherData>
+ <ns1:ReferenceList>
+ <ns1:DataReference URI="#_dcf9eb6ed26d9332d940130e0cae1ba1"/>
+ </ns1:ReferenceList>
+ </ns1:EncryptedKey>
+ </ns0:EncryptedAttribute>
+ <ns0:EncryptedAttribute>
+ <ns1:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <ns1:EncryptionMethod
+ Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <ns2:KeyInfo>
+ <ns1:EncryptedKey>
+ <ns1:EncryptionMethod
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <ns2:KeyInfo>
+ <ns2:KeyName/>
+ </ns2:KeyInfo>
+ <ns1:CipherData>
+ <ns1:CipherValue>
+ hDtrZP8T7LHr0dtbhI5KnRDZiDpnKFJ2RT1yqP42G0MAuvE/pdPPR3bpRD6AGvfd
+ LL6i3YffzrB2eQ2Pu4yfEyzh9NyK8RRIW3eQxPlIeiDdSg8LjDt0Z5R3Y/OQnupK
+ 2cpd+ZdddbRD0I5Itsa0/B3SsoPBva5/HB1iVmXAEHg=
+ </ns1:CipherValue>
+ </ns1:CipherData>
+ </ns1:EncryptedKey>
+ </ns2:KeyInfo>
+ <ns1:CipherData>
+ <ns1:CipherValue>
+ XNyrhgaUs00vg9WA5idgv6yPOa5CwHrCb4IHM7tlK+aW7MWaZBjcifDFJDBNQ1At
+ h8092JEknRAXeI8hrWCb3/uHPAK51Q07euszJkWi51UbVZblEYlc/US/Ibq3DGt/
+ 1wuXrpoSFx2kNVg8mTahVrOXQrKXJThb/NhRs3616WzVvePV0hveABv8cTT1rSjW
+ Ym5ushi7vmanxL85l+i2n9RLkMMbs/p8O+vFvxquaEemLQFcDoPF4cklSWFwS/R7
+ hdvumDTiPkPJq0k9GjHrdJ3717N3z1fd+ZBepXdFmZWeg5k3j+9yUT/CwIh9xo53
+ MQZwu77a2JdT7Z0+QKZW8k8TD0dNtId4BPndLPSsHb++2b3mL6XryhGfW7oTQmkC
+ iKF4gB9b7p+tKNrMBSaB1ZGBUQwopTStdGft3wdIRAGlOSvjeJG74s5YQyinO8nt
+ gUsjgUuYzyxdJ2yxG4WG67RWvLAxhHwmiAQgS62b/JgmzO+GMUdaEw==
+ </ns1:CipherValue>
+ </ns1:CipherData>
+ </ns1:EncryptedData>
+ </ns0:EncryptedAttribute>
+ <ns0:EncryptedAttribute>
+ <ns1:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <ns1:EncryptionMethod
+ Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <ns2:KeyInfo>
+ <ns1:EncryptedKey>
+ <ns1:EncryptionMethod
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <ns2:KeyInfo>
+ <ns2:KeyName/>
+ </ns2:KeyInfo>
+ <ns1:CipherData>
+ <ns1:CipherValue>
+ mqeDbs+m1iV/iJAibjg2JkaTk5qgcoevTFmQvKi4r/poK1Ch6RuNhcY6B+avyrC7
+ of4A0wQY8/gWoH8Ka3IjvrMMHEfSHqhAJPu5At10Bf0ImJFpjhcZMdC5J4i0m8oU
+ sV3zmMzZFs9gMuyNHWKPBFNzTZSWweiTEGMB7poxLqw=
+ </ns1:CipherValue>
+ </ns1:CipherData>
+ </ns1:EncryptedKey>
+ </ns2:KeyInfo>
+ <ns1:CipherData>
+ <ns1:CipherValue>
+ or5RZixvPJKh3/dk4xm5xfbTLYlgEaSs88lLtx+7eWUuTKUD7APCi3QtBJmMzPak
+ L4MXdGkIjonw9S5xtG3ElUmLU3kix/FmPWnHotuCWonFIqoqQBaSCeOf04ZzZqlB
+ RFBBjDXC/tiImGZ0IENk8ztyrWpW/iru8hl75VSE/lpWB+j7+q4qIJgs5vOlQ+mE
+ cP0kUc9H5gI5kVlcnM7B5W1WitiWuUk4bvO1J3uTfYMfey6yvEqmHpgTh5MHhL7I
+ C5kVmEvkw0tKRZ0FjwtPoKki/ua+Wg2RvR6+HYS1EXs//x/fwWFlyGbD0wj3Nd4A
+ jvJR/WMVMaWjFDXR8NnBCyGhSHU1/OsTdKNPw01XNx7wTGCD79dijY8Jz6qoBZEf
+ C3zrySPPFi+8UZfxRdjOyb2adTxtxF4R2TRTUObuEuB7WV5jNY17qMj7Am0wHtiP
+ R/e5d9kiwEiUBhbDcFfXAg==
+ </ns1:CipherValue>
+ </ns1:CipherData>
+ </ns1:EncryptedData>
+ </ns0:EncryptedAttribute>
+ <ns0:EncryptedAttribute>
+ <ns1:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element">
+ <ns1:EncryptionMethod
+ Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
+ <ns2:KeyInfo>
+ <ns1:EncryptedKey>
+ <ns1:EncryptionMethod
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+ <ns2:KeyInfo>
+ <ns2:KeyName/>
+ </ns2:KeyInfo>
+ <ns1:CipherData>
+ <ns1:CipherValue>
+ kpkeBJDeQ7Eo1h5vOo5tmIAwhJm01wuOTWRzwBw1tIne2REC0DwxpQf6+ZOXCQAe
+ uo3bv9wY0RbLBptKa4AULFvqB5gWAxyGZ8pdG4l7FwlE+cSVTAz6CEY2ptNuGF9o
+ 8Ytioe0h2MrUxK0BGMcRFtEdlo3fJPL/biKwh8Ah6W0=
+ </ns1:CipherValue>
+ </ns1:CipherData>
+ </ns1:EncryptedKey>
+ </ns2:KeyInfo>
+ <ns1:CipherData>
+ <ns1:CipherValue>
+ XQmRA71fcF0Inuzn7nEZGFu0XHnMV50VUfzbfxonOskcf63wRJQdBCSffUQPj7P6
+ 07rGbJYEBUhF1K2RtvL06aeuxWNGRt0oTWV0eyW0PLCihWpNnBmxXFR420lQn0jc
+ Jh8KEdsEdsgemveBOTP2mTchywqeEnAm6SUK44SVB85jOsbmomjGTPh2XZ0YgWgp
+ 2KlbG/amPvA0pByX8YzfAVepLpjA5A/Zut+7nQ93Bbb3feXoFbI6yoKUU7RawfWy
+ xH1MYFfrDS/4n0K0PsfFH7cIa+wj1oIVg3GH023Cp0lA1rWCjMMC1TW8qbBweUZn
+ kfiWZV2U1GLocF9IJmPLrIgDznOCN8NQiHbcTgGHDVxUup4revQq8Ryu536qQ4Cn
+ 5RGpENRQ7qvikA9P22pwaJu7dlX+ygnO1XmhX+QpysOT7GkUoA6veEc0QvVGdjWI
+ MvIFnYwtIJkrBFxLgQY5O2RD2Mb9wFpMQGZdBuwKVxI=
+ </ns1:CipherValue>
+ </ns1:CipherData>
+ </ns1:EncryptedData>
+ </ns0:EncryptedAttribute>
+</ns0:AttributeStatement>
diff --git a/tests/extended.xml b/tests/extended.xml
new file mode 100644
index 00000000..70f550e7
--- /dev/null
+++ b/tests/extended.xml
@@ -0,0 +1,163 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ This file was automatically generated - do not edit
+
+ -->
+<md:EntitiesDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" Name="http://md.swamid.se/md/swamid-testing-1.0.xml">
+ <ds:Signature>
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <ds:Reference URI="">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <ds:DigestValue>Kt7437JspP0BG6CqtrWIZuSs42o=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>lneqzdMN82rjUwUE/kPDQQ1A3yX9ddVPF+3gRBtDg5UgwX5BJE1enkkKB7SRJ2vS
+CQChHbcFojcI5MvuBEYlGI1igI5U25LmndW3g//XkWP33ecXe2lPJyYAVOU8O3vB
+SnUFN7M/62OeVNGDDuS0iclC9Tjj9hRPTZF0FAhrsJ+OjIQUZgWm0Nv+tMt9rjc4
+fLe/DJIh+sqH/tAWatfcKQEMGo5MzFgHF8n6FD8WFVBAfRPLr/i+s0gu2lqFQimU
+jhuD/pwG9mOJi/3roX7jjEHCJRDX/+IP3o62UrBgUosvq9YNIvXyi4sTdOUNRf5i
+iUo8iSUst9nUqsrh5aUdzA==</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <X509Certificate xmlns="http://www.w3.org/2000/09/xmldsig#">MIIDdTCCAl0CBEY7EskwDQYJKoZIhvcNAQEEBQAwfzELMAkGA1UEBhMCU0UxEjAQ
+BgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMREwDwYDVQQKEwhT
+V0FNSS5zZTEPMA0GA1UECxMGU1dBTUlEMSQwIgYDVQQDExtTV0FNSUQgbWV0YWRh
+dGEgc2lnbmVyIHYxLjEwHhcNMDcwNTA0MTEwMjMzWhcNMTcwNTAxMTEwMjMzWjB/
+MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9j
+a2hvbG0xETAPBgNVBAoTCFNXQU1JLnNlMQ8wDQYDVQQLEwZTV0FNSUQxJDAiBgNV
+BAMTG1NXQU1JRCBtZXRhZGF0YSBzaWduZXIgdjEuMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAM6wXN3pVCo98SACS6JCHjSlWj83oNL/Ct+a9hmAx1NZ
+SKg7lnEJYwWBvzJt5o/47jRQbGm94a45Yy5LVoXq4XyCKINhMxSwbRROvr8Hw6tg
+P1Z9dk5Jjejvus3gyaH3+EuEyP4aIjTlgmHDwW6HOv/m/4bOXSHB4Pisn7aocqU7
+kjpOn1f0cGodWOgGO4tP7KXs6ndcLhIkW+e/B80WEr0kocuc/pvx+aLuKSkttk/A
+fP1DFs5sqX31RXQKGrB/uEEYVv1Qvneig+RXGSbqk2Tab3BcLE/Cjnfi9Q9cH/jR
+eL/YSSafGtl+EBgXKszxjMtELhiEWsL9RrMu1HUkBusCAwEAATANBgkqhkiG9w0B
+AQQFAAOCAQEAkXaa61gp/lkEDNRFc0bzH3ZyoUFgol64F1zdAwBS3xnsCkTnAXt3
+p452daEyz+0UR5J/BruMOyvR57w1m7ckVnx/sAgRgaD6gQlUWehjKPEsx8o5iDfO
+5R1V5Rn2o7+0VuIJDDObEAtMwqn2Nk6TTzsUVfz5y9nUQAxBz3EqXnnSgRwqSwRF
+yiVkpVfwtUHIolAf6O2N9Fg1jqoqt4mQCOyRZpD0/5SRYESTY6TJjTmvoh+zOPlI
+yEiw+Zrl/FWjXtBnRnz8AVT5NRzYiMHdbTHs0Fh6elsb5b9gTBo7j6+t36m7oo2K
+DaWWpMWvuWHugEqvIAXDCI/HzTbbiWm9NQ==</X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <md:EntityDescriptor entityID="https://coip-test.sunet.se/shibboleth" xml:base="swamid-1.0/coip-test.sunet.se-sp.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://coip-test.sunet.se/Shibboleth.sso/DS/ds.sunet.se" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>coip-test.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=coip-test.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJAMJwrBkmzHKJMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEmNvaXAtdGVzdC5zdW5ldC5zZTAeFw0xMDEyMDcwOTM0NTFaFw0yMDEyMDQw
+OTM0NTFaMB0xGzAZBgNVBAMTEmNvaXAtdGVzdC5zdW5ldC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMR4JETtaGG+7n5+NksVT/7LnmveeNwbGuPS
+CyW1GY+7yYBwjMnnsFnnprl2curgER/HeOXf3bBxnoxbSVFdaZILPRVStLngzhYJ
+7qGOGWHWdukDDzgCDfdOVEOwLAiV4TXhCoKzaRKaUV63Ul9pEG2ogkQHlsW7zTmX
+4DJNdpBgmB/ohjuAceY3xUrKj9TBZf9KPKYE1D8xoig5qCUhWUqWrltxBBbNubsa
+UIXun9Hf1zemgViLuPI2s5/RD5uY3x6FpkXeNGRHvPT7+LnKrPNi4g41m1FZ+wvj
+xPkNVXBLJgEIsHtYTKvY8dXaA+k1xyFvqjWf1RjuG8TYIlvHoDkCAwEAAaNAMD4w
+HQYDVR0RBBYwFIISY29pcC10ZXN0LnN1bmV0LnNlMB0GA1UdDgQWBBR/jp1zUgjw
+rKZimB05qmprVJvYEDANBgkqhkiG9w0BAQUFAAOCAQEAeAYegf9tMG2Lg7AW2tIq
+5bTbaMwRzLtFkB1KZrh17RUSneiF1FrRD5Qo4O1/rh0PrxO9+R1M9VpYXrcEg48u
+TLOo7EEaJaF7+Eh9Z/UaJjY5zL6hhQSW+nxHHtluuIRCJwH26oF04v9Ty9TC+4Ax
+g6NuvysrzRWhdeWh4voY1lBi1po+/MqUWufXS/uxrHBT9XNSb6dvqWTvUEe09Sj9
+UTHOU967H8PfFKB6w8/lIqCd66P3PnZrNQVmfbjDkrASkmvhUKEMc//Nn/+MS02T
+uXfFMclNeY0vwkDmtQCDB2o8DGQS8H3hpXb2MmJtFgu/81yZRqX/0uRC3kGBQXyd
+cA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>coip-test.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=coip-test.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJAMJwrBkmzHKJMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEmNvaXAtdGVzdC5zdW5ldC5zZTAeFw0xMDEyMDcwOTM0NTFaFw0yMDEyMDQw
+OTM0NTFaMB0xGzAZBgNVBAMTEmNvaXAtdGVzdC5zdW5ldC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMR4JETtaGG+7n5+NksVT/7LnmveeNwbGuPS
+CyW1GY+7yYBwjMnnsFnnprl2curgER/HeOXf3bBxnoxbSVFdaZILPRVStLngzhYJ
+7qGOGWHWdukDDzgCDfdOVEOwLAiV4TXhCoKzaRKaUV63Ul9pEG2ogkQHlsW7zTmX
+4DJNdpBgmB/ohjuAceY3xUrKj9TBZf9KPKYE1D8xoig5qCUhWUqWrltxBBbNubsa
+UIXun9Hf1zemgViLuPI2s5/RD5uY3x6FpkXeNGRHvPT7+LnKrPNi4g41m1FZ+wvj
+xPkNVXBLJgEIsHtYTKvY8dXaA+k1xyFvqjWf1RjuG8TYIlvHoDkCAwEAAaNAMD4w
+HQYDVR0RBBYwFIISY29pcC10ZXN0LnN1bmV0LnNlMB0GA1UdDgQWBBR/jp1zUgjw
+rKZimB05qmprVJvYEDANBgkqhkiG9w0BAQUFAAOCAQEAeAYegf9tMG2Lg7AW2tIq
+5bTbaMwRzLtFkB1KZrh17RUSneiF1FrRD5Qo4O1/rh0PrxO9+R1M9VpYXrcEg48u
+TLOo7EEaJaF7+Eh9Z/UaJjY5zL6hhQSW+nxHHtluuIRCJwH26oF04v9Ty9TC+4Ax
+g6NuvysrzRWhdeWh4voY1lBi1po+/MqUWufXS/uxrHBT9XNSb6dvqWTvUEe09Sj9
+UTHOU967H8PfFKB6w8/lIqCd66P3PnZrNQVmfbjDkrASkmvhUKEMc//Nn/+MS02T
+uXfFMclNeY0vwkDmtQCDB2o8DGQS8H3hpXb2MmJtFgu/81yZRqX/0uRC3kGBQXyd
+cA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://coip-test.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://coip-test.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://coip-test.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://coip-test.sunet.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://coip-test.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://coip-test.sunet.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://coip-test.sunet.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://coip-test.sunet.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://coip-test.sunet.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+ </md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://coip-test.sunet.se/idp/shibboleth" xml:base="swamid-1.0/coip-test.sunet.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">sunet.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNDCCAhygAwIBAgIVAIEijMHQfZuv/n/goQuJ0Q4JizX1MA0GCSqGSIb3DQEB
+BQUAMB0xGzAZBgNVBAMTEmNvaXAtdGVzdC5zdW5ldC5zZTAeFw0xMDEyMDYyMzI1
+MTNaFw0zMDEyMDYyMzI1MTNaMB0xGzAZBgNVBAMTEmNvaXAtdGVzdC5zdW5ldC5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMZ3jfjgtkyfH1TJ/rQd
+ziYCIi9h1Rne9yFt83KrsykQVxRDoA/0AbBpQnKNl1sD14iAyj+xpHPUMPz5/MpK
+5b7f1pRXsL+8tEf+gmdPDiJ1rUecV3soyOVdOuOZcROyfx70iddHgkUYmKUbVeeE
+rvU8vKa8BjYEvzG3WRT4o6I2tkQyYEu6mJlw48EjcgCG8CYFbrhKhiTk8d/qMWrQ
+eRfdWaBqLfQnum3DJXPaZ35QvO6Qk+uWN2CcdWPKWyyvpUmNp5/LklPJ4XZC9JqO
+LBzV02EVsnNbNTKjYKjwtlKa5BPD7QoDLp+QJel0jtx8WH5LCmFtvSdwnUFV1oig
+DzcCAwEAAaNrMGkwSAYDVR0RBEEwP4ISY29pcC10ZXN0LnN1bmV0LnNlhilodHRw
+czovL2NvaXAtdGVzdC5zdW5ldC5zZS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQU
+eTW+lqHTyfngd7TOlml27LxY5H8wDQYJKoZIhvcNAQEFBQADggEBAJsa3va2XmyV
+9vt0MtXK7xetQc7YpCl8IPMTPqJyiwIOmRDahU0fOlsnyXgiVbgtBWEkdPU+mFJt
+ieUpQNmHMvNkGWHmBBkSX0ANyor+H54XNYYnaMcxa/dZHE3hCWO1N1Y5AOFRUauv
+qr0ECPqqiM8M/Ir/9iRivLkBpBgLa4SU9O13s/1dgsP7vvNoIbxMecLRhVVaTkwj
+v5OqkXDvlha9dI/NRxBYUsIpts6tU+20DvSmyZG1IbSu5tMSGn6jrDHsClXuig7w
+ZBkqgmTtNcDZXR2FaflUDmM7Xk1gw581bWdYCpQZHNQv7Kh7yAeQWjU2OoYFm3U9
+C2+Rm0cXr6U=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://coip-test.sunet.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://coip-test.sunet.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ </EntityDescriptor>
+</md:EntitiesDescriptor>
diff --git a/tests/idp.xml b/tests/idp.xml
new file mode 100644
index 00000000..c1ccf0b7
--- /dev/null
+++ b/tests/idp.xml
@@ -0,0 +1,52 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:idp">
+ <ns0:IDPSSODescriptor WantAuthnRequestsSigned="true"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <ns0:KeyDescriptor>
+ <ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#">
+ <ns1:X509Data>
+ <ns1:X509Certificate>
+ MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+ BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+ aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+ MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+ gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+ 3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+ efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+ A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+ iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+ U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+ mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+ h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+ U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+ mrPzGzk3ECbupFnqyREH3+ZPSdk=
+ </ns1:X509Certificate>
+ </ns1:X509Data>
+ </ns1:KeyInfo>
+ </ns0:KeyDescriptor>
+ <ns0:SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://localhost:8088/slo"/>
+ <ns0:SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://localhost:8088/sso"/>
+ </ns0:IDPSSODescriptor>
+ <ns0:Organization>
+ <ns0:OrganizationName xml:lang="en">Exempel AB
+ </ns0:OrganizationName>
+ <ns0:OrganizationDisplayName xml:lang="se">Exempel AB
+ </ns0:OrganizationDisplayName>
+ <ns0:OrganizationDisplayName xml:lang="en">Example Co.
+ </ns0:OrganizationDisplayName>
+ <ns0:OrganizationURL xml:lang="en">http://www.example.com/roland
+ </ns0:OrganizationURL>
+ </ns0:Organization>
+ <ns0:ContactPerson contactType="technical">
+ <ns0:GivenName>John</ns0:GivenName>
+ <ns0:SurName>Smith</ns0:SurName>
+ <ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress>
+ </ns0:ContactPerson>
+ </ns0:EntityDescriptor>
+</ns0:EntitiesDescriptor>
diff --git a/tests/idp_2.xml b/tests/idp_2.xml
new file mode 100644
index 00000000..9c8dfcca
--- /dev/null
+++ b/tests/idp_2.xml
@@ -0,0 +1,98 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ns0:EntityDescriptor entityID="http://example.com/SAML/IDP">
+ <ns0:IDPSSODescriptor WantAuthnRequestsSigned="true"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <ns0:KeyDescriptor>
+ <ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#">
+ <ns1:X509Data>
+ <ns1:X509Certificate>
+ MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+ BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+ aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+ MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+ gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+ 3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+ efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+ A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+ iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+ U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+ mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+ h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+ U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+ mrPzGzk3ECbupFnqyREH3+ZPSdk=
+ </ns1:X509Certificate>
+ </ns1:X509Data>
+ </ns1:KeyInfo>
+ </ns0:KeyDescriptor>
+ <ns0:SingleLogoutService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://localhost:8088/slo"/>
+ <ns0:SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://localhost:8088/sso"/>
+ </ns0:IDPSSODescriptor>
+ <ns0:Organization>
+ <ns0:OrganizationName xml:lang="en">Exempel AB
+ </ns0:OrganizationName>
+ <ns0:OrganizationDisplayName xml:lang="se">Exempel AB
+ </ns0:OrganizationDisplayName>
+ <ns0:OrganizationDisplayName xml:lang="en">Example Co.
+ </ns0:OrganizationDisplayName>
+ <ns0:OrganizationURL xml:lang="en">http://www.example.com/roland
+ </ns0:OrganizationURL>
+ </ns0:Organization>
+ <ns0:ContactPerson contactType="technical">
+ <ns0:GivenName>John</ns0:GivenName>
+ <ns0:SurName>Smith</ns0:SurName>
+ <ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress>
+ </ns0:ContactPerson>
+ </ns0:EntityDescriptor>
+ <ns0:EntityDescriptor entityID="http://example.com/SAML/AA">
+ <ns0:AttributeAuthorityDescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <ns0:KeyDescriptor>
+ <ns2:KeyInfo xmlns:ns2="http://www.w3.org/2000/09/xmldsig#">
+ <ns2:X509Data>
+ <ns2:X509Certificate>
+ MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+ BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+ aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+ MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+ gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+ 3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+ efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+ A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+ iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+ U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+ mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+ h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+ U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+ mrPzGzk3ECbupFnqyREH3+ZPSdk=
+ </ns2:X509Certificate>
+ </ns2:X509Data>
+ </ns2:KeyInfo>
+ </ns0:KeyDescriptor>
+ <ns0:AttributeService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://localhost:8089/as"/>
+ </ns0:AttributeAuthorityDescriptor>
+ <ns0:Organization>
+ <ns0:OrganizationName xml:lang="en">Exempel AB
+ </ns0:OrganizationName>
+ <ns0:OrganizationDisplayName xml:lang="se">Exempel AB
+ </ns0:OrganizationDisplayName>
+ <ns0:OrganizationDisplayName xml:lang="en">Example Co.
+ </ns0:OrganizationDisplayName>
+ <ns0:OrganizationURL xml:lang="en">http://www.example.com/roland
+ </ns0:OrganizationURL>
+ </ns0:Organization>
+ <ns0:ContactPerson contactType="technical">
+ <ns0:GivenName>John</ns0:GivenName>
+ <ns0:SurName>Smith</ns0:SurName>
+ <ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress>
+ </ns0:ContactPerson>
+ </ns0:EntityDescriptor>
+</ns0:EntitiesDescriptor>
diff --git a/tests/idp_aa.xml b/tests/idp_aa.xml
new file mode 100644
index 00000000..c0288d9d
--- /dev/null
+++ b/tests/idp_aa.xml
@@ -0,0 +1,32 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:idp"><ns0:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://localhost:8088/slo" /><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:8088/sso" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="en">Exempel AB</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="se">Exempel AB</ns0:OrganizationDisplayName><ns0:OrganizationDisplayName xml:lang="en">Example Co.</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="en">http://www.example.com/roland</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>John</ns0:GivenName><ns0:SurName>Smith</ns0:SurName><ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor><ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:aa"><ns0:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns2:KeyInfo xmlns:ns2="http://www.w3.org/2000/09/xmldsig#"><ns2:X509Data><ns2:X509Certificate>MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+</ns2:X509Certificate></ns2:X509Data></ns2:KeyInfo></ns0:KeyDescriptor><ns0:AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://localhost:8089/as" /></ns0:AttributeAuthorityDescriptor><ns0:Organization><ns0:OrganizationName xml:lang="en">Exempel AB</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="se">Exempel AB</ns0:OrganizationDisplayName><ns0:OrganizationDisplayName xml:lang="en">Example Co.</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="en">http://www.example.com/roland</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>John</ns0:GivenName><ns0:SurName>Smith</ns0:SurName><ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor></ns0:EntitiesDescriptor>
diff --git a/tests/idp_conf.py b/tests/idp_conf.py
new file mode 100644
index 00000000..33b9c8a7
--- /dev/null
+++ b/tests/idp_conf.py
@@ -0,0 +1,61 @@
+from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
+from saml2.saml import NAMEID_FORMAT_PERSISTENT
+from saml2.saml import NAME_FORMAT_URI
+
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:idp",
+ "name" : "Rolands IdP",
+ "service": {
+ "idp": {
+ "endpoints" : {
+ "single_sign_on_service" : [
+ ("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)],
+ "single_logout_service": [
+ ("http://localhost:8088/slo", BINDING_SOAP),
+ ("http://localhost:8088/slop",BINDING_HTTP_POST)]
+ },
+ "policy": {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None, # means all I have
+ "name_form": NAME_FORMAT_URI,
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "nameid_format": NAMEID_FORMAT_PERSISTENT,
+ # "attribute_restrictions":{
+ # "givenName": None,
+ # "surName": None,
+ # }
+ }
+ },
+ "subject_data": "subject_data.db",
+ },
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ "xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["metadata.xml", "vo_metadata.xml"],
+ },
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": "Exempel AB",
+ "display_name": [("Exempel AB","se"),("Example Co.","en")],
+ "url":"http://www.example.com/roland",
+ },
+ "contact_person": [{
+ "given_name":"John",
+ "sur_name": "Smith",
+ "email_address": ["john.smith@example.com"],
+ "contact_type": "technical",
+ },
+ ],
+}
diff --git a/tests/idp_slo_redirect.xml b/tests/idp_slo_redirect.xml
new file mode 100644
index 00000000..cbf723fa
--- /dev/null
+++ b/tests/idp_slo_redirect.xml
@@ -0,0 +1,17 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:idp"><ns0:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:8088/slo" /><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:8088/sso" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="en">Exempel AB</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="se">Exempel AB</ns0:OrganizationDisplayName><ns0:OrganizationDisplayName xml:lang="en">Example Co.</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="en">http://www.example.com/roland</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>John</ns0:GivenName><ns0:SurName>Smith</ns0:SurName><ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor></ns0:EntitiesDescriptor>
diff --git a/tests/idp_slo_redirect_conf.py b/tests/idp_slo_redirect_conf.py
new file mode 100644
index 00000000..cea09513
--- /dev/null
+++ b/tests/idp_slo_redirect_conf.py
@@ -0,0 +1,56 @@
+from saml2 import BINDING_HTTP_REDIRECT
+from saml2.saml import NAMEID_FORMAT_PERSISTENT
+from saml2.saml import NAME_FORMAT_URI
+
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:idp",
+ "name" : "Rolands IdP",
+ "service": {
+ "idp": {
+ "endpoints" : {
+ "single_sign_on_service" : [
+ ("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)],
+ "single_logout_service": [
+ ("http://localhost:8088/slo", BINDING_HTTP_REDIRECT)]
+ },
+ "policy": {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None, # means all I have
+ "name_form": NAME_FORMAT_URI
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "nameid_format": NAMEID_FORMAT_PERSISTENT,
+ }
+ },
+ "subject_data": "subject_data.db",
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["sp_slo_redirect.xml"],
+ },
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": "Exempel AB",
+ "display_name": [("Exempel AB","se"),("Example Co.","en")],
+ "url":"http://www.example.com/roland",
+ },
+ "contact_person": [{
+ "given_name":"John",
+ "sur_name": "Smith",
+ "email_address": ["john.smith@example.com"],
+ "contact_type": "technical",
+ },
+ ],
+}
diff --git a/tests/idp_soap.xml b/tests/idp_soap.xml
new file mode 100644
index 00000000..0902dc5e
--- /dev/null
+++ b/tests/idp_soap.xml
@@ -0,0 +1,17 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:idp"><ns0:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://localhost:8088/slo" /><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:8088/sso" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="en">Exempel AB</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="se">Exempel AB</ns0:OrganizationDisplayName><ns0:OrganizationDisplayName xml:lang="en">Example Co.</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="en">http://www.example.com/roland</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>John</ns0:GivenName><ns0:SurName>Smith</ns0:SurName><ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor></ns0:EntitiesDescriptor>
diff --git a/tests/idp_soap_conf.py b/tests/idp_soap_conf.py
new file mode 100644
index 00000000..60dcd5bc
--- /dev/null
+++ b/tests/idp_soap_conf.py
@@ -0,0 +1,59 @@
+from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT
+from saml2.saml import NAMEID_FORMAT_PERSISTENT
+from saml2.saml import NAME_FORMAT_URI
+
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+CONFIG={
+ "entityid" : "urn:mace:example.com:saml:roland:idp",
+ "name" : "Rolands IdP",
+ "service": {
+ "idp": {
+ "endpoints" : {
+ "single_sign_on_service" : [
+ ("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)],
+ "single_logout_service": [
+ ("http://localhost:8088/slo", BINDING_SOAP)]
+ },
+ "policy": {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None, # means all I have
+ "name_form": NAME_FORMAT_URI,
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "nameid_format": NAMEID_FORMAT_PERSISTENT,
+ # "attribute_restrictions":{
+ # "givenName": None,
+ # "surName": None,
+ # }
+ }
+ },
+ "subject_data": "subject_data.db",
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["metadata.xml", "vo_metadata.xml"],
+ },
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": "Exempel AB",
+ "display_name": [("Exempel AB","se"),("Example Co.","en")],
+ "url":"http://www.example.com/roland",
+ },
+ "contact_person": [{
+ "given_name":"John",
+ "sur_name": "Smith",
+ "email_address": ["john.smith@example.com"],
+ "contact_type": "technical",
+ },
+ ],
+}
diff --git a/tests/idp_sp_conf.py b/tests/idp_sp_conf.py
new file mode 100644
index 00000000..cd3f166c
--- /dev/null
+++ b/tests/idp_sp_conf.py
@@ -0,0 +1,73 @@
+__author__ = 'rolandh'
+
+from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
+from saml2.saml import NAMEID_FORMAT_PERSISTENT
+from saml2.saml import NAME_FORMAT_URI
+
+BASE = "http://localhost:8088/"
+
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:idp",
+ "name" : "Rolands IdP",
+ "service": {
+ "idp": {
+ "endpoints" : {
+ "single_sign_on_service" : [
+ (BASE+"sso", BINDING_HTTP_REDIRECT)],
+ "single_logout_service": [
+ (BASE+"slo", BINDING_SOAP),
+ (BASE+"slop",BINDING_HTTP_POST)]
+ },
+ "policy": {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None, # means all I have
+ "name_form": NAME_FORMAT_URI,
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "nameid_format": NAMEID_FORMAT_PERSISTENT,
+ # "attribute_restrictions":{
+ # "givenName": None,
+ # "surName": None,
+ # }
+ }
+ },
+ "subject_data": "subject_data.db",
+ },
+ "sp": {
+ "endpoints":{
+ "assertion_consumer_service": [(BASE, BINDING_HTTP_REDIRECT)
+ ],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["metadata.xml", "vo_metadata.xml"],
+ },
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": "Exempel AB",
+ "display_name": [("Exempel AB","se"),("Example Co.","en")],
+ "url":"http://www.example.com/roland",
+ },
+ "contact_person": [{
+ "given_name":"John",
+ "sur_name": "Smith",
+ "email_address": ["john.smith@example.com"],
+ "contact_type": "technical",
+ },
+ ],
+}
diff --git a/tests/idp_uiinfo.xml b/tests/idp_uiinfo.xml
new file mode 100644
index 00000000..fa37d703
--- /dev/null
+++ b/tests/idp_uiinfo.xml
@@ -0,0 +1,17 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns1="urn:mace:shibboleth:metadata:1.0" xmlns:ns2="urn:oasis:names:tc:SAML:metadata:ui" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#"><ns0:EntityDescriptor entityID="http://example.com/saml2/idp.xml"><ns0:IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:Extensions><ns1:Scope regexp="false">example.org</ns1:Scope><ns2:UIInfo><ns2:Keywords xml:lang="en">foo bar</ns2:Keywords><ns2:Logo height="40" width="30">http://example.com/logo.jpg</ns2:Logo><ns2:InformationURL>http://example.com/saml2/info.html</ns2:InformationURL><ns2:DisplayName>Example Co.</ns2:DisplayName><ns2:Description xml:lang="se">Exempel bolag</ns2:Description><ns2:PrivacyStatementURL>http://example.com/saml2/privacyStatement.html</ns2:PrivacyStatementURL></ns2:UIInfo></ns0:Extensions><ns0:KeyDescriptor><ns3:KeyInfo><ns3:X509Data><ns3:X509Certificate>MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+</ns3:X509Certificate></ns3:X509Data></ns3:KeyInfo></ns0:KeyDescriptor><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://example.com/saml2/" /></ns0:IDPSSODescriptor></ns0:EntityDescriptor></ns0:EntitiesDescriptor>
diff --git a/tests/kalmar2.pem b/tests/kalmar2.pem
new file mode 100644
index 00000000..18ad9634
--- /dev/null
+++ b/tests/kalmar2.pem
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC+zCCAmSgAwIBAgIJALIv7VqXanQYMA0GCSqGSIb3DQEBBQUAMF0xCzAJBgNV
+BAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEjAQBgNVBAcTCVRyb25kaGVpbTEQ
+MA4GA1UEChMHVU5JTkVUVDEUMBIGA1UEAxMLa2FsbWFyMi5vcmcwHhcNMDkxMDI2
+MDY1OTQyWhcNMTkxMDI2MDY1OTQyWjBdMQswCQYDVQQGEwJOTzESMBAGA1UECBMJ
+VHJvbmRoZWltMRIwEAYDVQQHEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQx
+FDASBgNVBAMTC2thbG1hcjIub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQCi7bEwud2nKm9FSojyIFGXN1p2ZGpUOKSFxhmeicCujHQr1VYUhyXBDHONwPDt
+K9PdHFZ4lLgLKcAIqUcOoAWr65m/MJJVkX0P7TUTZ6OS4mDAo1NsZexZxTBof9hC
+wnFz9dbqEThqZw2UtyEDnhW6kCb6SBd+2Yjvd+YDZg8lfwIDAQABo4HCMIG/MB0G
+A1UdDgQWBBS2Sw/w4drjYrTiAHeWXyN2W1j1iDCBjwYDVR0jBIGHMIGEgBS2Sw/w
+4drjYrTiAHeWXyN2W1j1iKFhpF8wXTELMAkGA1UEBhMCTk8xEjAQBgNVBAgTCVRy
+b25kaGVpbTESMBAGA1UEBxMJVHJvbmRoZWltMRAwDgYDVQQKEwdVTklORVRUMRQw
+EgYDVQQDEwtrYWxtYXIyLm9yZ4IJALIv7VqXanQYMAwGA1UdEwQFMAMBAf8wDQYJ
+KoZIhvcNAQEFBQADgYEALx5V6xKtPr7urC/QOWiHxUChQO+SJsbnlwIquwaEGgUf
+0WrGidPu04zdv+VpKtR+/KZbIDuSWx0/AkbexiE9ZUzJ2GvdVSxr/uON9CtQIQTp
+5WjZD0KaieaoIMy/w5shc+trjkV550g/MWFFqAjproXwHRrEQoAxWL0smtR1R/I=
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/tests/md_data.py b/tests/md_data.py
new file mode 100644
index 00000000..d5176b5a
--- /dev/null
+++ b/tests/md_data.py
@@ -0,0 +1,1371 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2007 SIOS Technology, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Test data for md"""
+
+__author__ = 'tmatsuo@example.com (Takashi MATSUO)'
+
+TEST_ENDPOINT = """<?xml version="1.0" encoding="utf-8"?>
+<EndpointType xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+TEST_SINGLE_LOGOUT_SERVICE = """<?xml version="1.0" encoding="utf-8"?>
+<SingleLogoutService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+
+TEST_MANAGE_NAMEID_SERVICE = """<?xml version="1.0" encoding="utf-8"?>
+<ManageNameIDService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+
+TEST_SINGLE_SIGN_ON_SERVICE = """<?xml version="1.0" encoding="utf-8"?>
+<SingleSignOnService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+
+TEST_NAME_ID_MAPPING_SERVICE = """<?xml version="1.0" encoding="utf-8"?>
+<NameIDMappingService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+
+TEST_ASSERTION_ID_REQUEST_SERVICE = """<?xml version="1.0" encoding="utf-8"?>
+<AssertionIDRequestService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+
+TEST_INDEXED_ENDPOINT = """<?xml version="1.0" encoding="utf-8"?>
+<IndexedEndpointType xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ index="1"
+ isDefault="false"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+TEST_ARTIFACT_RESOLUTION_SERVICE = """<?xml version="1.0" encoding="utf-8"?>
+<ArtifactResolutionService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ index="1"
+ isDefault="false"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+TEST_ASSERTION_CONSUMER_SERVICE = """<?xml version="1.0" encoding="utf-8"?>
+<AssertionConsumerService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ index="1"
+ isDefault="false"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+"""
+
+TEST_NAME_ID_FORMAT = """<?xml version="1.0" encoding="utf-8"?>
+<NameIDFormat xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+</NameIDFormat>
+"""
+
+TEST_ATTRIBUTE_PROFILE = """<?xml version="1.0" encoding="utf-8"?>
+<AttributeProfile xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic
+</AttributeProfile>
+"""
+
+TEST_ORGANIZATION_NAME = """<?xml version="1.0" encoding="utf-8"?>
+<OrganizationName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="se">
+ Catalogix
+</OrganizationName>
+"""
+
+TEST_ORGANIZATION_DISPLAY_NAME = """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:OrganizationDisplayName xml:lang="se" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata">
+Catalogix
+</ns0:OrganizationDisplayName>
+"""
+
+TEST_ORGANIZATION_URL = """<?xml version="1.0" encoding="utf-8"?>
+<OrganizationURL xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="no">
+ http://www.example.com/
+</OrganizationURL>
+"""
+
+TEST_ORGANIZATION = """<?xml version="1.0" encoding="utf-8"?>
+<Organization xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <OrganizationName
+ xml:lang="se">
+ Catalogix AB
+ </OrganizationName>
+ <OrganizationDisplayName xml:lang="no">
+ Catalogix AS
+ </OrganizationDisplayName>
+ <OrganizationURL
+ xml:lang="en">
+ http://www.example.com/
+ </OrganizationURL>
+</Organization>
+"""
+
+TEST_CONTACT_PERSON = """<?xml version="1.0" encoding="utf-8"?>
+<ContactPerson xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ contactType="technical">
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <Company>SIOS Technology, Inc.</Company>
+ <GivenName>Takashi</GivenName>
+ <SurName>Matsuo</SurName>
+ <EmailAddress>tmatsuo@example.com</EmailAddress>
+ <EmailAddress>tmatsuo@shehas.net</EmailAddress>
+ <TelephoneNumber>00-0000-0000</TelephoneNumber>
+</ContactPerson>
+"""
+
+TEST_ADDITIONAL_METADATA_LOCATION = """<?xml version="1.0" encoding="utf-8"?>
+<AdditionalMetadataLocation xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ namespace="http://www.example.com/namespace">
+ http://www.example.com/AdditionalMetadataLocation
+</AdditionalMetadataLocation>
+"""
+
+TEST_KEY_SIZE = """<?xml version="1.0" encoding="utf-8"?>
+<KeySize xmlns="http://www.w3.org/2001/04/xmlenc#">128</KeySize>
+"""
+
+TEST_OAEP_PARAMS = """<?xml version="1.0" encoding="utf-8"?>
+<OAEPparams xmlns="http://www.w3.org/2001/04/xmlenc#">
+ 9lWu3Q==
+</OAEPparams>
+"""
+
+TEST_ENCRYPTION_METHOD = """<?xml version="1.0" encoding="utf-8"?>
+<EncryptionMethod
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <OAEPparams xmlns="http://www.w3.org/2001/04/xmlenc#">
+ 9lWu3Q==
+ </OAEPparams>
+ <DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+ xmlns="http://www.w3.org/2000/09/xmldsig#"/>
+</EncryptionMethod>
+"""
+
+TEST_KEY_DESCRIPTOR = """<?xml version="1.0" encoding="utf-8"?>
+<KeyDescriptor
+ use="signing"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <EncryptionMethod
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <OAEPparams xmlns="http://www.w3.org/2001/04/xmlenc#">
+ 9lWu3Q==
+ </OAEPparams>
+ <DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+ xmlns="http://www.w3.org/2000/09/xmldsig#"/>
+ </EncryptionMethod>
+</KeyDescriptor>
+"""
+
+
+TEST_ROLE_DESCRIPTOR = """<?xml version="1.0" encoding="utf-8"?>
+<RoleDescriptor
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ ID="ID"
+ validUntil="2008-09-14T01:05:02Z"
+ cacheDuration="10:00:00:00"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
+ errorURL="http://www.example.com/errorURL">
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+</Signature>
+<Extensions>
+ <foo xmlns="http://www.example.com/someNameSpace">bar</foo>
+</Extensions>
+<KeyDescriptor
+ use="signing"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <EncryptionMethod
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <OAEPparams xmlns="http://www.w3.org/2001/04/xmlenc#">
+ 9lWu3Q==
+ </OAEPparams>
+ <DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+ xmlns="http://www.w3.org/2000/09/xmldsig#"/>
+ </EncryptionMethod>
+</KeyDescriptor>
+<Organization>
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <OrganizationName xml:lang="en">
+ SIOS Technology, Inc.
+ </OrganizationName>
+ <OrganizationDisplayName xml:lang="en">
+ SIOS
+ </OrganizationDisplayName>
+ <OrganizationURL xml:lang="ja">
+ http://www.example.com/
+ </OrganizationURL>
+</Organization>
+<ContactPerson contactType="technical">
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <Company>SIOS Technology, Inc.</Company>
+ <GivenName>Takashi</GivenName>
+ <SurName>Matsuo</SurName>
+ <EmailAddress>tmatsuo@example.com</EmailAddress>
+ <EmailAddress>tmatsuo@shehas.net</EmailAddress>
+ <TelephoneNumber>00-0000-0000</TelephoneNumber>
+</ContactPerson>
+</RoleDescriptor>
+"""
+
+
+TEST_SSO_DESCRIPTOR = """<?xml version="1.0" encoding="utf-8"?>
+<SSODescriptorType
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ ID="ID"
+ validUntil="2008-09-14T01:05:02Z"
+ cacheDuration="10:00:00:00"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
+ errorURL="http://www.example.com/errorURL">
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+</Signature>
+<Extensions>
+ <foo xmlns="http://www.example.com/someNameSpace">bar</foo>
+</Extensions>
+<KeyDescriptor
+ use="signing"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <EncryptionMethod
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <OAEPparams xmlns="http://www.w3.org/2001/04/xmlenc#">
+ 9lWu3Q==
+ </OAEPparams>
+ <DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+ xmlns="http://www.w3.org/2000/09/xmldsig#"/>
+ </EncryptionMethod>
+</KeyDescriptor>
+<Organization>
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <OrganizationName xml:lang="en">
+ SIOS Technology, Inc.
+ </OrganizationName>
+ <OrganizationDisplayName xml:lang="en">
+ SIOS
+ </OrganizationDisplayName>
+ <OrganizationURL xml:lang="ja">
+ http://www.example.com/
+ </OrganizationURL>
+</Organization>
+<ContactPerson contactType="technical">
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <Company>SIOS Technology, Inc.</Company>
+ <GivenName>Takashi</GivenName>
+ <SurName>Matsuo</SurName>
+ <EmailAddress>tmatsuo@example.com</EmailAddress>
+ <EmailAddress>tmatsuo@shehas.net</EmailAddress>
+ <TelephoneNumber>00-0000-0000</TelephoneNumber>
+</ContactPerson>
+<ArtifactResolutionService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ index="1"
+ isDefault="false"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<SingleLogoutService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<ManageNameIDService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<NameIDFormat xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+</NameIDFormat>
+</SSODescriptorType>
+"""
+
+
+TEST_IDP_SSO_DESCRIPTOR = """<?xml version="1.0" encoding="utf-8"?>
+<IDPSSODescriptor
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ ID="ID"
+ validUntil="2008-09-14T01:05:02Z"
+ cacheDuration="10:00:00:00"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
+ errorURL="http://www.example.com/errorURL"
+ WantAuthnRequestsSigned="true">
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+</Signature>
+<Extensions>
+ <foo xmlns="http://www.example.com/someNameSpace">bar</foo>
+</Extensions>
+<KeyDescriptor
+ use="signing"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <EncryptionMethod
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <OAEPparams xmlns="http://www.w3.org/2001/04/xmlenc#">
+ 9lWu3Q==
+ </OAEPparams>
+ <DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+ xmlns="http://www.w3.org/2000/09/xmldsig#"/>
+ </EncryptionMethod>
+</KeyDescriptor>
+<Organization>
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <OrganizationName xml:lang="en">
+ SIOS Technology, Inc.
+ </OrganizationName>
+ <OrganizationDisplayName xml:lang="en">
+ SIOS
+ </OrganizationDisplayName>
+ <OrganizationURL xml:lang="ja">
+ http://www.example.com/
+ </OrganizationURL>
+</Organization>
+<ContactPerson contactType="technical">
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <Company>SIOS Technology, Inc.</Company>
+ <GivenName>Takashi</GivenName>
+ <SurName>Matsuo</SurName>
+ <EmailAddress>tmatsuo@example.com</EmailAddress>
+ <EmailAddress>tmatsuo@shehas.net</EmailAddress>
+ <TelephoneNumber>00-0000-0000</TelephoneNumber>
+</ContactPerson>
+<ArtifactResolutionService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ index="1"
+ isDefault="false"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<SingleLogoutService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<ManageNameIDService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<NameIDFormat xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+</NameIDFormat>
+<SingleSignOnService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<NameIDMappingService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<AssertionIDRequestService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<AttributeProfile xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic
+</AttributeProfile>
+<Attribute Name="testAttribute"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrnam-format:unspecified"
+ FriendlyName="test attribute"
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ <AttributeValue >value1 of test attribute</AttributeValue>
+ <AttributeValue >value2 of test attribute</AttributeValue>
+</Attribute>
+</IDPSSODescriptor>
+"""
+
+TEST_REQUESTED_ATTRIBUTE = """<?xml version="1.0" encoding="utf-8"?>
+<RequestedAttribute Name="testAttribute"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrnam-format:unspecified"
+ FriendlyName="test attribute"
+ isRequired="true"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <AttributeValue xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ value1 of test attribute
+ </AttributeValue>
+ <AttributeValue xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ value2 of test attribute
+ </AttributeValue>
+</RequestedAttribute>
+"""
+
+TEST_SERVICE_NAME = """<?xml version="1.0" encoding="utf-8"?>
+<ServiceName xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">
+ Catalogix Whois
+</ServiceName>
+"""
+
+TEST_SERVICE_DESCRIPTION = """<?xml version="1.0" encoding="utf-8"?>
+<ServiceDescription xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xml:lang="en">
+Catalogix Whois Service
+</ServiceDescription>
+"""
+
+TEST_ATTRIBUTE_CONSUMING_SERVICE = """<?xml version="1.0" encoding="utf-8"?>
+<AttributeConsumingService
+ index="1"
+ isDefault="true"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+<ServiceName xml:lang="en">SIOS mail</ServiceName>
+<ServiceDescription xml:lang="en">SIOS mail service</ServiceDescription>
+<RequestedAttribute Name="testAttribute"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrnam-format:unspecified"
+ FriendlyName="test attribute"
+ isRequired="true">
+ <AttributeValue xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ value1 of test attribute
+ </AttributeValue>
+ <AttributeValue xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ value2 of test attribute
+ </AttributeValue>
+</RequestedAttribute>
+</AttributeConsumingService>
+"""
+
+
+TEST_SP_SSO_DESCRIPTOR = """<?xml version="1.0" encoding="utf-8"?>
+<SPSSODescriptor
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ ID="ID"
+ validUntil="2008-09-14T01:05:02Z"
+ cacheDuration="10:00:00:00"
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
+ errorURL="http://www.example.com/errorURL"
+ AuthnRequestsSigned="true"
+ WantAssertionsSigned="true">
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+</Signature>
+<Extensions>
+ <idpdisc:DiscoveryResponse
+ xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+ index="1"
+ Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+ Location="http://geneva.rutgers.edu/Shibboleth.sso/DS"/>
+ <idpdisc:DiscoveryResponse
+ xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+ index="2"
+ Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+ Location="https://geneva.rutgers.edu/Shibboleth.sso/DS"/>
+</Extensions>
+<KeyDescriptor
+ use="signing"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <EncryptionMethod
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
+ <OAEPparams xmlns="http://www.w3.org/2001/04/xmlenc#">
+ 9lWu3Q==
+ </OAEPparams>
+ <DigestMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
+ xmlns="http://www.w3.org/2000/09/xmldsig#"/>
+ </EncryptionMethod>
+</KeyDescriptor>
+<Organization>
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <OrganizationName xml:lang="en">
+ SIOS Technology, Inc.
+ </OrganizationName>
+ <OrganizationDisplayName xml:lang="en">
+ SIOS
+ </OrganizationDisplayName>
+ <OrganizationURL xml:lang="ja">
+ http://www.example.com/
+ </OrganizationURL>
+</Organization>
+<ContactPerson contactType="technical">
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <Company>SIOS Technology, Inc.</Company>
+ <GivenName>Takashi</GivenName>
+ <SurName>Matsuo</SurName>
+ <EmailAddress>tmatsuo@example.com</EmailAddress>
+ <EmailAddress>tmatsuo@shehas.net</EmailAddress>
+ <TelephoneNumber>00-0000-0000</TelephoneNumber>
+</ContactPerson>
+<ArtifactResolutionService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ index="1"
+ isDefault="false"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<SingleLogoutService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<ManageNameIDService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<NameIDFormat xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+ urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress
+</NameIDFormat>
+<AssertionConsumerService xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ index="1"
+ isDefault="false"
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ Location="http://www.example.com/endpoint"
+ ResponseLocation = "http://www.example.com/response"
+/>
+<AttributeConsumingService
+ index="1"
+ isDefault="true"
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
+<ServiceName xml:lang="en">SIOS mail</ServiceName>
+<ServiceDescription xml:lang="en">SIOS mail service</ServiceDescription>
+<RequestedAttribute Name="testAttribute"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrnam-format:unspecified"
+ FriendlyName="test attribute"
+ isRequired="true">
+ <AttributeValue xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ value1 of test attribute
+ </AttributeValue>
+ <AttributeValue xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ value2 of test attribute
+ </AttributeValue>
+</RequestedAttribute>
+</AttributeConsumingService>
+</SPSSODescriptor>
+"""
+
+TEST_ENTITY_DESCRIPTOR = """<?xml version="1.0" encoding="utf-8"?>
+<EntityDescriptor
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ entityID="entityID"
+ ID="ID"
+ validUntil="2008-09-14T01:05:02Z"
+ cacheDuration="10:00:00:00">
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+</Signature>
+<Extensions>
+ <foo xmlns="http://www.example.com/someNameSpace">bar</foo>
+</Extensions>
+<RoleDescriptor/>
+<IDPSSODescriptor/>
+<SPSSODescriptor/>
+<Organization>
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <OrganizationName xml:lang="en">
+ SIOS Technology, Inc.
+ </OrganizationName>
+ <OrganizationDisplayName xml:lang="en">
+ SIOS
+ </OrganizationDisplayName>
+ <OrganizationURL xml:lang="ja">
+ http://www.example.com/
+ </OrganizationURL>
+</Organization>
+<ContactPerson contactType="technical">
+ <Extensions>
+ <hoge xmlns="http://hoge.example.com/">hogehoge</hoge>
+ </Extensions>
+ <Company>SIOS Technology, Inc.</Company>
+ <GivenName>Takashi</GivenName>
+ <SurName>Matsuo</SurName>
+ <EmailAddress>tmatsuo@example.com</EmailAddress>
+ <EmailAddress>tmatsuo@shehas.net</EmailAddress>
+ <TelephoneNumber>00-0000-0000</TelephoneNumber>
+</ContactPerson>
+<AdditionalMetadataLocation xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ namespace="http://www.example.com/namespace">
+ http://www.example.com/AdditionalMetadataLocation
+</AdditionalMetadataLocation>
+</EntityDescriptor>
+"""
+
+TEST_ENTITIES_DESCRIPTOR = """<?xml version="1.0" encoding="utf-8"?>
+<EntitiesDescriptor
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ Name="name"
+ ID="ID"
+ validUntil="2008-09-14T01:05:02Z"
+ cacheDuration="10:00:00:00">
+<Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+</Signature>
+<Extensions>
+ <foo xmlns="http://www.example.com/someNameSpace">bar</foo>
+</Extensions>
+<EntityDescriptor/>
+<EntitiesDescriptor/>
+</EntitiesDescriptor>
+"""
diff --git a/tests/metadata.aaitest.xml b/tests/metadata.aaitest.xml
new file mode 100644
index 00000000..3027a960
--- /dev/null
+++ b/tests/metadata.aaitest.xml
@@ -0,0 +1,5152 @@
+<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" Name="urn:mace:switch.ch:aaitest" validUntil="2009-10-19T13:00:17Z" xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 shibboleth-metadata-1.0.xsd http://www.w3.org/2000/09/xmldsig# xmldsig-core-schema.xsd"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+<ds:SignedInfo>
+<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></ds:CanonicalizationMethod>
+<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
+<ds:Reference URI="">
+<ds:Transforms>
+<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform>
+<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"></ds:Transform>
+</ds:Transforms>
+<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
+<ds:DigestValue>27x/v5MfFhmpBDaaY1EMaDlToPU=</ds:DigestValue>
+</ds:Reference>
+</ds:SignedInfo>
+<ds:SignatureValue>
+FGn6KVbkrjB4zVPZbN/YyCiCMvQ9amocNKR9GDt4jqBPj3OzomlK4/JjWjqh3FRTPLo6kYcbDr53
+UMXsvN6DGhCGAJO4PlhiVViFHyyWfG38nEixvZBhBdjnDaIneNBAkfwY7gIlph7dhlFGI9s3mqrH
+XXth83l3bGO1BtUQ85Wbb6AuC2ul7JH0Em42yGxmxqpVdWe3ila2gACf64+tgJHDDNyfCqNn86o7
+a6WOdmDXaDum52dQ7eDTqG7sEgRbwX0QEjk36twR2TdUOk0WW9/Tfz6cglYhoNxApHVXYNPm17zd
+xdTr3yS+MFuh4HJA75PX8OJrt4sAcwSmi6IDqQ==
+</ds:SignatureValue>
+<ds:KeyInfo>
+<ds:X509Data>
+<ds:X509Certificate>
+MIIEcjCCA1qgAwIBAgIUSWITCHaaiMetadataSigner2008wDQYJKoZIhvcNAQEFBQAwdzELMAkG
+A1UEBhMCQ0gxQDA+BgNVBAoTN1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExl
+aHJlIHVuZCBGb3JzY2h1bmcxJjAkBgNVBAMTHVNXSVRDSGFhaSBNZXRhZGF0YSBTaWduaW5nIENB
+MB4XDTA4MDUxNTA3MDAwMFoXDTExMDUxNTA2NTk1OVowczELMAkGA1UEBhMCQ0gxQDA+BgNVBAoT
+N1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExlaHJlIHVuZCBGb3JzY2h1bmcx
+IjAgBgNVBAMTGVNXSVRDSGFhaSBNZXRhZGF0YSBTaWduZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCyNo1v5gbX4IFqhHYbt6SEGYXl0m18y/UWGyynqxka0xjzU6TWhKZjmAWB4zgg
+CEMJlQidKs6+Gsp7EIzlYaAgZeOg7ytKEODXzsYXOKGUxqRWCRdq9xIhoAljrU+SSd79HISTfD1R
+eRpwNJr3k+zPYHoo6cNNU0FDiL+fd9SMf/K0UnKKESg7TULErMlgC5a03pMbldfgxdo/UiTqdU6G
+ovCcJ1Y/RP5r3y6MZCn8j3oMQMYWYq+XaB1hmhD0fgmT1ScS9dv4V1iRG/LOx4FiVQBVj46VZIPy
+zn6N84S5lD/BhJ0Fb9DisX0GujFEwCpNSAiWIjBtT2bmvWcaFombAgMBAAGjgfkwgfYwDgYDVR0P
+AQH/BAQDAgeAMB0GA1UdDgQWBBSbj9bwGdqAhTLApzFOCH1jVf90FjAfBgNVHSMEGDAWgBRuonU0
+Mn6LNV3YkyKtiLzPNqJGZjBMBgNVHR8ERTBDMEGgP6A9hjtodHRwOi8vY3JsLmFhaS5zd2l0Y2gu
+Y2gvU1dJVENIYWFpTWV0YWRhdGFTaWduaW5nQ0EyMDA4LmNybDBWBggrBgEFBQcBAQRKMEgwRgYI
+KwYBBQUHMAKGOmh0dHA6Ly9jYS5hYWkuc3dpdGNoLmNoL1NXSVRDSGFhaU1ldGFkYXRhU2lnbmlu
+Z0NBMjAwOC5jcnQwDQYJKoZIhvcNAQEFBQADggEBAFKYSnR58bnypulYOuyAOeDXkNsUzK9gFhdu
+TwEcba7Rw58zlp+VDZkrXBc34B7ZxnztNOtrKb8ZJT7jH7Gjo30BEaZKbQanb8gwqH0z/Eq0TTSB
+kLhtnePT3nXy/edQV6wRknZeYW0hHzo6ROsHWY4hvKZnZugo2dVe0eXY/nAAbMpILaQoz9PCGQl6
+KJSDyIFcg4Z2eUY2mdWA953g2kYiOsI5E5uPzlMRmicgsJGBFRW/OmxS8tyEDHSJJrR/FKYCXpcL
+sB4+JR/DQGhulpOMQ0q5sp3u729ovrXm3HPwY2dhllLalyVytKAXS+8fpk79tDODFYB75Esac21z
+as0=
+</ds:X509Certificate>
+<ds:X509Certificate>
+MIIEXTCCA0WgAwIBAgIUSWITCHaaiMetadataSigningCA0wDQYJKoZIhvcNAQEFBQAwazELMAkG
+A1UEBhMCQ0gxQDA+BgNVBAoTN1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExl
+aHJlIHVuZCBGb3JzY2h1bmcxGjAYBgNVBAMTEVNXSVRDSGFhaSBSb290IENBMB4XDTA4MDUxNTA2
+NDUwMFoXDTEzMDUxNTA2NDQ1OVowdzELMAkGA1UEBhMCQ0gxQDA+BgNVBAoTN1N3aXRjaCAtIFRl
+bGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExlaHJlIHVuZCBGb3JzY2h1bmcxJjAkBgNVBAMTHVNX
+SVRDSGFhaSBNZXRhZGF0YSBTaWduaW5nIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAj32IyyuTVwf40ROYLJbepQ2AuN8+oNb3xwwi8eBmBW/y312DxwIIBBUTftCJVFOEnzAI2bUC
+RXSvhNB6tnbB00sa3KdIEPQc9QpSm9W/ahbCUL4TocpEORdOz58stQK/JY5ARCJ932iEX5x+X4pj
+uiwGt7QBxgc4psKp6uiHMzqXUDAV7dDd/nRqYetJ/o3D5ESlVy5fboWc96ycYS5Lp4uRjlKnv/f4
+HzD3hrazFEkVYULFNTc2TJu+m9AnrvC2RGiPfX5eCsxM41pE3Q5ldjaIooV4SqhDTzP0HaAY6l1V
+JmkRnlrrBZ2GaMq5fopzuf+8CqApP0MSMjbPGW/w4wIDAQABo4HsMIHpMA8GA1UdEwEB/wQFMAMB
+Af8wDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFOma4gZY6w/XgQNdXJe5sbWTfTuEMB0GA1Ud
+DgQWBBRuonU0Mn6LNV3YkyKtiLzPNqJGZjA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3JsLmFh
+aS5zd2l0Y2guY2gvU1dJVENIYWFpUm9vdENBLmNybDBHBggrBgEFBQcBAQQ7MDkwNwYIKwYBBQUH
+MAKGK2h0dHA6Ly9jYS5hYWkuc3dpdGNoLmNoL1NXSVRDSGFhaVJvb3RDQS5jcnQwDQYJKoZIhvcN
+AQEFBQADggEBALqSnNvG0MgL3iSrm/8VyEVIbBf+6TDdUtt5yYhTEYC39CJVq1u7rvguWZgwI0yM
+AdOALem6mBSJN/aTCGf6Hzj1jXAsWtERuM8n0NRslFX0ME3DgM4rszOuenCtzIICpsSsj7MZ27Ld
+wxWgcOOTi6qU15w8+0w+bu7hBDiK8pGtUnmsos3nQamqRcI84KKdzXo8C8GTcETzWn/vQzxcHlSC
+oS7FUYViv6s4K5kb5Sgm9JSB1TVYuwhdB1MnjuGbawPUnbN++vo2mshrAdvlhCY+bc9+np19kOVc
+JLBqxe7bME21U1RZZScFQ8FIKIEQPtPXt8nWYKyc0gdQJq2mBhs=
+</ds:X509Certificate>
+<ds:X509Certificate>
+MIIDnzCCAoegAwIBAgINSWITCHaai+Root+CAzANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQGEwJD
+SDFAMD4GA1UEChM3U3dpdGNoIC0gVGVsZWluZm9ybWF0aWtkaWVuc3RlIGZ1ZXIgTGVocmUgdW5k
+IEZvcnNjaHVuZzEaMBgGA1UEAxMRU1dJVENIYWFpIFJvb3QgQ0EwHhcNMDgwNTE1MDYzMDAwWhcN
+MjgwNTE1MDYyOTU5WjBrMQswCQYDVQQGEwJDSDFAMD4GA1UEChM3U3dpdGNoIC0gVGVsZWluZm9y
+bWF0aWtkaWVuc3RlIGZ1ZXIgTGVocmUgdW5kIEZvcnNjaHVuZzEaMBgGA1UEAxMRU1dJVENIYWFp
+IFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUSWbn/rhWew/sLJRyciyR
+KDGyFXSgiDO/EohYuZLw6EAKLLlhZorNtEHQbbn0Oo13S33MclHMvGWTKJM0u1hG+6gLy78EPmJb
+qAE1Uv23wVEH4SX0VJfl3JVqIebiAH/CjuLubgMUspDIjOdQHNLS7pthTbm7Tgh7zMsiLPyMTZJe
+p5CGbqv8NoK6bMaF0Z+Bt7e1JRlhHFCViJJaR/+hfpzLsJ8NWVivvrpRGaGJ1XR+9FGsTkjNdMCi
+rNJJZ6XvUOe5w7pHSd9McppFP0eyLs02AMzMXI4iz6PK/w3EdzXGXpK+gSgvLxWYct4xHpv1e2NX
+hNgdJOSN9ra/wJLVAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMB0G
+A1UdDgQWBBTpmuIGWOsP14EDXVyXubG1k307hDANBgkqhkiG9w0BAQUFAAOCAQEAMV/eIW6pFB+m
+bk7rD7hUPTWDRaoca3kHqmFGFnHfuY8+c0/Mqjh8Y/jyX1ybf58crTSWrbyGbUZ3oxDGQ34tuZSk
+meR32NqryiX3sP5qlNSozVguQKt8o4vhS1QeWPsXALs3em2pdKuIGSOpbuDnopPcmU2g5Zi2R5P7
+qpKDKAKtNUEwV+LW7GBMEksONj7BFXk4AFBFBijaYJGgHmoKSImVgeNIvsV+BSv5HJ4q6vcxfnwu
+vvGHM0AGphYO6f5qtHMUgvAblI8M/2QsBgethaGrirtKJ3aCRLdaR2R1QfaGRpck/Ron5/MpMxiJ
+wLT8YlW/zjx2yNABhPSAjfzeMw==
+</ds:X509Certificate>
+<ds:X509CRL>
+MIIB5TCBzgIBATANBgkqhkiG9w0BAQUFADBrMQswCQYDVQQGEwJDSDFAMD4GA1UEChM3U3dpdGNo
+IC0gVGVsZWluZm9ybWF0aWtkaWVuc3RlIGZ1ZXIgTGVocmUgdW5kIEZvcnNjaHVuZzEaMBgGA1UE
+AxMRU1dJVENIYWFpIFJvb3QgQ0EXDTA5MDUxNTA2NDAzMVoXDTEwMTExNDA2NDAzMVqgLzAtMB8G
+A1UdIwQYMBaAFOma4gZY6w/XgQNdXJe5sbWTfTuEMAoGA1UdFAQDAgECMA0GCSqGSIb3DQEBBQUA
+A4IBAQB0AqWJOoSTcv/8VujGlZcNalW+VUbhOzxdxRLQ8pkFyzNvoxdjQuFBI5ya1QgXHtFl6brl
+1uwhhVXHwIhJ+q0Pp5xL1QHSB6qjS3VFb0SnSBxqqa4+iq4VKk6f6lhiaZJqbZnAq4yCCgnGUb/n
+AlVblmmJ9GmHIfMG33DOeuby3dCKZ4rdB/mG9eHJ7O3XCMF8RzDBllFafn8NhzJGC2wmxp63Qzkj
+ffNdHZVXaXj5lq8ZoAhuZpoPq/B0+mUjIVVQbaUeN0k24nunfTEoRCNi5LGLqJp/v8VISS2FINWy
+OXkmKQ8jxSsKlKShXo/yTcA1rzWdFPsSlqKeni4RnbT2
+</ds:X509CRL>
+<ds:X509CRL>
+MIIB8jCB2wIBATANBgkqhkiG9w0BAQUFADB3MQswCQYDVQQGEwJDSDFAMD4GA1UEChM3U3dpdGNo
+IC0gVGVsZWluZm9ybWF0aWtkaWVuc3RlIGZ1ZXIgTGVocmUgdW5kIEZvcnNjaHVuZzEmMCQGA1UE
+AxMdU1dJVENIYWFpIE1ldGFkYXRhIFNpZ25pbmcgQ0EXDTA5MTAxNDA1MzcwNVoXDTA5MTAxOTA1
+MzcwNVqgMDAuMB8GA1UdIwQYMBaAFG6idTQyfos1XdiTIq2IvM82okZmMAsGA1UdFAQEAgIB1jAN
+BgkqhkiG9w0BAQUFAAOCAQEAP0APNwoFlX/nZtEc/TyVfS1jngWTqrSNwVKAZzXy4AjRhB07eXzB
+w3nSw8q8wRCeNc4a/h2S82X9CZMc/PxviwF05ldEE+ui+YkIqJBqmuVpuFF+e0SnDF+c6LXGfjc2
+VmaJw6AGuAPL1ReYEB9SIAMeyHMnuZjPmg6QXNdgYxWMNx420oJNkJcfDgpsPxpZ7g4TRouYApHW
+y7Qp5sfJo8ZmXQzMXHVpNLX2hasWCT/4VPOnmNYH8INPNzwGpsw7wAs5R2pk9T9Ze5DW0scwzPGU
+C31cBWzsBCcEvRZJe/IplAgTl04piZ22hJhHSzeF+dxz0QFJWVO2ipwePmhH3w==
+</ds:X509CRL>
+</ds:X509Data>
+</ds:KeyInfo></ds:Signature>
+
+ <Extensions>
+ <!--
+ Release information
+ -->
+ <switchmd:PublishingInformation xmlns:switchmd="http://www.switch.ch/aai/metadata/extensions">
+ <switchmd:Federation>urn:mace:switch.ch:aaitest</switchmd:Federation>
+ <switchmd:Description>The metadata contains all accepted root CA certificates for the federation and the descriptions of all accepted Identity Providers and Service Providers</switchmd:Description>
+ <switchmd:Author>SWITCH Resource Registry</switchmd:Author>
+ <switchmd:CreationDate type="xs:dateTime">2009-10-14T13:00:17Z</switchmd:CreationDate>
+ <switchmd:Note>
+ This metadata is for test purposes only!
+ It contains the AAI Test certificate,
+ which is unsafe to use in a production environment.
+ SWITCH won't take responsibility for the data included
+ in this file.
+ ##########################################################
+ # DO NOT USE THIS META DATA IN A PRODUCTION ENVIRONMENT! #
+ ##########################################################
+</switchmd:Note>
+ </switchmd:PublishingInformation>
+
+ <!--
+ Accepted root CA certificates
+ -->
+ <shibmd:KeyAuthority xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" VerifyDepth="5">
+ <!-- SwissSign CA and chain -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <!-- SwissSign Root CA -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDtTCCAp2gAwIBAgIIBhDCeat3PfIwDQYJKoZIhvcNAQEFBQAwdjELMAkGA1UE
+BhMCQ0gxEjAQBgNVBAoTCVN3aXNzU2lnbjEyMDAGA1UEAxMpU3dpc3NTaWduIENB
+IChSU0EgSUsgTWF5IDYgMTk5OSAxODowMDo1OCkxHzAdBgkqhkiG9w0BCQEWEGNh
+QFN3aXNzU2lnbi5jb20wHhcNMDAxMTI2MjMyNzQxWhcNMzExMTI2MjMyNzQxWjB2
+MQswCQYDVQQGEwJDSDESMBAGA1UEChMJU3dpc3NTaWduMTIwMAYDVQQDEylTd2lz
+c1NpZ24gQ0EgKFJTQSBJSyBNYXkgNiAxOTk5IDE4OjAwOjU4KTEfMB0GCSqGSIb3
+DQEJARYQY2FAU3dpc3NTaWduLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBAKw5fjnmNneLQlUCQG8jQLwwfbrOZoUwNX8cbNqhxK03/xUloFVgAt+S
+Te2RxNXaCAXLBPn5ZST35TLV57aLmbHCtifv3YZqaaQGvjedltIBMJihJhZ+h3LY
+SKsUb+xEJ3x5ZUf8jP+Q1g57y1s8SnBFWN/ni5NkF1Y1y31VwOi9wiOf/VISL+uu
+SC4i1CP1Kbz3BDs6Hht1GpRYCbJ/K0bc9oJSpWpT5PGONsGIawqMbJuyoDghsXQ1
+pbn2e8K64BSscGZVZTNooSGgNiHmACNJBYXiWVWrwXPF4l6SddmC3Rj0aKXjgECc
+FkHLDQcsM5JsK2ZLryTDUsQFbxVP2ikCAwEAAaNHMEUwCwYDVR0PBAQDAgEGMAwG
+A1UdEwQFMAMBAf8wHQYDVR0OBBYEFJbXcc05KtT8iLGKq1N4ae+PR34WMAkGA1Ud
+IwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAKMy6W8HvZdS1fBpEUzl6Lvw50bgE1Xc
+HU1JypSBG9mhdcXZo5AlPB4sCvx9Dmfwhyrdsshc0TP2V3Vh6eQqnEF5qB4lVziT
+Bko9mW6Ot+pPnwsy4SHpx3rw6jCYnOqfUcZjWqqqRrq/3P1waz+Mn4cLMVEg3Xaz
+qYov/khvSqS0JniwjRlo2H6f/1oVUKZvP+dUhpQepfZrOqMAWZW4otp6FolyQyeU
+NN6UCRNiUKl5vTijbKwUUwfER/1Vci3M1/O1QCfttQ4vRN4Buc0xqYtGL3cd5WiO
+vWzyhlTzAI6VUdNkQhhHJSAyTpj6dmXDRzrryoFGa2PjgESxz7XBaSI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- SwissSign Bronze CA -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDvzCCAqegAwIBAgIIFss9aNe390IwDQYJKoZIhvcNAQEFBQAwdjELMAkGA1UE
+BhMCQ0gxEjAQBgNVBAoTCVN3aXNzU2lnbjEyMDAGA1UEAxMpU3dpc3NTaWduIENB
+IChSU0EgSUsgTWF5IDYgMTk5OSAxODowMDo1OCkxHzAdBgkqhkiG9w0BCQEWEGNh
+QFN3aXNzU2lnbi5jb20wHhcNMDQwMTI4MTUwODM1WhcNMzExMTI2MjMyNzQxWjBk
+MRwwGgYDVQQDExNTd2lzc1NpZ24gQnJvbnplIENBMSMwIQYJKoZIhvcNAQkBFhRi
+cm9uemVAc3dpc3NzaWduLmNvbTESMBAGA1UEChMJU3dpc3NTaWduMQswCQYDVQQG
+EwJDSDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANr1A8bTAN+TVMmH
+7VoZPO9zW3T7E4cQpr2hOfgc4wD1XJcs8zbSSCddIDkzt8uRSwleBxXl9K1ssBCX
+5A8eA3SvSkAIhPQcXSZ9qiBKhecX0L6sCA69RYIEIohsR/LoLXbyx3SNBa8XTrre
+Fc2AvsivtSermSmVEIwgXdDbwhe46TzQs4bMWE6Lk4TucZqCqPcHzD5sldYDKUQs
+jyFHmiAKDGW/h0KIxUabdcAgFNsF/bfX0Eyy0ZpdnIo2Y+rGBb46ajsQy/ZajTOC
+szehUViyPgVeWBrbHLhJBASnW0bHYHeJAGOAJoeqCL9g26YvtXfykQqEE4yEIV8k
+Hs2iRJUCAwEAAaNjMGEwDgYDVR0PAQH/BAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8w
+HQYDVR0OBBYEFOLejorj/3FBx1M8k9qNbrHSQUhKMB8GA1UdIwQYMBaAFJbXcc05
+KtT8iLGKq1N4ae+PR34WMA0GCSqGSIb3DQEBBQUAA4IBAQBKKRAOlf8eABdmB9vJ
+tBQNcGEcvRxfZkEdeGWiHkIDTUbkzNHT3HR9YGmqSmtK949l+7Kc5v+ksq6Pu87v
+yrIzYQOLuJodfzcNhInEaESS+fbKtpcRMTrvFhfwn+LntyNUSQr+5yRVY2Zwh8IN
+JH505q6ROvQLf1/obdXVMrsOXohNod62ZCKFxWOH3L7w0P8xbsGqx9iFmmKBu8xO
+p7N2tCw4OOfRWTil9UgYToC2LMmAwETK9j5xXvlXBSyyI/PxT45gUPzAdJnqI++k
+VU5MRJ6HQ2YkC62BJ55kwYr9VSMH+VmVVbhP85hRGFCdOSBRdgErK9Ur6gYMRCPM
+d+dR
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- SwissSign Silver CA -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDrjCCApagAwIBAgIJAOzGWItKFXXyMA0GCSqGSIb3DQEBBQUAMGQxHDAaBgNV
+BAMTE1N3aXNzU2lnbiBCcm9uemUgQ0ExIzAhBgkqhkiG9w0BCQEWFGJyb256ZUBz
+d2lzc3NpZ24uY29tMRIwEAYDVQQKEwlTd2lzc1NpZ24xCzAJBgNVBAYTAkNIMB4X
+DTA0MDEyODE5MjAyMFoXDTMxMTEyNjIzMjc0MVowZDEcMBoGA1UEAxMTU3dpc3NT
+aWduIFNpbHZlciBDQTEjMCEGCSqGSIb3DQEJARYUc2lsdmVyQHN3aXNzc2lnbi5j
+b20xEjAQBgNVBAoTCVN3aXNzU2lnbjELMAkGA1UEBhMCQ0gwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDw+uCB7JzDd8bHQwEnybM/lfZ0jo3LMzecTPps
+O2Zvi/kM+rasENmxIVCi51R0RFG1i94Ck/P54i6dAeJBBe7VH/eZ3DukXj/3QoAJ
+PO/MQ9YWL8C07kBBwJ85inW8RTpwCKBodZhHfUFyo9vXm6Kz+ymwY7SJuWLAV1mx
+AqHeH169N8YTsHMp4KGWh+qyXr97vhbIcX8mHT88FR1eiZB5IL98IbYZKCr3owKu
+M0hPj8pXOnL8JKtJPI94iVGOITUFMAnmHrOSH+Ci+W1y0NzLUcdLWdL87MpPC246
+ZXBx4/ysKC2b1s6ulLlBIHY+DlPCbl19I5SGFUo2Pzvf71TZAgMBAAGjYzBhMA4G
+A1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTNoawjv9A7
+IIpUgc3720Em40pwWjAfBgNVHSMEGDAWgBTi3o6K4/9xQcdTPJPajW6x0kFISjAN
+BgkqhkiG9w0BAQUFAAOCAQEAGMVal6W3zEbEIm00CeSJSoP/KVDLKLAt3k06TL00
+FeNA01ktIx3Tl7gm+vDLfnEXeGrSZb9+9iLkYNXs+xa7XGi1X0X4IkaCv4+E0rLt
+/eeYD060Eu3u+5g2t9eZ6w0gIsCUbbTSn3vl5Ml79FDYdBTw7ijSAiXcX13vl+Wt
+sg9jfzG0+jMNGj+9bsVo8hRA5esoNa8RHWI8Tkx/WWGoYCdigl99F2P+jJa52YsN
+XE13p8QA5Ndxgjl60mmA9I+Ajy5xYlG6byBuu6RW96eUgJdD0LGJpgJ5gdwyGxwB
+iZAZz3D1RUuDp+Zo7NIBeJgD9j8EIr7xi+D+hLG6YMYlhA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- SWITCH CA -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIID0jCCArqgAwIBAgIJAMnfZkUiiBS2MA0GCSqGSIb3DQEBBQUAMGQxHDAaBgNV
+BAMTE1N3aXNzU2lnbiBTaWx2ZXIgQ0ExIzAhBgkqhkiG9w0BCQEWFHNpbHZlckBz
+d2lzc3NpZ24uY29tMRIwEAYDVQQKEwlTd2lzc1NpZ24xCzAJBgNVBAYTAkNIMB4X
+DTA0MDIwNjExNDAzOVoXDTMxMTEyNjIzMjc0MVowgYcxEjAQBgNVBAMTCVNXSVRD
+SCBDQTEiMCAGCSqGSIb3DQEJARYTc3dpdGNoLmNhQHN3aXRjaC5jaDFAMD4GA1UE
+ChM3U3dpdGNoIC0gVGVsZWluZm9ybWF0aWtkaWVuc3RlIGZ1ZXIgTGVocmUgdW5k
+IEZvcnNjaHVuZzELMAkGA1UEBhMCQ0gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDyOe1v3Cs8/lqTUQW3kShBIWEg76i4deENNgc4aSk29MJGLc5Nd7YF
+ukAUtutWDkR5wlR7W0sz9z2NdtsGa7Rxw1C2dC0djWwX7xbh/2e4T5zE5ZOMX/wU
+Bbd5aWTZID3cF61sJRqXVDd4HMgtuGL9CzjrJqahk+WBeojUe6AzIkkxOL6rXX/A
+dy1kHbBNqE+Fm90jKpHf7Kk5V8eNkswpXQVB8NaCtsgOdtYbrLLAJjgxQjh9/0DW
++tSMBdXm8MvcxALo6GYzFVephWgJqdXhVCmsN3YBII3zk6Ps5r0CnL1G2q0NuVJe
+pIHI9G43f31q9ki+aGY2xo5+d/dSx50jAgMBAAGjYzBhMA4GA1UdDwEB/wQEAwIB
+BjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQlyQf1FCzQKQXvlfVCQ9XqkI1z
+czAfBgNVHSMEGDAWgBTNoawjv9A7IIpUgc3720Em40pwWjANBgkqhkiG9w0BAQUF
+AAOCAQEAEZALrclenN+L92lBagP3xi6E8Qma1k4XwI4iBr7wNOU07a2kx0nX6N7s
+zY+0dbte/XS6OflCmuJUZEPvyuJktWeOeIOrofNGDmByMatOHCwpccnAurTWcGYH
+LSRW2aMwBiR7idAmUaxq2BQwhhVLD48me1HpNk5Phg+kq2SAreC7ZIJ1JrCoPczD
+vL49ixKiriWEeBYSVGCXuK90MTX+QIOxr5BPMbnjDJNin33VuEyfeZKhZOsgAC7J
+o9jb9MUKKN9/E3ds63E/fbrWoGk+Sc4TP7o5FIbvRE3xcgY5C3S3vqGd8U/mEr8z
+c78euM2bQm5yvlG0D6MgYG22I1WNDw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- SWITCH Server CA -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIID2DCCAsCgAwIBAgIJAOVNPfgf6KrUMA0GCSqGSIb3DQEBBQUAMIGHMRIwEAYD
+VQQDEwlTV0lUQ0ggQ0ExIjAgBgkqhkiG9w0BCQEWE3N3aXRjaC5jYUBzd2l0Y2gu
+Y2gxQDA+BgNVBAoTN1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVy
+IExlaHJlIHVuZCBGb3JzY2h1bmcxCzAJBgNVBAYTAkNIMB4XDTA3MDIwMjEzMjMw
+NVoXDTEyMDIwMzEzMjMwNVowajELMAkGA1UEBhMCQ0gxQDA+BgNVBAoTN1N3aXRj
+aCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExlaHJlIHVuZCBGb3JzY2h1
+bmcxGTAXBgNVBAMTEFNXSVRDSCBTZXJ2ZXIgQ0EwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDVR7zI2W4Hj9U+GrU057Ux+E462wMa8kqhL0UxcMrCE1xc
+9xqiNmE+ExsqyK8YPFlNXbwQ7rbSX0wWXImeWWB1wIXpJ4SF+NXk0KcRmu+lVtiz
+abHDU92FrOB4jwfRDGcitJfc/KSnwqEQROU9qJ2+Rlc7k3ajAT7Yb+je8DODcI3t
+Vx30rVzUj5F6IP8Fglz/+N8u+Hr1SnYHTTJeDeoaLNIa8rCRmxR7uU7SJryvRhPP
+/a2wbBCm5KDRwLCvD6bDHOVtKQ85Z9pSBq0KrYtfsvLrqcsprIncMDdDQybd8KiB
+ilbObVIYuUbvKY3DxCC9S2fwW5s0uTqZPJPqiRQpAgMBAAGjYzBhMA4GA1UdDwEB
+/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQa/ctTlbCB3To4hJ9j
+6HwKQuDm/jAfBgNVHSMEGDAWgBQlyQf1FCzQKQXvlfVCQ9XqkI1zczANBgkqhkiG
+9w0BAQUFAAOCAQEAsdR9hrlGTLQEjkuhf+L6xapZg8K2MqAtjJ1HJLYw+SlfIBxn
+LFSgfo2TbiA3wtNigt00/vaBeEIxemb7duB49EpFEjN0mDmty7OqiMSlVIp+nVxN
+i0fYcyGwfe935yErzT0ua+bCZJg6MAn5eQn5jyi39F62xBFZ4BZTT9+ZtbCH5zVa
+ML7JFKGY28RE261wzbK+6FuFHmq7mYW3EBxZfcNggfTwPjsGjn6gAfXEJLEtHlF6
+9NbgwOW7YCTmojBTE0x3aicjr9OI/T9zudFUtlHsmKfrVR21gJlAtnPOvZ604p3C
+cp2zrLOfdAYJB+3ClI+PbINsfBr6y2DdkMtQqQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- TC Trustcenter Class 2 CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDXDCCAsWgAwIBAgICA+owDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYTAkRF
+MRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFU
+QyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJI
+MSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAyIENBMSkwJwYJKoZIhvcN
+AQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAeFw05ODAzMDkxMTU5NTla
+Fw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJERTEQMA4GA1UECBMHSGFtYnVy
+ZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMxVEMgVHJ1c3RDZW50ZXIgZm9y
+IFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1
+c3RDZW50ZXIgQ2xhc3MgMiBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVA
+dHJ1c3RjZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANo46O0y
+AClxgwENv4wB3NrGrTmkqYov1YtcaF9QxmL1Zr3KkSLsqh1R1z2zUbKDTl3LSbDw
+TFXlay3HhQswHJJOgtTKAu33b77c4OMUuAVT8pr0VotanoWT0bSCVq5Nu6hLVxa8
+/vhYnvgpjbB7zXjJT6yLZwzxnPv8V5tXXE8NAgMBAAGjazBpMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3
+LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G
+CSqGSIb3DQEBBAUAA4GBAIRS+yjf/x91AbwBvgRWl2p0QiQxg/lGsQaKic+WLDO/
+jLVfenKhhQbOhvgFjuj5Jcrag4wGrOs2bYWRNAQ29ELw+HkuCkhcq8xRT3h2oNms
+Gb0q0WkEKJHKNhAngFdb0lz1wlurZIFjdFH0l7/NEij3TWZ/p/AcASZ4smZHcFFk
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- TC Trustcenter Class 3 CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDXDCCAsWgAwIBAgICA+swDQYJKoZIhvcNAQEEBQAwgbwxCzAJBgNVBAYTAkRF
+MRAwDgYDVQQIEwdIYW1idXJnMRAwDgYDVQQHEwdIYW1idXJnMTowOAYDVQQKEzFU
+QyBUcnVzdENlbnRlciBmb3IgU2VjdXJpdHkgaW4gRGF0YSBOZXR3b3JrcyBHbWJI
+MSIwIAYDVQQLExlUQyBUcnVzdENlbnRlciBDbGFzcyAzIENBMSkwJwYJKoZIhvcN
+AQkBFhpjZXJ0aWZpY2F0ZUB0cnVzdGNlbnRlci5kZTAeFw05ODAzMDkxMTU5NTla
+Fw0xMTAxMDExMTU5NTlaMIG8MQswCQYDVQQGEwJERTEQMA4GA1UECBMHSGFtYnVy
+ZzEQMA4GA1UEBxMHSGFtYnVyZzE6MDgGA1UEChMxVEMgVHJ1c3RDZW50ZXIgZm9y
+IFNlY3VyaXR5IGluIERhdGEgTmV0d29ya3MgR21iSDEiMCAGA1UECxMZVEMgVHJ1
+c3RDZW50ZXIgQ2xhc3MgMyBDQTEpMCcGCSqGSIb3DQEJARYaY2VydGlmaWNhdGVA
+dHJ1c3RjZW50ZXIuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALa0wTUF
+Lg2N7KBAahwOJ6ZQkmtQGwfeLud2zODa/ISoXoxjaitN2U4CdhHBC/KNecoAtvGw
+Dtf7pBc9r6tpepYnv68zoZoqWarEtTcI8hKlMbZD9TKWcSgoq40oht+77uMMfTDW
+w1Krj10nnGvAo+cFa1dJRLNu6mTP0o56UHd3AgMBAAGjazBpMA8GA1UdEwEB/wQF
+MAMBAf8wDgYDVR0PAQH/BAQDAgGGMDMGCWCGSAGG+EIBCAQmFiRodHRwOi8vd3d3
+LnRydXN0Y2VudGVyLmRlL2d1aWRlbGluZXMwEQYJYIZIAYb4QgEBBAQDAgAHMA0G
+CSqGSIb3DQEBBAUAA4GBABY9xs3Bu4VxhUafPiCPUSiZ7C1FIWMjWwS7TJC4iJIE
+Tb19AaM/9uzO8d7+feXhPrvGq14L3T2WxMup1Pkm5gZOngylerpuw3yCGdHHsbHD
+2w2Om0B8NwvxXej9H5CIpQ5ON2QhqE6NtJ/x3kit1VYYUimLRzQSCdS7kjXvD9s0
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- Thawte Server CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDEzCCAnygAwIBAgIBATANBgkqhkiG9w0BAQQFADCBxDELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEm
+MCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wHhcNOTYwODAx
+MDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCBxDELMAkGA1UEBhMCWkExFTATBgNVBAgT
+DFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3
+dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNl
+cyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhhd3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3
+DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQAD
+gY0AMIGJAoGBANOkUG7I/1Zr5s9dtuoMaHVHoqrC2oQl/Kj0R1HahbUgdJSGHg91
+yekIYfUGbTBuFRkC6VLAYttNmZ7iagxEOM3+vuNkCXDF/rFrKbYvScg71CcEJRCX
+L+eQbcAoQpnXTEPew/UhbVSfXcNY4cDk2VuwuNy0e982OsK1ZiIS1ocNAgMBAAGj
+EzARMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQEEBQADgYEAB/pMaVz7lcxG
+7oWDTSEwjsrZqG9JGubaUeNgcGyEYRGhGshIPllDfU+VPaGLtwtimHp1it2ITk6e
+QNuozDJ0uW8NxuOzRAvZim+aKZuZGCg70eNAKJpaPNW15yAbi8qkq43pUdniTCxZ
+qdq5snUb9kLy78fyGPmJvKP/iiMucEc=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- Thawte Premium Server CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJzCCApCgAwIBAgIBATANBgkqhkiG9w0BAQQFADCBzjELMAkGA1UEBhMCWkEx
+FTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYD
+VQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlv
+biBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2Vy
+dmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29t
+MB4XDTk2MDgwMTAwMDAwMFoXDTIwMTIzMTIzNTk1OVowgc4xCzAJBgNVBAYTAlpB
+MRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEdMBsG
+A1UEChMUVGhhd3RlIENvbnN1bHRpbmcgY2MxKDAmBgNVBAsTH0NlcnRpZmljYXRp
+b24gU2VydmljZXMgRGl2aXNpb24xITAfBgNVBAMTGFRoYXd0ZSBQcmVtaXVtIFNl
+cnZlciBDQTEoMCYGCSqGSIb3DQEJARYZcHJlbWl1bS1zZXJ2ZXJAdGhhd3RlLmNv
+bTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0jY2aovXwlue2oFBYo847kkE
+VdbQ7xwblRZH7xhINTpS9CtqBo87L+pW46+GjZ4X9560ZXUCTe/LCaIhUdib0GfQ
+ug2SBhRz1JPLlyoAnFxODLz6FVL88kRu2hFKbgifLy3j+ao6hnO2RlNYyIkFvYMR
+uHM/qgeN9EJN50CdHDcCAwEAAaMTMBEwDwYDVR0TAQH/BAUwAwEB/zANBgkqhkiG
+9w0BAQQFAAOBgQAmSCwWwlj66BZ0DKqqX1Q/8tfJeGBeXm43YyJ3Nn6yF8Q0ufUI
+hfzJATj/Tb7yFkJD57taRvvBxhEf8UqwKEbJw8RCfbz6q1lu1bdRiBHjpIUZa4JM
+pAwSremkrj/xw0llmozFyD4lt5SZu5IycQfwhl7tUCemDaYj+bvLpgcUQg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- Verisign Class 3 CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <!-- Versign Class 3 Public Primary CA -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIICPDCCAaUCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQECBQAwXzELMAkG
+A1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFz
+cyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk2
+MDEyOTAwMDAwMFoXDTI4MDgwMTIzNTk1OVowXzELMAkGA1UEBhMCVVMxFzAVBgNV
+BAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAzIFB1YmxpYyBQcmlt
+YXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGfMA0GCSqGSIb3DQEBAQUAA4GN
+ADCBiQKBgQDJXFme8huKARS0EN8EQNvjV69qRUCPhAwL0TPZ2RHP7gJYHyX3KqhE
+BarsAx94f56TuZoAqiN91qyFomNFx3InzPRMxnVx0jnvT0Lwdd8KkMaOIG+YD/is
+I19wKTakyYbnsZogy1Olhec9vn2a/iRFM9x2Fe0PonFkTGUugWhFpwIDAQABMA0G
+CSqGSIb3DQEBAgUAA4GBALtMEivPLCYATxQT3ab7/AoRhIzzKBxnki98tsX63/Do
+lbwdj2wsqFHMc9ikwFPwTtYmwHYBV4GSXiHx0bH/59AhWM1pF+NEHJwZRDmJXNyc
+AA9WjQKZ7aKQRUzkuxCkPfAyAw7xzvjoyVGM5mKf5p/AfbdynMk2OmufTqj/ZA1k
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- VeriSign International Server CA - Class 3 (new) -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEnDCCBAWgAwIBAgIQdTN9mrDhIzuuLX3kRpFi1DANBgkqhkiG9w0BAQUFADBf
+MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT
+LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
+HhcNMDUwMTE5MDAwMDAwWhcNMTUwMTE4MjM1OTU5WjCBsDELMAkGA1UEBhMCVVMx
+FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz
+dCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2UgYXQgaHR0cHM6Ly93d3cu
+dmVyaXNpZ24uY29tL3JwYSAoYykwNTEqMCgGA1UEAxMhVmVyaVNpZ24gQ2xhc3Mg
+MyBTZWN1cmUgU2VydmVyIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAlcMhEo5AxQ0BX3ZeZpTZcyxYGSK4yfx6OZAqd3J8HT732FXjr0LLhzAC3Fus
+cOa4RLQrNeuT0hcFfstG1lxToDJRnXRkWPkMmgDqXkRJZHL0zRDihQr5NO6ziGap
+paRa0A6Yf1gNK1K7hql+LvqySHyN2y1fAXWijQY7i7RhB8m+Ipn4G9G1V2YETTX0
+kXGWtZkIJZuXyDrzILHdnpgMSmO3ps6wAc74k2rzDG6fsemEe4GYQeaB3D0s57Rr
+4578CBbXs9W5ZhKZfG1xyE2+xw/j+zet1XWHIWuG0EQUWlR5OZZpVsm5Mc2JYVjh
+2XYFBa33uQKvp/1HkaIiNFox0QIDAQABo4IBgTCCAX0wEgYDVR0TAQH/BAgwBgEB
+/wIBADBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0
+dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwMQYDVR0fBCowKDAmoCSgIoYgaHR0
+cDovL2NybC52ZXJpc2lnbi5jb20vcGNhMy5jcmwwDgYDVR0PAQH/BAQDAgEGMBEG
+CWCGSAGG+EIBAQQEAwIBBjApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRQ2xhc3Mz
+Q0EyMDQ4LTEtNDUwHQYDVR0OBBYEFG/sr6DdiqTv9SoQZy0/VYK81+8lMIGABgNV
+HSMEeTB3oWOkYTBfMQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIElu
+Yy4xNzA1BgNVBAsTLkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlv
+biBBdXRob3JpdHmCEHC65B0Q2Sk0tjjKewPMur8wDQYJKoZIhvcNAQEFBQADgYEA
+w34IRl2RNs9n3Nenr6+4IsOLBHTTsWC85v63RBKBWzFzFGNWxnIu0RoDQ1w4ClBK
+Tc3athmo9JkNr+P32PF1KGX2av6b9L1S2T/L2hbLpZ4ujmZSeD0m+v6UNohKlV4q
+TBnvbvqCPy0D79YoszcYz0KyNCFkR9MgazpM3OYDkAw=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- VeriSign International Server CA - Class 3 -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDgzCCAuygAwIBAgIQJUuKhThCzONY+MXdriJupDANBgkqhkiG9w0BAQUFADBf
+MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT
+LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw
+HhcNOTcwNDE3MDAwMDAwWhcNMTExMDI0MjM1OTU5WjCBujEfMB0GA1UEChMWVmVy
+aVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAx
+BgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3Mg
+MzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4g
+TElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEA2IKA6NYZAn0fhRg5JaJlK+G/1AXTvOY2O6rwTGxbtueqPHNFVbLx
+veqXQu2aNAoV1Klc9UAl3dkHwTKydWzEyruj/lYncUOqY/UwPpMo5frxCTvzt01O
+OfdcSVq4wR3Tsor+cDCVQsv+K1GLWjw6+SJPkLICp1OcTzTnqwSye28CAwEAAaOB
+4zCB4DAPBgNVHRMECDAGAQH/AgEAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQEw
+KjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL0NQUzA0BgNV
+HSUELTArBggrBgEFBQcDAQYIKwYBBQUHAwIGCWCGSAGG+EIEAQYKYIZIAYb4RQEI
+ATALBgNVHQ8EBAMCAQYwEQYJYIZIAYb4QgEBBAQDAgEGMDEGA1UdHwQqMCgwJqAk
+oCKGIGh0dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA0GCSqGSIb3DQEB
+BQUAA4GBAAgB7ORolANC8XPxI6I63unx2sZUxCM+hurPajozq+qcBBQHNgYL+Yhv
+1RPuKSvD5HKNRO3RrCAJLeH24RkFOLA9D59/+J4C3IYChmFOJl9en5IeDCSk9dBw
+E88mw0M9SR2egi5SX7w+xmYpAY5Okiy8RnUDgqxz6dl+C2fvVFIa
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- EPFL CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDbjCCAtegAwIBAgIBADANBgkqhkiG9w0BAQQFADCBhzELMAkGA1UEBhMCQ0gx
+DTALBgNVBAgTBFZhdWQxETAPBgNVBAcTCExhdXNhbm5lMQ0wCwYDVQQKEwRFUEZM
+MSUwIwYDVQQDExxFUEZMIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MSAwHgYJKoZI
+hvcNAQkBFhFjZXJ0LWF1dGhAZXBmbC5jaDAeFw0wMjAxMjMxMzU0NDJaFw0xMjAx
+MjExMzU0NDJaMIGHMQswCQYDVQQGEwJDSDENMAsGA1UECBMEVmF1ZDERMA8GA1UE
+BxMITGF1c2FubmUxDTALBgNVBAoTBEVQRkwxJTAjBgNVBAMTHEVQRkwgQ2VydGlm
+aWNhdGlvbiBBdXRob3JpdHkxIDAeBgkqhkiG9w0BCQEWEWNlcnQtYXV0aEBlcGZs
+LmNoMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCl6ERqcEOFgnM/DJSuM8AP
+TwvKJB47u+S9wAbfkhESINc1G0orvRJxIztnHlhp245qzvhgMFukdnn/ZhGivNYb
+tu/N1fGInXIMxWb+1gVKtzpQH/QGX3Dva0Gkr/9iT7JL+nsqNV9Rz6byLMSoBMjM
+lyXC7W7LxjZqdQ1FSimG8QIDAQABo4HnMIHkMB0GA1UdDgQWBBQ7iVSOMlRaUJZC
+4vg8nLKpVeJq2jCBtAYDVR0jBIGsMIGpgBQ7iVSOMlRaUJZC4vg8nLKpVeJq2qGB
+jaSBijCBhzELMAkGA1UEBhMCQ0gxDTALBgNVBAgTBFZhdWQxETAPBgNVBAcTCExh
+dXNhbm5lMQ0wCwYDVQQKEwRFUEZMMSUwIwYDVQQDExxFUEZMIENlcnRpZmljYXRp
+b24gQXV0aG9yaXR5MSAwHgYJKoZIhvcNAQkBFhFjZXJ0LWF1dGhAZXBmbC5jaIIB
+ADAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBAUAA4GBAA+iL5occl7nlrcLDoLA
+5LoeE8i201WkkbUQJddz6UhPtbn5XB4b5p6zo+R93TevgKW01ILPanCkROf49PrR
+iGseMuGV55p4WHvyKGVl5Q4je6vL4lZlixqEgACPQepUI9Qdi4fogSCaZQyC7fIO
+Dul1iSdow7sghBcWrsZu8gVt
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- GTE CyberTrust Global Root -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIICWjCCAcMCAgGlMA0GCSqGSIb3DQEBBAUAMHUxCzAJBgNVBAYTAlVTMRgwFgYD
+VQQKEw9HVEUgQ29ycG9yYXRpb24xJzAlBgNVBAsTHkdURSBDeWJlclRydXN0IFNv
+bHV0aW9ucywgSW5jLjEjMCEGA1UEAxMaR1RFIEN5YmVyVHJ1c3QgR2xvYmFsIFJv
+b3QwHhcNOTgwODEzMDAyOTAwWhcNMTgwODEzMjM1OTAwWjB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCVD6C28FCc6HrH
+iM3dFw4usJTQGz0O9pTAipTHBsiQl8i4ZBp6fmw8U+E3KHNgf7KXUwefU/ltWJTS
+r41tiGeA5u2ylc9yMcqlHHK6XALnZELn+aks1joNrI1CqiQBOeacPwGFVw1Yh0X4
+04Wqk2kmhXBIgD8SFcd5tB8FLztimQIDAQABMA0GCSqGSIb3DQEBBAUAA4GBAG3r
+GwnpXtlR22ciYaQqPEh346B8pt5zohQDhT37qw4wxYMWM4ETCJ57NE7fQMh017l9
+3PR2VX2bY1QY6fDq81yx2YtCHrnAlU66+tXifPVoYb+O7AWXX1uw16OFNMQkpw0P
+lZPvy5TYnh+dXIVtx6quTx8itc2VrbqnzPmrC3p/
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- Cybertrust Educational CA -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEQjCCA6ugAwIBAgIEBAAD+zANBgkqhkiG9w0BAQUFADB1MQswCQYDVQQGEwJV
+UzEYMBYGA1UEChMPR1RFIENvcnBvcmF0aW9uMScwJQYDVQQLEx5HVEUgQ3liZXJU
+cnVzdCBTb2x1dGlvbnMsIEluYy4xIzAhBgNVBAMTGkdURSBDeWJlclRydXN0IEds
+b2JhbCBSb290MB4XDTA2MDMxNDIwMzAwMFoXDTEzMDMxNDIzNTkwMFowXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSKhEB1KRmBuBZGb34PC7RKyWnz4
+q+H4UFwoLH5+ADiTsItK8cJMPBAsPO+w7KFpL7n8zAgUa41PGPOD0vqpNwggqlyq
+gGCi1aUiAM9a5bSX37oevlyOFxlm/a+ffHuJsg4k2MerY8SVMo1I5mNZfQS4M6i9
+111kvGO1900o/fkGcjFcukWUZaPStFjsO2FYRKMvYrObgLSC/dXHzFEl5ZU/Ry8w
+e6zIeG7i4W0n6z3MAYLoNXeNq1i7VdHVpIFWjRzQFLGwBt6gkSLz8Kg0F0fG4D72
+DFqsflBLzeFpbgb8Bn5qTbSVmaBZXDVm7NlJ1BfgYLBdpdca4ipuZvKvHQIDAQAB
+o4IBbzCCAWswRQYDVR0fBD4wPDA6oDigNoY0aHR0cDovL3d3dy5wdWJsaWMtdHJ1
+c3QuY29tL2NnaS1iaW4vQ1JMLzIwMTgvY2RwLmNybDAdBgNVHQ4EFgQUZWWjPdc7
+EaMKByU3yUJKW3Z3UOEwUwYDVR0gBEwwSjBIBgkrBgEEAbE+AQAwOzA5BggrBgEF
+BQcCARYtaHR0cDovL3d3dy5wdWJsaWMtdHJ1c3QuY29tL0NQUy9PbW5pUm9vdC5o
+dG1sMIGJBgNVHSMEgYEwf6F5pHcwdTELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD0dU
+RSBDb3Jwb3JhdGlvbjEnMCUGA1UECxMeR1RFIEN5YmVyVHJ1c3QgU29sdXRpb25z
+LCBJbmMuMSMwIQYDVQQDExpHVEUgQ3liZXJUcnVzdCBHbG9iYWwgUm9vdIICAaUw
+DgYDVR0PAQH/BAQDAgEGMBIGA1UdEwEB/wQIMAYBAf8CAQAwDQYJKoZIhvcNAQEF
+BQADgYEAQ7NFg1RxxB/csjxrTr8m8k7yrZpb+oY3iOgUbEEYQl/vZT7rA3egt551
+elF8uxVbuK+RoDSSU+1/KkmErLmAS7XHsiMi++vY+27JPPPS0bu+yRz/bQHbaYAO
+maXqnnuXmI+3zyKcs7hd5akzF3TGlzcPtOkmgl9hCz8ePWTpK5s=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- QuoVadis Root Certification Authority -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIF0DCCBLigAwIBAgIEOrZQizANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJC
+TTEZMBcGA1UEChMQUXVvVmFkaXMgTGltaXRlZDElMCMGA1UECxMcUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTEuMCwGA1UEAxMlUXVvVmFkaXMgUm9vdCBDZXJ0
+aWZpY2F0aW9uIEF1dGhvcml0eTAeFw0wMTAzMTkxODMzMzNaFw0yMTAzMTcxODMz
+MzNaMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMSUw
+IwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYDVQQDEyVR
+dW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2G1lVO6V/z68mcLOhrfEYBklbTRvM16z/Yp
+li4kVEAkOPcahdxYTMukJ0KX0J+DisPkBgNbAKVRHnAEdOLB1Dqr1607BxgFjv2D
+rOpm2RgbaIr1VxqYuvXtdj182d6UajtLF8HVj71lODqV0D1VNk7feVcxKh7YWWVJ
+WCCYfqtffp/p1k3sg3Spx2zY7ilKhSoGFPlU5tPaZQeLYzcS19Dsw3sgQUSj7cug
+F+FxZc4dZjH3dgEZyH0DWLaVSR2mEiboxgx24ONmy+pdpibu5cxfvWenAScOospU
+xbF6lR1xHkopigPcakXBpBlebzbNw6Kwt/5cOOJSvPhEQ+aQuwIDAQABo4ICUjCC
+Ak4wPQYIKwYBBQUHAQEEMTAvMC0GCCsGAQUFBzABhiFodHRwczovL29jc3AucXVv
+dmFkaXNvZmZzaG9yZS5jb20wDwYDVR0TAQH/BAUwAwEB/zCCARoGA1UdIASCAREw
+ggENMIIBCQYJKwYBBAG+WAABMIH7MIHUBggrBgEFBQcCAjCBxxqBxFJlbGlhbmNl
+IG9uIHRoZSBRdW9WYWRpcyBSb290IENlcnRpZmljYXRlIGJ5IGFueSBwYXJ0eSBh
+c3N1bWVzIGFjY2VwdGFuY2Ugb2YgdGhlIHRoZW4gYXBwbGljYWJsZSBzdGFuZGFy
+ZCB0ZXJtcyBhbmQgY29uZGl0aW9ucyBvZiB1c2UsIGNlcnRpZmljYXRpb24gcHJh
+Y3RpY2VzLCBhbmQgdGhlIFF1b1ZhZGlzIENlcnRpZmljYXRlIFBvbGljeS4wIgYI
+KwYBBQUHAgEWFmh0dHA6Ly93d3cucXVvdmFkaXMuYm0wHQYDVR0OBBYEFItLbe3T
+KbkGGew5Oanwl4Rqy+/fMIGuBgNVHSMEgaYwgaOAFItLbe3TKbkGGew5Oanwl4Rq
+y+/foYGEpIGBMH8xCzAJBgNVBAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1p
+dGVkMSUwIwYDVQQLExxSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MS4wLAYD
+VQQDEyVRdW9WYWRpcyBSb290IENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ6tlCL
+MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOCAQEAitQUtf70mpKnGdSk
+fnIYj9lofFIk3WdvOXrEql494liwTXCYhGHoG+NpGA7O+0dQoE7/8CQfvbLO9Sf8
+7C9TqnN7Az10buYWnuulLsS/VidQK2K6vkscPFVcQR0kvoIgR13VRH56FmjffU1R
+cHhXHTMe/QKZnAzNCgVPx7uOpHX6Sm2xgI4JVrmcGmD+XcHXetwReNDWXcG31a0y
+mQM6isxUJTkxgXsTIlG6Rmyhu576BGxJJnSP0nPrzDCi5upZIof4l/UO/erMkqQW
+xFIY6iHOsfHmhIHluqmGKPJDWl0Snawe2ajlCmqnf6CHKc/yiU3U7MXi5nrQNiOK
+SnQ2+Q==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- QuoVadis Root CA 2 -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFtzCCA5+gAwIBAgICBQkwDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
+b3QgQ0EgMjAeFw0wNjExMjQxODI3MDBaFw0zMTExMjQxODIzMzNaMEUxCzAJBgNV
+BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMRswGQYDVQQDExJRdW9W
+YWRpcyBSb290IENBIDIwggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQCa
+GMpLlA0ALa8DKYrwD4HIrkwZhR0In6spRIXzL4GtMh6QRr+jhiYaHv5+HBg6XJxg
+Fyo6dIMzMH1hVBHL7avg5tKifvVrbxi3Cgst/ek+7wrGsxDp3MJGF/hd/aTa/55J
+WpzmM+Yklvc/ulsrHHo1wtZn/qtmUIttKGAr79dgw8eTvI02kfN/+NsRE8Scd3bB
+rrcCaoF6qUWD4gXmuVbBlDePSHFjIuwXZQeVikvfj8ZaCuWw419eaxGrDPmF60Tp
++ARz8un+XJiM9XOva7R+zdRcAitMOeGylZUtQofX1bOQQ7dsE/He3fbE+Ik/0XX1
+ksOR1YqI0JDs3G3eicJlcZaLDQP9nL9bFqyS2+r+eXyt66/3FsvbzSUr5R/7mp/i
+Ucw6UwxI5g69ybR2BlLmEROFcmMDBOAENisgGQLodKcftslWZvB1JdxnwQ5hYIiz
+PtGo/KPaHbDRsSNU30R2be1B2MGyIrZTHN81Hdyhdyox5C315eXbyOD/5YDXC2Og
+/zOhD7osFRXql7PSorW+8oyWHhqPHWykYTe5hnMz15eWniN9gqRMgeKh0bpnX5UH
+oycR7hYQe7xFSkyyBNKr79X9DFHOUGoIMfmR2gyPZFwDwzqLID9ujWc9Otb+fVuI
+yV77zGHcizN300QyNQliBJIWENieJ0f7OyHj+OsdWwIDAQABo4GwMIGtMA8GA1Ud
+EwEB/wQFMAMBAf8wCwYDVR0PBAQDAgEGMB0GA1UdDgQWBBQahGK8SEwzJQTU7tD2
+A8QZRtGUazBuBgNVHSMEZzBlgBQahGK8SEwzJQTU7tD2A8QZRtGUa6FJpEcwRTEL
+MAkGA1UEBhMCQk0xGTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMT
+ElF1b1ZhZGlzIFJvb3QgQ0EgMoICBQkwDQYJKoZIhvcNAQEFBQADggIBAD4KFk2f
+BluornFdLwUvZ+YTRYPENvbzwCYMDbVHZF34tHLJRqUDGCdViXh9duqWNIAXINzn
+g/iN/Ae42l9NLmeyhP3ZRPx3UIHmfLTJDQtyU/h2BwdBR5YM++CCJpNVjP4iH2Bl
+fF/nJrP3MpCYUNQ3cVX2kiF495V5+vgtJodmVjB3pjd4M1IQWK4/YY7yarHvGH5K
+WWPKjaJW1acvvFYfzznB4vsKqBUsfU16Y8Zsl0Q80m/DShcK+JDSV6IZUaUtl0Ha
+B0+pUNqQjZRG4T7wlP0QADj1O+hA4bRuVhogzG9Yje0uRY/W6ZM/57Es3zrWIozc
+hLsib9D45MY56QSIPMO661V6bYCZJPVsAfv4l7CUW+v90m/xd2gNNWQjrLhVoQPR
+TUIZ3Ph1WVaj+ahJefivDrkRoHy3au000LYmYjgahwz46P0u05B/B5EqHdZ+XIWD
+mbA4CD/pXvk1B+TJYm5Xf6dQlfe6yJvmjqIBxdZmv3lh8zwc4bmCXF2gw+nYSL0Z
+ohEUGW6yhhtoPkg3Goi3XZZenMfvJ2II4pEZXNLxId26F0KCl3GBUzGpn/Z9Yr9y
+4aOTHcyKJloJONDO1w2AFrR4pTqHTI2KpdVGl/IsELm8VCLAAVBpQ570su9t+Oza
+8eOx79+Rj1QqCyXBJhnEUhAFZdWCEOrCMc0u
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- QuoVadis Global SSL ICA -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFTjCCAzagAwIBAgICBXowDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxGzAZBgNVBAMTElF1b1ZhZGlzIFJv
+b3QgQ0EgMjAeFw0wNzAxMTIxNjEzMzNaFw0xNzAxMTIxNjEzMTFaMGsxCzAJBgNV
+BAYTAkJNMRkwFwYDVQQKExBRdW9WYWRpcyBMaW1pdGVkMR8wHQYDVQQLExZ3d3cu
+cXVvdmFkaXNnbG9iYWwuY29tMSAwHgYDVQQDExdRdW9WYWRpcyBHbG9iYWwgU1NM
+IElDQTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKk1mD/CiG1+aGcM
+xI7LJL0x4qQpmljkCt1BFL1oaoyuFW4l0GKVTNPFsJ6w4a7pLejG1uQJgeRmKy8n
+xm12NXgIshfqBvTqVFAcuGViwCreo5S+oZWlLxTIYRVJZB3OujED5IyXVibMLR7g
+xWwcXS2BCSNDUnCAN2x+sGHSR9o4sGTbiYFMZPWZfOc0rIbWtms/cUSVfqneyRGN
+WgoIvKPdT2vGvf70RpszxqjEEBLT2A1F2QwM/BxgxylzyelGCN6qVDJrE2rP1KRq
+AN+qiV7kK9MphZ9RYRkjtHE3qNkIxTi4KLy/FBWCy9abwK7t8+AGP6y+N8Oxf7Ed
+9AU37VcCAwEAAaOCASAwggEcMA8GA1UdEwEB/wQFMAMBAf8wOgYIKwYBBQUHAQEE
+LjAsMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20w
+QgYDVR0gBDswOTA3BgRVHSAAMC8wLQYIKwYBBQUHAgEWIWh0dHA6Ly93d3cucXVv
+dmFkaXNnbG9iYWwuY29tL2NwczAOBgNVHQ8BAf8EBAMCAQYwHwYDVR0jBBgwFoAU
+GoRivEhMMyUE1O7Q9gPEGUbRlGswOQYDVR0fBDIwMDAuoCygKoYoaHR0cDovL2Ny
+bC5xdW92YWRpc2dsb2JhbC5jb20vcXZyY2EyLmNybDAdBgNVHQ4EFgQUMk2hT+rw
+rpm27psHLIQIEVCL4n4wDQYJKoZIhvcNAQEFBQADggIBAI5zWxH+LIAvrc/dYIWZ
+8zHozDuc1kbd7IaiSgjJCZwNo1vMSLbNfgPg7XIoTDJ903URzDUWh4l8/XncwRil
+rRafR23N/iFkM+NF+LoABd9qpF/oAmOGuJ6GwPUf/yhioc8nQ/WXuMVF4/OTdvGF
+0QRsk7rivttpGx2aQhGBwO39ft4cySvXToNsBjH4VWcduEooZDg6plIec8S2zrFA
+dXvxSgz/sV41QHwyUokTxEY1UoXF9aA5VeGLKIkC1NasTyy26bzuOYOKxgqRUXIu
+n6M+CdWiKKJWVi3rBpbnFQWSrsotp4jeQn9zBuovTR0OOijTBWHj9ThxrIG5pb4g
+Nmd03/NZDe5l3ja59+UtBUpfCbdqPCCZSUy7t6PLAoDo5JwQKCEOrmNpwD/207GP
+2WMo77wh5/mvJRJMFfEZ+CwQXk5LPXXU7EJr+7PYpJB67hryxts1I6FJI0AF3ET9
+3YZ4sgEK009h6bdeZbIOvcT4e0v33EAJggFtxU/5xRdtk/PmwxBjSxeg+jBK2xeH
+3TScxc6nNvtcw22Lds5GucMsoxmpblYV1adrowg3twQvSXQZ96jzyT3qfmk09M+e
+bBTqd3GFwZcJNaQigOw8EQHQtjJm9Zco7FtJ+SxEqcQYFJ+M7QZz+0wWCPwlflMo
+7aGlYILpWH4iR3ZhuH/3xMkx
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- AAI Test CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEODCCAyCgAwIBAgIBADANBgkqhkiG9w0BAQQFADB1MQswCQYDVQQGEwJDSDEP
+MA0GA1UEBxMGWnVyaWNoMRMwEQYDVQQKEwpTV0lUQ0ggQUFJMQwwCgYDVQQLEwNB
+QUkxFDASBgNVBAMTC0FBSSBUZXN0IENBMRwwGgYJKoZIhvcNAQkBFg1hYWlAc3dp
+dGNoLmNoMB4XDTA0MDcyMjE1NDUxOFoXDTExMDcyMTE1NDUxOFowdTELMAkGA1UE
+BhMCQ0gxDzANBgNVBAcTBlp1cmljaDETMBEGA1UEChMKU1dJVENIIEFBSTEMMAoG
+A1UECxMDQUFJMRQwEgYDVQQDEwtBQUkgVGVzdCBDQTEcMBoGCSqGSIb3DQEJARYN
+YWFpQHN3aXRjaC5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALW9
+H+Pv1jR8oTWevokArsf3BiA/4LMB5uP6glk4sZ4Io8cKQu0Uk8JWGCysRI2269l5
+x/MGuOHFtqHNMERtsNt8SSj9nYI9yZQ9wdIZD6FYEKrHsnnDGxfrFogjqRZjNh3e
+EEOnsomXJytYX5IBwIlkoBpZK9jOx6HxQ3HRukCp3xjOAxLS9T4MZeKb6cdDakgD
+bo3f9UHPDv5Mil3O5NqJ0PK9ZMJCPzPelHjg0AwZdbDtFDiF+uuGwAfjKp7KpXU0
+rXSm3qtY6bjlitHcqJ2KwVR1xnyPjpSfYVSMlUyk97K+U3lTMBCb/ZAkUHV3Yfhq
+U9lWtoaZpg4gPpACSjkCAwEAAaOB0jCBzzAdBgNVHQ4EFgQUBUfEhodT+g8w0FKl
+ofBLJmt5UkMwgZ8GA1UdIwSBlzCBlIAUBUfEhodT+g8w0FKlofBLJmt5UkOheaR3
+MHUxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxEzARBgNVBAoTClNXSVRD
+SCBBQUkxDDAKBgNVBAsTA0FBSTEUMBIGA1UEAxMLQUFJIFRlc3QgQ0ExHDAaBgkq
+hkiG9w0BCQEWDWFhaUBzd2l0Y2guY2iCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG
+9w0BAQQFAAOCAQEAcAsNe7MuJe1c/tpjAH0LxoRaPBNybqTmK0BcKPRew0RzGZQC
+VjvHVcm1yXITbrONEuMKJc42jjHW6qfBMQRSdyV9q1F6zV7GVVk0bBuOdawVqXuH
+APnzLugo/9vKhSvzbJgeOul1X6spI+88R/V1scr1sdYi+gWgsL08JBEiB7HOdHfx
+SsGVgDnr6q0PNyRHfXnkOlHndKEyxkI7GzwV9FijG/Yz8K/end1ddWbc6wC91O7n
+HczB5+OsCnNf3wIrPNVJ+rUTQGJV4VxwZZm0JQRoyQiJNu5V2diBHPxjax4cSSTo
+WbkR2lRjUS7Hlb+ZKIVqkhiuI5krw/SSK6k72w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- Deutsche Telekom Root CA 2 -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDnzCCAoegAwIBAgIBJjANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJERTEc
+MBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxlU2Vj
+IFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290IENB
+IDIwHhcNOTkwNzA5MTIxMTAwWhcNMTkwNzA5MjM1OTAwWjBxMQswCQYDVQQGEwJE
+RTEcMBoGA1UEChMTRGV1dHNjaGUgVGVsZWtvbSBBRzEfMB0GA1UECxMWVC1UZWxl
+U2VjIFRydXN0IENlbnRlcjEjMCEGA1UEAxMaRGV1dHNjaGUgVGVsZWtvbSBSb290
+IENBIDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrC6M14IspFLEU
+ha88EOQ5bzVdSq7d6mGNlUn0b2SjGmBmpKlAIoTZ1KXleJMOaAGtuU1cOs7TuKhC
+QN/Po7qCWWqSG6wcmtoIKyUn+WkjR/Hg6yx6m/UTAtB+NHzCnjwAWav12gz1Mjwr
+rFDa1sPeg5TKqAyZMg4ISFZbavva4VhYAUlfckE8FQYBjl2tqriTtM2e66foai1S
+NNs671x1Udrb8zH57nGYMsRUFUQM+ZtV7a3fGAigo4aKSe5TBY8ZTNXeWHmb0moc
+QqvF1afPaA+W5OFhmHZhyJF81j4A4pFQh+GdCuatl9Idxjp9y7zaAzTVjlsB9WoH
+txa2bkp/AgMBAAGjQjBAMB0GA1UdDgQWBBQxw3kbuvVT1xfgiXotF2wKsyudMzAP
+BgNVHRMECDAGAQH/AgEFMA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQUFAAOC
+AQEAlGRZrTlk5ynrE/5aw4sTV8gEJPB0d8Bg42f76Ymmg7+Wgnxu1MM9756Abrsp
+tJh6sTtU6zkXR34ajgv8HzFZMQSyzhfzLMdiNlXiItiJVbSYSKpk+tYcNthEeFpa
+IzpXl/V6ME+un2pMSyuOoAPjPuCp1NJ70rOo4nI8rZ7/gFnkm0W09juwzTkZmDLl
+6iFhkOQxIY40sfcvNUqFENrnijchvllj4PKFiDFT1FQUhXB59C4Gdyd1Lx+4ivn+
+xbrYNuSD7Odlt79jWvNGr4GUN9RBjNYj1h7P9WgbRGOiWrqnNVmh5XAFmw4jV5mU
+Cm26OWMohpLzGITY+9HPBVZkVw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- DFN-Verein PCA Global - G01 -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEITCCAwmgAwIBAgICAMcwDQYJKoZIhvcNAQEFBQAwcTELMAkGA1UEBhMCREUx
+HDAaBgNVBAoTE0RldXRzY2hlIFRlbGVrb20gQUcxHzAdBgNVBAsTFlQtVGVsZVNl
+YyBUcnVzdCBDZW50ZXIxIzAhBgNVBAMTGkRldXRzY2hlIFRlbGVrb20gUm9vdCBD
+QSAyMB4XDTA2MTIxOTEwMjkwMFoXDTE5MDYzMDIzNTkwMFowWjELMAkGA1UEBhMC
+REUxEzARBgNVBAoTCkRGTi1WZXJlaW4xEDAOBgNVBAsTB0RGTi1QS0kxJDAiBgNV
+BAMTG0RGTi1WZXJlaW4gUENBIEdsb2JhbCAtIEcwMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAOmbw2eF+Q2u9Y1Uw5ZQNT1i6W5M7ZTXAFuVInTUIOs0
+j9bswDEEC5mB4qYU0lKgKCOEi3SJBF5b4OJ4wXjLFssoNTl7LZBF0O2gAHp8v0oO
+GwDDhulcKzERewzzgiRDjBw4i2poAJru3E94q9LGE5t2re7eJujvAa90D8EJovZr
+zr3TzRQwT/Xl46TIYpuCGgMnMA0CZWBN7dEJIyqWNVgn03bGcbaQHcTt/zWGfW8z
+s9sPxRHCioOhlF1Ba9jSEPVM/cpRrNm975KDu9rrixZWVkPP4dUTPaYfJzDNSVTb
+yRM0mnF1xWzqpwuY+SGdJ68+ozk5SGqMrcmZ+8MS8r0CAwEAAaOB2TCB1jBwBgNV
+HR8EaTBnMGWgY6Bhhl9odHRwOi8vcGtpLnRlbGVzZWMuZGUvY2dpLWJpbi9zZXJ2
+aWNlL2FmX0Rvd25sb2FkQVJMLmNybD8tY3JsX2Zvcm1hdD1YXzUwOSYtaXNzdWVy
+PURUX1JPT1RfQ0FfMjAdBgNVHQ4EFgQUSbfGz+g9H3/qRHsTKffxCnA+3mQwHwYD
+VR0jBBgwFoAUMcN5G7r1U9cX4Il6LRdsCrMrnTMwDgYDVR0PAQH/BAQDAgEGMBIG
+A1UdEwEB/wQIMAYBAf8CAQIwDQYJKoZIhvcNAQEFBQADggEBADvhWnfASBfcqRjs
+ga9aifC9KJKmylkYEnDsKPLnrn+WLOfyXRkx9hMrdL29gLK592fJOaJ5O+EREe5r
+eJEzfjtfJid1U2WOM2Puz3PDsJIjSSFQdSOhHxjilIU9PzPpdyCNor3moYUpQPY/
+czJYDQlrptqFbMA/u41mZFYkTq4NPzI1AVvpjILZcllPsYaF8XSFVuXD+Fzzje5H
+s1MFcOflTYppgyjhEwmGnl7I6lgeDB/5pNRaBGj9KD6LArZYtfahLDdXAGerI2iN
+Y6XvmWtc/UtW9qtAhzTUEZJs7IfFCgsHM3K0bwwdVCzYUcfMvzDTQ3LxMr+Mzklj
+qAD38hw=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- DFN-Verein-GS-CA - G02 -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE4DCCA8igAwIBAgIECc2lcjANBgkqhkiG9w0BAQUFADBaMQswCQYDVQQGEwJE
+RTETMBEGA1UEChMKREZOLVZlcmVpbjEQMA4GA1UECxMHREZOLVBLSTEkMCIGA1UE
+AxMbREZOLVZlcmVpbiBQQ0EgR2xvYmFsIC0gRzAxMB4XDTA3MDExNzEzNDMwMFoX
+DTE4MTEzMDIyMDAwMFowXjELMAkGA1UEBhMCREUxEzARBgNVBAoTCkRGTi1WZXJl
+aW4xGTAXBgNVBAsTEEdlc2NoYWVmdHNzdGVsbGUxHzAdBgNVBAMTFkRGTi1WZXJl
+aW4tR1MtQ0EgLSBHMDIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDc
+XD9Q+mP0fT565l0iheYxxjLBdVV+QRL3cuTF+G4zJCWXQqLcgi/Gzgx/vA8tG6R9
+NoPOmJjqnh8M52d05CupHiVCguWna5BiMSNnfy8qSyblzxpu7Tlg4mW10IoYHeCt
+Dh4c1rFwpy/pj09fUJOvBuqLBrKr86UtFoSYV4GO/0iufVFIA88LqzoR0rvTJBlN
+/d0t+4oeWHN2Wu+8QRlKHKxriKRnLHkJQWY8bs+qKoOq+Ant0DmafzlCLGQzc4UG
+u3kGnPRXqUZdTFStY0DZLH7CLwg6D5ab/5F+gL1jOp1+G8bCAkjjmVoJbqgDDCVM
+Vo5ZkHPVad145xDgC/9tAgMBAAGjggGoMIIBpDAPBgNVHRMBAf8EBTADAQH/MAsG
+A1UdDwQEAwIBBjAdBgNVHQ4EFgQUeaJiL87xBjlS53ZtYsfem2p1S0kwHwYDVR0j
+BBgwFoAUSbfGz+g9H3/qRHsTKffxCnA+3mQwFAYDVR0RBA0wC4EJY2FAZGZuLmRl
+MIGIBgNVHR8EgYAwfjA9oDugOYY3aHR0cDovL2NkcDEucGNhLmRmbi5kZS9nbG9i
+YWwtcm9vdC1jYS9wdWIvY3JsL2NhY3JsLmNybDA9oDugOYY3aHR0cDovL2NkcDIu
+cGNhLmRmbi5kZS9nbG9iYWwtcm9vdC1jYS9wdWIvY3JsL2NhY3JsLmNybDCBogYI
+KwYBBQUHAQEEgZUwgZIwRwYIKwYBBQUHMAKGO2h0dHA6Ly9jZHAxLnBjYS5kZm4u
+ZGUvZ2xvYmFsLXJvb3QtY2EvcHViL2NhY2VydC9jYWNlcnQuY3J0MEcGCCsGAQUF
+BzAChjtodHRwOi8vY2RwMi5wY2EuZGZuLmRlL2dsb2JhbC1yb290LWNhL3B1Yi9j
+YWNlcnQvY2FjZXJ0LmNydDANBgkqhkiG9w0BAQUFAAOCAQEAwO6OKf2W64fjqcq+
+XGhZC2TFU5aP9s17kHHNLD1GYz2XZ7dds1ZBSfYU35s3in0euRd3g8JoF+qNopxK
+fCpgz6kaKOwXanphqQTukoz8/IfsqYQTm0xBUjAzRZe0sMnfcfZsSn38rJNBe8fU
+REcchg6zbd6Qpkf87JW+lKG4oHUE+qlnATNx2uV/Q1aT1ptwFBTAGfL66Dm2Jfog
+arQ38HHKV63PwKGL92IDmdAAPvmHHkHdK47BoRCG+V7rG2n5HAopC566t0RIxDt2
+m0Wg9BKiwfP2RUrz3STVAxohyXoGyMU8MaTeGiB7NIH3lo37nqPO+y1XfBFjz90H
+AaRthg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- DFN-Verein PCA Grid - G01 -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEaTCCA1GgAwIBAgIBATANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJERTET
+MBEGA1UEChMKREZOLVZlcmVpbjEQMA4GA1UECxMHREZOLVBLSTEiMCAGA1UEAxMZ
+REZOLVZlcmVpbiBQQ0EgR3JpZCAtIEcwMTAeFw0wNTA3MDcxMzM1MTVaFw0xMzA5
+MDcxMzM1MTVaMFgxCzAJBgNVBAYTAkRFMRMwEQYDVQQKEwpERk4tVmVyZWluMRAw
+DgYDVQQLEwdERk4tUEtJMSIwIAYDVQQDExlERk4tVmVyZWluIFBDQSBHcmlkIC0g
+RzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPlF0BAKoXmKNC3G
+5cMOeAbSxCqKFONHrWi4fubi7dGHJfr6EJeP+6nEvc+6dM9fnsDYEYt4m4MzXaLb
+J+9vUdgSOXeoC/2BpluiU36co1QJ6PZIRO3zI2x/4EBa6XueAYpNnO777X5COeRi
+dBdSSVwUb3TcsHxrZvWXLiFpsittt1Yqr+S5fjIcJiv7umwi9jAIhtSnartLHmK1
+50VAgsXfpen3Zex4M/UGVUScAYf75dWZN4qe4J6UNUq87EyiFvR+HQVmoxdJfz7M
+rAw4AXhoter8dgzk6wQHjAezXAaarTzRKoMmyvAHwkt3oaH63KteBNao29ONpReM
+V67n0wIDAQABo4IBPDCCATgwHQYDVR0OBBYEFJbs3K2aw/5Qozwi5T3Cxf/K2SLG
+MB8GA1UdIwQYMBaAFJbs3K2aw/5Qozwi5T3Cxf/K2SLGMA8GA1UdEwEB/wQFMAMB
+Af8wgcEGA1UdHwSBuTCBtjBZoFegVYZTaHR0cDovL2NkcDEucGNhLmRmbi5kZS9k
+Zm4tcGtpL2NlcnRpZmljYXRpb24veDUwOS9ncmlkL2cxL2RhdGEvY3Jscy9yb290
+LWNhLWNybC5jcmwwWaBXoFWGU2h0dHA6Ly9jZHAyLnBjYS5kZm4uZGUvZGZuLXBr
+aS9jZXJ0aWZpY2F0aW9uL3g1MDkvZ3JpZC9nMS9kYXRhL2NybHMvcm9vdC1jYS1j
+cmwuY3JsMA4GA1UdDwEB/wQEAwIBBjARBglghkgBhvhCAQEEBAMCAAcwDQYJKoZI
+hvcNAQEFBQADggEBAFXNb0rX1MgYEEzTqHtqSxfKoqy3vETkVxRT7djuM1qxcGZq
+LyDAKT0f6mRQjRh5lRkQThTx7w9+CDJYDDhe/CN9RbB9LaB+FW2PHWIOwmeAb4/e
+HSLrvNQweDa7GO5HVOON8/yK7zN4rN81xtOlSCXKIpVuMi6CaQy3ECA1VtG+l5pL
+rUh3Xd4jaTm3FzkJCwG/vn8BY83XDbEVg/bLVom1l6GSeKEDDuJzc/3kca2IQWuF
+qctKfhxoK2w18L4DzkUNge0LlxYBCD5hDA5Jia9ufJ+tInkUbxBzPZYKkd1GXQ0i
+RboLZSYA7LLjLwVEDwsbzbymYIWZkwyYrdGg5Z4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ <!-- DFN-Verein Server CA Grid - G01 -->
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFODCCBCCgAwIBAgIEBuzALjANBgkqhkiG9w0BAQUFADBYMQswCQYDVQQGEwJE
+RTETMBEGA1UEChMKREZOLVZlcmVpbjEQMA4GA1UECxMHREZOLVBLSTEiMCAGA1UE
+AxMZREZOLVZlcmVpbiBQQ0EgR3JpZCAtIEcwMTAeFw0wNTA3MDcxNDU2MzJaFw0w
+OTA3MDcxNDU2MzJaMF4xCzAJBgNVBAYTAkRFMRMwEQYDVQQKEwpERk4tVmVyZWlu
+MRAwDgYDVQQLEwdERk4tUEtJMSgwJgYDVQQDEx9ERk4tVmVyZWluIFNlcnZlciBD
+QSBHcmlkIC0gRzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsReN
+WWGIRPuWOgINGSGb3+G7lJdOpjcxFyBI9OIndTl2BJu2xT3gGtarc1a/XWK1ocvB
+GzuJKAGEISCLaiXvrf7fr2UXt5nIIEnLyb2QJpEbfX3bTNCjzf4gMsYuliQH4/zK
+pjtfZ43E/rFusBCEZ43C3CzgJ3Zi++vE57/saWuuvaihuBk62SDzi21g6I2eXOOR
+I9KYZ3meNTD6vEWptSJ0/YoGs3g9ah1kdBollypLxKccSaBdJLiri75XSuCyj9G4
+mUjxpgaKo4DDDJsyJl4+NYjiN2di63V1jq0ZkPVxL/CNV09Kb4gOluiHjuziEqDb
+w3lMV/lN44aq51bbVQIDAQABo4ICAjCCAf4wHQYDVR0OBBYEFIwRYocmqRqpiTXv
+ooVMH8yVUpvIMB8GA1UdIwQYMBaAFJbs3K2aw/5Qozwi5T3Cxf/K2SLGMA8GA1Ud
+EwEB/wQFMAMBAf8wgcEGA1UdHwSBuTCBtjBZoFegVYZTaHR0cDovL2NkcDEucGNh
+LmRmbi5kZS9kZm4tcGtpL2NlcnRpZmljYXRpb24veDUwOS9ncmlkL2cxL2RhdGEv
+Y3Jscy9yb290LWNhLWNybC5jcmwwWaBXoFWGU2h0dHA6Ly9jZHAyLnBjYS5kZm4u
+ZGUvZGZuLXBraS9jZXJ0aWZpY2F0aW9uL3g1MDkvZ3JpZC9nMS9kYXRhL2NybHMv
+cm9vdC1jYS1jcmwuY3JsMIHWBggrBgEFBQcBAQSByTCBxjBhBggrBgEFBQcwAoZV
+aHR0cDovL2NkcDEucGNhLmRmbi5kZS9kZm4tcGtpL2NlcnRpZmljYXRpb24veDUw
+OS9ncmlkL2cxL2RhdGEvY2VydHMvcm9vdC1jYS1jZXJ0LmNydDBhBggrBgEFBQcw
+AoZVaHR0cDovL2NkcDIucGNhLmRmbi5kZS9kZm4tcGtpL2NlcnRpZmljYXRpb24v
+eDUwOS9ncmlkL2cxL2RhdGEvY2VydHMvcm9vdC1jYS1jZXJ0LmNydDAOBgNVHQ8B
+Af8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBAK3yyAeeWrMiXcnT1WyogEeXRl2s
+jRHPow0PuWTvEvM+jFUAkXpy0B8V2lQvkMqNdJTLfxcb3d5i3u6r9nG8Bp80fHTY
+TfA9+mkI078FYiwS2gtva96M7kJG/6nwii9zCJvekwXWJa1YZCgPMTpkVD8XPKVY
+13PM7nHvN9vT6oQQheqJrIVkDt6WhgOIsReHlPRZtPQn4MSlqO3dGkj+Q9xenkCm
+SeAlj0M7HR/GDgNOjPxPDn304ZuKrDQ6yKrCQC/xTttIzLPI8BUqqbehlJYWBBJv
+AuNN9CgEyFSQGGj+VkHXFSxSio2O3j9cUtkxrzwUdoELnj1bEkerNOWjqeA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ <!-- HES-SO CA -->
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDLTCCAhWgAwIBAgIIO9+pFW6Ig64wDQYJKoZIhvcNAQELBQAwJDEQMA4GA1UE
+AwwHQWRtaW5DQTEQMA4GA1UECgwHc3ZjSW5mbzAeFw0wODA2MTMwOTA3MzhaFw0x
+ODA2MTEwOTA3MzhaMCQxEDAOBgNVBAMMB0FkbWluQ0ExEDAOBgNVBAoMB3N2Y0lu
+Zm8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2QdxUYkxsClntN6oG
+NWEzcbsbTtHa5COVw8Zriho+cbd9zyd2tPkOVcbWZuM0VCPmTTkXR/depHrJ6xll
+PjNrpOkjEMIeZ6D2lcup6R9hY6akdLvr3NqbolSIpNoM5Hl1guiNqDakWlaJNVc3
+C7IBnU45rFIN7TraPXO4IywrwxPKTvClna6T9AVrqksqnGTLDAfudvz0A3xvi2hA
+Vy4UiQuyScT0uLpu35vVVDRUsbc8uqt5cVyWTGUT1RK/BWjRbiLY25VtYvV++kSM
+r6Rw7KFB5Kq4m4CPUqQrnzQlWnVCBGRtcP5fK/jRqY/nLFg7lns5cJq1IoKMqDc/
+VvKBAgMBAAGjYzBhMB8GA1UdIwQYMBaAFAPkSeAiV3Q6A4VkbolkJ5JzGsJtMA4G
+A1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUA+RJ4CJXdDoDhWRuiWQnknMawm0wDwYD
+VR0TAQH/BAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEAJyYt+5gJTJFrEMTdHbu/
+hQ0xoDEOveoZayU16+DhbR3Y9K3tNeQdF98QaX9FWwzcyVprPE+QRSQkTQ/6GveH
+QhD/Y1n1tzR8cirD+R4RpEsCsWqjxp9rC+DGJY4rc7q0wuTGqkQliX221ItjP1Dn
+zr0kecFnWqYXQVpV4AiGwC6oBxcmD66EJJfExRnlog3GUL+cTcAA1gnBdcpiFTTY
+JxjydrhnsUco+uTT/3qJMSl222zwP9xVw+I0+nd9tziUjuDYxYYxhz19PmwUk2Ij
+pz0wu3McQkDdKnJCJOwT3P/fpMgGiUIZ8YhOTlsjMe06UHFet+sp71Sy+r9xuab4
+8A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+
+ </shibmd:KeyAuthority>
+ </Extensions>
+ <!-- Identity Provider Definitions -->
+
+ <!-- Université de Fribourg Test Home Organization -->
+ <EntityDescriptor entityID="https://testidp.unifr.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">test.unifr.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>testidp.unifr.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIJAJTgSuQp5wLyMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHRlc3RpZHAudW5pZnIuY2gwHhcNMDkwNjI5MTMyODMyWhcNMTIwNjI5MTMy
+ODMyWjAbMRkwFwYDVQQDExB0ZXN0aWRwLnVuaWZyLmNoMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAt20TF5AI221MuA09aYt+3IQeS2/afZnxvbfJBA5I
+iA+Or/gEOqOUk8yxtBnb6cbPH/MN+GlWzUD4jx1+avwRF5jlPQ/UsWbDY9Kfgp1g
+F7rlHkuKqE2RHDALE9dYGHGO4jMCB/ntWoe8jea7Vj+8aT64IhPdl9A8kWicYhoU
+/QlbU1/Sh9re9Bs0DPqw6wEq20h0Z/U2ID01sQlcAL75mxo/NN8ZhVSjrYRVTRvs
+7uSN2hCUOvPKK1OaYsQvYPhr8MIQ/QQ+/FwpNqjJR0GsJsjm4EX7dt64XuhgXrQV
+vW3PoJki8njtG7gAeryoP0/jQ8BVTr6aan6Ylpvp0BYYKwIDAQABo2cwZTBEBgNV
+HREEPTA7ghB0ZXN0aWRwLnVuaWZyLmNohidodHRwczovL3Rlc3RpZHAudW5pZnIu
+Y2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFPJMgcIByOK6sI8U2I2vAV9XKZ59
+MA0GCSqGSIb3DQEBBQUAA4IBAQBIYwViCIC7KXZ6Cj0f6mR5NLYjVyvYuGE3qJZ6
+p4GnkRgKBcb/iKbKWViec2/OoaLZVIJDZnKsINYTHqKx+RFkZiwo982hlvsBEJjH
+5kpiDv03lgnTENsNTF6ESvIcyB9cOoSQ55PIMCFalg31p4fvQzj/Od8SM6kDrb/E
+B1xvtHhpqHcKBxce5bSAHzU0yezys+TjLMCs77ruYtdLUVCeTPofGOiHomOmqiZx
+hu2k8iCbPHfMFoYOJxsOGKaudx6W/NxY7nxmwELlxf16MJnsFId/dPAIDPYxEwW8
+GrHX00wpDDqiYS65R1x9E+qdOWrw0xNX09+RM9r0f/pPxwVi
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testidp.unifr.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://testidp.unifr.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://testidp.unifr.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://testidp.unifr.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://testidp.unifr.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://testidp.unifr.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>testidp.unifr.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIJAJTgSuQp5wLyMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHRlc3RpZHAudW5pZnIuY2gwHhcNMDkwNjI5MTMyODMyWhcNMTIwNjI5MTMy
+ODMyWjAbMRkwFwYDVQQDExB0ZXN0aWRwLnVuaWZyLmNoMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAt20TF5AI221MuA09aYt+3IQeS2/afZnxvbfJBA5I
+iA+Or/gEOqOUk8yxtBnb6cbPH/MN+GlWzUD4jx1+avwRF5jlPQ/UsWbDY9Kfgp1g
+F7rlHkuKqE2RHDALE9dYGHGO4jMCB/ntWoe8jea7Vj+8aT64IhPdl9A8kWicYhoU
+/QlbU1/Sh9re9Bs0DPqw6wEq20h0Z/U2ID01sQlcAL75mxo/NN8ZhVSjrYRVTRvs
+7uSN2hCUOvPKK1OaYsQvYPhr8MIQ/QQ+/FwpNqjJR0GsJsjm4EX7dt64XuhgXrQV
+vW3PoJki8njtG7gAeryoP0/jQ8BVTr6aan6Ylpvp0BYYKwIDAQABo2cwZTBEBgNV
+HREEPTA7ghB0ZXN0aWRwLnVuaWZyLmNohidodHRwczovL3Rlc3RpZHAudW5pZnIu
+Y2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFPJMgcIByOK6sI8U2I2vAV9XKZ59
+MA0GCSqGSIb3DQEBBQUAA4IBAQBIYwViCIC7KXZ6Cj0f6mR5NLYjVyvYuGE3qJZ6
+p4GnkRgKBcb/iKbKWViec2/OoaLZVIJDZnKsINYTHqKx+RFkZiwo982hlvsBEJjH
+5kpiDv03lgnTENsNTF6ESvIcyB9cOoSQ55PIMCFalg31p4fvQzj/Od8SM6kDrb/E
+B1xvtHhpqHcKBxce5bSAHzU0yezys+TjLMCs77ruYtdLUVCeTPofGOiHomOmqiZx
+hu2k8iCbPHfMFoYOJxsOGKaudx6W/NxY7nxmwELlxf16MJnsFId/dPAIDPYxEwW8
+GrHX00wpDDqiYS65R1x9E+qdOWrw0xNX09+RM9r0f/pPxwVi
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://testidp.unifr.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://testidp.unifr.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Université de Fribourg Test Home Organization</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Université de Fribourg Test Home Organization</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.test.unifr.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- SWITCH AAI Test Home Org -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:dukono.switch.ch">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">aaitest.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dukono.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE8zCCA9ugAwIBAgICESMwDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDMyMzA4MjkzMVoXDTEyMDMyMjA4MjkzMVowXTELMAkGA1UEBhMCQ0gxEDAO
+BgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRD
+SDEZMBcGA1UEAxMQZHVrb25vLnN3aXRjaC5jaDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBANCkMo1wTQRhc4UpsH9tMNdoSxVhf14IiXWH5s099vN3XmdK
+GYeZIQjpuRcDWM9lwMgJhLD32VoRjWg0aUJZSslfVvi6MKrBpo4EGaraH6RHQ+JH
+1VyYrzhJvULrdkcHMbd0c+nEFy3Qw2NWCH8U1aaMLmf2UCaHBsK+EbtcMXucWqSi
+teZpjpsaOfw8BZ6HHr2iWKnqdJgAQp17ext6J3ptM/aY3YocmoSyoPhQUH9xdFU4
+jgrxAWLTL9c7kTQYDaCirJ/7NFqoVxj7R+Pa5rnRHF2ezgmqSN8XtKRl3WpBkHdz
+VRqe1sQs+tD2x47gA7tI0j2yVsxtkdFmTxL0GekCAwEAAaOCAa0wggGpMHQGCCsG
+AQUFBwEBBGgwZjAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9i
+YWwuY29tMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwu
+Y29tL3F2c3NsaWNhLmNydDAyBgNVHREEKzApghBkdWtvbm8uc3dpdGNoLmNoghVh
+YWl0ZXN0LWlkcC5zd2l0Y2guY2gwUQYDVR0gBEowSDBGBgwrBgEEAb5YAAJkAQEw
+NjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVw
+b3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMB8GA1UdIwQYMBaAFDJNoU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0
+MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNh
+LmNybDAdBgNVHQ4EFgQUw7QchyQFbjpsGmMF0pvNPNGwCZ0wDQYJKoZIhvcNAQEF
+BQADggEBAHNDX/CXitlk98M0uwM4GT8mrBU/JJeVMsZJkreTRTU474NZ+ES26xx3
+meBs5j+rbaCOxCB8Q8U+3Y/2WlAvbqDAGC/cn/U7OFAsF+YuJTlJ+8f6oOqu9RXk
+jeHvUNTn+/9rnjANNJL8SueGMzJw6cq6aQTIOlBF/LFZY2Pv9gHexaQemjeK7d/r
+vZX1rUoWlBu5DSCJey+u6n7csevVnwIBXStFyyST03GcmhJ5VU8GLyvckYMUkdFd
+Ihu7Jzp8AoYB6aRrGuaRtrPD5wqGAliKAu8CL4CN8uFKSMr+X8raYD5E9y5WeLnV
+nJT/2V2fUkpZLcSdbkPgfHHaw3sEVP4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://dukono.switch.ch:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://dukono.switch.ch/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dukono.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE8zCCA9ugAwIBAgICESMwDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDMyMzA4MjkzMVoXDTEyMDMyMjA4MjkzMVowXTELMAkGA1UEBhMCQ0gxEDAO
+BgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRD
+SDEZMBcGA1UEAxMQZHVrb25vLnN3aXRjaC5jaDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBANCkMo1wTQRhc4UpsH9tMNdoSxVhf14IiXWH5s099vN3XmdK
+GYeZIQjpuRcDWM9lwMgJhLD32VoRjWg0aUJZSslfVvi6MKrBpo4EGaraH6RHQ+JH
+1VyYrzhJvULrdkcHMbd0c+nEFy3Qw2NWCH8U1aaMLmf2UCaHBsK+EbtcMXucWqSi
+teZpjpsaOfw8BZ6HHr2iWKnqdJgAQp17ext6J3ptM/aY3YocmoSyoPhQUH9xdFU4
+jgrxAWLTL9c7kTQYDaCirJ/7NFqoVxj7R+Pa5rnRHF2ezgmqSN8XtKRl3WpBkHdz
+VRqe1sQs+tD2x47gA7tI0j2yVsxtkdFmTxL0GekCAwEAAaOCAa0wggGpMHQGCCsG
+AQUFBwEBBGgwZjAqBggrBgEFBQcwAYYeaHR0cDovL29jc3AucXVvdmFkaXNnbG9i
+YWwuY29tMDgGCCsGAQUFBzAChixodHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwu
+Y29tL3F2c3NsaWNhLmNydDAyBgNVHREEKzApghBkdWtvbm8uc3dpdGNoLmNoghVh
+YWl0ZXN0LWlkcC5zd2l0Y2guY2gwUQYDVR0gBEowSDBGBgwrBgEEAb5YAAJkAQEw
+NjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVw
+b3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsG
+AQUFBwMCMB8GA1UdIwQYMBaAFDJNoU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0
+MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNh
+LmNybDAdBgNVHQ4EFgQUw7QchyQFbjpsGmMF0pvNPNGwCZ0wDQYJKoZIhvcNAQEF
+BQADggEBAHNDX/CXitlk98M0uwM4GT8mrBU/JJeVMsZJkreTRTU474NZ+ES26xx3
+meBs5j+rbaCOxCB8Q8U+3Y/2WlAvbqDAGC/cn/U7OFAsF+YuJTlJ+8f6oOqu9RXk
+jeHvUNTn+/9rnjANNJL8SueGMzJw6cq6aQTIOlBF/LFZY2Pv9gHexaQemjeK7d/r
+vZX1rUoWlBu5DSCJey+u6n7csevVnwIBXStFyyST03GcmhJ5VU8GLyvckYMUkdFd
+Ihu7Jzp8AoYB6aRrGuaRtrPD5wqGAliKAu8CL4CN8uFKSMr+X8raYD5E9y5WeLnV
+nJT/2V2fUkpZLcSdbkPgfHHaw3sEVP4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://dukono.switch.ch:8443/shibboleth-idp/AA"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SWITCH AAI Test Home Org</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SWITCH AAI Test Home Org</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.switch.ch/aai/help/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- PHBern - Pädagogische Hochschule Bern -->
+ <EntityDescriptor entityID="https://aai2.phbern.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">test-phbern.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai2.phbern.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEwzCCA6ugAwIBAgICAMowDQYJKoZIhvcNAQEFBQAwdTELMAkGA1UEBhMCQ0gx
+DzANBgNVBAcTBlp1cmljaDETMBEGA1UEChMKU1dJVENIIEFBSTEMMAoGA1UECxMD
+QUFJMRQwEgYDVQQDEwtBQUkgVGVzdCBDQTEcMBoGCSqGSIb3DQEJARYNYWFpQHN3
+aXRjaC5jaDAeFw0wODA0MDMwNzE3NDVaFw0wOTA0MDMwNzE3NDVaMIG0MQswCQYD
+VQQGEwJDSDENMAsGA1UECBMEQmVybjENMAsGA1UEBxMEQmVybjEmMCQGA1UEChMd
+UGFlZGFnb2dpc2NoZSBIb2Noc2NodWxlIEJlcm4xKDAmBgNVBAsTH1plbnRydW0g
+ZnVlciBCaWxkdW5nc2luZm9ybWF0aWsxFzAVBgNVBAMTDmFhaTIucGhiZXJuLmNo
+MRwwGgYJKoZIhvcNAQkBFg1hYWlAcGhiZXJuLmNoMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAy2Df8rtYTmroY4xn9FIX+z7kK23BEIDOb0Paib/JL4SB
+NwWQ7vYJSDSdzY6HXLbHteg9+udT0jZFpVryaUVib47GGZpB07njaU8lzA6UPf03
+PE3Bza4Zm9AlMLF7RgURc5t8nwbz/LhEEhA76Gu90ir6iqzhG5ALOJY6BsPhu2M1
+5ulpLYy/+C29dxEZBXRe7RmnwJBr0PH/ZnMz2Es4/wbpshqMLwyE0iYTFjjiawf+
+wLvIDPMvwzXhFLd6qTH7iufI7oC0tCr/z0H9sIs1LUKt6VLw0sWpcN6wQHHthn3Q
+HcdWXaHb8VWugC1tPnJueuadH0AQjREVEZEK0V105wIDAQABo4IBGzCCARcwCQYD
+VR0TBAIwADBJBglghkgBhvhCAQ0EPBY6R2VuZXJhdGVkIGZvciBBQUkgVGVzdCBG
+ZWRlcmF0aW9uIGh0dHA6Ly93d3cuc3dpdGNoLmNoL2FhaTAdBgNVHQ4EFgQU3ClG
+B8p9KC5iumwCglXCrwZyVoYwgZ8GA1UdIwSBlzCBlIAUBUfEhodT+g8w0FKlofBL
+Jmt5UkOheaR3MHUxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxEzARBgNV
+BAoTClNXSVRDSCBBQUkxDDAKBgNVBAsTA0FBSTEUMBIGA1UEAxMLQUFJIFRlc3Qg
+Q0ExHDAaBgkqhkiG9w0BCQEWDWFhaUBzd2l0Y2guY2iCAQAwDQYJKoZIhvcNAQEF
+BQADggEBACeWXSYNKFjKWM5l5rjB+EQIHp0U0W5AdHkgx8Fe25ddc9ccRFEHs4D+
+ixYucP4m2tkeLZIzNtCv2ld+DHqRefpb5Y8CEgGcpclUd+4aMnZZjPJbqKiVCgzl
+0S8tN7UN5Pj3M6N25gaaB/PXMVKaQNHTzDLi3KCzqooK54vHtK1c9hGr4xdBIQk2
+BkhAUfEqLco4Blbkl3oHHAzHABwR+fRpad8DW2g6YKZ1gEKuJCyfZvtoMg/2a2du
+6vv9Tkzy5Mh56J9Am36EftH6hPdXB0Y+1ByXMfjO6/AkUphyO5uMqmMGdO1ueEjQ
+wjAMnA9AqSTah45q08Lxx1TDdnP6/kQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai2-aa.phbern.ch/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai2-aa.phbern.ch/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai2.phbern.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai2.phbern.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai2.phbern.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai2.phbern.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai2-aa.phbern.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIExjCCA66gAwIBAgICAMswDQYJKoZIhvcNAQEFBQAwdTELMAkGA1UEBhMCQ0gx
+DzANBgNVBAcTBlp1cmljaDETMBEGA1UEChMKU1dJVENIIEFBSTEMMAoGA1UECxMD
+QUFJMRQwEgYDVQQDEwtBQUkgVGVzdCBDQTEcMBoGCSqGSIb3DQEJARYNYWFpQHN3
+aXRjaC5jaDAeFw0wODA0MDMwNzIxMzlaFw0wOTA0MDMwNzIxMzlaMIG3MQswCQYD
+VQQGEwJDSDENMAsGA1UECBMEQmVybjENMAsGA1UEBxMEQmVybjEmMCQGA1UEChMd
+UGFlZGFnb2dpc2NoZSBIb2Noc2NodWxlIEJlcm4xKDAmBgNVBAsTH1plbnRydW0g
+ZnVlciBCaWxkdW5nc2luZm9ybWF0aWsxGjAYBgNVBAMTEWFhaTItYWEucGhiZXJu
+LmNoMRwwGgYJKoZIhvcNAQkBFg1hYWlAcGhiZXJuLmNoMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEApvNfQK3SvUI59jJ3ya+xU1/mfYqWCC2+fUmpmXTJ
+86nrd8H6SEGTnckhaVdzHPmHh1khr3q8FKXeP0PHIPCeoGswMKGL81Te9vl/TPjQ
+X1t4yXzR8hod8TV1Oe/QIVEQGUFVLWWXxi6Aaeh59D/wXvKv3t2T5nHjBFiMluaR
+HT42I50chJ0fJjILEmtPMU4k3818Y3euQgEiuWg0cvhGDVV3OTSTJFxOFt7vVdY3
+on9f1PuTCIDP2OBTKQy0DLfvJ7P7Yed34n7HKEJey6TiQ6hK9HXptlE1RC9/F0q7
+7Sv0P9eQqh1XTa9hBOHSLnDaA7sjVTRx+6RRZWVoiAMmXQIDAQABo4IBGzCCARcw
+CQYDVR0TBAIwADBJBglghkgBhvhCAQ0EPBY6R2VuZXJhdGVkIGZvciBBQUkgVGVz
+dCBGZWRlcmF0aW9uIGh0dHA6Ly93d3cuc3dpdGNoLmNoL2FhaTAdBgNVHQ4EFgQU
+Orx5NFvLMNcLFhLijXTEZfhY918wgZ8GA1UdIwSBlzCBlIAUBUfEhodT+g8w0FKl
+ofBLJmt5UkOheaR3MHUxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxEzAR
+BgNVBAoTClNXSVRDSCBBQUkxDDAKBgNVBAsTA0FBSTEUMBIGA1UEAxMLQUFJIFRl
+c3QgQ0ExHDAaBgkqhkiG9w0BCQEWDWFhaUBzd2l0Y2guY2iCAQAwDQYJKoZIhvcN
+AQEFBQADggEBAKM8vu+Bmj9fCmNIG8HfUk1OFKjxh6R8Hns+jkaqgf6bd2sHBgR9
+61+ElaCtC37hvTXB/sZemlXgAM0IF4R53dJFX53O64QL/mEC7ozP1xzDDZDqDQzD
+2vPTm0wELe+GpxPTALt0fGPEfA2wkuS6PsQDnN8cONWoSL17SbgH69MMZjdX+J2s
+jr3ZHe0bedrw0OPeI2yO6w0cItB3YgeRBMKdYzN/kaP0gOSfj4CVt1pupi4eYN3O
+Q0WFB3xewVVRQd3SxIjsW4gSFOqP3bod2WYrpSkUOK8uuA31bcwgb2ooI0npNSHs
+G4Lq2TyvzsjHhIDf1o6+YyZrCd8yaw4MoQY=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai2-aa.phbern.ch/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai2-aa.phbern.ch/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="de">PHBern - Pädagogische Hochschule Bern</OrganizationName>
+ <OrganizationDisplayName xml:lang="de">PHBern - Pädagogische Hochschule Bern</OrganizationDisplayName>
+ <OrganizationURL xml:lang="de">http://www.test-phbern.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- AAI Test Home Org (internal) [kaba.switch.ch] -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:kaba.switch.ch">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">kaba.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>CN=kaba.switch.ch, O=Switch - Teleinformatikdienste fuer Lehre und Forschung, C=CH</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://kaba.switch.ch/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://kaba.switch.ch/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>CN=kaba.switch.ch, O=Switch - Teleinformatikdienste fuer Lehre und Forschung, C=CH</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://kaba.switch.ch:8443/shibboleth-idp/AA"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">AAI Test Home Org (internal) [kaba.switch.ch]</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">AAI Test Home Org (internal) [kaba.switch.ch]</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.switch.ch/aai/help/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- Universita della Svizzera Italiana -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:unisi.ch">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">test.unisi.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>tlogin.unisi.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://tlogin.unisi.ch:8443/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://tlogin.unisi.ch/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>tlogin.unisi.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://tlogin.unisi.ch:8443/shibboleth-idp/AA"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="it">Universita della Svizzera Italiana</OrganizationName>
+ <OrganizationDisplayName xml:lang="it">Universita della Svizzera Italiana</OrganizationDisplayName>
+ <OrganizationURL xml:lang="it">http://www.test.unisi.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- eduGAIN Bridging Element, development -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:tengger.switch.ch">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">tengger.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>tengger.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://tengger.switch.ch/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://tengger.switch.ch/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>tengger.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://tengger.switch.ch/shibboleth-idp/AA"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">eduGAIN Bridging Element, development</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">eduGAIN Bridging Element, development</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.switch.ch/aai/help/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- INSTRUCT AG -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:casus.net">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">casus.net</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>ssl.casus.net</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://ssl.casus.net/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://ssl.casus.net/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>ssl.casus.net</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://ssl.casus.net/shibboleth-idp/AA"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">INSTRUCT AG</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">INSTRUCT AG</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.casus.net</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- EduGAIN Bridging Element -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:edugain-login.switch.ch">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">edugain.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>edugain-login.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://edugain-login.switch.ch/shibboleth-idp/Artifact" index="1"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://edugain-login.switch.ch/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>edugain-login.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://edugain-login.switch.ch/shibboleth-idp/AA"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">EduGAIN Bridging Element</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">EduGAIN Bridging Element</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.switch.ch/aai/help/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- Universität Bern - Test-Homeorg -->
+ <EntityDescriptor entityID="https://aai-testidp.unibe.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">aai-testidp.unibe.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-testidp.unibe.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgILAQAAAAABGkmMUvUwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDYwMjEzNTE0MFoXDTExMDYwMjEzNTE0MFowgaAxCzAJBgNVBAYTAkNIMQ0wCwYD
+VQQHEwRCZXJuMRowGAYDVQQKExFVbml2ZXJzaXRhZXQgQmVybjElMCMGA1UECxMc
+SW5mb3JtYXRpa2RpZW5zdGUgLSBTZWN1cml0eTEdMBsGA1UEAxMUYWFpLXRlc3Rp
+ZHAudW5pYmUuY2gxIDAeBgkqhkiG9w0BCQEWEXNlY3VyaXR5QHVuaWJlLmNoMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8etbOWWPyKfiWeI4cKTtPoZ
+b57qtuElR1RnsTFqv8kR7ECMA8SU+SuRta5B5YsnEAMWMhOi5rKY5IN7jBtXiZZB
+3EBV46++0pHZch/gWpEnIvQSYeJXx0j2DhqiHa6iRqTlxbtc+mgfViqgQiRBul4N
+7k29oUKwMlaivuqwJp90VXrbo/BBsqKYr9rQDKwGDfn6Cnzsfy4n4oxQSI4OR6yZ
+gk3VVDBdR8JmGJPGpgQNh2EfMD8siKXOKPQb0KQZ3Az3RDstEkbeGxzCOeDyTdV+
+0yeHc97Dta8YppvvSOC2msHcm2gk8AMqasBOs2IxyIdMb55NcAdKVUP2X5w5hQID
+AQABo4IBkDCCAYwwUAYDVR0gBEkwRzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEW
+LGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4G
+A1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAd
+BgNVHQ4EFgQUaq4Kp0l327aRqQVx7thMzJROMJEwOgYDVR0fBDMwMTAvoC2gK4Yp
+aHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYB
+BQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24u
+bmV0L2NhY2VydC9lZHVjYXRpb25hbC5jcnQwMgYDVR0RBCswKYIUYWFpLXRlc3Rp
+ZHAudW5pYmUuY2iBEXNlY3VyaXR5QHVuaWJlLmNoMCcGA1UdJQQgMB4GCCsGAQUF
+BwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBAAaxhgsW
+t+SxoRIY8qXrHnIRYyzUo/2PDrNYWqYMexM1oRyTIpHPAnq4JlVLSGHlYvRejqcx
+rJImFkpxZFHwLLDKR551eI+ZR46qaa2T+v5DoK4v7VddceWdji2Kxf+UJYWK4gt7
+LKQAbd/lKt+kFomPoFqkU0t6msy3Jhu9mgM47J8L3sb/oMpNuodQVfEkBzwoAxKu
+uxy4+D5Ulg7ZrzO5fCjX32XAGUJa6KFhj28kzzZ7TMbYWoIa9AInpkbyoI1u21SV
+SgeRwd/iifGC5pB751zWHJT0KYytlkV9DaGpXfQLjzOfyEJbg6HyKUNTwGwxFnI0
+s0Iokw/D0ai96os=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-testidp.unibe.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-testidp.unibe.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-testidp.unibe.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-testidp.unibe.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-testidp.unibe.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai-testidp.unibe.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-testidp.unibe.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFFzCCA/+gAwIBAgILAQAAAAABGkmMUvUwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDYwMjEzNTE0MFoXDTExMDYwMjEzNTE0MFowgaAxCzAJBgNVBAYTAkNIMQ0wCwYD
+VQQHEwRCZXJuMRowGAYDVQQKExFVbml2ZXJzaXRhZXQgQmVybjElMCMGA1UECxMc
+SW5mb3JtYXRpa2RpZW5zdGUgLSBTZWN1cml0eTEdMBsGA1UEAxMUYWFpLXRlc3Rp
+ZHAudW5pYmUuY2gxIDAeBgkqhkiG9w0BCQEWEXNlY3VyaXR5QHVuaWJlLmNoMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8etbOWWPyKfiWeI4cKTtPoZ
+b57qtuElR1RnsTFqv8kR7ECMA8SU+SuRta5B5YsnEAMWMhOi5rKY5IN7jBtXiZZB
+3EBV46++0pHZch/gWpEnIvQSYeJXx0j2DhqiHa6iRqTlxbtc+mgfViqgQiRBul4N
+7k29oUKwMlaivuqwJp90VXrbo/BBsqKYr9rQDKwGDfn6Cnzsfy4n4oxQSI4OR6yZ
+gk3VVDBdR8JmGJPGpgQNh2EfMD8siKXOKPQb0KQZ3Az3RDstEkbeGxzCOeDyTdV+
+0yeHc97Dta8YppvvSOC2msHcm2gk8AMqasBOs2IxyIdMb55NcAdKVUP2X5w5hQID
+AQABo4IBkDCCAYwwUAYDVR0gBEkwRzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEW
+LGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4G
+A1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAd
+BgNVHQ4EFgQUaq4Kp0l327aRqQVx7thMzJROMJEwOgYDVR0fBDMwMTAvoC2gK4Yp
+aHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYB
+BQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24u
+bmV0L2NhY2VydC9lZHVjYXRpb25hbC5jcnQwMgYDVR0RBCswKYIUYWFpLXRlc3Rp
+ZHAudW5pYmUuY2iBEXNlY3VyaXR5QHVuaWJlLmNoMCcGA1UdJQQgMB4GCCsGAQUF
+BwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBAAaxhgsW
+t+SxoRIY8qXrHnIRYyzUo/2PDrNYWqYMexM1oRyTIpHPAnq4JlVLSGHlYvRejqcx
+rJImFkpxZFHwLLDKR551eI+ZR46qaa2T+v5DoK4v7VddceWdji2Kxf+UJYWK4gt7
+LKQAbd/lKt+kFomPoFqkU0t6msy3Jhu9mgM47J8L3sb/oMpNuodQVfEkBzwoAxKu
+uxy4+D5Ulg7ZrzO5fCjX32XAGUJa6KFhj28kzzZ7TMbYWoIa9AInpkbyoI1u21SV
+SgeRwd/iifGC5pB751zWHJT0KYytlkV9DaGpXfQLjzOfyEJbg6HyKUNTwGwxFnI0
+s0Iokw/D0ai96os=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-testidp.unibe.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-testidp.unibe.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Universität Bern - Test-Homeorg</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Universität Bern - Test-Homeorg</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.aai-testidp.unibe.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- AAI Shibboleth 2.x Test IdP -->
+ <EntityDescriptor entityID="https://dieng.switch.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">dieng.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dieng.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEvTCCA6WgAwIBAgILAQAAAAABHqepjOowDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDEwNTE1MzgwM1oXDTExMDEwNTE1MzgwM1owaTELMAkGA1UEBhMCQ0gxQDA+BgNV
+BAoTN1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExlaHJlIHVu
+ZCBGb3JzY2h1bmcxGDAWBgNVBAMTD2RpZW5nLnN3aXRjaC5jaDCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALMJbhovecMB4YSzWi3dWIf2cdFy3kNakMAp
+ulfqbcx1jJaMSLUPu9PcjrVhV0B6DRq7fB/rxD0Dd18T5W5kE5aq8qFY1orI6LqQ
+NztnsDN5CLls7y5/2pTajK4roYdRab2GU9x1Lth9kGakOUgBlPvluLfW9lF5h1qz
+LI0CHATHNq5MZqlrcPRZt5fUIiwofOpXLu6+SIG49iBLwMoupwUxC53tgmWTeu7l
+AS8/QGW4xLYdcGc+1cwl7BhLb025QKVK2rPqy57C4ZUm/duBvV9yTiSYQDpMDMWL
+9RIUj40fSV31RncH26mbd/1FdVZzPC04z0uSk9v2Au8VnbjmIfkCAwEAAaOCAW4w
+ggFqMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8v
+d3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8E
+BAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYE
+FLKrUWO0oHsogG5ROe6m1xsFp360MDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9j
+cmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMw
+QTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNl
+cnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjAaBgNVHREEEzARgg9kaWVuZy5zd2l0Y2guY2gwDQYJKoZIhvcNAQEFBQADggEB
+AHtGEd3Am1Bl1P04PPpGGK41yf+sVXWOkOwgMUyH1KG8ASYBRmSmI3+xnunvhLss
+A/Vy0Ti6LD4Vg6vFO5BlQB8GFphyWcx+kiiqKNJ8IMXgI8RWUrH+6iYwjz3vLwz0
+FwdY+3d9+SUR5A8L8m+2GPSOy14o1Aezfv79c9KS2Rn4i7sAll6XiHt/9o4pn6KR
+5JtGScEmA3NoF+PM4gY/rA7ENDXesH5awDTf5qGbj8W/UfF6Ix73MEbxGyNRflIc
+ua/0ooparWzDBsrG/3O3BpgtlgvKqD5nl9t8WDNsJnPslWElw7nhOzgXm0t+kwla
+HUqtfqlJbzKrQtTpf+Rvwb4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dieng.switch.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://dieng.switch.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dieng.switch.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dieng.switch.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://dieng.switch.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://dieng.switch.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dieng.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEvTCCA6WgAwIBAgILAQAAAAABHqepjOowDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDEwNTE1MzgwM1oXDTExMDEwNTE1MzgwM1owaTELMAkGA1UEBhMCQ0gxQDA+BgNV
+BAoTN1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExlaHJlIHVu
+ZCBGb3JzY2h1bmcxGDAWBgNVBAMTD2RpZW5nLnN3aXRjaC5jaDCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALMJbhovecMB4YSzWi3dWIf2cdFy3kNakMAp
+ulfqbcx1jJaMSLUPu9PcjrVhV0B6DRq7fB/rxD0Dd18T5W5kE5aq8qFY1orI6LqQ
+NztnsDN5CLls7y5/2pTajK4roYdRab2GU9x1Lth9kGakOUgBlPvluLfW9lF5h1qz
+LI0CHATHNq5MZqlrcPRZt5fUIiwofOpXLu6+SIG49iBLwMoupwUxC53tgmWTeu7l
+AS8/QGW4xLYdcGc+1cwl7BhLb025QKVK2rPqy57C4ZUm/duBvV9yTiSYQDpMDMWL
+9RIUj40fSV31RncH26mbd/1FdVZzPC04z0uSk9v2Au8VnbjmIfkCAwEAAaOCAW4w
+ggFqMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8v
+d3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8E
+BAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYE
+FLKrUWO0oHsogG5ROe6m1xsFp360MDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9j
+cmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMw
+QTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNl
+cnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjAaBgNVHREEEzARgg9kaWVuZy5zd2l0Y2guY2gwDQYJKoZIhvcNAQEFBQADggEB
+AHtGEd3Am1Bl1P04PPpGGK41yf+sVXWOkOwgMUyH1KG8ASYBRmSmI3+xnunvhLss
+A/Vy0Ti6LD4Vg6vFO5BlQB8GFphyWcx+kiiqKNJ8IMXgI8RWUrH+6iYwjz3vLwz0
+FwdY+3d9+SUR5A8L8m+2GPSOy14o1Aezfv79c9KS2Rn4i7sAll6XiHt/9o4pn6KR
+5JtGScEmA3NoF+PM4gY/rA7ENDXesH5awDTf5qGbj8W/UfF6Ix73MEbxGyNRflIc
+ua/0ooparWzDBsrG/3O3BpgtlgvKqD5nl9t8WDNsJnPslWElw7nhOzgXm0t+kwla
+HUqtfqlJbzKrQtTpf+Rvwb4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dieng.switch.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://dieng.switch.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">AAI Shibboleth 2.x Test IdP</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">AAI Shibboleth 2.x Test IdP</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.switch.ch/aai/help/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- SWITCH Shib2 Test (KB) -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:blupblup.switch.ch">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">blupblup.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>blupblup.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://blupblup.switch.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://blupblup.switch.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>blupblup.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://blupblup.switch.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SWITCH Shib2 Test (KB)</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SWITCH Shib2 Test (KB)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.switch.ch/aai/help/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- SimpleSAML Test Identity Provider -->
+ <EntityDescriptor entityID="https://ebulobo.switch.ch/idp/simplesaml">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">ebulobo.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>ebulobo.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE3jCCA8agAwIBAgICD7owDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDEyMjEwMzg1NloXDTEyMDEyMjEwMzg1NlowXjELMAkGA1UEBhMCQ0gxEDAO
+BgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRD
+SDEaMBgGA1UEAxMRZWJ1bG9iby5zd2l0Y2guY2gwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC94Uyr8fcL6cAzgCIfsjX2YFzndZornB2uYyYKmiUJOw46
+t7kDk+4c7KQDFzcG+AmTdLRPflcIJZ+w3mUCtbmuUNgyA3J7l/PX9CmjU3l6CbRT
+dPfGdS4GAdnHlDVez9MM+yDoyPXHcCKkY6+wX9BpmfzmYNXXquN9vy/NbwYGEkxJ
+ghLRrRJKTKY2eyVVM1fYnCXwDp1pD/OyQxPNcC9AiplJZZ32Lu7UjCnSouD3IL5I
+9ePCJ7yHVSCpqVT0VczHKUk3Xm/x4B2oZdIPEiIs78o0Nt7gvn8uxDosbuuTu/HQ
+riQNq5B4Iy12WGdw5k/RUMOpnt8Rod/eh/PiKhY/AgMBAAGjggGXMIIBkzB0Bggr
+BgEFBQcBAQRoMGYwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xv
+YmFsLmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9xdnNzbGljYS5jcnQwHAYDVR0RBBUwE4IRZWJ1bG9iby5zd2l0Y2guY2gw
+UQYDVR0gBEowSDBGBgwrBgEEAb5YAAJkAQEwNjA0BggrBgEFBQcCARYoaHR0cDov
+L3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMC
+BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFDJN
+oU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu
+cXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNybDAdBgNVHQ4EFgQU3Ud05JHH
+EaGmTzlhJvZXsq/jJVIwDQYJKoZIhvcNAQEFBQADggEBAFhofh+BJRcEHUqDaAGt
+A5Fuq5a0Jh3FAYdFqMdFBolUBJiyn1GomTMgGwQHA8Dcq/WGGgrJx/emggmx+qm2
+3PYfvuGnFr5vxcHWzs6frANkTm4cUnjM44Jz6DSyRbp0JS8cXoxB46MUgcM5zSrJ
+EJkfAm1YznY6pBhBgKd7HgixyELr6+0sHHEPcfmnFwwXiKuXP9wbX40VWHDyKFzR
+/nrNcuK2qCNS9Xb7nVzSJT8QNKL0LsWlXFCgLlTMFVrLKGrS6WfyzdOsYJpQJQCe
+fnh9OIM7Sez3tKIHN/HO/6uO5sjBRINOEsxIlvUOGRsVKxFlth0gnU8WqSW/SS3A
+oec=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ebulobo.switch.ch/simplesaml/saml2/idp/SingleLogoutService.php"></SingleLogoutService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ebulobo.switch.ch/simplesaml/saml2/idp/SSOService.php"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://ebulobo.switch.ch/simplesaml/shib13/idp/SSOService.php"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>ebulobo.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE3jCCA8agAwIBAgICD7owDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDEyMjEwMzg1NloXDTEyMDEyMjEwMzg1NlowXjELMAkGA1UEBhMCQ0gxEDAO
+BgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRD
+SDEaMBgGA1UEAxMRZWJ1bG9iby5zd2l0Y2guY2gwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC94Uyr8fcL6cAzgCIfsjX2YFzndZornB2uYyYKmiUJOw46
+t7kDk+4c7KQDFzcG+AmTdLRPflcIJZ+w3mUCtbmuUNgyA3J7l/PX9CmjU3l6CbRT
+dPfGdS4GAdnHlDVez9MM+yDoyPXHcCKkY6+wX9BpmfzmYNXXquN9vy/NbwYGEkxJ
+ghLRrRJKTKY2eyVVM1fYnCXwDp1pD/OyQxPNcC9AiplJZZ32Lu7UjCnSouD3IL5I
+9ePCJ7yHVSCpqVT0VczHKUk3Xm/x4B2oZdIPEiIs78o0Nt7gvn8uxDosbuuTu/HQ
+riQNq5B4Iy12WGdw5k/RUMOpnt8Rod/eh/PiKhY/AgMBAAGjggGXMIIBkzB0Bggr
+BgEFBQcBAQRoMGYwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xv
+YmFsLmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9xdnNzbGljYS5jcnQwHAYDVR0RBBUwE4IRZWJ1bG9iby5zd2l0Y2guY2gw
+UQYDVR0gBEowSDBGBgwrBgEEAb5YAAJkAQEwNjA0BggrBgEFBQcCARYoaHR0cDov
+L3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMC
+BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFDJN
+oU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu
+cXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNybDAdBgNVHQ4EFgQU3Ud05JHH
+EaGmTzlhJvZXsq/jJVIwDQYJKoZIhvcNAQEFBQADggEBAFhofh+BJRcEHUqDaAGt
+A5Fuq5a0Jh3FAYdFqMdFBolUBJiyn1GomTMgGwQHA8Dcq/WGGgrJx/emggmx+qm2
+3PYfvuGnFr5vxcHWzs6frANkTm4cUnjM44Jz6DSyRbp0JS8cXoxB46MUgcM5zSrJ
+EJkfAm1YznY6pBhBgKd7HgixyELr6+0sHHEPcfmnFwwXiKuXP9wbX40VWHDyKFzR
+/nrNcuK2qCNS9Xb7nVzSJT8QNKL0LsWlXFCgLlTMFVrLKGrS6WfyzdOsYJpQJQCe
+fnh9OIM7Sez3tKIHN/HO/6uO5sjBRINOEsxIlvUOGRsVKxFlth0gnU8WqSW/SS3A
+oec=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ebulobo.switch.ch/simplesaml/shib2/idp/AAService.php"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://ebulobo.switch.ch/simplesaml/shib13/idp/AAService.php"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SimpleSAML Test Identity Provider</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SimpleSAML Test Identity Provider</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.switch.ch/aai/help/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- HES-SO Test IdP -->
+ <EntityDescriptor entityID="https://aai-logon-test.hes-so.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">aai-logon-test.hes-so.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-logon-test.hes-so.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIGvTCCBKWgAwIBAgIJALEon84GBjF/MA0GCSqGSIb3DQEBCwUAMIGaMQswCQYD
+VQQGEwJDSDERMA8GA1UECBMIRnJpYm91cmcxETAPBgNVBAcTCEZyaWJvdXJnMQ8w
+DQYDVQQKEwZFSUEtRlIxCzAJBgNVBAsTAlNJMSEwHwYDVQQDExhhYWktbG9nb24t
+dGVzdC5oZXMtc28uY2gxJDAiBgkqhkiG9w0BCQEWFXZpdG8uZ3Jpc2FudGlAaGVm
+ci5jaDAeFw0wODExMDcxNTQ1MDFaFw0xMjAyMjAxNTQ1MDFaMIGaMQswCQYDVQQG
+EwJDSDERMA8GA1UECBMIRnJpYm91cmcxETAPBgNVBAcTCEZyaWJvdXJnMQ8wDQYD
+VQQKEwZFSUEtRlIxCzAJBgNVBAsTAlNJMSEwHwYDVQQDExhhYWktbG9nb24tdGVz
+dC5oZXMtc28uY2gxJDAiBgkqhkiG9w0BCQEWFXZpdG8uZ3Jpc2FudGlAaGVmci5j
+aDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALYFn+7GnAqDihWxdV/0
+eJl26W2HxWGR3TIReDfpESJaKrrlRUDkcLWJy5r5eYzc1wfIuVqhlDj/ujGS2cff
+MUDmk646gu+UdY3XsejeUbDrK7idk+mfpDddvJ7Mva59XnuHXLcqPgvDdQovwsEl
+OPIf9A454w/F7OnDV93fOtnI5SQS94t3qiqVbrfInkCKgs9rBOrtbHjT3aztA4vL
+AaVPO4QKnFVQOmXSptU2OTSZkgbZQBcQ6Mm3WeM8utK7I1rmFauRRb3TRYNDcghB
+zOBZ7B1EcncY7ncVSR0rs16Uq4Qpo+wIBPCJGbUZti/hvVdbn2UazBpJK5OMx0YD
+lVEmRIYpOPigf4GMwUevJ11tbWgxoTUkbMgiA0OBVRGARw1hAKzYw0pIafN22PE1
+/s+yASSSrNo+L665Kze/rBDTAKgLR0VdhgSrmGC2GNQCiZBIZYdtPKZV8NVTyFtd
+45gc04CjjFOdGPB+YrnDamFYTVSat3DisIe1aOHDMwjcZYkH3k9wQxk7ZuwdEAbJ
+QoVOLwAcLYDM+EqdY39LAbr+FgywUfjHRhpxb6GcJ0RtK7N6fIgDr9abyEMaUcXq
+ekjo0XwnJ6Fvk4ZMFS6kxw2Mf2zf5UW83DEqTlJ00SsAq609F7epZSxf6OP06z28
+MOhZ579Y8Ltj4rdjLD5cqIr/AgMBAAGjggECMIH/MB0GA1UdDgQWBBT9vmzI4H+K
+u6LlNWF1WR8O2akqDjCBzwYDVR0jBIHHMIHEgBT9vmzI4H+Ku6LlNWF1WR8O2akq
+DqGBoKSBnTCBmjELMAkGA1UEBhMCQ0gxETAPBgNVBAgTCEZyaWJvdXJnMREwDwYD
+VQQHEwhGcmlib3VyZzEPMA0GA1UEChMGRUlBLUZSMQswCQYDVQQLEwJTSTEhMB8G
+A1UEAxMYYWFpLWxvZ29uLXRlc3QuaGVzLXNvLmNoMSQwIgYJKoZIhvcNAQkBFhV2
+aXRvLmdyaXNhbnRpQGhlZnIuY2iCCQCxKJ/OBgYxfzAMBgNVHRMEBTADAQH/MA0G
+CSqGSIb3DQEBCwUAA4ICAQAkY14BSilI6g4bH/6ChCsbcrlAunSxXdj/zM4ZjmWF
+V0T40aZyEhNT/Cl+2y6cfDjxBPBwot7NU/yO9Vh5fZCT9sizzhbC0QFoh2SbRHHJ
+WFG7aoJkDtMS06NObjj74mO2J4gMFxbGr+dOKt1JV52RLReFr/JajwHO2+iHw5eT
+dyWA2kAy/UAep0mBuheziXliNSRq+6W7+lDoK0+3hzgWQe6DT24zloeAH8vzAn0T
+xDnQychukFjCN6uGyqlp8JvcHJMD/n7tX5nVU3DSINooZc0mFL1/2B3PsOfCcZYU
+JdZC27D9imF5YA+o0WupCB+WQg0DHUllVmR/0JCeqine+nhjztFqTTtFpVqQdbxo
+GvJ+lAjqOMH6Kl6WHa1DYWYliPDlNt+v2sTmZ/7koi7CliRxtmYnpcRnmvWoHedF
+DiMk+j7tmsRc43PSk8F3tX0Vt+rWuk1Abdg8UQHC7rwTcpRIm+SPM38U6lYaEBje
+gJHtte2M3HANP6VsI7Pyfee4hfH/zzwG3a9eJT3BeQwCeJrSQouyvnaE+g+CvKbO
+d7GqPpij+dKIs4DksXmQUAiKOPyMqSIS6OAtKcCE72FjOhrjwI40k1HoTGeA7mGm
+I1robGWamFitYENUyxsQg2vH8atmDsJ4JNyt2i3eg3stDJTUG6dwKYhZXXdACQPk
+Jg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-logon-test.hes-so.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-logon-test.hes-so.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-logon-test.hes-so.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-logon-test.hes-so.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-logon-test.hes-so.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai-logon-test.hes-so.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-logon-test.hes-so.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIGvTCCBKWgAwIBAgIJALEon84GBjF/MA0GCSqGSIb3DQEBCwUAMIGaMQswCQYD
+VQQGEwJDSDERMA8GA1UECBMIRnJpYm91cmcxETAPBgNVBAcTCEZyaWJvdXJnMQ8w
+DQYDVQQKEwZFSUEtRlIxCzAJBgNVBAsTAlNJMSEwHwYDVQQDExhhYWktbG9nb24t
+dGVzdC5oZXMtc28uY2gxJDAiBgkqhkiG9w0BCQEWFXZpdG8uZ3Jpc2FudGlAaGVm
+ci5jaDAeFw0wODExMDcxNTQ1MDFaFw0xMjAyMjAxNTQ1MDFaMIGaMQswCQYDVQQG
+EwJDSDERMA8GA1UECBMIRnJpYm91cmcxETAPBgNVBAcTCEZyaWJvdXJnMQ8wDQYD
+VQQKEwZFSUEtRlIxCzAJBgNVBAsTAlNJMSEwHwYDVQQDExhhYWktbG9nb24tdGVz
+dC5oZXMtc28uY2gxJDAiBgkqhkiG9w0BCQEWFXZpdG8uZ3Jpc2FudGlAaGVmci5j
+aDCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBALYFn+7GnAqDihWxdV/0
+eJl26W2HxWGR3TIReDfpESJaKrrlRUDkcLWJy5r5eYzc1wfIuVqhlDj/ujGS2cff
+MUDmk646gu+UdY3XsejeUbDrK7idk+mfpDddvJ7Mva59XnuHXLcqPgvDdQovwsEl
+OPIf9A454w/F7OnDV93fOtnI5SQS94t3qiqVbrfInkCKgs9rBOrtbHjT3aztA4vL
+AaVPO4QKnFVQOmXSptU2OTSZkgbZQBcQ6Mm3WeM8utK7I1rmFauRRb3TRYNDcghB
+zOBZ7B1EcncY7ncVSR0rs16Uq4Qpo+wIBPCJGbUZti/hvVdbn2UazBpJK5OMx0YD
+lVEmRIYpOPigf4GMwUevJ11tbWgxoTUkbMgiA0OBVRGARw1hAKzYw0pIafN22PE1
+/s+yASSSrNo+L665Kze/rBDTAKgLR0VdhgSrmGC2GNQCiZBIZYdtPKZV8NVTyFtd
+45gc04CjjFOdGPB+YrnDamFYTVSat3DisIe1aOHDMwjcZYkH3k9wQxk7ZuwdEAbJ
+QoVOLwAcLYDM+EqdY39LAbr+FgywUfjHRhpxb6GcJ0RtK7N6fIgDr9abyEMaUcXq
+ekjo0XwnJ6Fvk4ZMFS6kxw2Mf2zf5UW83DEqTlJ00SsAq609F7epZSxf6OP06z28
+MOhZ579Y8Ltj4rdjLD5cqIr/AgMBAAGjggECMIH/MB0GA1UdDgQWBBT9vmzI4H+K
+u6LlNWF1WR8O2akqDjCBzwYDVR0jBIHHMIHEgBT9vmzI4H+Ku6LlNWF1WR8O2akq
+DqGBoKSBnTCBmjELMAkGA1UEBhMCQ0gxETAPBgNVBAgTCEZyaWJvdXJnMREwDwYD
+VQQHEwhGcmlib3VyZzEPMA0GA1UEChMGRUlBLUZSMQswCQYDVQQLEwJTSTEhMB8G
+A1UEAxMYYWFpLWxvZ29uLXRlc3QuaGVzLXNvLmNoMSQwIgYJKoZIhvcNAQkBFhV2
+aXRvLmdyaXNhbnRpQGhlZnIuY2iCCQCxKJ/OBgYxfzAMBgNVHRMEBTADAQH/MA0G
+CSqGSIb3DQEBCwUAA4ICAQAkY14BSilI6g4bH/6ChCsbcrlAunSxXdj/zM4ZjmWF
+V0T40aZyEhNT/Cl+2y6cfDjxBPBwot7NU/yO9Vh5fZCT9sizzhbC0QFoh2SbRHHJ
+WFG7aoJkDtMS06NObjj74mO2J4gMFxbGr+dOKt1JV52RLReFr/JajwHO2+iHw5eT
+dyWA2kAy/UAep0mBuheziXliNSRq+6W7+lDoK0+3hzgWQe6DT24zloeAH8vzAn0T
+xDnQychukFjCN6uGyqlp8JvcHJMD/n7tX5nVU3DSINooZc0mFL1/2B3PsOfCcZYU
+JdZC27D9imF5YA+o0WupCB+WQg0DHUllVmR/0JCeqine+nhjztFqTTtFpVqQdbxo
+GvJ+lAjqOMH6Kl6WHa1DYWYliPDlNt+v2sTmZ/7koi7CliRxtmYnpcRnmvWoHedF
+DiMk+j7tmsRc43PSk8F3tX0Vt+rWuk1Abdg8UQHC7rwTcpRIm+SPM38U6lYaEBje
+gJHtte2M3HANP6VsI7Pyfee4hfH/zzwG3a9eJT3BeQwCeJrSQouyvnaE+g+CvKbO
+d7GqPpij+dKIs4DksXmQUAiKOPyMqSIS6OAtKcCE72FjOhrjwI40k1HoTGeA7mGm
+I1robGWamFitYENUyxsQg2vH8atmDsJ4JNyt2i3eg3stDJTUG6dwKYhZXXdACQPk
+Jg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-logon-test.hes-so.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-logon-test.hes-so.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="fr">HES-SO Test IdP</OrganizationName>
+ <OrganizationDisplayName xml:lang="fr">HES-SO Test IdP</OrganizationDisplayName>
+ <OrganizationURL xml:lang="fr">http://www.aai-logon-test.hes-so.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- PSI - Paul Scherrer Institut -->
+ <EntityDescriptor entityID="https://achat.psi.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">psi.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>achat.psi.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUJ667ZRtAyPTaPrFLRwR+M7VoYd8wDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMYWNoYXQucHNpLmNoMB4XDTA5MDIxMDE1NDQxMloXDTI5
+MDIxMDE1NDQxMlowFzEVMBMGA1UEAxMMYWNoYXQucHNpLmNoMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIIE+ggNxT/IeG7uqiJF1MLCaeyX9Y3dffb/
+Yf5vygUgpfZ4/jYVo8cMmYfV5aemfeo1G7OBXYveLNF3fSi2eaGC72lCfYtH0Yam
+ioVrj7CqnWcL1x9MEmO0afOZuxfEPGCzqcf9dRFWzYlyHxLLBJs1iCeIsV2CrTRt
+iGenfKKwsTsvrKpCVakCKKPBQ3yW7HL1DG+K1+VIQuJFO63Tnq5ZrzTE4st64DoL
+x4i2r9HZMbeo8qsvuIo2XdvnvfJWEuRVS16IdUjFx62o+kyLDItWD8SgAYkUgwBG
+3P2ac3KpZIpdZaThJNet4A/kdLI2cVtuT2ktuKtpNhG1zKD0UwIDAQABo18wXTA8
+BgNVHREENTAzggxhY2hhdC5wc2kuY2iGI2h0dHBzOi8vYWNoYXQucHNpLmNoL2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBRFcNb+eOYXyYzEWInj92HoIc/DrjANBgkq
+hkiG9w0BAQUFAAOCAQEAaJnuRGVtOA4elB521DDBIvL77pZhl1ZumVl3ubLOhBNI
+jJ5EFw8R2fB4IfbBVuzBYTtvVMvlXY6r+o57LpWchZL63ukjiz+YarCVCZaxDfMJ
+pTjXFtlsALFhDBvnF2CfK5u56sjNb6pxWVVJA9PdTrc7LHbfg8P4n6WIcJnbw8Be
+USC3eOGdi6P8XVPnhErzQeIBhFYvSiJbtSF8Ylome31evRTdRs9jHPCa+yUiFJAH
+NuaZthgh8u/VYfP/MWly1fM5WGkB/175toLiJi+PwV3dn7kh2+uhOEf0QkdY66Bd
+0YGjYCBJtY7i0sfTgvRhd9UtiZ3iXCWtneEC244MgQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://achat.psi.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://achat.psi.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://achat.psi.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://achat.psi.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://achat.psi.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://achat.psi.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>achat.psi.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUJ667ZRtAyPTaPrFLRwR+M7VoYd8wDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMYWNoYXQucHNpLmNoMB4XDTA5MDIxMDE1NDQxMloXDTI5
+MDIxMDE1NDQxMlowFzEVMBMGA1UEAxMMYWNoYXQucHNpLmNoMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvIIE+ggNxT/IeG7uqiJF1MLCaeyX9Y3dffb/
+Yf5vygUgpfZ4/jYVo8cMmYfV5aemfeo1G7OBXYveLNF3fSi2eaGC72lCfYtH0Yam
+ioVrj7CqnWcL1x9MEmO0afOZuxfEPGCzqcf9dRFWzYlyHxLLBJs1iCeIsV2CrTRt
+iGenfKKwsTsvrKpCVakCKKPBQ3yW7HL1DG+K1+VIQuJFO63Tnq5ZrzTE4st64DoL
+x4i2r9HZMbeo8qsvuIo2XdvnvfJWEuRVS16IdUjFx62o+kyLDItWD8SgAYkUgwBG
+3P2ac3KpZIpdZaThJNet4A/kdLI2cVtuT2ktuKtpNhG1zKD0UwIDAQABo18wXTA8
+BgNVHREENTAzggxhY2hhdC5wc2kuY2iGI2h0dHBzOi8vYWNoYXQucHNpLmNoL2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBRFcNb+eOYXyYzEWInj92HoIc/DrjANBgkq
+hkiG9w0BAQUFAAOCAQEAaJnuRGVtOA4elB521DDBIvL77pZhl1ZumVl3ubLOhBNI
+jJ5EFw8R2fB4IfbBVuzBYTtvVMvlXY6r+o57LpWchZL63ukjiz+YarCVCZaxDfMJ
+pTjXFtlsALFhDBvnF2CfK5u56sjNb6pxWVVJA9PdTrc7LHbfg8P4n6WIcJnbw8Be
+USC3eOGdi6P8XVPnhErzQeIBhFYvSiJbtSF8Ylome31evRTdRs9jHPCa+yUiFJAH
+NuaZthgh8u/VYfP/MWly1fM5WGkB/175toLiJi+PwV3dn7kh2+uhOEf0QkdY66Bd
+0YGjYCBJtY7i0sfTgvRhd9UtiZ3iXCWtneEC244MgQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://achat.psi.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://achat.psi.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="de">PSI - Paul Scherrer Institut</OrganizationName>
+ <OrganizationDisplayName xml:lang="de">PSI - Paul Scherrer Institut</OrganizationDisplayName>
+ <OrganizationURL xml:lang="de">http://ait.web.psi.ch/us/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- SWITCHaai Test IdP (gamalama) -->
+ <EntityDescriptor entityID="https://gamalama.switch.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">gamalama.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMzCCAhugAwIBAgIUGRK3KgbOq6xrbBU9Byq7W0iEIBIwDQYJKoZIhvcNAQEF
+BQAwHTEbMBkGA1UEAxMSZ2FtYWxhbWEuc3dpdGNoLmNoMB4XDTA5MDMxMTA3MzA1
+M1oXDTEyMDMxMTA3MzA1M1owHTEbMBkGA1UEAxMSZ2FtYWxhbWEuc3dpdGNoLmNo
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpXqFBeGFEk7n9ika0Fu
+Cw6XnRG7hAt7Cww78LOSlAEcpODj5J0LRmj0f3dsHJsqCQJrRFEHh7iNOxIfl5Qj
+6jktECiCiB9JgyKUNWcDHJFTf9AYZ17DJG4Gn2ESprlBlE6+TfIgJHsepvC8Gf2V
+EgLjBUd4h1viZOWTXCqiD6SH2a1O4lIWCxdDjXv0WxZnOJoDTfL3/m6Hnrfpim/g
+N3sQB0QxqUYj0gTO1UJZ0S4VUaFqN4zK9UVUINnNvWaFqcYzgxanKLon3jWk9aGn
+ywVJndbqotdmRdIkxoyIBfdS8okBMceXGuHSS5TjUu9Lq25Ew2ek3OW1U/koaBAV
+jQIDAQABo2swaTBIBgNVHREEQTA/ghJnYW1hbGFtYS5zd2l0Y2guY2iGKWh0dHBz
+Oi8vZ2FtYWxhbWEuc3dpdGNoLmNoL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBSI
+CcfrTt2y8azKN43vl4h3qNIeYDANBgkqhkiG9w0BAQUFAAOCAQEALIpzoZkBu+M0
+zuPhE1lqZsl7hlKf/e3mV/eKBZFWNAVsD76P1FOkVD3eH/sRaSnII6Aj3nZQVlLI
+MfyW7gVLDrCt386trTaOtz3QCO/VbuSPt/X2LahobRsl2ds61SjYX8LT/GBiXj7N
+Bm8oxe7u6PthDuWq6csVrDZqW1WOQRHt2R8+SvMJ7mq8ru0FEWKs7gQobrANqlc5
+pw4qVven9PBSyt+1sP4yJqUTHwuJAZgX3QiZcWRzVqQLn8i92mo1hgzrwZUOQo9E
+zhPDtNwyj/TqffXrLoApzxfwJGX/lM6NenWHGRKo6ICqqFaZ/eRLAXSSMy4gQ3lP
+PIC+dBQ4BQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://gamalama.switch.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://gamalama.switch.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://gamalama.switch.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://gamalama.switch.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://gamalama.switch.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://gamalama.switch.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMzCCAhugAwIBAgIUGRK3KgbOq6xrbBU9Byq7W0iEIBIwDQYJKoZIhvcNAQEF
+BQAwHTEbMBkGA1UEAxMSZ2FtYWxhbWEuc3dpdGNoLmNoMB4XDTA5MDMxMTA3MzA1
+M1oXDTEyMDMxMTA3MzA1M1owHTEbMBkGA1UEAxMSZ2FtYWxhbWEuc3dpdGNoLmNo
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwpXqFBeGFEk7n9ika0Fu
+Cw6XnRG7hAt7Cww78LOSlAEcpODj5J0LRmj0f3dsHJsqCQJrRFEHh7iNOxIfl5Qj
+6jktECiCiB9JgyKUNWcDHJFTf9AYZ17DJG4Gn2ESprlBlE6+TfIgJHsepvC8Gf2V
+EgLjBUd4h1viZOWTXCqiD6SH2a1O4lIWCxdDjXv0WxZnOJoDTfL3/m6Hnrfpim/g
+N3sQB0QxqUYj0gTO1UJZ0S4VUaFqN4zK9UVUINnNvWaFqcYzgxanKLon3jWk9aGn
+ywVJndbqotdmRdIkxoyIBfdS8okBMceXGuHSS5TjUu9Lq25Ew2ek3OW1U/koaBAV
+jQIDAQABo2swaTBIBgNVHREEQTA/ghJnYW1hbGFtYS5zd2l0Y2guY2iGKWh0dHBz
+Oi8vZ2FtYWxhbWEuc3dpdGNoLmNoL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBSI
+CcfrTt2y8azKN43vl4h3qNIeYDANBgkqhkiG9w0BAQUFAAOCAQEALIpzoZkBu+M0
+zuPhE1lqZsl7hlKf/e3mV/eKBZFWNAVsD76P1FOkVD3eH/sRaSnII6Aj3nZQVlLI
+MfyW7gVLDrCt386trTaOtz3QCO/VbuSPt/X2LahobRsl2ds61SjYX8LT/GBiXj7N
+Bm8oxe7u6PthDuWq6csVrDZqW1WOQRHt2R8+SvMJ7mq8ru0FEWKs7gQobrANqlc5
+pw4qVven9PBSyt+1sP4yJqUTHwuJAZgX3QiZcWRzVqQLn8i92mo1hgzrwZUOQo9E
+zhPDtNwyj/TqffXrLoApzxfwJGX/lM6NenWHGRKo6ICqqFaZ/eRLAXSSMy4gQ3lP
+PIC+dBQ4BQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://gamalama.switch.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://gamalama.switch.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SWITCHaai Test IdP (gamalama)</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SWITCHaai Test IdP (gamalama)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.gamalama.switch.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- Test Virtual Home Organization -->
+ <EntityDescriptor entityID="https://aai-logon.test.vho-switchaai.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">test.vho-switchaai.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-logon.test.vho-switchaai.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDaTCCAlGgAwIBAgIUZ7vIS8xU/TmcJ01HVYip4nsWptMwDQYJKoZIhvcNAQEF
+BQAwKjEoMCYGA1UEAxMfYWFpLWxvZ29uLnRlc3QudmhvLXN3aXRjaGFhaS5jaDAe
+Fw0wOTAzMTAxNTEzNDFaFw0yOTAzMTAxNTEzNDFaMCoxKDAmBgNVBAMTH2FhaS1s
+b2dvbi50ZXN0LnZoby1zd2l0Y2hhYWkuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCNC4WTAZukzr4xx4ysAVeww94z1by8UoCAbkny6M1y5yjskEgX
+lxr0S259v+JZfi2PE/kNzqQwptAS/lPTKMEK1DRvtI+z2FX4cQ287HTBTtW63IFb
+h+a6a6/ZCdWswIgs6p9HqECGVwubrSieCW0oU95F9BGr2ev3Fjey0CT4Mopvab75
+JlW4MoQMERk98rCCzHJ/WMDS7paLfHtj1Mk2Gzi3rbg/NpHm2HvG4J9CzBY2I3Ws
+ASrxzH+J/qXmWmMRLBDLtWfPGTGLIrzVg8fiNEpcoj0GktkerxbioETDUtA+aUHS
+Er+KjWi/dFkd4Qk6ua4KmdkTOL1d0Cm0cvUXAgMBAAGjgYYwgYMwYgYDVR0RBFsw
+WYIfYWFpLWxvZ29uLnRlc3QudmhvLXN3aXRjaGFhaS5jaIY2aHR0cHM6Ly9hYWkt
+bG9nb24udGVzdC52aG8tc3dpdGNoYWFpLmNoL2lkcC9zaGliYm9sZXRoMB0GA1Ud
+DgQWBBQiAxs/3pBG53eHoOVcglQpkqcq6jANBgkqhkiG9w0BAQUFAAOCAQEAGt92
+GCuEkm7qWp2EKwXbr7P7J+4posn2xdnoKu9t0XSIb+af0P00TPznmRcVVE54n/oq
+32GkvrT9QVkjSOy83Jwr2ChWFlmdMHo/56YJy0vXO8ZMldASEVHIepfCLsLHwjcR
+GpXVwxl8goQbRPTUxiHcHvBTcDjXews/7nxLiIrm7oyfFntHD4ZGtG/hWbORBsgR
+42endMvS91hw9e1bh90skww+Iiy7tkdRw+xuPJjf5MwuJjb6+Ix8gzv1i3tGWagE
+B4BJMLwKgJTcRqjnSWQyoZGsfJKhPYO3ySW9Dv8A5lEf2KgqltGLwNep/LXm5yXG
+NaJ5zpd0pEiy3dSqZQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-logon.test.vho-switchaai.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-logon.test.vho-switchaai.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-logon.test.vho-switchaai.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-logon.test.vho-switchaai.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-logon.test.vho-switchaai.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai-logon.test.vho-switchaai.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-logon.test.vho-switchaai.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDaTCCAlGgAwIBAgIUZ7vIS8xU/TmcJ01HVYip4nsWptMwDQYJKoZIhvcNAQEF
+BQAwKjEoMCYGA1UEAxMfYWFpLWxvZ29uLnRlc3QudmhvLXN3aXRjaGFhaS5jaDAe
+Fw0wOTAzMTAxNTEzNDFaFw0yOTAzMTAxNTEzNDFaMCoxKDAmBgNVBAMTH2FhaS1s
+b2dvbi50ZXN0LnZoby1zd2l0Y2hhYWkuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQCNC4WTAZukzr4xx4ysAVeww94z1by8UoCAbkny6M1y5yjskEgX
+lxr0S259v+JZfi2PE/kNzqQwptAS/lPTKMEK1DRvtI+z2FX4cQ287HTBTtW63IFb
+h+a6a6/ZCdWswIgs6p9HqECGVwubrSieCW0oU95F9BGr2ev3Fjey0CT4Mopvab75
+JlW4MoQMERk98rCCzHJ/WMDS7paLfHtj1Mk2Gzi3rbg/NpHm2HvG4J9CzBY2I3Ws
+ASrxzH+J/qXmWmMRLBDLtWfPGTGLIrzVg8fiNEpcoj0GktkerxbioETDUtA+aUHS
+Er+KjWi/dFkd4Qk6ua4KmdkTOL1d0Cm0cvUXAgMBAAGjgYYwgYMwYgYDVR0RBFsw
+WYIfYWFpLWxvZ29uLnRlc3QudmhvLXN3aXRjaGFhaS5jaIY2aHR0cHM6Ly9hYWkt
+bG9nb24udGVzdC52aG8tc3dpdGNoYWFpLmNoL2lkcC9zaGliYm9sZXRoMB0GA1Ud
+DgQWBBQiAxs/3pBG53eHoOVcglQpkqcq6jANBgkqhkiG9w0BAQUFAAOCAQEAGt92
+GCuEkm7qWp2EKwXbr7P7J+4posn2xdnoKu9t0XSIb+af0P00TPznmRcVVE54n/oq
+32GkvrT9QVkjSOy83Jwr2ChWFlmdMHo/56YJy0vXO8ZMldASEVHIepfCLsLHwjcR
+GpXVwxl8goQbRPTUxiHcHvBTcDjXews/7nxLiIrm7oyfFntHD4ZGtG/hWbORBsgR
+42endMvS91hw9e1bh90skww+Iiy7tkdRw+xuPJjf5MwuJjb6+Ix8gzv1i3tGWagE
+B4BJMLwKgJTcRqjnSWQyoZGsfJKhPYO3ySW9Dv8A5lEf2KgqltGLwNep/LXm5yXG
+NaJ5zpd0pEiy3dSqZQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-logon.test.vho-switchaai.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-logon.test.vho-switchaai.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Test Virtual Home Organization</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Test Virtual Home Organization</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.test.vho-switchaai.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- AAI Demo Identity Provider (Shibboleth 2.0) -->
+ <EntityDescriptor entityID="https://aai-demo-idp.switch.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">aai-demo-idp.switch.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-demo-idp.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEyzCCA7OgAwIBAgILAQAAAAABGgGQ/4gwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDUxOTE0MjQwNloXDTExMDUxOTE0MjQwNlowcDELMAkGA1UEBhMCQ0gxQDA+BgNV
+BAoTN1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExlaHJlIHVu
+ZCBGb3JzY2h1bmcxHzAdBgNVBAMTFmFhaS1kZW1vLWlkcC5zd2l0Y2guY2gwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDopw/fdcycZ96kAMzZgFISUGLX
+0ws2h52ybyipJPC2wbmmwES63tRWi8AXmduLxst/aCfzeqKwQMKFoTfYykvPobuu
+yO8wK8yVuI+6Q9kNKgvtBywOQKZZWOdg9DTEzF1gTuywUTvjBkRwWKI+h2rMHRFp
+LTFFMQ6m1LV5Cw3iogKDCvpT/yZUdYPDnjYbkE1sjhlTJ2aEeOd18iR50X+jMSvx
+raaSgKKPbpJALQkEakdRv0bQRXqgiofys92PNH8RNJkDfl1AXU4ilK4HJc/pf6Ls
+3nuGX6D9txf7IRASyTTcoEDhYfjmXkQr+EfmNb3hQG5O/ZpgDUgdmpeXfUCrAgMB
+AAGjggF1MIIBcTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYs
+aHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYD
+VR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0G
+A1UdDgQWBBRIHOSZG3nQnE3or6M68Wx7Ts+qdTA6BgNVHR8EMzAxMC+gLaArhilo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEF
+BQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5u
+ZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwIQYDVR0RBBowGIIWYWFpLWRlbW8taWRwLnN3aXRjaC5jaDANBgkq
+hkiG9w0BAQUFAAOCAQEAiYp5PrQkxvzdVYMhUBbkTpFYeHfSTPv1znqNKtSEttax
+QEY+zCnr+Jj21lflC8oeS43CzcEis7mfw9PoNfYmD2CZSYOUmfkcOoM6iqI5Dc//
+b1LV8+MjK+yA7gzKKv+u3RaK0x5RIvERYJDRdCwZhXTXomBrWM893fvqYhkOpiSY
+ZpKP3IvmARyRqx+h94Ac9MhfNQog4gqrgNRCWpQhszSz6HzLa4tF0yKRJIUGQghk
+RvC7AJ5dwgpAfW+Bs/nfqks0kHLLWuRX+Gt62R+iDMYqdkE45V4Saw2cYh+vHVLn
+yvdcJt5YsUaWBLC+64lr5embasEOAAzcYAq/HT6bWw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-demo-idp.switch.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-demo-idp.switch.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-demo-idp.switch.ch/idp/profile/SAML2/Redirect/SLO"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-demo-idp.switch.ch/idp/profile/SAML2/POST/SLO"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-demo-idp.switch.ch/idp/profile/SAML2/SOAP/SLO"></SingleLogoutService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-demo-idp.switch.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-demo-idp.switch.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-demo-idp.switch.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai-demo-idp.switch.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-demo-idp.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEyzCCA7OgAwIBAgILAQAAAAABGgGQ/4gwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDUxOTE0MjQwNloXDTExMDUxOTE0MjQwNlowcDELMAkGA1UEBhMCQ0gxQDA+BgNV
+BAoTN1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExlaHJlIHVu
+ZCBGb3JzY2h1bmcxHzAdBgNVBAMTFmFhaS1kZW1vLWlkcC5zd2l0Y2guY2gwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDopw/fdcycZ96kAMzZgFISUGLX
+0ws2h52ybyipJPC2wbmmwES63tRWi8AXmduLxst/aCfzeqKwQMKFoTfYykvPobuu
+yO8wK8yVuI+6Q9kNKgvtBywOQKZZWOdg9DTEzF1gTuywUTvjBkRwWKI+h2rMHRFp
+LTFFMQ6m1LV5Cw3iogKDCvpT/yZUdYPDnjYbkE1sjhlTJ2aEeOd18iR50X+jMSvx
+raaSgKKPbpJALQkEakdRv0bQRXqgiofys92PNH8RNJkDfl1AXU4ilK4HJc/pf6Ls
+3nuGX6D9txf7IRASyTTcoEDhYfjmXkQr+EfmNb3hQG5O/ZpgDUgdmpeXfUCrAgMB
+AAGjggF1MIIBcTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYs
+aHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYD
+VR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0G
+A1UdDgQWBBRIHOSZG3nQnE3or6M68Wx7Ts+qdTA6BgNVHR8EMzAxMC+gLaArhilo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEF
+BQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5u
+ZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYI
+KwYBBQUHAwIwIQYDVR0RBBowGIIWYWFpLWRlbW8taWRwLnN3aXRjaC5jaDANBgkq
+hkiG9w0BAQUFAAOCAQEAiYp5PrQkxvzdVYMhUBbkTpFYeHfSTPv1znqNKtSEttax
+QEY+zCnr+Jj21lflC8oeS43CzcEis7mfw9PoNfYmD2CZSYOUmfkcOoM6iqI5Dc//
+b1LV8+MjK+yA7gzKKv+u3RaK0x5RIvERYJDRdCwZhXTXomBrWM893fvqYhkOpiSY
+ZpKP3IvmARyRqx+h94Ac9MhfNQog4gqrgNRCWpQhszSz6HzLa4tF0yKRJIUGQghk
+RvC7AJ5dwgpAfW+Bs/nfqks0kHLLWuRX+Gt62R+iDMYqdkE45V4Saw2cYh+vHVLn
+yvdcJt5YsUaWBLC+64lr5embasEOAAzcYAq/HT6bWw==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-demo-idp.switch.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-demo-idp.switch.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">AAI Demo Identity Provider (Shibboleth 2.0)</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">AAI Demo Identity Provider (Shibboleth 2.0)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.aai-demo-idp.switch.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- FHNW-TEST - Fachhochschule Nordwestschweiz -->
+ <EntityDescriptor entityID="https://aai-logon.test.fhnw.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">test.fhnw.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-logon.test.fhnw.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDRDCCAiygAwIBAgIVAKvaFIcE+pCsc8oyeeh2K28c9S2xMA0GCSqGSIb3DQEB
+BQUAMCExHzAdBgNVBAMTFmFhaS1sb2dvbi50ZXN0LmZobncuY2gwHhcNMDkwOTA4
+MDgwNTAwWhcNMTIwOTA4MDgwNTAwWjAhMR8wHQYDVQQDExZhYWktbG9nb24udGVz
+dC5maG53LmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl9HfaaE
+1jJo0KnnEK1UO+GXWcQTEEEu3QxXTNiPKu+pRpUSyWfD77jr8PdArXQ2QFv+4kTy
+cZV2xD2abwSViDN/zVC0EGJ9VvyIwmX3STL4ROJ2ISb64Gtzcar3NHhyPJYIcluF
+5w9qAm6n/NHyLnz9wNFrl+zFeo8uXJwTj8x9pB9TBZ/1b/pYawSaZKhhsOtkYL/P
+jUhUPD69NR5f2kpTvG+4KsdoksT1mF8hOHDE6hsM+J/oDF+/gjAFgizx4cvjAgLw
+BsMUemH7urjOvp1+ForKm6uFOmNskJoCy2sq6GqTaINUlJeI+kBLwnA+u2YV8DEX
+OlLBcUTai/jXVQIDAQABo3MwcTBQBgNVHREESTBHghZhYWktbG9nb24udGVzdC5m
+aG53LmNohi1odHRwczovL2FhaS1sb2dvbi50ZXN0LmZobncuY2gvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFKYipkzdfc/tQsOjiRKNX8Oi5wXrMA0GCSqGSIb3DQEB
+BQUAA4IBAQDADvPtiZ/t6ORnsDUD/R4UjWwzKefn4eI062Rv++0qosT/SiT3/uq6
+0F1T1NG6tJdTUFde6SmUWZ3IXCH8aG6IPtoO7bKrVB3WaNY33A0Of0olpbl8+zhz
+aldwuQ+rPBNwH4Li3KBEbNsHPkfNFOyFtRDAvYqydu5KC2vhQ0voL/NCAwjX929/
+TelJM2rIVtsG0x5Kt+UJXWfT2kWSTtw87rtSpcDiXEyJECgo6xUMocmTeGHS/M8J
+egIxHM5QyK/CWdiKLfUpxW4B1bw1oLnChLE6lEOyIcZkHDoOTZ6LxI9pIjafZTOP
+9BGzh8BN+M5jO8i6odE9q0BYaZFSK53+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-logon.test.fhnw.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-logon.test.fhnw.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-logon.test.fhnw.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-logon.test.fhnw.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-logon.test.fhnw.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai-logon.test.fhnw.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-logon.test.fhnw.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDRDCCAiygAwIBAgIVAKvaFIcE+pCsc8oyeeh2K28c9S2xMA0GCSqGSIb3DQEB
+BQUAMCExHzAdBgNVBAMTFmFhaS1sb2dvbi50ZXN0LmZobncuY2gwHhcNMDkwOTA4
+MDgwNTAwWhcNMTIwOTA4MDgwNTAwWjAhMR8wHQYDVQQDExZhYWktbG9nb24udGVz
+dC5maG53LmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyl9HfaaE
+1jJo0KnnEK1UO+GXWcQTEEEu3QxXTNiPKu+pRpUSyWfD77jr8PdArXQ2QFv+4kTy
+cZV2xD2abwSViDN/zVC0EGJ9VvyIwmX3STL4ROJ2ISb64Gtzcar3NHhyPJYIcluF
+5w9qAm6n/NHyLnz9wNFrl+zFeo8uXJwTj8x9pB9TBZ/1b/pYawSaZKhhsOtkYL/P
+jUhUPD69NR5f2kpTvG+4KsdoksT1mF8hOHDE6hsM+J/oDF+/gjAFgizx4cvjAgLw
+BsMUemH7urjOvp1+ForKm6uFOmNskJoCy2sq6GqTaINUlJeI+kBLwnA+u2YV8DEX
+OlLBcUTai/jXVQIDAQABo3MwcTBQBgNVHREESTBHghZhYWktbG9nb24udGVzdC5m
+aG53LmNohi1odHRwczovL2FhaS1sb2dvbi50ZXN0LmZobncuY2gvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFKYipkzdfc/tQsOjiRKNX8Oi5wXrMA0GCSqGSIb3DQEB
+BQUAA4IBAQDADvPtiZ/t6ORnsDUD/R4UjWwzKefn4eI062Rv++0qosT/SiT3/uq6
+0F1T1NG6tJdTUFde6SmUWZ3IXCH8aG6IPtoO7bKrVB3WaNY33A0Of0olpbl8+zhz
+aldwuQ+rPBNwH4Li3KBEbNsHPkfNFOyFtRDAvYqydu5KC2vhQ0voL/NCAwjX929/
+TelJM2rIVtsG0x5Kt+UJXWfT2kWSTtw87rtSpcDiXEyJECgo6xUMocmTeGHS/M8J
+egIxHM5QyK/CWdiKLfUpxW4B1bw1oLnChLE6lEOyIcZkHDoOTZ6LxI9pIjafZTOP
+9BGzh8BN+M5jO8i6odE9q0BYaZFSK53+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-logon.test.fhnw.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-logon.test.fhnw.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="de">FHNW-TEST - Fachhochschule Nordwestschweiz</OrganizationName>
+ <OrganizationDisplayName xml:lang="de">FHNW-TEST - Fachhochschule Nordwestschweiz</OrganizationDisplayName>
+ <OrganizationURL xml:lang="de">http://www.test.fhnw.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- ETHZ Test (Shibboleth IdP 1.3) -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:ethz.ch">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">test1.ethz.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFMzCCBBugAwIBAgILAQAAAAABHu+G2ckwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDExOTE0NDIxNFoXDTEwMDExOTE0NDIxNFowcDELMAkGA1UEBhMCQ0gxFDASBgNV
+BAoTC0VUSCBadWVyaWNoMR8wHQYDVQQDExZhYWktbG9naW4tdGVzdC5ldGh6LmNo
+MSowKAYJKoZIhvcNAQkBFht2bGFkaXNsYXYubmVzcG9yQGlkLmV0aHouY2gwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChZFznm0Sgi1WNkUIPJAs+B/s8
+KACWNYHZsxXmgtcNgnPBQzpAZMTbys1WQvrcGyxm9S9laxgs0SvubtrDWWaidDJa
+ddbp5VKon3kWzY4LJqauCh1Kh9ufx6/R7qCbr7BkoPdbMdZhhOHxxWzjFtVqnTuR
+En5H/vbmbeD+/dltISysr/YFITVCJlx+cd79TnCGBXpM1AOBS3K0Cunqu0s26cb5
+f4WOrjFPXcYfvtzsQbfsypLUXE0wEMoh+TcgB/Brnpz+rBYj27DGtlq7UCRD8ekR
+Umv701cFanefmm2JJRoMHE5s+Kbwl5NMxYp4ToKE0XJ+IYD9p4Y487Gzdq4ZAgMB
+AAGjggHdMIIB2TBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYs
+aHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYD
+VR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0G
+A1UdDgQWBBRZ3QqZ8dViuPJuddWRg2M2XtzMSzA6BgNVHR8EMzAxMC+gLaArhilo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEF
+BQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5u
+ZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDB/BgNVHREEeDB2ghZhYWktbG9naW4t
+dGVzdC5ldGh6LmNogg5jb3BwZXIuZXRoei5jaIIXYWFpLXBvcnRhbC10ZXN0LmV0
+aHouY2iCFnBiYy1sb2dpbi10ZXN0LmV0aHouY2iBG3ZsYWRpc2xhdi5uZXNwb3JA
+aWQuZXRoei5jaDAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUF
+BwMEMA0GCSqGSIb3DQEBBQUAA4IBAQApi1W4wZ4i1WCElacqACs9eudE/yVoiXv0
+pCPRjtin0WMhNIZ2o8+kCldmSdoXCVh+ClR678jTP3szKZCUVfbRqDoYPLqhyzIE
+wvxPqvW9k3XHKLcPfTNrR7NZtt36OY83rnXf98lTJi6CwIHVH+zqP6G6twIk7aH6
+Y/7t3Lc36K1X7JNL7nBXQC6R8aW5n6KSeN2k954INXEXa3xu6afEjkFzv1Dljv9T
+CvzDnQoHjq/KxeXz3g/CNFlsxF+7yElUkXqr6z21jZANazotpNWtU+0akFSARyV3
+yupbrvUwxrl0TzgdsF6krYMN305o7GuX4zFnQyAOuzR9pfr3JwZ4
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai-login-test.ethz.ch/shibboleth-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFMzCCBBugAwIBAgILAQAAAAABHu+G2ckwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDExOTE0NDIxNFoXDTEwMDExOTE0NDIxNFowcDELMAkGA1UEBhMCQ0gxFDASBgNV
+BAoTC0VUSCBadWVyaWNoMR8wHQYDVQQDExZhYWktbG9naW4tdGVzdC5ldGh6LmNo
+MSowKAYJKoZIhvcNAQkBFht2bGFkaXNsYXYubmVzcG9yQGlkLmV0aHouY2gwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQChZFznm0Sgi1WNkUIPJAs+B/s8
+KACWNYHZsxXmgtcNgnPBQzpAZMTbys1WQvrcGyxm9S9laxgs0SvubtrDWWaidDJa
+ddbp5VKon3kWzY4LJqauCh1Kh9ufx6/R7qCbr7BkoPdbMdZhhOHxxWzjFtVqnTuR
+En5H/vbmbeD+/dltISysr/YFITVCJlx+cd79TnCGBXpM1AOBS3K0Cunqu0s26cb5
+f4WOrjFPXcYfvtzsQbfsypLUXE0wEMoh+TcgB/Brnpz+rBYj27DGtlq7UCRD8ekR
+Umv701cFanefmm2JJRoMHE5s+Kbwl5NMxYp4ToKE0XJ+IYD9p4Y487Gzdq4ZAgMB
+AAGjggHdMIIB2TBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYs
+aHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYD
+VR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0G
+A1UdDgQWBBRZ3QqZ8dViuPJuddWRg2M2XtzMSzA6BgNVHR8EMzAxMC+gLaArhilo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEF
+BQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5u
+ZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDB/BgNVHREEeDB2ghZhYWktbG9naW4t
+dGVzdC5ldGh6LmNogg5jb3BwZXIuZXRoei5jaIIXYWFpLXBvcnRhbC10ZXN0LmV0
+aHouY2iCFnBiYy1sb2dpbi10ZXN0LmV0aHouY2iBG3ZsYWRpc2xhdi5uZXNwb3JA
+aWQuZXRoei5jaDAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUF
+BwMEMA0GCSqGSIb3DQEBBQUAA4IBAQApi1W4wZ4i1WCElacqACs9eudE/yVoiXv0
+pCPRjtin0WMhNIZ2o8+kCldmSdoXCVh+ClR678jTP3szKZCUVfbRqDoYPLqhyzIE
+wvxPqvW9k3XHKLcPfTNrR7NZtt36OY83rnXf98lTJi6CwIHVH+zqP6G6twIk7aH6
+Y/7t3Lc36K1X7JNL7nBXQC6R8aW5n6KSeN2k954INXEXa3xu6afEjkFzv1Dljv9T
+CvzDnQoHjq/KxeXz3g/CNFlsxF+7yElUkXqr6z21jZANazotpNWtU+0akFSARyV3
+yupbrvUwxrl0TzgdsF6krYMN305o7GuX4zFnQyAOuzR9pfr3JwZ4
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-login-test.ethz.ch:8443/shibboleth-idp/AA"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ETHZ Test (Shibboleth IdP 1.3)</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ETHZ Test (Shibboleth IdP 1.3)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.id.ethz.ch/support/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- ETHZ Test (Shibboleth IdP 2.1) -->
+ <EntityDescriptor entityID="https://aai-login-test.ethz.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">test2.ethz.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-login-test.ethz.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFSjCCBDKgAwIBAgILAQAAAAABIyjbRbgwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDgxNzE0MTQzOFoXDTEyMDgxNzE0MTQzOFowcDELMAkGA1UEBhMCQ0gxFDASBgNV
+BAoTC0VUSCBadWVyaWNoMR8wHQYDVQQDExZhYWktbG9naW4tdGVzdC5ldGh6LmNo
+MSowKAYJKoZIhvcNAQkBFht2bGFkaXNsYXYubmVzcG9yQGlkLmV0aHouY2gwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc0u6yonwKU5yZ7f8be/6Gjvuu
+VGtDVYj0KVr0UGkfGKMEdXedqmjjX7wRORDxWcNVAM2f5NbYyBKGzrSGoHXdIXup
+TxHHKVlIQq1FQW2jJd11Oed3MCNW2hf8zBARuKobEZqHCOrXfvBjavop57b8+e4c
+Qh0WuY4FnpkJal7axkt89AnPjFwz9rW2UNq5zYQBemKqcyGOrQ7nMTNOiec24f0M
+xtc6llrRIXKei2Hci26/AOWUshrn8ztBri4J/V3/Rf0YNac0OKXg7FzkS7GedgvM
+0iKiSwvmwBAMnfSWLK20OkkDy3r6Sr1S2DmdfhMPB0WT0d/k5y+E9VbbN9e3AgMB
+AAGjggH0MIIB8DBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYs
+aHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYD
+VR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0G
+A1UdDgQWBBSE3pVop7stsyTQ0UO+biXBazwpxzA6BgNVHR8EMzAxMC+gLaArhilo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEF
+BQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5u
+ZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDCBlQYDVR0RBIGNMIGKghZhYWktbG9n
+aW4tdGVzdC5ldGh6LmNogg5jZW5zb3IuZXRoei5jaIIXYWFpLXBvcnRhbC10ZXN0
+LmV0aHouY2iCFnBiYy1sb2dpbi10ZXN0LmV0aHouY2iCEmxkYXBzLWluZm8uZXRo
+ei5jaIEbdmxhZGlzbGF2Lm5lc3BvckBpZC5ldGh6LmNoMCcGA1UdJQQgMB4GCCsG
+AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBAFmr
+hxgFTD0sdXIs60fmA0mdcek8y9mDJRL4YUVLHlHJrk357kJ6rgQ2twYRo/q1PFw7
+U+ONasOCkhh7viyyA6e4z7UXKYOvoD9UzSY28k6z4gBjU3sLktG2xKE8pviVb+cz
+CwysvBfbLAhd/tWOM8g3rzcq06Hl4mMJ2jv3aSUhnzmBhy0g3Ovu5BaNYjpXJvMT
+64yeYLdjl2H52hIdKKCBJ/eJQ5oxAVKTA7HVvq7nOo+SakP2Uc8KhYvZvMFD3xvV
+JAtJOnW33xPSMb6/DWWTRDzuKMoZ004YYH3pKnFvOJU2gpqjQe3iGsCbOkczgALV
+pkuZT8zRgpZW6OP+GgQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-login-test.ethz.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFSjCCBDKgAwIBAgILAQAAAAABIyjlpQwwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDgxNzE0MTQxM1oXDTEyMDgxNzE0MTQxM1owcDELMAkGA1UEBhMCQ0gxFDASBgNV
+BAoTC0VUSCBadWVyaWNoMR8wHQYDVQQDExZhYWktbG9naW4tdGVzdC5ldGh6LmNo
+MSowKAYJKoZIhvcNAQkBFht2bGFkaXNsYXYubmVzcG9yQGlkLmV0aHouY2gwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvzZHIW1agfDnrTWlCVWZt+nlD
+hyVDCqVsQ9jPWPTYbq7S8WqrSonZ6TVk/2ycLfQGooV/0WkU5aE+9cdvWtvPhzgB
+iS6B3HxGWwMFilj9ymCLRLAVjfd5r0+o+HQ6Du94HpJZliWGAsL3IK4QqCVmvca+
+smhFVq6lL1ZVAHJkVa9/ATakVrsS+wAjoKZ37s/nER7BH6Mac+gMZt+OQA2ne4lu
+SdM0OeOmamIUZb2XIB+cnDJn6isISip3ScIGFEe8MDzfqvgWKfH3n5aAmUsC7+BZ
+Du+1mwfzrdWILeASrGMx85GKfZjkbpz3YsQPoA1Eg5k4zbK73yhW4ItGGF/pAgMB
+AAGjggH0MIIB8DBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYs
+aHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYD
+VR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0G
+A1UdDgQWBBTQHFrymSfZpUiSzF1w5Iwx+xZoGzA6BgNVHR8EMzAxMC+gLaArhilo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEF
+BQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5u
+ZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDCBlQYDVR0RBIGNMIGKghZhYWktbG9n
+aW4tdGVzdC5ldGh6LmNogg5jb3BwZXIuZXRoei5jaIIXYWFpLXBvcnRhbC10ZXN0
+LmV0aHouY2iCFnBiYy1sb2dpbi10ZXN0LmV0aHouY2iCEmxkYXBzLWluZm8uZXRo
+ei5jaIEbdmxhZGlzbGF2Lm5lc3BvckBpZC5ldGh6LmNoMCcGA1UdJQQgMB4GCCsG
+AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBAFZI
+NGNu/6BXprZ2ktrcu2xMnt5Lu58+6ZypZ9d0OPRNAVb6Xpy1jyuCie5dFTkAXH06
+pA0z3WeOgXookFONyb01VhMN8tw2Dg8ZU7s6nWpfB4x5ulsmOcboDDYhCS9o3GYx
+xlqZ1oU/NenC4ohmekFPXdmZpy09fznCm0U1tY/oiD4jeof4ezbGt7g5Hn9i3EXT
+rXIjvJkg9w7wHkN7WHF6gigtN8kEc0XOvZaHoXu9wPZOXeHBiRivG0j08ORCpfHq
+7fute8+SJca9GBEa+dQ4oKAfL8986iANsLxkWXhJ/Er5kpuF4MwRkeqSeCYcJMZF
+q5G/tJgtBBW67c1O/Kk=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-login-test.ethz.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-login-test.ethz.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-login-test.ethz.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-login-test.ethz.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-login-test.ethz.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai-login-test.ethz.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-login-test.ethz.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFSjCCBDKgAwIBAgILAQAAAAABIyjbRbgwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDgxNzE0MTQzOFoXDTEyMDgxNzE0MTQzOFowcDELMAkGA1UEBhMCQ0gxFDASBgNV
+BAoTC0VUSCBadWVyaWNoMR8wHQYDVQQDExZhYWktbG9naW4tdGVzdC5ldGh6LmNo
+MSowKAYJKoZIhvcNAQkBFht2bGFkaXNsYXYubmVzcG9yQGlkLmV0aHouY2gwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCc0u6yonwKU5yZ7f8be/6Gjvuu
+VGtDVYj0KVr0UGkfGKMEdXedqmjjX7wRORDxWcNVAM2f5NbYyBKGzrSGoHXdIXup
+TxHHKVlIQq1FQW2jJd11Oed3MCNW2hf8zBARuKobEZqHCOrXfvBjavop57b8+e4c
+Qh0WuY4FnpkJal7axkt89AnPjFwz9rW2UNq5zYQBemKqcyGOrQ7nMTNOiec24f0M
+xtc6llrRIXKei2Hci26/AOWUshrn8ztBri4J/V3/Rf0YNac0OKXg7FzkS7GedgvM
+0iKiSwvmwBAMnfSWLK20OkkDy3r6Sr1S2DmdfhMPB0WT0d/k5y+E9VbbN9e3AgMB
+AAGjggH0MIIB8DBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYs
+aHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYD
+VR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0G
+A1UdDgQWBBSE3pVop7stsyTQ0UO+biXBazwpxzA6BgNVHR8EMzAxMC+gLaArhilo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEF
+BQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5u
+ZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDCBlQYDVR0RBIGNMIGKghZhYWktbG9n
+aW4tdGVzdC5ldGh6LmNogg5jZW5zb3IuZXRoei5jaIIXYWFpLXBvcnRhbC10ZXN0
+LmV0aHouY2iCFnBiYy1sb2dpbi10ZXN0LmV0aHouY2iCEmxkYXBzLWluZm8uZXRo
+ei5jaIEbdmxhZGlzbGF2Lm5lc3BvckBpZC5ldGh6LmNoMCcGA1UdJQQgMB4GCCsG
+AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBAFmr
+hxgFTD0sdXIs60fmA0mdcek8y9mDJRL4YUVLHlHJrk357kJ6rgQ2twYRo/q1PFw7
+U+ONasOCkhh7viyyA6e4z7UXKYOvoD9UzSY28k6z4gBjU3sLktG2xKE8pviVb+cz
+CwysvBfbLAhd/tWOM8g3rzcq06Hl4mMJ2jv3aSUhnzmBhy0g3Ovu5BaNYjpXJvMT
+64yeYLdjl2H52hIdKKCBJ/eJQ5oxAVKTA7HVvq7nOo+SakP2Uc8KhYvZvMFD3xvV
+JAtJOnW33xPSMb6/DWWTRDzuKMoZ004YYH3pKnFvOJU2gpqjQe3iGsCbOkczgALV
+pkuZT8zRgpZW6OP+GgQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-login-test.ethz.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFSjCCBDKgAwIBAgILAQAAAAABIyjlpQwwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDgxNzE0MTQxM1oXDTEyMDgxNzE0MTQxM1owcDELMAkGA1UEBhMCQ0gxFDASBgNV
+BAoTC0VUSCBadWVyaWNoMR8wHQYDVQQDExZhYWktbG9naW4tdGVzdC5ldGh6LmNo
+MSowKAYJKoZIhvcNAQkBFht2bGFkaXNsYXYubmVzcG9yQGlkLmV0aHouY2gwggEi
+MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvzZHIW1agfDnrTWlCVWZt+nlD
+hyVDCqVsQ9jPWPTYbq7S8WqrSonZ6TVk/2ycLfQGooV/0WkU5aE+9cdvWtvPhzgB
+iS6B3HxGWwMFilj9ymCLRLAVjfd5r0+o+HQ6Du94HpJZliWGAsL3IK4QqCVmvca+
+smhFVq6lL1ZVAHJkVa9/ATakVrsS+wAjoKZ37s/nER7BH6Mac+gMZt+OQA2ne4lu
+SdM0OeOmamIUZb2XIB+cnDJn6isISip3ScIGFEe8MDzfqvgWKfH3n5aAmUsC7+BZ
+Du+1mwfzrdWILeASrGMx85GKfZjkbpz3YsQPoA1Eg5k4zbK73yhW4ItGGF/pAgMB
+AAGjggH0MIIB8DBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYs
+aHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYD
+VR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0G
+A1UdDgQWBBTQHFrymSfZpUiSzF1w5Iwx+xZoGzA6BgNVHR8EMzAxMC+gLaArhilo
+dHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEF
+BQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5u
+ZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDCBlQYDVR0RBIGNMIGKghZhYWktbG9n
+aW4tdGVzdC5ldGh6LmNogg5jb3BwZXIuZXRoei5jaIIXYWFpLXBvcnRhbC10ZXN0
+LmV0aHouY2iCFnBiYy1sb2dpbi10ZXN0LmV0aHouY2iCEmxkYXBzLWluZm8uZXRo
+ei5jaIEbdmxhZGlzbGF2Lm5lc3BvckBpZC5ldGh6LmNoMCcGA1UdJQQgMB4GCCsG
+AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADggEBAFZI
+NGNu/6BXprZ2ktrcu2xMnt5Lu58+6ZypZ9d0OPRNAVb6Xpy1jyuCie5dFTkAXH06
+pA0z3WeOgXookFONyb01VhMN8tw2Dg8ZU7s6nWpfB4x5ulsmOcboDDYhCS9o3GYx
+xlqZ1oU/NenC4ohmekFPXdmZpy09fznCm0U1tY/oiD4jeof4ezbGt7g5Hn9i3EXT
+rXIjvJkg9w7wHkN7WHF6gigtN8kEc0XOvZaHoXu9wPZOXeHBiRivG0j08ORCpfHq
+7fute8+SJca9GBEa+dQ4oKAfL8986iANsLxkWXhJ/Er5kpuF4MwRkeqSeCYcJMZF
+q5G/tJgtBBW67c1O/Kk=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-login-test.ethz.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai-login-test.ethz.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ETHZ Test (Shibboleth IdP 2.1)</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ETHZ Test (Shibboleth IdP 2.1)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.id.ethz.ch/support/</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- IDIAP - Idiap Research Institute (Test) -->
+ <EntityDescriptor entityID="https://aai.test.idiap.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">idiap.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai.test.idiap.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJDCCAgygAwIBAgIJALlKecPZpbp9MA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWFhaS50ZXN0LmlkaWFwLmNoMB4XDTA5MDIxNzE4MjUzNloXDTEwMDIxNzE4
+MjUzNlowHDEaMBgGA1UEAxMRYWFpLnRlc3QuaWRpYXAuY2gwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDVdeD34Qe2mVdz56OLEFZvAERTHi+u6mA/bW4e
+U4hh2W72f2ecKirXsOpxIrqwIyV1cV+GHnizTnCjFktv+GhbmGm2sguxIUaIV0KQ
+yht99mziSLRjtB6c+U64yiNdx3aDrTAWekexFclxbupXrSFNCAgNdyW8vUrFSGRr
+OjXl62wnKSmZnU2G3cWRQ94I/fsAmxXjEmDGXxELkZxQf5WVas3sTbNsSCzJNQbO
+29+/OujOb9RRhsKGR2H+Er+J1F8fbKYW2MJWF/Iile0gYJBFkQ9nDNrzWV4vn8f6
+xkO7M4hWc+yQzGDUK+XO1PRTIEIL9FsWWtMyDjmVeyRFaSkZAgMBAAGjaTBnMB0G
+A1UdDgQWBBTIpi7mhjmNpLaAbTEhVAPU4we19zBGBgNVHREEPzA9ghFhYWkudGVz
+dC5pZGlhcC5jaIYoaHR0cHM6Ly9hYWkudGVzdC5pZGlhcC5jaC9pZHAvc2hpYmJv
+bGV0aDANBgkqhkiG9w0BAQUFAAOCAQEAXTvpYabelN1LPIGLA1+kqNw7KgLZtaC3
+JksyI+FC5YJnxq+xFff30QBkE/tQPXLy/fmuQE9fiaJ6cgnzTPZ8uez5MP0tbi4c
+UyJejY1G0WKa3xsYG93LzXaFruShhu03nKWuMssXq/4J64FxI7NcZcx7hnNHxrON
+yX2M1+p35LnUo0aNTOYGatenGo+iVvNLG7uaT3gJuSIlHT4kQ1uulyjqLs0Zwkaf
+6cyoI7K+zkKdXohtS1j/OCu9Qdg9YpHYPlnZCUTd7Ga6oI6nV5Vr0T7QYzBKZIDa
+U4hWUGdww99vTJlrg8NXK3Aj8C/JgEfY3kZJhwxpyQ1VSMwuWjlbjQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai.test.idiap.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai.test.idiap.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai.test.idiap.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai.test.idiap.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai.test.idiap.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://aai.test.idiap.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai.test.idiap.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJDCCAgygAwIBAgIJALlKecPZpbp9MA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWFhaS50ZXN0LmlkaWFwLmNoMB4XDTA5MDIxNzE4MjUzNloXDTEwMDIxNzE4
+MjUzNlowHDEaMBgGA1UEAxMRYWFpLnRlc3QuaWRpYXAuY2gwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDVdeD34Qe2mVdz56OLEFZvAERTHi+u6mA/bW4e
+U4hh2W72f2ecKirXsOpxIrqwIyV1cV+GHnizTnCjFktv+GhbmGm2sguxIUaIV0KQ
+yht99mziSLRjtB6c+U64yiNdx3aDrTAWekexFclxbupXrSFNCAgNdyW8vUrFSGRr
+OjXl62wnKSmZnU2G3cWRQ94I/fsAmxXjEmDGXxELkZxQf5WVas3sTbNsSCzJNQbO
+29+/OujOb9RRhsKGR2H+Er+J1F8fbKYW2MJWF/Iile0gYJBFkQ9nDNrzWV4vn8f6
+xkO7M4hWc+yQzGDUK+XO1PRTIEIL9FsWWtMyDjmVeyRFaSkZAgMBAAGjaTBnMB0G
+A1UdDgQWBBTIpi7mhjmNpLaAbTEhVAPU4we19zBGBgNVHREEPzA9ghFhYWkudGVz
+dC5pZGlhcC5jaIYoaHR0cHM6Ly9hYWkudGVzdC5pZGlhcC5jaC9pZHAvc2hpYmJv
+bGV0aDANBgkqhkiG9w0BAQUFAAOCAQEAXTvpYabelN1LPIGLA1+kqNw7KgLZtaC3
+JksyI+FC5YJnxq+xFff30QBkE/tQPXLy/fmuQE9fiaJ6cgnzTPZ8uez5MP0tbi4c
+UyJejY1G0WKa3xsYG93LzXaFruShhu03nKWuMssXq/4J64FxI7NcZcx7hnNHxrON
+yX2M1+p35LnUo0aNTOYGatenGo+iVvNLG7uaT3gJuSIlHT4kQ1uulyjqLs0Zwkaf
+6cyoI7K+zkKdXohtS1j/OCu9Qdg9YpHYPlnZCUTd7Ga6oI6nV5Vr0T7QYzBKZIDa
+U4hWUGdww99vTJlrg8NXK3Aj8C/JgEfY3kZJhwxpyQ1VSMwuWjlbjQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai.test.idiap.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://aai.test.idiap.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">IDIAP - Idiap Research Institute (Test)</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">IDIAP - Idiap Research Institute (Test)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.idiap.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+ <!-- University of Geneva Test Identity Provider -->
+ <EntityDescriptor entityID="https://idp-test.unige.ch/idp/shibboleth">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">idp-test.unige.ch</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDLzCCAhegAwIBAgIUcxAkLvBt6r7SmMI6S1TQrsSaNbUwDQYJKoZIhvcNAQEF
+BQAwHDEaMBgGA1UEAxMRaWRwLXRlc3QudW5pZ2UuY2gwHhcNMDkwOTAxMTYxMzM2
+WhcNMTIwOTAxMTYxMzM2WjAcMRowGAYDVQQDExFpZHAtdGVzdC51bmlnZS5jaDCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3s1UFTWCDpPG1GlNoI+QBN
+QM8HMzw1DGAQ6BOOxNVny9A0QNsLuNpgN4SjIGmoZGOxpmyL/iwLoygXKsCV8dId
+gtjrvcJiQ5mKcXWdC2K+NwtDJMuXWMM4uogjdZgU/sGcvHpwnR+Rabh+xtEIgNKL
+xEWqC8FgzdgnZ/M0Et7b0rJdCRlo6f3a3KyRVX1i6jgUKBKryMSCtPNlAwpzdR0D
+HYZNYgCsgi1UNZMHl91K2FJU3OKzkOrIFiuDfCI3K38QzmLK96JTJD92N67xzeXC
+tvvsldn5sM50JQ2GciyYFFb9befxiSxLXIw78yKsX27XIqrfxyfQXMpH82yxKZMC
+AwEAAaNpMGcwRgYDVR0RBD8wPYIRaWRwLXRlc3QudW5pZ2UuY2iGKGh0dHBzOi8v
+aWRwLXRlc3QudW5pZ2UuY2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFCeIcI6X
+/4NSr/dq+7b6DspPw7ZHMA0GCSqGSIb3DQEBBQUAA4IBAQBwIL8HsheQG4UWzmki
+7DcvN+JwgMX7T8fXwo/sH44EZtx8L2N/5qmA3xwC7bVIfAQfm0uBB6MuV8Amf4Ks
+qFh57HOLYfksYTMhNKOr6JZJH8yxWxHHin5TVbcM0TlHhAfF+fgVRtqwAKmD8Oen
+G4aVvylKy0mKfVO7d+o3dl9z3tUjpz0+XFDbzPtjONPEJBOlSB33ZxfIUw+VrQVU
+EQx75Z3PaMR5HSNdnnLyWIWq+PWDjpW9aIyyNaSTOP7S+kmC8NJYUMG50/f0/3ji
+lGoKSuI5ORUUYQ3NCLBhteaxHgTdJXgyTQpqO7ti7XlcYKzdhHULHxPMTVkiFtJZ
+Srf+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp-test.unige.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDLzCCAhegAwIBAgIUcxAkLvBt6r7SmMI6S1TQrsSaNbUwDQYJKoZIhvcNAQEF
+BQAwHDEaMBgGA1UEAxMRaWRwLXRlc3QudW5pZ2UuY2gwHhcNMDkwOTAxMTYxMzM2
+WhcNMTIwOTAxMTYxMzM2WjAcMRowGAYDVQQDExFpZHAtdGVzdC51bmlnZS5jaDCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL3s1UFTWCDpPG1GlNoI+QBN
+QM8HMzw1DGAQ6BOOxNVny9A0QNsLuNpgN4SjIGmoZGOxpmyL/iwLoygXKsCV8dId
+gtjrvcJiQ5mKcXWdC2K+NwtDJMuXWMM4uogjdZgU/sGcvHpwnR+Rabh+xtEIgNKL
+xEWqC8FgzdgnZ/M0Et7b0rJdCRlo6f3a3KyRVX1i6jgUKBKryMSCtPNlAwpzdR0D
+HYZNYgCsgi1UNZMHl91K2FJU3OKzkOrIFiuDfCI3K38QzmLK96JTJD92N67xzeXC
+tvvsldn5sM50JQ2GciyYFFb9befxiSxLXIw78yKsX27XIqrfxyfQXMpH82yxKZMC
+AwEAAaNpMGcwRgYDVR0RBD8wPYIRaWRwLXRlc3QudW5pZ2UuY2iGKGh0dHBzOi8v
+aWRwLXRlc3QudW5pZ2UuY2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFCeIcI6X
+/4NSr/dq+7b6DspPw7ZHMA0GCSqGSIb3DQEBBQUAA4IBAQBwIL8HsheQG4UWzmki
+7DcvN+JwgMX7T8fXwo/sH44EZtx8L2N/5qmA3xwC7bVIfAQfm0uBB6MuV8Amf4Ks
+qFh57HOLYfksYTMhNKOr6JZJH8yxWxHHin5TVbcM0TlHhAfF+fgVRtqwAKmD8Oen
+G4aVvylKy0mKfVO7d+o3dl9z3tUjpz0+XFDbzPtjONPEJBOlSB33ZxfIUw+VrQVU
+EQx75Z3PaMR5HSNdnnLyWIWq+PWDjpW9aIyyNaSTOP7S+kmC8NJYUMG50/f0/3ji
+lGoKSuI5ORUUYQ3NCLBhteaxHgTdJXgyTQpqO7ti7XlcYKzdhHULHxPMTVkiFtJZ
+Srf+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp-test-aa.unige.ch/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">University of Geneva Test Identity Provider</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">University of Geneva Test Identity Provider</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.idp-test.unige.ch</OrganizationURL>
+ </Organization>
+ </EntityDescriptor>
+
+ <!-- Included EntityDescriptors -->
+ <EntityDescriptor entityID="https://toba.switch.ch/idp/shibboleth">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">switch.ch</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIzCCAgugAwIBAgIUIRUSTu7dupFDMj5lwatiftdMpt0wDQYJKoZIhvcNAQEF
+BQAwGTEXMBUGA1UEAxMOdG9iYS5zd2l0Y2guY2gwHhcNMDgxMTA3MDk0NTE5WhcN
+MjgxMTA3MDk0NTE5WjAZMRcwFQYDVQQDEw50b2JhLnN3aXRjaC5jaDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKEZHPpt6D0c60SKgOOToyuHlnz7Iun6
+RQW96ctlZgI9kwjyBrWCbX4ut8mQJCNt/j/pzpNUkuBSWYYnWwFTsysD2BtzloWS
+ok7+eSgEnV9AXs+aupb6ategPMbGYP2zgrxLnFgSiOFIJbXUOk4QHqnIlZocuJPh
+J06jMiNMyHlWnwwvCxOavOy7UThH8JRl9Ld7NOIAHjHl5PQEEd3N/nROWSmg1g6I
+DSqQcs5ir41ogJFJhBhHo2v1Fvhl65rtt3cThJmXiglYC51I8Vvck/mviDZC9ELv
+exO1CIbiXOc7tAI0QuA0ty4llmJULJ6xBRa2PbOItJLnnofdh3Dl680CAwEAAaNj
+MGEwQAYDVR0RBDkwN4IOdG9iYS5zd2l0Y2guY2iGJWh0dHBzOi8vdG9iYS5zd2l0
+Y2guY2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFL/CxcogwpzSBvcMMFElmokh
+7R4PMA0GCSqGSIb3DQEBBQUAA4IBAQAvS44+uDzpfVdllqjv8ggQDVp/vVhUnJFj
+eImol9lvwkVF1n+jOxVzCWU5qrniwe34a9m7fpyVY09AvehlwR6p61qtBDAI47d5
+EZGbISEaOMUMhe6HDiPxy384zKLmA+DcVzfihzLojNQ/VX2dCRBy2KJYG71kM2rw
+mmtff8kjIykwNHifrAgEtq/PDbHdX+DlGCoMRLK6aBFICzGvkdhuh/Skc+0ULUYh
+Kk4Cf69iyh/PId07dWAdb6IfBov6wfs+9AaQ6B5XYlP0NTUH2KiHlIUgkabDevQL
+PfsqmT5zM6N51+Yh9UtxwXb/ZkcYZdDFGcbYye9R6+z/5HWK8Cg/
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://toba.switch.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://toba.switch.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://toba.switch.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://toba.switch.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://toba.switch.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://toba.switch.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">switch.ch</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIzCCAgugAwIBAgIUIRUSTu7dupFDMj5lwatiftdMpt0wDQYJKoZIhvcNAQEF
+BQAwGTEXMBUGA1UEAxMOdG9iYS5zd2l0Y2guY2gwHhcNMDgxMTA3MDk0NTE5WhcN
+MjgxMTA3MDk0NTE5WjAZMRcwFQYDVQQDEw50b2JhLnN3aXRjaC5jaDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAKEZHPpt6D0c60SKgOOToyuHlnz7Iun6
+RQW96ctlZgI9kwjyBrWCbX4ut8mQJCNt/j/pzpNUkuBSWYYnWwFTsysD2BtzloWS
+ok7+eSgEnV9AXs+aupb6ategPMbGYP2zgrxLnFgSiOFIJbXUOk4QHqnIlZocuJPh
+J06jMiNMyHlWnwwvCxOavOy7UThH8JRl9Ld7NOIAHjHl5PQEEd3N/nROWSmg1g6I
+DSqQcs5ir41ogJFJhBhHo2v1Fvhl65rtt3cThJmXiglYC51I8Vvck/mviDZC9ELv
+exO1CIbiXOc7tAI0QuA0ty4llmJULJ6xBRa2PbOItJLnnofdh3Dl680CAwEAAaNj
+MGEwQAYDVR0RBDkwN4IOdG9iYS5zd2l0Y2guY2iGJWh0dHBzOi8vdG9iYS5zd2l0
+Y2guY2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFL/CxcogwpzSBvcMMFElmokh
+7R4PMA0GCSqGSIb3DQEBBQUAA4IBAQAvS44+uDzpfVdllqjv8ggQDVp/vVhUnJFj
+eImol9lvwkVF1n+jOxVzCWU5qrniwe34a9m7fpyVY09AvehlwR6p61qtBDAI47d5
+EZGbISEaOMUMhe6HDiPxy384zKLmA+DcVzfihzLojNQ/VX2dCRBy2KJYG71kM2rw
+mmtff8kjIykwNHifrAgEtq/PDbHdX+DlGCoMRLK6aBFICzGvkdhuh/Skc+0ULUYh
+Kk4Cf69iyh/PId07dWAdb6IfBov6wfs+9AaQ6B5XYlP0NTUH2KiHlIUgkabDevQL
+PfsqmT5zM6N51+Yh9UtxwXb/ZkcYZdDFGcbYye9R6+z/5HWK8Cg/
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://toba.switch.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://toba.switch.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+</EntityDescriptor> <!-- eduport.co.uk2 -->
+
+ <EntityDescriptor entityID="urn:mace:switch.ch:eduport.co.uk2">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">authenticate.eduport.co.uk</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>authenticate.eduport.co.uk</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://authenticate.eduport.co.uk/aselectserver/server/shib-idp/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">authenticate.eduport.co.uk</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>authenticate.eduport.co.uk</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://authenticate.eduport.co.uk/aselectserver/server/shib-idp/AA"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">eduport.co.uk</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">eduport.co.uk</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://eduport.co.uk</OrganizationURL>
+ </Organization>
+
+ <ContactPerson contactType="technical">
+ <SurName>siennax (www.edupoort.nl)</SurName>
+ <EmailAddress>ben.heesen@siennax.com</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+
+ <!-- eduport.co.uk -->
+
+ <EntityDescriptor entityID="urn:mace:switch.ch:eduport.co.uk">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">authenticate.eduport.co.uk</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>authenticate.eduport.co.uk</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://authenticate.eduport.co.uk/aselectserver/server/sso"></SingleSignOnService>
+ </IDPSSODescriptor>
+
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">authenticate.eduport.co.uk</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>authenticate.eduport.co.uk</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://authenticate.eduport.co.uk/aselectserver/server/artifact"></AttributeService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">eduport.co.uk</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">eduport.co.uk</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://eduport.co.uk</OrganizationURL>
+ </Organization>
+
+ <ContactPerson contactType="technical">
+ <SurName>siennax (www.edupoort.nl)</SurName>
+ <EmailAddress>ben.heesen@siennax.com</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+
+<!--
+Auf Wunsch von Torsten Kersting@DFN
+-->
+<EntityDescriptor entityID="gs4gt.awi.de">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">gs4gt.awi.de</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>gs4gt.awi.de</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://gs4gt.awi.de/simplesaml/shib13/idp/SSOService.php"></SingleSignOnService>
+
+ </IDPSSODescriptor>
+
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">gs4gt.awi.de</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>gs4gt.awi.de</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://gs4gt.awi.de/simplesaml/shib13/idp/AAService.php"></AttributeService>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="de">SimpleSAML Test IdP AWI</OrganizationName>
+ <OrganizationDisplayName xml:lang="de">SimpleSAML Test IdP AWI</OrganizationDisplayName>
+ <OrganizationURL xml:lang="de">http://gs4gt.awi.de</OrganizationURL>
+ </Organization>
+
+ <ContactPerson contactType="technical">
+ <SurName>Joerg Matthes</SurName>
+ <EmailAddress>Joerg.Matthes@awi.de</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <SurName>Joerg Matthes</SurName>
+ <EmailAddress>Joerg.Matthes@awi.de</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <SurName>Joerg Matthes</SurName>
+ <EmailAddress>Joerg.Matthes@awi.de</EmailAddress>
+ </ContactPerson>
+ </EntityDescriptor>
+
+<EntityDescriptor entityID="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam">
+ <SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEcjCCA1qgAwIBAgICALUwDQYJKoZIhvcNAQEFBQAwdTELMAkGA1UEBhMCQ0gxDzANBgNVBAcT
+Blp1cmljaDETMBEGA1UEChMKU1dJVENIIEFBSTEMMAoGA1UECxMDQUFJMRQwEgYDVQQDEwtBQUkg
+VGVzdCBDQTEcMBoGCSqGSIb3DQEJARYNYWFpQHN3aXRjaC5jaDAeFw0wNzEyMDUxMzE2MzBaFw0w
+ODEyMDQxMzE2MzBaMIGCMQswCQYDVQQGEwJDSDEqMCgGA1UEChMhRmFjaGhvY2hzY2h1bGUgWmVu
+dHJhbHNjaHdlaXogRkhaMSQwIgYDVQQDExt1YnVudHUtc3AuZXN4LmVsLmh0YS5maHouY2gxITAf
+BgkqhkiG9w0BCQEWEmNtYXRoeXNAaHRhLmZoei5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBALu/esrk1LvPg5C80Ci3z4ecpIDjUTjhK0eTQuvL7W97NATJkozY/s2xCQ8Y57Xln1fH
+vlbAhrN10FTEAJGpqZ+ElgpJtXW44wrM3wI37XNEYbLdEfTV61PQnTqL6X4O92czEFXvwrNnlLHE
+3CXHINReI8pdBQQwt44bsARL+E6ZJNKdOqi5UMZqnlwXomTEXQnoXS7eRGiJSYYzriyXoGWyeMpw
+HV/GJuGBvdt7MHNM440F14x7SavIkmiMyMDb0lZNska5nwBtT5HEJuFqj6RK7KlOH3gRd81S33VF
+KzRaAiE11LKzIuxuZD0JaPBs+bJjmXb8eEu7AfgpplzGQKsCAwEAAaOB/TCB+jAJBgNVHRMEAjAA
+MCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU
+g0MBPMZlRlcafP1F37N+jvsAqZAwgZ8GA1UdIwSBlzCBlIAUBUfEhodT+g8w0FKlofBLJmt5UkOh
+eaR3MHUxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxEzARBgNVBAoTClNXSVRDSCBBQUkx
+DDAKBgNVBAsTA0FBSTEUMBIGA1UEAxMLQUFJIFRlc3QgQ0ExHDAaBgkqhkiG9w0BCQEWDWFhaUBz
+d2l0Y2guY2iCAQAwDQYJKoZIhvcNAQEFBQADggEBAI63XZpk30mcXgDQ8oaypcFaEmx/qFk4VVPZ
+Wx5PfkN3akpcEHsFZ8/Z3Tn/Q1o5aOBovWyxy8ks5yvdsUxRRLNIEevcIMbJltbHwlxhJ+j6Pslp
+HbXTsxkTv8IEkWV8/yka0hCydQNOx3tx5TQYWXidTWbw2vX5k+w55uv37UsHHXdG+Vp0Nsd9TJhi
+TIVPjvBFa68BuZwF2PuGhqCQEmxOOt9sJo3jGYlvly78b3SOjgWUghOLT/ZZI4jPfcGQIOaLA7Hb
+vEc0UBJE7Q2Vi6JmQd2i22ZngECAZiMNoH31Sc8JDnCEnsc+WuzhzFv73ownI/MoFdA0H92MGl9C
+TvQ=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPSloRedirect/metaAlias/spmeta" ResponseLocation="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPSloRedirect/metaAlias/spmeta"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPSloSoap/metaAlias/spmeta"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPMniRedirect/metaAlias/spmeta" ResponseLocation="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPMniRedirect/metaAlias/spmeta"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPMniPOST/metaAlias/spmeta" ResponseLocation="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPMniPOST/metaAlias/spmeta"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPMniSoap/metaAlias/spmeta" ResponseLocation="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/SPMniSoap/metaAlias/spmeta"></ManageNameIDService>
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:2.0:nameid-format:persistent
+ </NameIDFormat>
+ <NameIDFormat>
+ urn:oasis:names:tc:SAML:2.0:nameid-format:transient
+ </NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/Consumer/metaAlias/spmeta" index="0"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/Consumer/metaAlias/spmeta" index="1" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ubuntu-sp.esx.el.hta.fhz.ch:8443/fam/Consumer/ECP/metaAlias/spmeta" index="2"></AssertionConsumerService>
+ </SPSSODescriptor>
+</EntityDescriptor>
+<EntityDescriptor entityID="http://shibvm8.et-test.psu.edu">
+
+<!-- SAML 1 Only -->
+<!--
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+-->
+
+<!-- SAML 2 Only -->
+<!--
+ <IDPSSODescriptor protocolSupportEnumeration=" urn:oasis:names:tc:SAML:2.0:protocol">
+-->
+
+<!-- SAML 1 & 2 -->
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">psu.edu</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDRjCCAq+gAwIBAgIJALJIC8NL/oBCMA0GCSqGSIb3DQEBBQUAMHYxCzAJBgNV
+BAYTAlVTMR0wGwYDVQQIExREaXN0cmljdCBvZiBDb2x1bWJpYTETMBEGA1UEBxMK
+V2FzaGluZ3RvbjERMA8GA1UEChMIU2hpYlZNIDgxIDAeBgNVBAMTF3NoaWJ2bTgu
+ZXQtdGVzdC5wc3UuZWR1MB4XDTA3MDkxMTIwNDAxNloXDTA4MDkxMDIwNDAxNlow
+djELMAkGA1UEBhMCVVMxHTAbBgNVBAgTFERpc3RyaWN0IG9mIENvbHVtYmlhMRMw
+EQYDVQQHEwpXYXNoaW5ndG9uMREwDwYDVQQKEwhTaGliVk0gODEgMB4GA1UEAxMX
+c2hpYnZtOC5ldC10ZXN0LnBzdS5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
+AoGBANA5RJ3Jk8cw8wG49PexiR4lx9qyIp3xWe1aiQbFpjdNrhPwGoT9ghe8DYbi
+20Umo5n/CqfLoHaeOE/qZQMCnbyU8hhb4ZLpktZY/x8eqYreccqCcj36wnxbvXHd
+fU755YJR92wvOh0zb6dvxoJDLg6sTjbtrSHPph/AThk59p8nAgMBAAGjgdswgdgw
+HQYDVR0OBBYEFGDxedDK68d23ZCYNQK3NPF8nbZzMIGoBgNVHSMEgaAwgZ2AFGDx
+edDK68d23ZCYNQK3NPF8nbZzoXqkeDB2MQswCQYDVQQGEwJVUzEdMBsGA1UECBMU
+RGlzdHJpY3Qgb2YgQ29sdW1iaWExEzARBgNVBAcTCldhc2hpbmd0b24xETAPBgNV
+BAoTCFNoaWJWTSA4MSAwHgYDVQQDExdzaGlidm04LmV0LXRlc3QucHN1LmVkdYIJ
+ALJIC8NL/oBCMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAumMBAWZ6
+hv17qvbakyGk21kCgGFLWQZg3nR5xlJfbUgCYRWqhMjsmjJv39lTsGDKAdsnncOV
+Zgs4sZzNcCbCvcj6JukiAhba6/cVJ1CRKQYEZbWurGGtXYGlZHWCQRd+S3EsoYoE
+IuaD9Dh350ioeqRvHHep672uJt5q7+61rL0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="http://shibvm8.et-test.psu.edu:8080/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://shibvm8.et-test.psu.edu:8080/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="http://shibvm8.et-test.psu.edu:8080/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://shibvm8.et-test.psu.edu:8080/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://shibvm8.et-test.psu.edu:8080/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://shibvm8.et-test.psu.edu:8080/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+
+<!-- SAML 1 Only -->
+<!--
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+-->
+
+<!-- SAML 2 Only -->
+<!--
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+-->
+
+<!-- SAML 1 & 2 -->
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">psu.edu</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDRjCCAq+gAwIBAgIJALJIC8NL/oBCMA0GCSqGSIb3DQEBBQUAMHYxCzAJBgNV
+BAYTAlVTMR0wGwYDVQQIExREaXN0cmljdCBvZiBDb2x1bWJpYTETMBEGA1UEBxMK
+V2FzaGluZ3RvbjERMA8GA1UEChMIU2hpYlZNIDgxIDAeBgNVBAMTF3NoaWJ2bTgu
+ZXQtdGVzdC5wc3UuZWR1MB4XDTA3MDkxMTIwNDAxNloXDTA4MDkxMDIwNDAxNlow
+djELMAkGA1UEBhMCVVMxHTAbBgNVBAgTFERpc3RyaWN0IG9mIENvbHVtYmlhMRMw
+EQYDVQQHEwpXYXNoaW5ndG9uMREwDwYDVQQKEwhTaGliVk0gODEgMB4GA1UEAxMX
+c2hpYnZtOC5ldC10ZXN0LnBzdS5lZHUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ
+AoGBANA5RJ3Jk8cw8wG49PexiR4lx9qyIp3xWe1aiQbFpjdNrhPwGoT9ghe8DYbi
+20Umo5n/CqfLoHaeOE/qZQMCnbyU8hhb4ZLpktZY/x8eqYreccqCcj36wnxbvXHd
+fU755YJR92wvOh0zb6dvxoJDLg6sTjbtrSHPph/AThk59p8nAgMBAAGjgdswgdgw
+HQYDVR0OBBYEFGDxedDK68d23ZCYNQK3NPF8nbZzMIGoBgNVHSMEgaAwgZ2AFGDx
+edDK68d23ZCYNQK3NPF8nbZzoXqkeDB2MQswCQYDVQQGEwJVUzEdMBsGA1UECBMU
+RGlzdHJpY3Qgb2YgQ29sdW1iaWExEzARBgNVBAcTCldhc2hpbmd0b24xETAPBgNV
+BAoTCFNoaWJWTSA4MSAwHgYDVQQDExdzaGlidm04LmV0LXRlc3QucHN1LmVkdYIJ
+ALJIC8NL/oBCMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAumMBAWZ6
+hv17qvbakyGk21kCgGFLWQZg3nR5xlJfbUgCYRWqhMjsmjJv39lTsGDKAdsnncOV
+Zgs4sZzNcCbCvcj6JukiAhba6/cVJ1CRKQYEZbWurGGtXYGlZHWCQRd+S3EsoYoE
+IuaD9Dh350ioeqRvHHep672uJt5q7+61rL0=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="http://shibvm8.et-test.psu.edu:8080/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://shibvm8.et-test.psu.edu:8080/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+</EntityDescriptor>
+<EntityDescriptor entityID="https://lawu.switch.ch/idp/shibboleth">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">switch.ch</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIzCCAgugAwIBAgIUMzeE6JNb74PnWiYkeVEPpdKVQM4wDQYJKoZIhvcNAQEF
+BQAwGTEXMBUGA1UEAxMObGF3dS5zd2l0Y2guY2gwHhcNMDkwMzEzMDc0OTM1WhcN
+MTIwMzEzMDc0OTM1WjAZMRcwFQYDVQQDEw5sYXd1LnN3aXRjaC5jaDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAIcQ6EDLfbTq5Siz7GiEMOP23b6rm3Qv
+I03bCoLH7UfMoHH099f+mND2AJDIhodhxHXJhzMXKtrlxq39XNCYZShdMIFyB7+p
+Xa/wa/Vg7n/4G0rL2/J5q0fOo3JpavYhUoIMVLC6Szry/zjg4ImBe5k1SgbRQUJe
+7KYScyqDeQk6uCfxGzhz9AoONESwuiGRbCzWZ80vDctAzmPE1zAVjSIip5X1LbZX
+dF/3HpA2zB1YX7x/6tz4UxvMPIDzNrGFX5QmdXerh+dv/GR/WLlz9Ib91Xaxidfg
+k35yf6G/PAlq+nzwzsljAZ/y79kwwDtSscJ+LkBHb2n6iezBqvokEGUCAwEAAaNj
+MGEwQAYDVR0RBDkwN4IObGF3dS5zd2l0Y2guY2iGJWh0dHBzOi8vbGF3dS5zd2l0
+Y2guY2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFJLn2RSxquNneSv1QePfdBEJ
+E7y7MA0GCSqGSIb3DQEBBQUAA4IBAQAUx8QZbf7CKs9OrpP4L93zWiYeehpbbz1y
+surDq1niLS9CJeWM2Cb6c7uK0qez46uWPjZZ5MficDrSLNQMAAAWxiWkagGfpysH
+MFGoFsyn2uj3xs9nzz3uEX4XoYCCpSM5QJTD8a4DR/Jo7g4J9dBMK7hYh4LQLVZD
+61DLHASodj5eiQEo7ZBxs2Z30jolv+gwwHavaiwnnE4I4vumJsv2aoMquQ9E5+zy
+dmvBPasT4xSTCoinH3Dr776Ox5IzrkT70ePJGUfPvBRJiJaF+Q4smXpjMPq+L1pJ
+9o+AIt/IBeY6EEVrQXP2EGn4tclkdZDAB5WJSP0ik9dQhxX43rFT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://lawu.switch.ch:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"></ArtifactResolutionService>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://lawu.switch.ch:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"></ArtifactResolutionService>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://lawu.switch.ch/idp/profile/Shibboleth/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://lawu.switch.ch/idp/profile/SAML2/POST/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://lawu.switch.ch/idp/profile/SAML2/POST-SimpleSign/SSO"></SingleSignOnService>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://lawu.switch.ch/idp/profile/SAML2/Redirect/SSO"></SingleSignOnService>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" regexp="false">switch.ch</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIzCCAgugAwIBAgIUMzeE6JNb74PnWiYkeVEPpdKVQM4wDQYJKoZIhvcNAQEF
+BQAwGTEXMBUGA1UEAxMObGF3dS5zd2l0Y2guY2gwHhcNMDkwMzEzMDc0OTM1WhcN
+MTIwMzEzMDc0OTM1WjAZMRcwFQYDVQQDEw5sYXd1LnN3aXRjaC5jaDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAIcQ6EDLfbTq5Siz7GiEMOP23b6rm3Qv
+I03bCoLH7UfMoHH099f+mND2AJDIhodhxHXJhzMXKtrlxq39XNCYZShdMIFyB7+p
+Xa/wa/Vg7n/4G0rL2/J5q0fOo3JpavYhUoIMVLC6Szry/zjg4ImBe5k1SgbRQUJe
+7KYScyqDeQk6uCfxGzhz9AoONESwuiGRbCzWZ80vDctAzmPE1zAVjSIip5X1LbZX
+dF/3HpA2zB1YX7x/6tz4UxvMPIDzNrGFX5QmdXerh+dv/GR/WLlz9Ib91Xaxidfg
+k35yf6G/PAlq+nzwzsljAZ/y79kwwDtSscJ+LkBHb2n6iezBqvokEGUCAwEAAaNj
+MGEwQAYDVR0RBDkwN4IObGF3dS5zd2l0Y2guY2iGJWh0dHBzOi8vbGF3dS5zd2l0
+Y2guY2gvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFJLn2RSxquNneSv1QePfdBEJ
+E7y7MA0GCSqGSIb3DQEBBQUAA4IBAQAUx8QZbf7CKs9OrpP4L93zWiYeehpbbz1y
+surDq1niLS9CJeWM2Cb6c7uK0qez46uWPjZZ5MficDrSLNQMAAAWxiWkagGfpysH
+MFGoFsyn2uj3xs9nzz3uEX4XoYCCpSM5QJTD8a4DR/Jo7g4J9dBMK7hYh4LQLVZD
+61DLHASodj5eiQEo7ZBxs2Z30jolv+gwwHavaiwnnE4I4vumJsv2aoMquQ9E5+zy
+dmvBPasT4xSTCoinH3Dr776Ox5IzrkT70ePJGUfPvBRJiJaF+Q4smXpjMPq+L1pJ
+9o+AIt/IBeY6EEVrQXP2EGn4tclkdZDAB5WJSP0ik9dQhxX43rFT
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://lawu.switch.ch:8443/idp/profile/SAML1/SOAP/AttributeQuery"></AttributeService>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://lawu.switch.ch:8443/idp/profile/SAML2/SOAP/AttributeQuery"></AttributeService>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+</EntityDescriptor>
+
+ <!-- Service Provider Definitions -->
+
+ <!-- No certificates embedded -->
+ <!-- SWITCH, AAI Demo Resource -->
+ <EntityDescriptor entityID="https://kohala.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>kohala.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://aaitest-sp.switch.ch/Shibboleth.sso/SAML/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kohala.switch.ch/other-app/Shibboleth.sso/SAML/POST" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kohala.switch.ch/Shibboleth.sso/SAML/POST" index="3" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://guenter.canoo.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.canoo.com</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://guenter.canoo.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- SWITCH, AAI Attributes Viewer 1.2.1 -->
+ <EntityDescriptor entityID="https://rinjani.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>rinjani.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://rinjani.switch.ch/Shibboleth.shire" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- blogug-freebsd-testing -->
+ <EntityDescriptor entityID="https://aai.blogug.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai.blogug.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aai.blogug.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Science Direct -->
+ <EntityDescriptor entityID="https://sdauth.sciencedirect.com/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>sciencedirect.partner-switchaai.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://cpc1746.sciencedirect.com:25007/SHIRE" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://cpc1747.sciencedirect.com:25007/SHIRE" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://cpc1748.sciencedirect.com:25007/SHIRE" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://cpc1749.sciencedirect.com:25007/SHIRE" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://cpc1764.sciencedirect.com:25007/SHIRE" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://cpc1765.sciencedirect.com:25007/SHIRE" index="6"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://dvc7411.lexisnexis.com:25007/SHIRE" index="7"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://tpc1770.sciencedirect.com:25007/SHIRE" index="8"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://tpc1771.sciencedirect.com:25007/SHIRE" index="9"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sdauth-cert3.sciencedirect.com/SHIRE" index="10"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sdauth-cert4.sciencedirect.com/SHIRE" index="11"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sdauth.sciencedirect.com/SHIRE" index="12" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://macha.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://macha.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://macha.switch.localhost/Shibboleth.sso/SAML/POST" index="2"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://macvt.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>macvt.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://macvt.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- SWITCH, AAIportal DEMO -->
+ <EntityDescriptor entityID="https://demo.aaiportal.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>demo.aaiportal.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://demo.aaiportal.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- EVA - Einfache virtuelle Ablage -->
+ <EntityDescriptor entityID="https://shibbo-eva.urz.unibas.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibbo-eva.urz.unibas.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibbo-eva.urz.unibas.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Service Provider Test Page -->
+ <EntityDescriptor entityID="https://aai2-sp.phbern.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai2-sp.phbern.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aai2-sp.phbern.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- e-Learning Moodle Test -->
+ <EntityDescriptor entityID="https://moodle2.phbern.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>moodle2.phbern.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://moodle2.phbern.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Entwicklungs-Umgebung -->
+ <EntityDescriptor entityID="https://dev1.phbern.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dev1.phbern.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dev1.phbern.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev1.phbern.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev1.phbern.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev1.phbern.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dev1.phbern.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev1.phbern.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev1.phbern.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev1.phbern.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev1.phbern.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://dev1.phbern.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev1.phbern.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dev1.phbern.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev1.phbern.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dev1.phbern.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Test for Shibbolized Webpages -->
+ <EntityDescriptor entityID="https://mahawu.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>mahawu.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mahawu.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Test Resource for eduGAIN -->
+ <EntityDescriptor entityID="https://caldera.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>caldera.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://caldera.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- eduGAIN Home Bridging Element (Test) -->
+ <EntityDescriptor entityID="https://tengger.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>tengger.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tengger.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Test -->
+ <EntityDescriptor entityID="https://www.unilu-ikk.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.unilu-ikk.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.unilu-ikk.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Test Resource -->
+ <EntityDescriptor entityID="https://shibboleth.e-academy.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shibboleth02.e-academy.com</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth02.e-academy.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Blackboard Test Resource -->
+ <EntityDescriptor entityID="https://www.dermacvonnick.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.dermacvonnick.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.dermacvonnick.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- www3 -->
+ <EntityDescriptor entityID="https://www3.unifr.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www3.unifr.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://www3.unifr.ch/Shibboleth.sso/SAML/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www3.unifr.ch/Shibboleth.sso/SAML/POST" index="2" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Test de shibbolisation de l'application Claroline -->
+ <EntityDescriptor entityID="https://claro-test.unine.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>CLARO-TEST.UNINE.CH</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://claro-test.unine.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Claroline test -->
+ <EntityDescriptor entityID="https://acad-test.unine.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>acad-test.unine.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://acad-test.unine.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://bayamo.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>bayamo.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://bayamo.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://aai.halimedia.com/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>pempheris.halimedia.com</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://aai.halimedia.com/Shibboleth.sso/SAML/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://localhost/Shibboleth.sso/SAML/POST" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://vsl-standby.unil.ch/Shibboleth.sso/SAML/POST" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aai.halimedia.com/Shibboleth.sso/SAML/POST" index="4" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://localhost/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vsl-standby.unil.ch/Shibboleth.sso/SAML/POST" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- KoS Shibboleth test site -->
+ <EntityDescriptor entityID="https://venus.kos.li/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>venus.kos.li</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://venus.kos.li/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://egon.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>egon.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://egon.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://egon.switch.ch/Shibboleth.sso/SAML/Artifact" index="2"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://teon.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>teon.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://teon.switch.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://teon.switch.ch/Shibboleth.sso/SAML/Artifact" index="2"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- CHUV test -->
+ <EntityDescriptor entityID="https://atbash.hospvd.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>atbash.hospvd.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://atbash.hospvd.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://thor.aai.dfn.de/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>thor.aai.dfn.de</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://thor.aai.dfn.de/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://sr-svx-92.unifr.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>sr-svx-92.unifr.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://sr-svx-92.unifr.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Glossary -->
+ <EntityDescriptor entityID="https://vmelab03.unisi.ch/glossary/shibboleth/">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>vmelab03.unisi.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vmelab03.unisi.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- DOIT, Dermatology eLearning -->
+ <EntityDescriptor entityID="https://aai2.cyberderm.net/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai.cyberderm.net</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aai2.cyberderm.net/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Test PHP SP -->
+ <EntityDescriptor entityID="feide.erlang.no">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>feide.erlang.no</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://feide.erlang.no/shibbolethsp/AssertionConsumerService.php" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://feide.erlang.no/shibbolethsp/AssertionConsumerService.php" index="2" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://www.itka.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.itka.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://www.itka.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://www.itka.ch/Shibboleth.sso/SAML/Artifact" index="2"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://vvv.unifr.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>vvv.unifr.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://vvv.unifr.ch/Shibboleth.sso/SAML/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vvv.unifr.ch/Shibboleth.sso/SAML/POST" index="2" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://commonweb.unifr.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>commonweb.unifr.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://commonweb.unifr.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://commonweb.unifr.ch/Shibboleth.sso/SAML/POST" index="2"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://twiki2.phbern.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dev1.phbern.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://twiki2.phbern.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Test-Service-Provider Uni Basel -->
+ <EntityDescriptor entityID="https://test-sp.unibas.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>test-sp.unibas.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test-sp.unibas.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://forschdb-test.urz.unibas.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>forschdb-test.urz.unibas.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://forschdb-test.urz.unibas.ch/Shibboleth.sso/SAML/POST" index="1" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://dieng.switch.ch/otherapp/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dieng.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dieng.switch.ch/otherapp/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+
+ <!-- Certificates embedded -->
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://ebulobo.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>ebulobo.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE3jCCA8agAwIBAgICD7owDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDEyMjEwMzg1NloXDTEyMDEyMjEwMzg1NlowXjELMAkGA1UEBhMCQ0gxEDAO
+BgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRD
+SDEaMBgGA1UEAxMRZWJ1bG9iby5zd2l0Y2guY2gwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC94Uyr8fcL6cAzgCIfsjX2YFzndZornB2uYyYKmiUJOw46
+t7kDk+4c7KQDFzcG+AmTdLRPflcIJZ+w3mUCtbmuUNgyA3J7l/PX9CmjU3l6CbRT
+dPfGdS4GAdnHlDVez9MM+yDoyPXHcCKkY6+wX9BpmfzmYNXXquN9vy/NbwYGEkxJ
+ghLRrRJKTKY2eyVVM1fYnCXwDp1pD/OyQxPNcC9AiplJZZ32Lu7UjCnSouD3IL5I
+9ePCJ7yHVSCpqVT0VczHKUk3Xm/x4B2oZdIPEiIs78o0Nt7gvn8uxDosbuuTu/HQ
+riQNq5B4Iy12WGdw5k/RUMOpnt8Rod/eh/PiKhY/AgMBAAGjggGXMIIBkzB0Bggr
+BgEFBQcBAQRoMGYwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xv
+YmFsLmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9xdnNzbGljYS5jcnQwHAYDVR0RBBUwE4IRZWJ1bG9iby5zd2l0Y2guY2gw
+UQYDVR0gBEowSDBGBgwrBgEEAb5YAAJkAQEwNjA0BggrBgEFBQcCARYoaHR0cDov
+L3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMC
+BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFDJN
+oU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu
+cXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNybDAdBgNVHQ4EFgQU3Ud05JHH
+EaGmTzlhJvZXsq/jJVIwDQYJKoZIhvcNAQEFBQADggEBAFhofh+BJRcEHUqDaAGt
+A5Fuq5a0Jh3FAYdFqMdFBolUBJiyn1GomTMgGwQHA8Dcq/WGGgrJx/emggmx+qm2
+3PYfvuGnFr5vxcHWzs6frANkTm4cUnjM44Jz6DSyRbp0JS8cXoxB46MUgcM5zSrJ
+EJkfAm1YznY6pBhBgKd7HgixyELr6+0sHHEPcfmnFwwXiKuXP9wbX40VWHDyKFzR
+/nrNcuK2qCNS9Xb7nVzSJT8QNKL0LsWlXFCgLlTMFVrLKGrS6WfyzdOsYJpQJQCe
+fnh9OIM7Sez3tKIHN/HO/6uO5sjBRINOEsxIlvUOGRsVKxFlth0gnU8WqSW/SS3A
+oec=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ebulobo.switch.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ebulobo.switch.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ebulobo.switch.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ebulobo.switch.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ebulobo.switch.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ebulobo.switch.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ebulobo.switch.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ebulobo.switch.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ebulobo.switch.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ebulobo.switch.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ebulobo.switch.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ebulobo.switch.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ebulobo.switch.ch/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ebulobo.switch.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://sumbing.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>sumbing.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIJAKSlXbXEjhB4MA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEXN1bWJpbmcuc3dpdGNoLmNoMB4XDTA4MTIxMDA2MzA0NFoXDTExMTIxMDA2
+MzA0NFowHDEaMBgGA1UEAxMRc3VtYmluZy5zd2l0Y2guY2gwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQC3T6cyAnv/0bG5wZm+dN6AD8XtDsZjt35pjs9n
+91oX1I+547iXtSH7Ju/oh4uU0ahfgK0gpwkg50f9czokYoJ+s+Nd6LwBOpMFOgyq
+IKJSsowYXpkUAS/zELzZiV9dudmi1hb9aA8J56YAEzRtVQh3M6SirHgoF7aGB0i5
+CEHBf1coxmQzsz0lQn8RFS6esWYS56BI/6URnEPCZMzYDffSuAilzb+NYE7zWYCv
+fFIGY283w5QeZcO2N+Mmd5fCW/CeQncsDyCcTmZVWXAgy7TGOnT51BaL0iGP4zEV
+T2MrMIWu1ObEeHYsph9bTUxpsbS3XoybMfnesz535GIcwNWdAgMBAAGjZTBjMEIG
+A1UdEQQ7MDmCEXN1bWJpbmcuc3dpdGNoLmNohiRodHRwczovL3N1bWJpbmcuc3dp
+dGNoLmNoL3NoaWJib2xldGgwHQYDVR0OBBYEFKhu8TuSSwDNxyjy3Mj/lz/gpplr
+MA0GCSqGSIb3DQEBBQUAA4IBAQBQhWqfyk7ChBZOKEuJb4S58qI5re9wFtRKvf/B
+Kx8szOfbZT9DTyVv/Xv2PSGxxo4oiR+EUgnKV4S7PwkDm2F5y1BlLL8x/mJJHhoA
+CpzL0Oz7WIBAntwT7Ys3BUMdnuycPAieFborW8uv5RRt2h/ghARym4bOuEB8/w1c
+cB/EB/MGXUAf7xTTJbik1L0oiUHCKkzJBd1bub89tmnDCHaq0pKJcVb2RoEGhHRm
+I2AHMP/YMeRZb2DdHNyTUEYARl7BI90UQeLgZtKcCbhjMEE0UoiKOcSB23Y3PG8W
+KlRPw/Jzcg0MpN0QRIuFiBaNHKCq1wggSx2695oBjV6UKdS3
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://sumbing.switch.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://sumbing.switch.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://sumbing.switch.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://sumbing.switch.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://sumbing.switch.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://sumbing.switch.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://sumbing.switch.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://sumbing.switch.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://sumbing.switch.ch/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sumbing.switch.ch/Shibboleth.sso/SAML/POST" index="6" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://sumbing.switch.ch/Shibboleth.sso/SAML/Artifact" index="7"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- SIUFAAISP Attributes Viewer -->
+ <EntityDescriptor entityID="https://siufaaisp.unifr.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>siufaaisp.unifr.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJDCCAgygAwIBAgIJAPGNbdTqQQT5MA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEnNpdWZhYWlzcC51bmlmci5jaDAeFw0wOTA2MzAwNzU1NTdaFw0xMjA2MzAw
+NzU1NTdaMB0xGzAZBgNVBAMTEnNpdWZhYWlzcC51bmlmci5jaDCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANmdC0qB9orDl/e6NwWr5TncBFr8qCjQvVL8
+WO0IwqincMk/YeSZ1WfwlaUkbl5u1aRqjDsMsbUB/GLzW2CFveZaC9YMrXqVEtib
+UBAISVGUOlPdAjSZ6xfqjlPNwxDw5oh3jFgLqRJXr5zG9h6tulxsVvzlJWdAy1RH
+YpAX90/QmthRZWPh2jxLAN9bwY0ScdnPsTmuCiZ2PHqgFvttTzCiNhVB6HrUjQys
+Gnx6GCcuRKzLgyXCeyx3I/ncbJzlekjoyemjKiEez8t9ZzvveS/yV1fR4YQJcOX1
+xwTX8HC/18n3px8lYRB+NQ4Ow0YSEKVSOTf6AMJckiXaLYO3q9sCAwEAAaNnMGUw
+RAYDVR0RBD0wO4ISc2l1ZmFhaXNwLnVuaWZyLmNohiVodHRwczovL3NpdWZhYWlz
+cC51bmlmci5jaC9zaGliYm9sZXRoMB0GA1UdDgQWBBTXVuYB3u1V/bKmSXVck7W/
+gb+Y9TANBgkqhkiG9w0BAQUFAAOCAQEAogKXpeNgoU4p33Wp6K8i9ZV6E307sT7n
+gtNCkvmTmPmP4+bahuK4yt9B1KAV5fKwf/mjFArHxXSk6vhCcSBZ66lYOfOzPJeZ
+K4TiTQJRd7tLqNFEDjyD0b6JHMD9vzOx36S0F0yVVCr5ctbPnUERQKID68JG4ihQ
+9DHsxV61oxuPcmsjXXm8MrFh90/8TJIEW1y+nJ/K29vhSwWqvKu9KUI+n952G3dE
+K4qY5rNoqubRhsAU9XYnpa2++Nhpd+exvdQWjn3p2Qg5CMsIdnLS1R/op/xQCpz1
+Xhr+FWL2B1Y2pfmxlXwaTdo87xsg9LLWmu4fkOK9vOoRw4BBO/5wtQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://siufaaisp.unifr.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Resource Registry -->
+ <EntityDescriptor entityID="https://aai-rr.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-rr.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEUzCCAzugAwIBAgIJAP6FkWIJJPt/MA0GCSqGSIb3DQEBBQUAMGoxCzAJBgNV
+BAYTAkNIMUAwPgYDVQQKEzdTd2l0Y2ggLSBUZWxlaW5mb3JtYXRpa2RpZW5zdGUg
+ZnVlciBMZWhyZSB1bmQgRm9yc2NodW5nMRkwFwYDVQQDExBTV0lUQ0ggU2VydmVy
+IENBMB4XDTA5MDMyNTE1MTczN1oXDTEwMDMyNTE1MTczN1owgYgxCzAJBgNVBAYT
+AkNIMUAwPgYDVQQKEzdTd2l0Y2ggLSBUZWxlaW5mb3JtYXRpa2RpZW5zdGUgZnVl
+ciBMZWhyZSB1bmQgRm9yc2NodW5nMRkwFwYDVQQDExBhYWktcnIuc3dpdGNoLmNo
+MRwwGgYJKoZIhvcNAQkBFg1hYWlAc3dpdGNoLmNoMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAptHg4A06jIYAtJ2CI1LdECo8gfJxMWo0sWjj2m+uzIbk
+2suFT7qcnltPSrofYfduDjjHaYYubfxCzTc1TX4uhU8+mvFFDLdnunj0d4koI/kz
+BhnaTVQ91ZppJ1Ic/CrZvk76bxkdmbLMPYD32pQp0pnyl+f5o/j1hOQ95f77nUgq
+70ZI0MfQI2sKd/62tPU7c2H1oitoVYXUgDT/Eao92vYmRXbV7MKWcc72pMUS3BXR
+70Xu61rg3htM2ntJY05bfF8s93Y2uJ8d5T9oxgzs4UTzhJom0iL633tuRBSM0ab8
+TWSAhjowMNAjwmlQfiOHqYNqbwfU1//DKlWVNEIl4wIDAQABo4HcMIHZMBsGA1Ud
+EQQUMBKCEGFhaS1yci5zd2l0Y2guY2gwDgYDVR0PAQH/BAQDAgOoMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAfBgNVHSMEGDAWgBQa/ctTlbCB3To4hJ9j
+6HwKQuDm/jBSBgNVHR8ESzBJMEegRaBDhkFodHRwOi8vY3JsLnN3aXNzc2lnbi5u
+ZXQvMUFGRENCNTM5NUIwODFERDNBMzg4NDlGNjNFODdDMEE0MkUwRTZGRTAWBgNV
+HSAEDzANMAsGCWCFdAECBgEBAjANBgkqhkiG9w0BAQUFAAOCAQEACq/+SuyGHfPG
+L+fqr5V1GZDP/4q7WllzGhXChrqRPAOXbOLbCyWElNxAqrFg41pv3Czf8vXMfNkJ
+MFxjI8CvpE2S6M0HmFuayISp95IyiSK05pE2qschbugpFPUek3j6vfs+WfTwh0Az
+Gb2mBeTRtYsn4yGZHINJ9aMd7RQsCfVgxtjwzEZ8X/fT88hJQCS2Qzk5Eby53HXR
+4GDsAq63zWCECz4pAOeXSHCg/9BsniYz0maJxXQn5SnBHVexaDLQkD9W8p1G4wlJ
+8qS8wRDEP/hgYERv1KPaxs+yDnrgPUgiinWUGDuyWZrCtiA9p58oDzwb1D3HLKip
+bNS5NvZpyQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SAML2/POST" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SAML2/POST-SimpleSign" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SAML2/Artifact" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SAML2/Artifact" index="6"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SAML2/ECP" index="7"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SAML2/ECP" index="8"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SAML/POST" index="9"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SAML/POST" index="10" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://aai-rr.switch.ch/aaitest/Shibboleth.sso/SAML/Artifact" index="11"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://rr.aai.switch.ch/aaitest/Shibboleth.sso/SAML/Artifact" index="12"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- BSCW Shared Workspace System -->
+ <EntityDescriptor entityID="https://bscw2.phbern.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>bscw2.phbern.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEzTCCA7WgAwIBAgICAOEwDQYJKoZIhvcNAQEFBQAwdTELMAkGA1UEBhMCQ0gx
+DzANBgNVBAcTBlp1cmljaDETMBEGA1UEChMKU1dJVENIIEFBSTEMMAoGA1UECxMD
+QUFJMRQwEgYDVQQDEwtBQUkgVGVzdCBDQTEcMBoGCSqGSIb3DQEJARYNYWFpQHN3
+aXRjaC5jaDAeFw0wODExMDYxNDU3NTVaFw0wOTExMDYxNDU3NTVaMIG+MQswCQYD
+VQQGEwJDSDENMAsGA1UECBMEQmVybjENMAsGA1UEBxMEQmVybjEmMCQGA1UEChMd
+UGFlZGFnb2dpc2NoZSBIb2Noc2NodWxlIEJlcm4xKDAmBgNVBAsTH1plbnRydW0g
+ZnVlciBCaWxkdW5nc2luZm9ybWF0aWsxGDAWBgNVBAMTD2JzY3cyLnBoYmVybi5j
+aDElMCMGCSqGSIb3DQEJARYWYnNjdy1zdXBwb3J0QHBoYmVybi5jaDCCASIwDQYJ
+KoZIhvcNAQEBBQADggEPADCCAQoCggEBAOET72VQWSJeh3o+M74Hz2DWsoU/IEcM
++HfQSnWK7exZUG3gLUsKZ5m1Z11/HrM2QvwDcGsiTY1wKKI5kQFuwOyGFHWXVdhr
+JJhCtXwPOLMbwdmYNWZ8J0BgYOrwc1MPOfOOnN1bND445YBWMZfUBZvIFUZuTeWy
+dp+KBGrAaLjqT68MCgoAKqxbk5iKBttnlDitAmq+BMPbfPuCgbaVLTaKrFwRDkrr
+E0N8cstMmimgeaq0MQZqDOhK8DmSoJdlrMJudp0RJyRjgU3PwghWB55LordeFlGb
+5gnM7giLfTq9c9QjTJgwAoWcTreiR82MtLFfioqCnZU7zX3plDfu+58CAwEAAaOC
+ARswggEXMAkGA1UdEwQCMAAwSQYJYIZIAYb4QgENBDwWOkdlbmVyYXRlZCBmb3Ig
+QUFJIFRlc3QgRmVkZXJhdGlvbiBodHRwOi8vd3d3LnN3aXRjaC5jaC9hYWkwHQYD
+VR0OBBYEFFIs0og8+2qdAAuVfgKK1K0Se8FdMIGfBgNVHSMEgZcwgZSAFAVHxIaH
+U/oPMNBSpaHwSyZreVJDoXmkdzB1MQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVy
+aWNoMRMwEQYDVQQKEwpTV0lUQ0ggQUFJMQwwCgYDVQQLEwNBQUkxFDASBgNVBAMT
+C0FBSSBUZXN0IENBMRwwGgYJKoZIhvcNAQkBFg1hYWlAc3dpdGNoLmNoggEAMA0G
+CSqGSIb3DQEBBQUAA4IBAQBpriGjASOtM7SDgo+R71XRnoLLdWg86toQ23515oUH
+Ff4qb35NDoTOAyGN22vbJ90xnizFdfxMCtoy+x9w+JYT8tSYhbz0ATgYAj7ZL3X7
+iG+g9LOeZTLoIPgaPQBOwrnJsDtUYcG0jRf/zKMnXZwNiGK94vqhI9IfV998FPeB
+Qc5GwFI2amkegQL+jpR4uQiOyL7AQ09rk1EnqbM1Dd8REsvjZkNXHtM9Zyfmk4u0
+3vhm5RzYNmK2HHhfiHrH0eZ3SBgig2i7DWH2l2twmNjPEMwfMatiEG9ryHGWs+Rx
+7QXKLN/9B93Jt4IAI0yRbKlpeCYhFy50Lu/aDFa6DRn0
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bscw2.phbern.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bscw2.phbern.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bscw2.phbern.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bscw2.phbern.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bscw2.phbern.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bscw2.phbern.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bscw2.phbern.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bscw2.phbern.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bscw2.phbern.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://bscw2.phbern.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bscw2.phbern.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://bscw2.phbern.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://bscw2.phbern.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://bscw2.phbern.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://aai.fhnw.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai.fhnw.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDCDCCAfCgAwIBAgIJAMH14CMC0vFyMA0GCSqGSIb3DQEBBQUAMBYxFDASBgNV
+BAMTC2FhaS5maG53LmNoMB4XDTA5MDMxMDEzMDIxN1oXDTEyMDMwOTEzMDIxN1ow
+FjEUMBIGA1UEAxMLYWFpLmZobncuY2gwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQC3072adwSo8fZWCOer0QhuXjRLP2N6Xm6vjex0jTOr/yi+zzo4MCfK
+ck4TNcwVX6ymOP12/nHBMvgR1bwm65amKFfETJROwOEizYFx3P+jWecj8DELXT3z
+PcMjoHmINi0Now43T458+5LbpkfwVufEiw+/AsWhvNZtPVHuldDbqtbydisMqVXb
+LYrXB8+GmY3yXJ2JzV0ClbvwNiku4AW8c0uM44lapkV5VdA60ItbWdwsUw5N2UEj
+EaTNu8D0s1qaOATPQ1k6Pj0YwikIDPdB4yTQmAWSII5K3PmuFlrh3qO/E0IKE35q
+0Fpr7rgsWuJ6LS9YzUh2OlkgHdFy6XgBAgMBAAGjWTBXMDYGA1UdEQQvMC2CC2Fh
+aS5maG53LmNohh5odHRwczovL2FhaS5maG53LmNoL3NoaWJib2xldGgwHQYDVR0O
+BBYEFLq8Orh4map9ngafz5PrnvZQSLwYMA0GCSqGSIb3DQEBBQUAA4IBAQAjcMj5
+OfyhAvCUjQnsRswhVtC1Dyz24iMbmb5RBUHKYq1HBouwuB1QOEg+/PnxLmcDiPII
+oW/Mfcu4SvpAiL+N5fywv9aoQXC3iTkfHSdPhuNTJnwCStXfJsb4m7bNGnX3Xyv9
+TcJg0o4nkSdfFI/UVm+01g6/XVS0lY4l+3g/JTjaxf2AG+K4uKo8ojI7veQYsumB
+WwKAyRvrNrwt1geZhJaE94aAIbMvKcF+K0YPBp8ZQeTXdapzh5+o84hiR0J6k8xF
+HWmU5FielrRbyerVFJEUKHYrvOnpU6/kZhsvuhaPusqxoPjrWH4SeTFOv6oToIg6
+4Ceudp7Aa05J1H5W
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai.fhnw.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai.fhnw.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai.fhnw.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai.fhnw.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai.fhnw.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai.fhnw.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai.fhnw.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai.fhnw.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai.fhnw.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai.fhnw.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai.fhnw.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://aai.fhnw.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aai.fhnw.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://aai.fhnw.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://moodle-test.unifr.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>moodle-test.unifr.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDLDCCAhSgAwIBAgIJAP4GxnPzNq+PMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFG1vb2RsZS10ZXN0LnVuaWZyLmNoMB4XDTA5MDcwMTEyMTA0NVoXDTEyMDcw
+MTEyMTA0NVowHzEdMBsGA1UEAxMUbW9vZGxlLXRlc3QudW5pZnIuY2gwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDN6ibJQ++wBad3psFjIUgep77UvhuW
+mum0CPmPzTZleP4oBbnPGoG5ejH+9uI8zVdtgE5bLaOFklM0LNb925EohfMUfPAb
+70SoMZgtEz2RX5niOh5ogfsKXSYzxkMLaJDYRo9eBkCViuMPugaDvn2+1br7oOr7
+jqiw8fjMKAnUyjE2tXKEx2sF9Lut4IVT+VOl7xVNMp/lrJ7YrmQ16b3/vOyyqZcG
+kC+8x3ehB6nernpVekc3u3iMQ/U1ENc/QTjVhy64wnJyFCFRSurzbqw6G+8ECx51
+tA3jy92u7MAiq77CHhuEUDDyOVdMBG6f3LaCQO5+3ioLl1vBngBFP/wNAgMBAAGj
+azBpMEgGA1UdEQRBMD+CFG1vb2RsZS10ZXN0LnVuaWZyLmNohidodHRwczovL21v
+b2RsZS10ZXN0LnVuaWZyLmNoL3NoaWJib2xldGgwHQYDVR0OBBYEFFEmDc/NAQ+i
+AFjuGoKDZXa76yDfMA0GCSqGSIb3DQEBBQUAA4IBAQBme5KhNy+nxapbxCAgku7i
+9MoloTZdeBu8qbgGNP4PPw4ANtHA+nZzvlTo0q2skHkAprMNsHMJgwSUOroJk88m
+Pc1QXzLwZNb08mvKhMKEPO4GfvvQ0QTt+irIGgXbTvunnhPIhhETjkz52CMHaYgm
+4HpAunHJwbSAB5wlRkdxPMsxB0az5QHQXb01mIH8/uzk3DGd1UJqGoiKTiCPGG5N
+ZfKwJ4EumeobeGPy/ggYNM4wCKX3ViHMWUiaxrs8Re0X9mDodPFtJt8TlpzRnliJ
+oBWd9FI1HsIOnrSMfV1LOCVg7uGV7G2HKm9TSFfPB9Wl7Y3zvS/3I975IuWFV5Ka
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://moodle-test.unifr.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://moodle-test.unifr.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://moodle-test.unifr.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://moodle-test.unifr.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://moodle-test.unifr.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Test SWITCH VHO -->
+ <EntityDescriptor entityID="https://tools.test.vho-switchaai.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>tools-test.vho-switchaai.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDSDCCAjCgAwIBAgIJAIL7gf3EijrnMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
+BAMTG3Rvb2xzLnRlc3QudmhvLXN3aXRjaGFhaS5jaDAeFw0wOTAzMTAxNDMwMzNa
+Fw0xMjAzMDkxNDMwMzNaMCYxJDAiBgNVBAMTG3Rvb2xzLnRlc3QudmhvLXN3aXRj
+aGFhaS5jaDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMhsVUMaKCna
+W5qCGi0r/sjuu0/WutHRX1gNks91MQrjbs9aa+/+cw/KgKuo8TXHBTcSYgPSeKtF
+eECRGzctq4vC/ulxiRXQRlaMFYUra41+OPxiUp7Y1otlhXaQL9jZXfOf97ttjHSx
+jWNk3y3PFPadP9cTjy5EUs2uZoexxxV70GKkF8ug5RLfxt69cV82ffClvwg3FC26
+DOK+3cGiVNTkVahoMZU3bcPtyoxg1y+soS5AqxHETnW3IlaJgw/Psm6qaCjH8jwX
+Ni+ovIug9xlMfPCXBT+1ZIq62CPPiesFtFoBivqXTQm87NvkQstB4zTAL6G1/Exr
+TBkS8qR5LacCAwEAAaN5MHcwVgYDVR0RBE8wTYIbdG9vbHMudGVzdC52aG8tc3dp
+dGNoYWFpLmNohi5odHRwczovL3Rvb2xzLnRlc3QudmhvLXN3aXRjaGFhaS5jaC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBS/61Xvsc4E62p4q5ip/0fP6/WY+zANBgkqhkiG
+9w0BAQUFAAOCAQEAUauUvb98nul1ebhXkneJ1u4JD9eRyw60XzHrpMlCyw5/9jLu
+YBZHQt0dAVruCib71g4bedKzrWVgI4p3GfMIeqraTD+BTrRfThdIm8TIGqoVscSw
+CP//y2dzBLT8FWrd9lWjG16jgZKdnAVCRTZanLCOoPToe/1LRbFC7T0j0w7E0EsZ
+cJlS79MXfodK3+9rNDhvD5/ElC/xRURUXE5HHrwKNWvuJ4bxh8aD0thOFx/ZQBnr
+fhcPepE8wOLYv4XWMTNivF1WoWYUFO9NDOvqB/5Dkqk+AoPeysSGkwibbkFl1NzT
+NJ4e2Ue1FTAtfEinR6Y4VUiD30j1cK204QfCPA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://tools.test.vho-switchaai.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://moti.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>moti.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFDCCAfygAwIBAgIJAL41O3gqPd+MMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDm1vdGkuc3dpdGNoLmNoMB4XDTA5MDEyNjEyMTgyM1oXDTEyMDEyNjEyMTgy
+M1owGTEXMBUGA1UEAxMObW90aS5zd2l0Y2guY2gwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDX8HKtBB51/qGl4ZaLCc+Qiu4S8ZSuRveayavg1NXZ4459
++Qe2XzYjrT7N36etZ6vAw7nc3/TTweHk/qsv0iZCSo306pLepVHw4t1XC8BWpsHT
+uE23cpPM59SqPSECZE9nh28vclKORltMvLhgHF65te6s2LDNkV4uJ825DUHgPdMk
+iWVR01wlZFm5sGqS9bhmwGT+oX31/ssjRNeSsuXDwbPpU44qV8jhdrQJ9E6eIKYV
+sSnHz7sRmpsBKUO4+qCkmANANZuNwiNzrEIk+RkBl5SomQ5fDHs83wKbXl0CXUCB
+znxC6sj7QW1MtE5q/o7WPY9a69KFYwEXzBA6E86fAgMBAAGjXzBdMDwGA1UdEQQ1
+MDOCDm1vdGkuc3dpdGNoLmNohiFodHRwczovL21vdGkuc3dpdGNoLmNoL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFDpdWa9gz07aMohezBfWU+qL8MLcMA0GCSqGSIb3DQEB
+BQUAA4IBAQAkHrvsSKfLESza5bngJxGiTRt/quiClrZMwWRQr8/G94vFE0cPoeOu
+XYopIJB4syC+O1PHZQ2NecOI+xd4e+ewZLP2qaNL4jN2N/nVt0CRVw7i+TaSD5hQ
+ySgQ0+BzjmbQoJDfKXdfWOHZEI9/BZ9d1MqFoLktDrdhoMYAzscZMHkiWm+P1Ul7
+n6T0Z1JQCUFvlZIGTdPCFzz2X+iQU/MduI+vGJSOFnjCsJcUsEMxNltylt1H8WCr
+WD/8phXxlfqTDjoBooyHab+PUiFGkrRhf3iEfga0ra3F+UPgmbXyNZ7OnEKuXHr+
+Kd22gHK+zQQktedNQL3EQM+wr/JZ83qj
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://moti.switch.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://moti.switch.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://moti.switch.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://moti.switch.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://moti.switch.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://moti.switch.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://moti.switch.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://moti.switch.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://moti.switch.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://moti.switch.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://moti.switch.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://moti.switch.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://moti.switch.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://moti.switch.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="urn:mace:switch.ch:aaitest:ezproxy">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>gw.usefulutilities.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFEjCCA/qgAwIBAgIDQh/IMA0GCSqGSIb3DQEBBQUAMIHKMQswCQYDVQQGEwJV
+UzEQMA4GA1UECBMHQXJpem9uYTETMBEGA1UEBxMKU2NvdHRzZGFsZTEaMBgGA1UE
+ChMRR29EYWRkeS5jb20sIEluYy4xMzAxBgNVBAsTKmh0dHA6Ly9jZXJ0aWZpY2F0
+ZXMuZ29kYWRkeS5jb20vcmVwb3NpdG9yeTEwMC4GA1UEAxMnR28gRGFkZHkgU2Vj
+dXJlIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MREwDwYDVQQFEwgwNzk2OTI4NzAe
+Fw0wNzEyMTIyMDM2MDJaFw0xMDAyMDYxMjA1NDRaMGUxHzAdBgNVBAoTFmd3LnVz
+ZWZ1bHV0aWxpdGllcy5jb20xITAfBgNVBAsTGERvbWFpbiBDb250cm9sIFZhbGlk
+YXRlZDEfMB0GA1UEAxMWZ3cudXNlZnVsdXRpbGl0aWVzLmNvbTCBnzANBgkqhkiG
+9w0BAQEFAAOBjQAwgYkCgYEA4oeE0Gv7DLod9SwXI+a8+vZqpFnOJD3/vd3/vmMg
+Y8laYarh9KaeuFBlNOMDvFvHmc3E1gvk+EwFD0WcIUH0k4QAbr1Aa7vYWtXeS60A
+sSMXam0+653euHeazFarNwG3wTp7tiqWLcUQRe5Pt/XOULzdZaFpciY3731Ykz1e
+MNECAwEAAaOCAecwggHjMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8v
+Y2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRvcnkvZ29kYWRkeWV4dGVu
+ZGVkaXNzdWluZy5jcmwwUgYDVR0gBEswSTBHBgtghkgBhv1tAQcXATA4MDYGCCsG
+AQUFBwIBFipodHRwOi8vY2VydGlmaWNhdGVzLmdvZGFkZHkuY29tL3JlcG9zaXRv
+cnkwfwYIKwYBBQUHAQEEczBxMCMGCCsGAQUFBzABhhdodHRwOi8vb2NzcC5nb2Rh
+ZGR5LmNvbTBKBggrBgEFBQcwAoY+aHR0cDovL2NlcnRpZmljYXRlcy5nb2RhZGR5
+LmNvbS9yZXBvc2l0b3J5L2dkX2ludGVybWVkaWF0ZS5jcnQwHQYDVR0OBBYEFPnQ
+CZKbxdIWOVN0QnqaMaTP9IfHMB8GA1UdIwQYMBaAFP2sYTKTbEXW4u6FX5q653aZ
+aMznMD0GA1UdEQQ2MDSCFmd3LnVzZWZ1bHV0aWxpdGllcy5jb22CGnd3dy5ndy51
+c2VmdWx1dGlsaXRpZXMuY29tMA0GCSqGSIb3DQEBBQUAA4IBAQCbIscrDyyz0Jzb
+m0IOvssMMgoKbHOpbW2DFW9dX36Y+MBuxbDwDthUxqJPKdcMPfaOV+loQq/yVTy9
+1hl73hNZZxiWfH1XLDSj+c4S69mnTBwRkhpmXq5pfgNctGc0mxA19TYI5mZRTa/C
+/Fui14YUwiaKTlXzMk6bb2/buBbkngsB9bWSS/koO6TglXlUD3a3kfJZWFS8TKhr
+nqHhBWq4WEF+/UVSdnhH6majR2hu+v9DVXJPb080GcKcv90m8ZixiKj7VJomQ27L
+uu3OdHr9oKXBhoXVR6EVKQzcMpeBQ4rfqDIfPHLlWsaJzgU7Kb1xqiqdI6o0rhXg
+MX2xZARF
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://gw.usefulutilities.com:3443/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://gw.usefulutilities.com:3443/Shibboleth.sso/SAML2/Artifact" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://gw.usefulutilities.com:3443/Shibboleth.sso/SAML/POST" index="3" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://gw.usefulutilities.com:3443/Shibboleth.sso/SAML/Artifact" index="4"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- AAI DEMO SP -->
+ <EntityDescriptor entityID="https://aai-demo.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-demo.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE+zCCA+OgAwIBAgICESowDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDMyNDExNTMxOVoXDTEyMDMyMzExNTMxOVowXzELMAkGA1UEBhMCQ0gxEDAO
+BgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRD
+SDEbMBkGA1UEAxMSYWFpLWRlbW8uc3dpdGNoLmNoMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAsgR+3dtoCDAQ/370NdFLt5T7LrCH7z3kfJShRMVsro6W
+5q0Di+oNLYH7CY4tXE6AX8eq+Ldex0e2l7mNANfadeKpzG4jB2iRyVxux4/3QzqP
+S495UpLc97rm/CSB9cPoWHWnGuoOJe30HM8O7LUlLfyl8fyUuLEWvPnqC1zZM26b
+p5JUsfICE87U0K2Y15Lp1LPfON7i3YdUVmuzJrk96zF/v+NafUf2NBrrTlcC5qA3
+Hg6+pC1UoMUstp6patpjc8xgvNAOtS8CSjfIWaejLAAiJlT6+pamOalO2GWRS7FN
+tfbERle3pSoGxly/zL1R39aRCsoVHjATeu+w3QoM3QIDAQABo4IBszCCAa8wdAYI
+KwYBBQUHAQEEaDBmMCoGCCsGAQUFBzABhh5odHRwOi8vb2NzcC5xdW92YWRpc2ds
+b2JhbC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly90cnVzdC5xdW92YWRpc2dsb2Jh
+bC5jb20vcXZzc2xpY2EuY3J0MDgGA1UdEQQxMC+CEmFhaS1kZW1vLnN3aXRjaC5j
+aIIZd2ViZGF2LWRlbW8uYWFpLnN3aXRjaC5jaDBRBgNVHSAESjBIMEYGDCsGAQQB
+vlgAAmQBATA2MDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUMk2hT+rwrpm27psHLIQIEVCL4n4w
+OwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20v
+cXZzc2xpY2EuY3JsMB0GA1UdDgQWBBR+NtIi5AShYymXbi06QjQKqnUU9jANBgkq
+hkiG9w0BAQUFAAOCAQEAexZ8hzfE4VGiF1E23Wil8FYG+VbnZGk1Wm3cZeB91OEb
+rWPCZLeXEiO76F7EJKoh67s424Kq4Lvpnretvv44tYmXfLFxdgri+2XTE6dW10QY
+pymFcCG55n/w/aKl5RZF1JYYLTkUS9AcFUi2YWVkpDnYMEOfkbgg2qp4Dc6aWM7c
+HbfufMv1Z5uWWu8o1jS64UVcIQDvBZ18EGCj146HUROAOnmXoqBD3eHzHMJfgB/a
+ZxS1an6vjoq5Ngfsmz9DSxyI+Y6lmtbpuhqAehRCBqjvVWYlBJGHEAzdbCB9nyeU
+fvjbmuT1IL5c1fEdLq9NJNdZ3QACToKieOt1rRYf5w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-demo.switch.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-demo.switch.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-demo.switch.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-demo.switch.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-demo.switch.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-demo.switch.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-demo.switch.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-demo.switch.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-demo.switch.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SAML2/POST" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-demo.switch.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-demo.switch.ch/Shibboleth.sso/SAML2/Artifact" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SAML2/Artifact" index="6"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://aai-demo.switch.ch/Shibboleth.sso/SAML2/ECP" index="7"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SAML2/ECP" index="8"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aai-demo.switch.ch/Shibboleth.sso/SAML/POST" index="9" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SAML/POST" index="10"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://aai-demo.switch.ch/Shibboleth.sso/SAML/Artifact" index="11"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://webdav-demo.aai.switch.ch/Shibboleth.sso/SAML/Artifact" index="12"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://www.jobzippers.eu/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.jobzippers.eu</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIC7jCCAdagAwIBAgIJAL3yb8wfS4E1MA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDWpvYnppcHBlcnMuZXUwHhcNMDgwODA0MTg1OTI0WhcNMTgwODAyMTg1OTI0
+WjAYMRYwFAYDVQQDEw1qb2J6aXBwZXJzLmV1MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAxC40A6BtrQ9g3oGgf17dueSn3FacBMIV2Uvz+BA0kFnkazuN
+GXcxZr9TTSo36QZL4j56uDR7+/9cgry+zMgVvlb++0/jvEGX6/x0CdqrnWzYftpc
+96KuQBiQp0662THM+ajJAsE/eeIZE6bPXvNAbDwCAZYuygAZBpHwoz/g/Tqx0riR
+X2nmgv8Lm9gNPBNXMNH+3eylWAvQUEgXpOiF08u8oEkcvJnboq+fdL471mxtqoPu
+Z6AG0TemIQ+Eay4oN7z3OpyhG7srYcdqfkeri7aFHKCiUhi5vbvE9h7SMhhIZTux
+k7YFphNLhhjzIxnWMg6ZfAFtJwL3egCvysS1twIDAQABozswOTAYBgNVHREEETAP
+gg1qb2J6aXBwZXJzLmV1MB0GA1UdDgQWBBRxo+IUJDXdbERYxNP2t54TFxesnDAN
+BgkqhkiG9w0BAQUFAAOCAQEAXX/fWiDoBilBBx9phcCXU1URL/Q7sW7SlHieqhBb
+weIJTxcTq6Fz+F5Dn3S8b3zJMG29cXrGYizIjdtWLMfCod4j8PI7D/ay2M1bgix0
+gthjdLPX0XoE4oYK7lvvIDAH0RL3YAxvnmEp8j4gR3BUn1w6fy3XpsdwQERAXKfE
+5xNNjjVm3XmJ0ltClSP1bSQ6um34JNZE50cWm+qToo9Vunn247YDpNuaGjXWTwlJ
+NAwp7YgTvKiass64OGEkRJ9hyvaLY6aGZEwgdJ8DasMm8ZpBsJr+94Fvt18DoAiV
+zfsBwGTsJz+W4QoPcrlP9oQIe8cx8RL4xtYW/q8pzD/j0A==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.jobzippers.eu/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.jobzippers.eu/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.jobzippers.eu/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.jobzippers.eu/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.jobzippers.eu/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.jobzippers.eu/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.jobzippers.eu/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.jobzippers.eu/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.jobzippers.eu/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.jobzippers.eu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.jobzippers.eu/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.jobzippers.eu/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.jobzippers.eu/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.jobzippers.eu/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://seserver01.unibe.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>seserver01.unibe.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIJAJDfEfoTmg5LMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE3Nlc2VydmVyMDEudW5pYmUuY2gwHhcNMDkwNjAzMTAwODIwWhcNMTIwNjAy
+MTAwODIwWjAeMRwwGgYDVQQDExNzZXNlcnZlcjAxLnVuaWJlLmNoMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+SEznmb1kPSeDkhYnSkLASzpkfCo+o4
+ZODLMigubLgFwnEqV1OxJrr7F3AE7bGIQeKmbwBh+/6GZP2vOv0aMjZAU4xZqX1N
+Tjj3twX62xkD3J9NnJvd68za33JrAOKfCP+C5zzy0LmVGDZnhv82G0ZPkEiWy5/y
+IzN1/3Xd3WQZ6rAGGxtYX1Y0k8R75SuucuQ/u2B3IQIE0t0/RPQTfEmmzqUxrMxO
+eKqWF9Itd2d8WXzoWbfPmwQlZXawzX9mp02LTWcWOR/6a9A2FEO8ga2toqfN3Yr6
+Akwaqz7VSZABzY9fya1/PJQ+INc54udGW0uqXiU4B+EwHmSNC+jnEwIDAQABo2kw
+ZzBGBgNVHREEPzA9ghNzZXNlcnZlcjAxLnVuaWJlLmNohiZodHRwczovL3Nlc2Vy
+dmVyMDEudW5pYmUuY2gvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUA3Mmmw1ojyh0ALYw
+z1XkOyq7OQgwDQYJKoZIhvcNAQEFBQADggEBADRXyAUjdMlf2PbTtyUQvaTfzUSs
+A5VbVGUUALMotWsCzHTphn4t/uDfgjcT4GSJ8LVYaWDXonJ+kWi2U90+FYD7Uqkg
+ozn9F0EZae1BABwIHrY7vwSuOrVAlC045Trkfit4muoHaRqfi7nvG9t3AA7qWchz
+JeM7G6tU7tiJSbE/JK6o6ChKY7qh431CkCE6RT1NYITgwColfFIFAkQesDaIy1Fa
+irAMDi6lrtc/pF0qS3MQYi8FyZAoR29nvy8DIi3eEqSIUVvmHgMUBbJ+vCxOH4Mn
+hv5+zX7+JuVNQnOFA9u7dNp+NFtdUgmRhjrXffYQFslNJTue6RKgPzbrmxA=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://seserver01.unibe.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://seserver01.unibe.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://seserver01.unibe.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://seserver01.unibe.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://seserver01.unibe.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://seserver01.unibe.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://seserver01.unibe.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://seserver01.unibe.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://seserver01.unibe.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://seserver01.unibe.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://seserver01.unibe.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://seserver01.unibe.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://seserver01.unibe.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://seserver01.unibe.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- UniBern Uniprint Service -->
+ <EntityDescriptor entityID="https://uniprint.unibe.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>uniprint.unibe.ch </ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFADCCA+igAwIBAgILAQAAAAABG8FkgrEwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDgxNDEzMjUzNFoXDTExMDgxNDEzMjUzNFowgY8xCzAJBgNVBAYTAkNIMQ0wCwYD
+VQQHEwRCZXJuMRowGAYDVQQKExFVbml2ZXJzaXRhZXQgQmVybjEaMBgGA1UECxMR
+SW5mb3JtYXRpa2RpZW5zdGUxGjAYBgNVBAMTEXVuaXByaW50LnVuaWJlLmNoMR0w
+GwYJKoZIhvcNAQkBFg52aUBpZC51bmliZS5jaDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAO5qHTgHBjlS2qrdBtdA6uGIsYRW4eztDOrPD9OXhZiJ9n6M
+t8owwBFL1zDavFc/L4yShAVamPp7d4V4XjTz4LCzLdbfO2yk2SWc7wzS0vcrw0U4
+cphA63dWPfxSDxbGbHYjKy35i2I62eTt8XkfLLiU4tRs/SRzbLL7TZn8HnoVOf3q
+4LTAdzmJzK2cvtdVQi74lsmeMQ5teH7BMecMzW2Bkf8woXmJwptl8t0ajsRxqNhg
+JQEXKsKmZ8rFzv/0nI0/uy5ayZqDtEcguW8hqypVYeMLj4/nSCz7rddAy+HfUhjR
+4fQ35x311GlcV3Hs0+F7XGXOSOXzUoifT4Fyj/ECAwEAAaOCAYowggGGMFAGA1Ud
+IARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2Jh
+bHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYD
+VR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFAxCu7m+ml7/
++sMsAubstVdNIcSVMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFs
+c2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEF
+BQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0
+aW9uYWwuY3J0MCwGA1UdEQQlMCOCEXVuaXByaW50LnVuaWJlLmNogQ52aUBpZC51
+bmliZS5jaDAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwME
+MA0GCSqGSIb3DQEBBQUAA4IBAQAt+F+6f4jYXI9BPTvAPpLe/lhsBW6/3VzxDwz0
+HxtHy6LEr4G8vTThVYViJC6IaxOVy1QDbjToov9/oJt6ZdTy0EIiCh5o73NlK6zU
+tchq2kZJv9PyEAAlc98HjX4QlGxuFocvUu1sVlk8zKkdexWsz0B0DOOnJe+yqwt8
+UWWsvrAeJ9/E5QlCcbqjQw5kwSKQHMEHA76mf2RtAeT2DAkcEA1FqUFa709e8LAU
+XjJyMs1JxLUMPOwd8mtcAVNwgDBrOaE0rxGu7VBVz/XS00PH1APAqkpiYRGUtbjv
+o+zwIfdvkh2Z4f+lK75r6/K3KsyYbTAyPo4eTWT4dBJDn+PC
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uniprint.unibe.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uniprint.unibe.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uniprint.unibe.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://uniprint.unibe.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uniprint.unibe.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uniprint.unibe.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uniprint.unibe.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://uniprint.unibe.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uniprint.unibe.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://uniprint.unibe.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uniprint.unibe.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://uniprint.unibe.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://uniprint.unibe.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://uniprint.unibe.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://aai-testsp.unibe.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>aai-testsp.unibe.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFEDCCA/igAwIBAgILAQAAAAABG+QBiFMwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDgyMTA2NDQxMFoXDTExMDgyMTA2NDQxMFowgZcxCzAJBgNVBAYTAkNIMQ0wCwYD
+VQQHEwRCZXJuMRowGAYDVQQKExFVbml2ZXJzaXRhZXQgQmVybjEaMBgGA1UECxMR
+SW5mb3JtYXRpa2RpZW5zdGUxHDAaBgNVBAMTE2FhaS10ZXN0c3AudW5pYmUuY2gx
+IzAhBgkqhkiG9w0BCQEWFHNlY3VyaXR5QGlkLnVuaWJlLmNoMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQb22BK2VX53AcaymTNE71OTbgnCnaGIX1wH
+Am2RkiKMJokFowt66e9ocBnO+lfhEfkrr6Y5viBk+/nNm1O61U70XhOn0lscn0hl
+/ALRuozV/wgc9SkJ8c6QRtUYN2ytv1XCkbOD0KMHxi2SjHD+Ddg1nDeDl1vqhPeo
+4BTUjIVeuhddWmqP2Sl76A6siUEZ0t7qglEzPkNFdf9sBnnXIZw+ZL09broUazOB
+uWy556T4iIHvLogOjCVcuQIFBEwkbVouFfQRBa7jwWp0rmUyWp1Sxgll4PL0dII9
+8fo3T+371QNQoFNCHoy/1BH5wFRtKLrdVoTQsQkL11nR9dHcfwIDAQABo4IBkjCC
+AY4wUAYDVR0gBEkwRzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93
+d3cuZ2xvYmFsc2lnbi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQE
+AwIFoDAfBgNVHSMEGDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQU
+8Xeke1P8O15BUNeznQsFolTGuZUwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2Ny
+bC5nbG9iYWxzaWduLm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBB
+MD8GCCsGAQUFBzAChjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2Vy
+dC9lZHVjYXRpb25hbC5jcnQwNAYDVR0RBC0wK4ITYWFpLXRlc3RzcC51bmliZS5j
+aIEUc2VjdXJpdHlAaWQudW5pYmUuY2gwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsG
+AQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOCAQEALkplj9KWM4k3KZRV
+cpMd5zKuZm5xY2RQOAD6X+lLCuqskR1rBFM0r2sOBxD7C3w93PQehpG3H9ewMbYE
+l4Qgzrlkm7TD8Olb6WLGbvjdSs2w83Rg0UuzjoXyKlZDt2H5jsd4UaPZWKySPm6z
+FJVW3m4NGE/WXAdt2d9hBdDYPFoo/FqUPPpcpDugewcXHf+0ey70thSvgdCL3K8z
+xwMvOAZAzyFQFIVIF2c3RTnxw+cNHVYuJxuRRAm9nHcYl9IL4bgV6UQz4PlAM5s9
+pBeymr8puVK5ZMXdOtaCSRYo71LfPFexvfJ1Jin4VN8jBBu7UTZ5LZYAuCAP5IVh
+i3Hb7w==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://aai-testsp.unibe.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://docexchange-test.unibas.ch/docExchange/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>docexchange-test.unibas.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEhDCCA2ygAwIBAgICAOAwDQYJKoZIhvcNAQEFBQAwdTELMAkGA1UEBhMCQ0gx
+DzANBgNVBAcTBlp1cmljaDETMBEGA1UEChMKU1dJVENIIEFBSTEMMAoGA1UECxMD
+QUFJMRQwEgYDVQQDEwtBQUkgVGVzdCBDQTEcMBoGCSqGSIb3DQEJARYNYWFpQHN3
+aXRjaC5jaDAeFw0wODEwMjMxMTEwMzhaFw0wOTEwMjMxMTEwMzhaMHYxCzAJBgNV
+BAYTAkNIMRswGQYDVQQKFBJVbml2ZXJzaXTDpHQgQmFzZWwxIzAhBgNVBAMTGmRv
+Y2V4Y2hhbmdlLXRlc3QudW5pYmFzLmNoMSUwIwYJKoZIhvcNAQkBFhZQYXRyaWNr
+Lkd1eWVAdW5pYmFzLmNoMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+1M+2/XymQocLtAdN22KosHtLFhg2ZXOALoRS1qSaWJurM3agdoyL9MYCsfMcMqCK
+IwMaf0+/srg5zLc/Q/TcyZ+hr0pJnD9xVoJ8/I2MTHoguYdXBzMO/XzSd9PVFh3M
+19jfu39W/teIP64PKSDwQVRUSKNUGYKbCyisjy4SXu0Ht2L2BMGYpyZRaIpnbeAI
+Xg0kGBX9e3uEiHjpB0TosBkd9p3/pvXwOub/HIPsNMXp8tuTynnccB+WVvFOOwkf
+VjCr8HA1RH75yfWTwQS/QKfowSYWC5sJht86LVFAvnqFbBF5wae2GJlm566dy+pp
+dr8mg/pOqyMq/YLAlsMrRwIDAQABo4IBGzCCARcwCQYDVR0TBAIwADBJBglghkgB
+hvhCAQ0EPBY6R2VuZXJhdGVkIGZvciBBQUkgVGVzdCBGZWRlcmF0aW9uIGh0dHA6
+Ly93d3cuc3dpdGNoLmNoL2FhaTAdBgNVHQ4EFgQUJ3NsVoZebUOv9acjzmihfB4r
+RwMwgZ8GA1UdIwSBlzCBlIAUBUfEhodT+g8w0FKlofBLJmt5UkOheaR3MHUxCzAJ
+BgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxEzARBgNVBAoTClNXSVRDSCBBQUkx
+DDAKBgNVBAsTA0FBSTEUMBIGA1UEAxMLQUFJIFRlc3QgQ0ExHDAaBgkqhkiG9w0B
+CQEWDWFhaUBzd2l0Y2guY2iCAQAwDQYJKoZIhvcNAQEFBQADggEBAGzNtLjWbSTC
+mzAFOte+EEwfF5ZgBsObq6MWZ1u7QpovdkAodTExA1aNIcEpRLH85IaxN0tdlJEH
+ARaFjlKUhU7Uj2zZWS3qB27QA1BfRvYJsSr44YD9apxDXaH+368Fnt6qWJ/7NUBb
+RMlMvPQD2mEb7UkhptGyED4XLSG18hSvQvLIOx4kAS37OQDOVltlFWuX/NVC/Gpy
+ttiWY74fCO1j08l0n4ZYVnbgOKGZFQhNVbrDWuIhWPn7SHjGPwYbz6UrC4OfsZ77
+KZeXVOAeDKRhlnyFLNRmBF6g871xZleE/XSP7Fs03MHVRnX55z02/eEBw97Jcm0J
+iB7YgPjwrlo=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://docexchange-test.unibas.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://chbtptst.oclcpica.org/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>chbtptst.oclcpica.org</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMDCCAhigAwIBAgIJAJbPDZa8rC5cMA0GCSqGSIb3DQEBBQUAMCAxHjAcBgNV
+BAMTFWNoYnRwdHN0Lm9jbGNwaWNhLm9yZzAeFw0wOTAzMDMxNjI5MDhaFw0xMjAz
+MDIxNjI5MDhaMCAxHjAcBgNVBAMTFWNoYnRwdHN0Lm9jbGNwaWNhLm9yZzCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALxCvT7qp94jaHy8AJyv21IHBDj6
+RmQyVdVRTpnUWbH5YSEg4rvtcArLUB+6r6mtOPUK64Jyu/vOZdnjVPeex8PXjchE
+kor2qdfZyrGxQ6DgCNz2//IqMTyshshOQGbBbxcSilW18GtlkIkUIzy/1JZM1PXm
+EIYGzasDCnoz7TuqUaLLP68HAbF+BJZ/wMdjHUtBwE3+ZA/YTI9xXScpPBw+cw48
+K1aMViVIJ41xIWeQwyxK3E7sg49pUanqacQh+s/4nGTAvetq5ozCB4w8Uo635Bv7
+WGOTlskD+c+1qFxmVAXGVbSONuRe24AKptqDfhT7prWuZSrppJ1lgXIcfqsCAwEA
+AaNtMGswSgYDVR0RBEMwQYIVY2hidHB0c3Qub2NsY3BpY2Eub3JnhihodHRwczov
+L2NoYnRwdHN0Lm9jbGNwaWNhLm9yZy9zaGliYm9sZXRoMB0GA1UdDgQWBBRg/hq1
+v9m3kv/eouaIpOIbqyaweDANBgkqhkiG9w0BAQUFAAOCAQEAgePAjA75kWlqMe11
+ScvNNo0cD/j9nmUCSTDNP0ZMwBiRAGItV4LK9+JJRWnVUZvBI1aaJEmJBpRsjAp2
+0i0D82m7XaKlDFTRnyWegk/hPEryZkmjGCCDzpjW0hJoyjn2Rt7ZhqRxfpmKnbRE
+K/PnXfYKzje4Zh62y60qvF9qkUmf5BtV2aXTo6gz4Z6TPD0BYDYCA20Qo3I5wKDm
+cDmgt3IcbBmlEFWYoPO+b2GtfNW86TZMV0hCdI9ymSOX1bX3YNlxrv3GlqnGE4Y/
+g4JhVDmiyhLg2yIMB8oft10qLOYr82yXlG8QChYcKQ24xSiyTMdeUgN7fDiVZKLz
+Y8nhzQ==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SAML2/POST" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SAML2/Artifact" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SAML2/Artifact" index="6"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SAML2/ECP" index="7"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SAML2/ECP" index="8"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SAML/POST" index="9"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SAML/POST" index="10" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://chbtptst.oclcpica.org/Shibboleth.sso/SAML/Artifact" index="11"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://chbtptst.oclcpica.org/Shibboleth.sso/SAML/Artifact" index="12"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://test-xtremwebch.eig.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>test-xtremwebch.eig.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNDCCAhygAwIBAgIJAJH+Bqu5sJjDMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNV
+BAMTFnRlc3QteHRyZW13ZWJjaC5laWcuY2gwHhcNMDkwNjE4MTAyODI2WhcNMTIw
+NjE3MTAyODI2WjAhMR8wHQYDVQQDExZ0ZXN0LXh0cmVtd2ViY2guZWlnLmNoMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5kktluat9cBvrfnDadaWY1L/
+V6pBa136vMPoiFD9InnVawBgdvPtGgvhNXycuAwwQHHNEJguEW4xUFdWpuNo2SJB
+xs3RW21U+FobI0/ZGbxQ25pHLjlK1eDDfjVtDxEEHKskVqmhdGnBjW0/ubvrk7kZ
+s26H9AMDZNAIgWMggH4TH99XsPuqWrrZ5wmQWoutXX82OsPv/JgHI3aR0mLT82K1
+8uf8cetq5tvTp8dqBHk4ezMeiof1Ad1/zSDsVLKPWhQVmTmSZMnXHnBUR2GwhSoQ
+/ljYzn9sat7ItBYRqCreiCTsn7p+15BBIszUMT0NQCckFCXxIkziXjcSg2+76wID
+AQABo28wbTBMBgNVHREERTBDghZ0ZXN0LXh0cmVtd2ViY2guZWlnLmNohilodHRw
+czovL3Rlc3QteHRyZW13ZWJjaC5laWcuY2gvc2hpYmJvbGV0aDAdBgNVHQ4EFgQU
+mcY9pX5JtijRB7D0bj38XwFzNAwwDQYJKoZIhvcNAQEFBQADggEBACnXM8AK4yPj
+rsedg2FIzZy3u5DsNNC9Y0UGy4yQ5+1vzv06VuJ7tPxjcmk1dwHhuA8ZpYRRz9Jb
+ahrySRbLgeBD1Lr/PTHLxtkIHkeEHXI3k59zo+8fPNboAHex0d36eWqDMcWsuuPf
+MTiSB5Yi2z4AAAPwNGxoxreA/7ADscZodBU7u2MbPxbadU3BlkO8fUlAXvX+NQaJ
+eawJeTldAlg8qzx9AFjV+zUizprV4YFOco+gPZW/B0cJwoIbOKWTjLxFPlYoh96c
+On0oAnbPW0Rs7mYMUzBAm8RFpGO6nVb4rmSvJQLRQTKrNBFGNAQdnmYURwfHFTUH
+dvbi6zQftOI=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://test-xtremwebch.eig.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://www.infoclio.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>www.infoclio.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGDCCAgCgAwIBAgIJALtgKixof8AhMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD3d3dy5pbmZvY2xpby5jaDAeFw0wOTA3MDYxNDU1MTNaFw0xMjA3MDUxNDU1
+MTNaMBoxGDAWBgNVBAMTD3d3dy5pbmZvY2xpby5jaDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMyFb/gtXvw4RMCOY6TlIbY469vvDtjj8TrHK2zkqOPn
+sxpKWBBM0yC/iO5ymb6sr1hBcEkPeNlR4zaI7DxDujDZ+M7JXJAcV5Cmn76Hy+5d
+2495xsdDraggC4fc4oo0CECLJpyj+I5pH4UQlkKXpmUXSosnQAxkThEZLqi3nqX0
+ZK1h1iGdeaBwuki+GMZIgvvAyXGz66XZFjSdDiKPHDf07kgE5WA7vqEy05XSq/Im
+km+g6+Eg+Vbs/mkw/N6vYgq8gip+iZsnRjQ/DhITwB9NM9cVgu2QSQ77l2CTFdiq
+GjU5TVxR0ywsWx1b0qIih7VttlLfvjoY4matxgNRB1sCAwEAAaNhMF8wPgYDVR0R
+BDcwNYIPd3d3LmluZm9jbGlvLmNohiJodHRwczovL3d3dy5pbmZvY2xpby5jaC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBS/LYCkCTwHQ40VQhuTX101PwoFBDANBgkqhkiG
+9w0BAQUFAAOCAQEADxxmBXzjzatjI5oLEV6rN8L/ys+jRWpowWjrXxWLJqXFmkem
+GC4eELVict5iIgwWZFeLXfmnVdV305vPIyUyfWAvGNLGkILYZKDUmIXAMnBdUMtN
+Wj7G5yFCbTPtegWr48AKS4qG3yczOHn+5wnNFB5mq9mjr+wH51mMmN+yX2GwLS18
+JatBteq2KFNEXJRRRASefFv3l+gLCmplNTM6IO30TyUc0QzY2ccTdOUynXJ+uKc6
+Dy4lSKg8FxWdLNGPBkf27WojcUcnpFpKj+TitjE1DiYLOgxlJ6fxy0J7nRFKldkn
+Ia3RyINr9lkPFASMIusj1JfJOTOnu23bOENNTA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.infoclio.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.infoclio.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.infoclio.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.infoclio.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.infoclio.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.infoclio.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.infoclio.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.infoclio.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.infoclio.ch/Shibboleth.sso/SAML2/POST" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.infoclio.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SAML2/Artifact" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.infoclio.ch/Shibboleth.sso/SAML2/Artifact" index="6"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SAML2/ECP" index="7"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.infoclio.ch/Shibboleth.sso/SAML2/ECP" index="8"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SAML/POST" index="9"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.infoclio.ch/Shibboleth.sso/SAML/POST" index="10" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://infoclio.clients.liip.ch/Shibboleth.sso/SAML/Artifact" index="11"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.infoclio.ch/Shibboleth.sso/SAML/Artifact" index="12"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Microsoft DreamSpark Staging -->
+ <EntityDescriptor entityID="https://staging.dreamspark.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>staging.dreamspark.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDNzCCAh+gAwIBAgIJAOZOeUMD46e1MA0GCSqGSIb3DQEBBQUAMCExHzAdBgNV
+BAMTFnN0YWdpbmcuZHJlYW1zcGFyay5jb20wHhcNMDkwODE5MDg1MzA2WhcNMTIw
+ODE4MDg1MzA2WjAhMR8wHQYDVQQDExZzdGFnaW5nLmRyZWFtc3BhcmsuY29tMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUYPnlbZtLjjlF8ndMptK72T
+HPTK5MqiMaSmZLzk5ldV80Ho7o1ofxQwzL37OYC/nc9bfA99JtAUYwAlQzFU2B78
+bVMwc+qWvX8/E0yDY3GEacp5lboum/2a20tpfDUU15bUQRkQgKZci5UHElWErkrH
+g1B5FocIipHAHYOBiyAcdqJU+oRl4By7EU9v+1NpICXS9M5Yu2TRGXB9t7qL26AN
+RsTr9DaCJyOZomWf43PNU1aEWvd0ELWIJWEd2ux/K0r7msMbglymivZXpQolpYSU
+Z/F746ra6D74nyoD1PxzvUU8bWgkV286h2OiIxIYHpDbsaosVhrrBDmdZDi83wID
+AQABo3IwcDBPBgNVHREESDBGghZzdGFnaW5nLmRyZWFtc3BhcmsuY29thixodHRw
+czovL3N0YWdpbmcuZHJlYW1zcGFyay5jb20vc2hpYmJvbGV0aC1zcDAdBgNVHQ4E
+FgQUPA8Ac2fYnx0k1jDIhnMS/6Brt1MwDQYJKoZIhvcNAQEFBQADggEBADCfXl9E
+1Ezmt/LyfSdcIG2qIg4PgbdlJIxztzvVB3vZgpT0Yg7i3UbcCwpdXeJ9G8BLtyCm
+1RSME92A9RSjpsgOt+Lzytt8CaHdx8nigvezyN2/YQlCjXpndHlOd4KCJKtOJsue
+nluGsRTpSIwMQ9EfhyKMDagiZ3MVswGas3JX7Z9UOv4i5hXAfQuR8IemtCEoHFbp
+IjlMxfIPxt7jvtIuSn7kAS5atTpFKlrPTOZxDPi3njZBCXAuwHcr2cK7MC92BIUl
+PzAiEMDAdnQJouFLWg4sdNIYpM1pr3HaWhoLEi1dOJh/W1atv2FAc0OLTK9AhxVX
+G8cMZQIYcDgdaV4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://staging.dreamspark.com/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://staging.dreamspark.com/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://staging.dreamspark.com/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://staging.dreamspark.com/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://staging.dreamspark.com/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://staging.dreamspark.com/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://staging.dreamspark.com/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://staging.dreamspark.com/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://staging.dreamspark.com/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://staging.dreamspark.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://staging.dreamspark.com/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://staging.dreamspark.com/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://staging.dreamspark.com/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://staging.dreamspark.com/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://pegasust.unine.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>pegasust.unine.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIJAJsLKawg3kMbMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEXBlZ2FzdXN0LnVuaW5lLmNoMB4XDTA5MDgyNjEwMDMwMFoXDTEyMDgyNTEw
+MDMwMFowHDEaMBgGA1UEAxMRcGVnYXN1c3QudW5pbmUuY2gwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCnM3t8c8pX2jbK6rfNCWmv9ktLphmR0ntPDJyT
+k6dHwgUBmOTPuM7NXew+mxvUenWrIScR/BoOFW5clVKxWuEOLdd61PQ6jSqgfIH9
+dj+9aprwW9Eizfopu63dqxJMRkPIzYukGvMknAui5dDjwrXpcfLxSeE8j0TguzNS
+XUWKKJMyiU+txhdXQPVFnDBH9tTkTrYkPclqveBmD6cLoAa/7i25jaVP0zOl7WyQ
+1QwypDT8eHx3RoXF+CGON9FSLl/v3iI161wwIRyP6usQslu8kRgChdtS6JHKcn05
+HwtW5g0lGjMj9IHnjwVAMIenovswgsbDQpSLQIQVLXFc0jc1AgMBAAGjZTBjMEIG
+A1UdEQQ7MDmCEXBlZ2FzdXN0LnVuaW5lLmNohiRodHRwczovL3BlZ2FzdXN0LnVu
+aW5lLmNoL3NoaWJib2xldGgwHQYDVR0OBBYEFPwPIVovKZGW/LVhMsQetsArDWhC
+MA0GCSqGSIb3DQEBBQUAA4IBAQCbnFQXx7TW+MLNutFDntCJfKsNlDzUsLFpHUMw
+VxPUERlqOxT0J9xqcdMp0398yG/oE65ZBx60RocdTMS0mPGkYOw0atpWnwBhz1Mi
+UtYLSB+upDVoSdnM+xai/0g8kmPAyR95haFcn+Ocv8PvsvJxIF3orSGwzxmp3EYi
+YlTaRXfUkBRmrDGJXr01cu+CH7Ff9C4faXfwtBU5o5rnguZCpjENfA6CXMZHQ/Vy
+WdYwkjANaFdGMNqESnMmEL/TWQKhZXoIQJ0ukdc+abwyb2OthHslCMEg13GVlBYi
+hU9WLge8pFugIMlVcFHFiKhw1TmCXPE+IJlG8zuJw3wveZTL
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pegasust.unine.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pegasust.unine.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pegasust.unine.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pegasust.unine.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pegasust.unine.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pegasust.unine.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pegasust.unine.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pegasust.unine.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pegasust.unine.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pegasust.unine.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pegasust.unine.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pegasust.unine.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pegasust.unine.ch/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pegasust.unine.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- unterrichtsvideos test -->
+ <EntityDescriptor entityID="https://unterrichtsvideos.schwyz.phz.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>unterrichtsvideos.schwyz.phz.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIFLzCCBBegAwIBAgICFRAwDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDgwNzEyMDk1M1oXDTExMDgwNzEyMDk1M1owgaAxCzAJBgNVBAYTAkNIMQ8w
+DQYDVQQIEwZMdXplcm4xDzANBgNVBAcTBkx1emVybjEwMC4GA1UEChMnUGFlZGFn
+b2dpc2NoZSBIb2Noc2NodWxlIFplbnRyYWxzY2h3ZWl6MRMwEQYDVQQLEwpQSFog
+U2Nod3l6MSgwJgYDVQQDEx91bnRlcnJpY2h0c3ZpZGVvcy5zY2h3eXoucGh6LmNo
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYoRS9j2e+ZjJ03Sa3UR
+3rv/MwsRWfvBsx1NzsXRzo9pdWEOyGGYXFGkxOOASGmln+AphvziBGHhkTKuntPa
+RG41XcytrqAEB+3z1JVz6ne/40k7ku9HlhGtTstbZwed9ilsb1zEZjqRAcEjJ5eI
+yh2x1UKuAlMkP4gz77jNpJrRdsFzsrKoT+w8cnFkHxt1flPl0xA28FJzpnC7pEug
+PvnX3lL6zKKX4Qt2R71ePABRAxw4boUi1Buss4CT2Vyr4XX7P/ubaUQZSNhxwQYZ
+at1s2Txk0chobZ7im53M56OPv53EiMTDeGkGOsjJG1WyCpV+M8RULW2z8USxeRFk
+gQIDAQABo4IBpTCCAaEwdAYIKwYBBQUHAQEEaDBmMCoGCCsGAQUFBzABhh5odHRw
+Oi8vb2NzcC5xdW92YWRpc2dsb2JhbC5jb20wOAYIKwYBBQUHMAKGLGh0dHA6Ly90
+cnVzdC5xdW92YWRpc2dsb2JhbC5jb20vcXZzc2xpY2EuY3J0MCoGA1UdEQQjMCGC
+H3VudGVycmljaHRzdmlkZW9zLnNjaHd5ei5waHouY2gwUQYDVR0gBEowSDBGBgwr
+BgEEAb5YAAJkAQEwNjA0BggrBgEFBQcCARYoaHR0cDovL3d3dy5xdW92YWRpc2ds
+b2JhbC5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMCBaAwHQYDVR0lBBYwFAYI
+KwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFDJNoU/q8K6Ztu6bByyECBFQ
+i+J+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwucXVvdmFkaXNnbG9iYWwu
+Y29tL3F2c3NsaWNhLmNybDAdBgNVHQ4EFgQU4Xt8sWlnX7gYGx1Y/M6Eulv1qaow
+DQYJKoZIhvcNAQEFBQADggEBAEk9YUZoO/Kl2C3ELbofm9NubTPB2Py34ea899Pl
+3qSVlRAcHXqY0/09fvchYS7Gj9vGL5N5Ia6T5Uv/yyOJakLGDZOuLuMfuGam6Zc/
+Cs17f/037OiPn43sdvUj3sVpJQ6XtP+PDrN0ZcUiJzHLm9xiS6d+ZEdwu8f4ZFw/
+UFYxB96y0O2gol+9+HCFdZq3pCjPeRDFgVY100UeS7FfgyTvFH6mkVAbASTGtFB+
+PrJDKcjZ9Lj8d99sdotJZvbn7SERSZZB7B85J0t0dzJTlHIwmhFvY6Aihic7t9ew
+BUJPTzQIRQaZmoDWMUkOh+SH0T39tv6TSaoCE+X2oQRlB4E=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SAML2/POST" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SAML2/Artifact" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SAML2/Artifact" index="6"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SAML2/ECP" index="7"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SAML2/ECP" index="8"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SAML/POST" index="9"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SAML/POST" index="10"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://www.unterrichtsvideos.ch/Shibboleth.sso/SAML/Artifact" index="11"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.unterrichtsvideos.ch/Shibboleth.sso/SAML/Artifact" index="12"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Forced SAML 1 Attribute Push Service Providers -->
+ <EntitiesDescriptor Name="https://www.switch.ch/aai/SAML1/Attribute-Push">
+ <!-- SWITCH, AAI Attributes Viewer 1.3 (kelimutu) -->
+ <EntityDescriptor entityID="https://kelimutu.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>kelimutu.switch.ch</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kelimutu.switch.ch/bscw/Shibboleth.sso/SAML/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kelimutu.switch.ch/Shibboleth.sso/SAML/POST" index="2" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kelimutu.switch.ch/Shibboleth.sso/SAML/Artifact" index="3"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- ETH Alumni Test Service -->
+ <EntityDescriptor entityID="https://alumni.ethz.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>starlight.imstrategies.mine.nu</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDRDCCAiygAwIBAgIJAK4TQcCLAJYcMA0GCSqGSIb3DQEBBQUAMCkxJzAlBgNV
+BAMTHnN0YXJsaWdodC5pbXN0cmF0ZWdpZXMubWluZS5udTAeFw0wOTAzMzExMTU2
+MDZaFw0xMjAzMzAxMTU2MDZaMCkxJzAlBgNVBAMTHnN0YXJsaWdodC5pbXN0cmF0
+ZWdpZXMubWluZS5udTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPIm
+74vNzXAoSOLkHasvfekbwNjMjM8bEQU/YYYmknuIbBTQeRYleKm9JopzN7pGdOb2
+vChCtTkTZ26I5aXk9VfHs9BEZvcT4enD6YKsjgEjI3dqr1/7st8ymsoD7juy1CUb
+C9+WcfBQrrYr7U0iBARvUNGwWYuIOtjdxGWNBx475IlIUsJMcYPm6W/WHklrRgRK
+iWefBpSYMwLwbAB3lS2N7JBHeCxZoy5UbNIS9pRVg4vm/2MmfiX2sa9AbgFp3EEf
+vOAltK+2qCa1UCJhoOP7K+JP6WL1JelEFI8S7YpnSNWtKvlt6eqxKhHJkctjEb+v
+5CnPJYmmy5o2gGS9WJcCAwEAAaNvMG0wTAYDVR0RBEUwQ4Iec3RhcmxpZ2h0Lmlt
+c3RyYXRlZ2llcy5taW5lLm51hiFodHRwczovL2FsdW1uaS5ldGh6LmNoL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFOp2Jrbkk7kDXKrFz6+DHjEKJtWkMA0GCSqGSIb3DQEB
+BQUAA4IBAQDCr2qf6xhllPncwezUaJlYKNXhxt99l/fudscImXTWisd0j0Sn/tdO
+8StOJcGOqF3hsnHtJGir5ZoO5C41GmXYtxIA5WS6UoqjoE3ZkJjh695lS5zIDPat
+C4TYgKk/NCVWVU3c+REXn5Lq5xU3UAG8wb2ydBvl4MmBUeQtluJCGGpkQZVa81Fw
+Z5KEvbkm9SyS+tw6LD/UXae9Gr5u0yyxJp3jE5f3qgpIDgo5Et2fY9UW/+XvMyOn
+LPu4v7v1Yjyd+NHKhA405uhYJ6B5gGCarwRkBOOsAzYy+9KN9Xr253tVa2jysb5R
+wxHayzj0PJ5D3/3aGBMAMLVKlZGnnVFi
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://starlight.imstrategies.mine.nu/Shibboleth.sso/SAML/POST" index="6"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://starlight.imstrategies.mine.nu:9980/Shibboleth.sso/SAML/Artifact" index="7"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- eduGAIN Home Bridging Element (Prod) -->
+ <EntityDescriptor entityID="https://edugain-login.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>edugain-login.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE+zCCA+OgAwIBAgICE7EwDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDYyOTA5MDMxMloXDTExMDYyOTA5MDMxMlowZDELMAkGA1UEBhMCQ0gxEDAO
+BgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRD
+SDEgMB4GA1UEAxMXZWR1Z2Fpbi1sb2dpbi5zd2l0Y2guY2gwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQC1xcz2he0VfjSWMZ+1SR9lWGKIIs2rsJarSUX+
+vcabKPArSP5mq7q417f3VKGxyzA3VGhw1Rqlb/7M/hflJP2IHX11SNSbZMpUj6tj
+P9l4i6pyliO4izXDqgBRMiLupxODzYhwet2KHnQX574C+Sb43qy/5QJHhrMUU7ZG
+UKMrM2z4OQHEwzHu9xlBLcZNPQ2pjuLrWLw8S08FIXR8cgB8gzSv4xcVgOK9euBL
+cZQVo5ub+VteQvGHLgXsbSYC8+zB1MDSBc6dMGI9VCD//uZFd4naBq7tMdA7+EDD
+IPda4lHJ1fQEWWJdL0nyXXE9Zg909CprtfU0ToBC/i/uYZHjAgMBAAGjggGuMIIB
+qjB0BggrBgEFBQcBAQRoMGYwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3Zh
+ZGlzZ2xvYmFsLmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlz
+Z2xvYmFsLmNvbS9xdnNzbGljYS5jcnQwMwYDVR0RBCwwKoIXZWR1Z2Fpbi1sb2dp
+bi5zd2l0Y2guY2iCD2JhbnVhLnN3aXRjaC5jaDBRBgNVHSAESjBIMEYGDCsGAQQB
+vlgAAmQBATA2MDQGCCsGAQUFBwIBFihodHRwOi8vd3d3LnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9yZXBvc2l0b3J5MA4GA1UdDwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEF
+BQcDAQYIKwYBBQUHAwIwHwYDVR0jBBgwFoAUMk2hT+rwrpm27psHLIQIEVCL4n4w
+OwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5xdW92YWRpc2dsb2JhbC5jb20v
+cXZzc2xpY2EuY3JsMB0GA1UdDgQWBBQyfnOVk6AbaVFfOLl5Ery4twF1UTANBgkq
+hkiG9w0BAQUFAAOCAQEAfTFJ8UHHXiC1tBEACvkLhQotpyHdK2XD12gqxRZyx/1e
+FbAa2t3oDYqLDH+pKyTOfIWxXsxcxA93hOryaL/28hNmSRYjbNAI0+B772VA7pNy
+PehEEAwpicLtunwqR6kZbhmsWPCvU4gCJKdhaNHEKB2Y9btEiuYyx4Waa8ulDXvO
+nJ3VXEtnzH7R/75k/mQkqR76wk+FOOjH1pbIMYKGLdRaaUVhCy18fMk4T07Y3c7u
+AD70l1a+e8Ry6MRsp+EIeOrKoRG8hk/qOgsMbtUr+JVygNB6ZvSZXnraFTSqfOzR
+fION97NAuurz/VRgHna4Ut2BZlRzgkNWP4pjvOTxRg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://edugain-login.switch.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edugain-login.switch.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://edugain-login.switch.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://edugain-login.switch.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://edugain-login.switch.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edugain-login.switch.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://edugain-login.switch.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://edugain-login.switch.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://edugain-login.switch.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://edugain-login.switch.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://edugain-login.switch.ch/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://edugain-login.switch.ch/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://edugain-login.switch.ch/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://edugain-login.switch.ch/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://orbigate.orbiteam.de/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>orbigate.orbiteam.de</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://orbigate.orbiteam.de/Shibboleth.sso/SAML/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://orbigate.orbiteam.de/Shibboleth.sso/SAML/POST" index="2" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://orbigate.orbiteam.de/Shibboleth.sso/SAML/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://orbigate.orbiteam.de/Shibboleth.sso/SAML/Artifact" index="4"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="http://dev.andreas.feide.no">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dev.andreas.feide.no</ds:KeyName>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://dev.andreas.feide.no/shib13/sp/AssertionConsumerService.php" index="1" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev.andreas.feide.no/shib13/sp/AssertionConsumerService.php" index="2"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://maestral.fit.fraunhofer.de/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>maestral.fit.fraunhofer.de</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIC7zCCAligAwIBAgIJAJtYT/Wq1EepMA0GCSqGSIb3DQEBBQUAMGUxCzAJBgNV
+BAYTAkRFMQwwCgYDVQQKEwNHTUQxDDAKBgNVBAsTA0ZJVDELMAkGA1UEAxMCY2Ex
+LTArBgkqhkiG9w0BCQEWHmdlcmQud29ldHplbEBmaXQuZnJhdW5ob2Zlci5kZTAe
+Fw0wOTAxMTQxNTQ1NTdaFw0xMTAzMjUxNTQ1NTdaMHAxCzAJBgNVBAYTAkRFMQww
+CgYDVQQKEwNGSEcxDDAKBgNVBAsTA0ZJVDEWMBQGA1UEAxMNbWFlc3RyYWwtc2hp
+YjEtMCsGCSqGSIb3DQEJARYeZ2VyZC53b2V0emVsQGZpdC5mcmF1bmhvZmVyLmRl
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDcfsEdqjPPv++2loflmivC/V3P
+nzRmxWPJBEd1QjnBtMjzUx0P38O33f7sfpNYL3o6e1eV1ksYbyqfZjuB5taLoH7b
+YDmJjnGKN2Il047DnqWKPPHd3wXkZLWpNw4zWXsztwSOD9QZAT8ESdzQo8B4p/HL
+r2Wpuh20uPcMJ3ErZwIDAQABo4GbMIGYMAwGA1UdEwEB/wQCMAAwKQYDVR0RBCIw
+IIEeZ2VyZC53b2V0emVsQGZpdC5mcmF1bmhvZmVyLmRlMA4GA1UdDwEB/wQEAwID
+uDA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIGNsaWVu
+dCBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBaAwDQYJKoZIhvcNAQEFBQAD
+gYEAhV3Wp4Mwaphjo+XH//1wLbsl2ETTfgAZcynYl5/aYKdqwClLFD+ih4EQcnVr
+e77xtFihegeNQAXQTrxR1J3pxoQQzZdQuF96Z+2Q8J6VN+ZDkzchk32pUmMPAs9j
+VYxCqUHYXs7OPn5z8h17ctJEvl0gjJGHgV6tu5m9HLRrt/w=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://maestral.fit.fraunhofer.de/Shibboleth.sso/SAML/POST" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SAML/POST" index="6" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://maestral.fit.fraunhofer.de/Shibboleth.sso/SAML/Artifact" index="7"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://maestral.fit.fraunhofer.de/Shibboleth.sso/SAML/Artifact" index="8"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Not public -->
+ <EntityDescriptor entityID="https://ebulobo.switch.ch/simplesaml">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>ebulobo.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIE3jCCA8agAwIBAgICD7owDQYJKoZIhvcNAQEFBQAwazELMAkGA1UEBhMCQk0x
+GTAXBgNVBAoTEFF1b1ZhZGlzIExpbWl0ZWQxHzAdBgNVBAsTFnd3dy5xdW92YWRp
+c2dsb2JhbC5jb20xIDAeBgNVBAMTF1F1b1ZhZGlzIEdsb2JhbCBTU0wgSUNBMB4X
+DTA5MDEyMjEwMzg1NloXDTEyMDEyMjEwMzg1NlowXjELMAkGA1UEBhMCQ0gxEDAO
+BgNVBAgTB1p1ZXJpY2gxEDAOBgNVBAcTB1p1ZXJpY2gxDzANBgNVBAoTBlNXSVRD
+SDEaMBgGA1UEAxMRZWJ1bG9iby5zd2l0Y2guY2gwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC94Uyr8fcL6cAzgCIfsjX2YFzndZornB2uYyYKmiUJOw46
+t7kDk+4c7KQDFzcG+AmTdLRPflcIJZ+w3mUCtbmuUNgyA3J7l/PX9CmjU3l6CbRT
+dPfGdS4GAdnHlDVez9MM+yDoyPXHcCKkY6+wX9BpmfzmYNXXquN9vy/NbwYGEkxJ
+ghLRrRJKTKY2eyVVM1fYnCXwDp1pD/OyQxPNcC9AiplJZZ32Lu7UjCnSouD3IL5I
+9ePCJ7yHVSCpqVT0VczHKUk3Xm/x4B2oZdIPEiIs78o0Nt7gvn8uxDosbuuTu/HQ
+riQNq5B4Iy12WGdw5k/RUMOpnt8Rod/eh/PiKhY/AgMBAAGjggGXMIIBkzB0Bggr
+BgEFBQcBAQRoMGYwKgYIKwYBBQUHMAGGHmh0dHA6Ly9vY3NwLnF1b3ZhZGlzZ2xv
+YmFsLmNvbTA4BggrBgEFBQcwAoYsaHR0cDovL3RydXN0LnF1b3ZhZGlzZ2xvYmFs
+LmNvbS9xdnNzbGljYS5jcnQwHAYDVR0RBBUwE4IRZWJ1bG9iby5zd2l0Y2guY2gw
+UQYDVR0gBEowSDBGBgwrBgEEAb5YAAJkAQEwNjA0BggrBgEFBQcCARYoaHR0cDov
+L3d3dy5xdW92YWRpc2dsb2JhbC5jb20vcmVwb3NpdG9yeTAOBgNVHQ8BAf8EBAMC
+BaAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB8GA1UdIwQYMBaAFDJN
+oU/q8K6Ztu6bByyECBFQi+J+MDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwu
+cXVvdmFkaXNnbG9iYWwuY29tL3F2c3NsaWNhLmNybDAdBgNVHQ4EFgQU3Ud05JHH
+EaGmTzlhJvZXsq/jJVIwDQYJKoZIhvcNAQEFBQADggEBAFhofh+BJRcEHUqDaAGt
+A5Fuq5a0Jh3FAYdFqMdFBolUBJiyn1GomTMgGwQHA8Dcq/WGGgrJx/emggmx+qm2
+3PYfvuGnFr5vxcHWzs6frANkTm4cUnjM44Jz6DSyRbp0JS8cXoxB46MUgcM5zSrJ
+EJkfAm1YznY6pBhBgKd7HgixyELr6+0sHHEPcfmnFwwXiKuXP9wbX40VWHDyKFzR
+/nrNcuK2qCNS9Xb7nVzSJT8QNKL0LsWlXFCgLlTMFVrLKGrS6WfyzdOsYJpQJQCe
+fnh9OIM7Sez3tKIHN/HO/6uO5sjBRINOEsxIlvUOGRsVKxFlth0gnU8WqSW/SS3A
+oec=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ebulobo.switch.ch/simplesaml/saml2/sp/SingleLogoutService.php"></SingleLogoutService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ebulobo.switch.ch/simplesaml/saml2/sp/AssertionConsumerService.php" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ebulobo.switch.ch/simplesaml/shib13/sp/AssertionConsumerService.php" index="2" isDefault="true"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ </EntitiesDescriptor>
+ <!-- Forced SAML 2 Attribute Pull Service Providers -->
+ <EntitiesDescriptor Name="https://www.switch.ch/aai/SAML2/Attribute-Pull">
+ <!-- Shibboleth 2 SP and EZProxy Test Host -->
+ <EntityDescriptor entityID="https://dieng.switch.ch/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>dieng.switch.ch</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEvTCCA6WgAwIBAgILAQAAAAABHqepjOowDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDEwNTE1MzgwM1oXDTExMDEwNTE1MzgwM1owaTELMAkGA1UEBhMCQ0gxQDA+BgNV
+BAoTN1N3aXRjaCAtIFRlbGVpbmZvcm1hdGlrZGllbnN0ZSBmdWVyIExlaHJlIHVu
+ZCBGb3JzY2h1bmcxGDAWBgNVBAMTD2RpZW5nLnN3aXRjaC5jaDCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALMJbhovecMB4YSzWi3dWIf2cdFy3kNakMAp
+ulfqbcx1jJaMSLUPu9PcjrVhV0B6DRq7fB/rxD0Dd18T5W5kE5aq8qFY1orI6LqQ
+NztnsDN5CLls7y5/2pTajK4roYdRab2GU9x1Lth9kGakOUgBlPvluLfW9lF5h1qz
+LI0CHATHNq5MZqlrcPRZt5fUIiwofOpXLu6+SIG49iBLwMoupwUxC53tgmWTeu7l
+AS8/QGW4xLYdcGc+1cwl7BhLb025QKVK2rPqy57C4ZUm/duBvV9yTiSYQDpMDMWL
+9RIUj40fSV31RncH26mbd/1FdVZzPC04z0uSk9v2Au8VnbjmIfkCAwEAAaOCAW4w
+ggFqMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8v
+d3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8E
+BAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYE
+FLKrUWO0oHsogG5ROe6m1xsFp360MDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9j
+cmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMw
+QTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNl
+cnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcD
+AjAaBgNVHREEEzARgg9kaWVuZy5zd2l0Y2guY2gwDQYJKoZIhvcNAQEFBQADggEB
+AHtGEd3Am1Bl1P04PPpGGK41yf+sVXWOkOwgMUyH1KG8ASYBRmSmI3+xnunvhLss
+A/Vy0Ti6LD4Vg6vFO5BlQB8GFphyWcx+kiiqKNJ8IMXgI8RWUrH+6iYwjz3vLwz0
+FwdY+3d9+SUR5A8L8m+2GPSOy14o1Aezfv79c9KS2Rn4i7sAll6XiHt/9o4pn6KR
+5JtGScEmA3NoF+PM4gY/rA7ENDXesH5awDTf5qGbj8W/UfF6Ix73MEbxGyNRflIc
+ua/0ooparWzDBsrG/3O3BpgtlgvKqD5nl9t8WDNsJnPslWElw7nhOzgXm0t+kwla
+HUqtfqlJbzKrQtTpf+Rvwb4=
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dieng.switch.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.dieng.switch.ch/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dieng.switch.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.dieng.switch.ch/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dieng.switch.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://login.dieng.switch.ch/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dieng.switch.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.dieng.switch.ch/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dieng.switch.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.dieng.switch.ch/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dieng.switch.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.dieng.switch.ch/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dieng.switch.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://login.dieng.switch.ch/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dieng.switch.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.dieng.switch.ch/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dieng.switch.ch/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.dieng.switch.ch/Shibboleth.sso/SAML2/POST" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://dieng.switch.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://login.dieng.switch.ch/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dieng.switch.ch/Shibboleth.sso/SAML2/Artifact" index="5"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://login.dieng.switch.ch/Shibboleth.sso/SAML2/Artifact" index="6"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dieng.switch.ch/Shibboleth.sso/SAML2/ECP" index="7"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://login.dieng.switch.ch/Shibboleth.sso/SAML2/ECP" index="8"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dieng.switch.ch/Shibboleth.sso/SAML/POST" index="9" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://login.dieng.switch.ch/Shibboleth.sso/SAML/POST" index="10"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dieng.switch.ch/Shibboleth.sso/SAML/Artifact" index="11"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://login.dieng.switch.ch/Shibboleth.sso/SAML/Artifact" index="12"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- shib-test-fhnw -->
+ <EntityDescriptor entityID="https://147.86.9.134/shibboleth">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>147.86.9.134</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDDDCCAfSgAwIBAgIJALTufTbH7g/WMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDDE0Ny44Ni45LjEzNDAeFw0wOTAzMDkxMzEzMjVaFw0xMjAzMDgxMzEzMjVa
+MBcxFTATBgNVBAMTDDE0Ny44Ni45LjEzNDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAOOQDFLTmqV2PDNUAJejfuj8BqyTwSJYpok4jy08Dg3djYKcZrmt
+sz7ix1g2WQbgWMgDrEmzJBGknDfkx+4IxQpaH9a1gVc6sOdUM0FVpqf0rTr3Njd+
+94EgBwK10z4AE61PKIktGMx2MABOtyHcEvPbZBgxYzswC+LCIxuj2dBZchllnCGx
+KPjOV4cPkCB574CUJEQxDTAhXhn5qfsGSxNTrJxlP11VkA27S2We/t6slhpl/seR
+eeSefFHdA7bBV4hokd2E4r0QKFzSZCtPRz6emje8+/T1cQud8jFJgsDIO1delWcK
+E8pWIVxpNxpriSNyZP2wTmZEb165pnLf+d0CAwEAAaNbMFkwOAYDVR0RBDEwL4IM
+MTQ3Ljg2LjkuMTM0hh9odHRwczovLzE0Ny44Ni45LjEzNC9zaGliYm9sZXRoMB0G
+A1UdDgQWBBTRyW64gIxAcuPyd8LIxQpQqyYvWjANBgkqhkiG9w0BAQUFAAOCAQEA
+pH86Z341MEwpNLQ4QdrIkwLeZSROIAflXgXaj9dSrlk0dTGaD9Gv6L/3+J9xc2lf
+QeuL0u0iUOj3897jqtmd3nXpMt9CMZVe5V94/lgQoFmFj1Bism9gWD2QLHNepDoH
+sleGYuxwk8Eqvt6J8ZF+HxnTAim3w0XjEDOxNBvBVvq8SBfM5JTyyVkS0O4TItXt
+Z+CNJDANxGS4ANDfvHiQl3rMhL9Y2jM+Eu0YI0Br5s00t65Q3l5rULPUo5Ca1ta3
+vbqHOAlV3ygfH66rqhC3aB2JFlu3/PbQP4i+1IHG4maAR+RxPQtMZwxctPUrleDh
+6GYN7fxvcsrszVBTea290A==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://147.86.9.134/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://147.86.9.134/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://147.86.9.134/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://147.86.9.134/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://147.86.9.134/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://147.86.9.134/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://147.86.9.134/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://147.86.9.134/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://147.86.9.134/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://147.86.9.134/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://147.86.9.134/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://147.86.9.134/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://147.86.9.134/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://147.86.9.134/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ <!-- Shib1.OntheHub.com -->
+ <EntityDescriptor entityID="https://shib1.onthehub.com/shibboleth-sp">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:KeyName>shib1.onthehub.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJzCCAg+gAwIBAgIJAMBbhkw/2k6TMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEnNoaWIxLm9udGhlaHViLmNvbTAeFw0wOTA3MjMxNTI3MjZaFw0xMjA3MjIx
+NTI3MjZaMB0xGzAZBgNVBAMTEnNoaWIxLm9udGhlaHViLmNvbTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANqkPACiIxHukRX2CsGlQxgjIPfsDAGLOk1V
+noVHqK+8TfsoZhbJapUrv8UMVSig41HKQFIklpkZuGyD5t5DZbQrrqV8Lefp9zGv
+1cEVMI16PhqxHCYbRCHBU1OjusUchkQzIV5weIWP26S86JZYsF5Q0cxl+Zu6dG/c
+jp/Jpum0aH9M4rSNPd4B/upIWKXC+VnK2Sv+4gc/vc1Oj+n4SNHFqXL/X/XnWjcy
+3iiO0wpdTFL09ZutitNthQhRm1JJKTco3coydFzvfg6YuuSRqm4F+ZAjXPbN9gkE
+zARGsnW89IFi+2W0aJH7K61Hs/VS815tC0nb+rd8o7rZM2H/rdsCAwEAAaNqMGgw
+RwYDVR0RBEAwPoISc2hpYjEub250aGVodWIuY29thihodHRwczovL3NoaWIxLm9u
+dGhlaHViLmNvbS9zaGliYm9sZXRoLXNwMB0GA1UdDgQWBBRTXHn+Mfh9BZlxHWG/
+GIyo1VH5xTANBgkqhkiG9w0BAQUFAAOCAQEAX1EzMnFXqsVHlYVHZarRxBj+I00E
+WfNL6Ty3gfaQnFXK7rfB0llewxl5Mx6QGXZG2FjWDmPI2qsuwFww8a3pQ83sqcW2
+eysaavEP5jXXa7lpoKEOaDNPzq959rHCzJix8M4FI3qr8fUDVmLiLESvPv+kbEbH
+0CMTWgPUtQS+wHIWCSGwPkp66McgY389NyWwxYtbHMZLn2ogBzA1ermIxkU/YAap
+qYIoy12OHEkLZr53tE8uYwJrT+aZRqIDttIgynU0Xns+uOIrnizvIy8r62O/2RQe
+ph67LfLgHML49uQc1xyecbeEEcBJQSRS/TxXfM9rwE0euJdyaKa/m1WUog==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib1.onthehub.com/Shibboleth.sso/SLO/Redirect"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib1.onthehub.com/Shibboleth.sso/SLO/POST"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://shib1.onthehub.com/Shibboleth.sso/SLO/Artifact"></SingleLogoutService>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib1.onthehub.com/Shibboleth.sso/SLO/SOAP"></SingleLogoutService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib1.onthehub.com/Shibboleth.sso/NIM/Redirect"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib1.onthehub.com/Shibboleth.sso/NIM/POST"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://shib1.onthehub.com/Shibboleth.sso/NIM/Artifact"></ManageNameIDService>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib1.onthehub.com/Shibboleth.sso/NIM/SOAP"></ManageNameIDService>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib1.onthehub.com/Shibboleth.sso/SAML2/POST" index="1"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib1.onthehub.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://shib1.onthehub.com/Shibboleth.sso/SAML2/Artifact" index="3"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://shib1.onthehub.com/Shibboleth.sso/SAML2/ECP" index="4"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib1.onthehub.com/Shibboleth.sso/SAML/POST" index="5" isDefault="true"></AssertionConsumerService>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://shib1.onthehub.com/Shibboleth.sso/SAML/Artifact" index="6"></AssertionConsumerService>
+ </SPSSODescriptor>
+ </EntityDescriptor>
+ </EntitiesDescriptor>
+</EntitiesDescriptor> \ No newline at end of file
diff --git a/tests/metadata.xml b/tests/metadata.xml
new file mode 100644
index 00000000..5d680bb6
--- /dev/null
+++ b/tests/metadata.xml
@@ -0,0 +1,34 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor name="urn:mace:example.com:saml:test" validUntil="2010-12-04T17:31:07Z" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:sp"><ns0:SPSSODescriptor AuthnRequestsSigned="False" WantAssertionsSigned="True" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIIC8jCCAlugAwIBAgIJAJHg2V5J31I8MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+BAYTAlNFMQ0wCwYDVQQHEwRVbWVhMRgwFgYDVQQKEw9VbWVhIFVuaXZlcnNpdHkx
+EDAOBgNVBAsTB0lUIFVuaXQxEDAOBgNVBAMTB1Rlc3QgU1AwHhcNMDkxMDI2MTMz
+MTE1WhcNMTAxMDI2MTMzMTE1WjBaMQswCQYDVQQGEwJTRTENMAsGA1UEBxMEVW1l
+YTEYMBYGA1UEChMPVW1lYSBVbml2ZXJzaXR5MRAwDgYDVQQLEwdJVCBVbml0MRAw
+DgYDVQQDEwdUZXN0IFNQMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkJWP7
+bwOxtH+E15VTaulNzVQ/0cSbM5G7abqeqSNSs0l0veHr6/ROgW96ZeQ57fzVy2MC
+FiQRw2fzBs0n7leEmDJyVVtBTavYlhAVXDNa3stgvh43qCfLx+clUlOvtnsoMiiR
+mo7qf0BoPKTj7c0uLKpDpEbAHQT4OF1HRYVxMwIDAQABo4G/MIG8MB0GA1UdDgQW
+BBQ7RgbMJFDGRBu9o3tDQDuSoBy7JjCBjAYDVR0jBIGEMIGBgBQ7RgbMJFDGRBu9
+o3tDQDuSoBy7JqFepFwwWjELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGDAW
+BgNVBAoTD1VtZWEgVW5pdmVyc2l0eTEQMA4GA1UECxMHSVQgVW5pdDEQMA4GA1UE
+AxMHVGVzdCBTUIIJAJHg2V5J31I8MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
+BQADgYEAMuRwwXRnsiyWzmRikpwinnhTmbooKm5TINPE7A7gSQ710RxioQePPhZO
+zkM27NnHTrCe2rBVg0EGz7QTd1JIwLPvgoj4VTi/fSha/tXrYUaqc9AqU1kWI4WN
++vffBGQ09mo+6CffuFTZYeOhzP/2stAPwCTU4kxEoiy0KpZMANI=
+</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://localhost:8087/" index="0" /></ns0:SPSSODescriptor><ns0:Organization><ns0:OrganizationURL xml:lang="en">http://www.example.com/</ns0:OrganizationURL><ns0:OrganizationName xml:lang="en">Example Co</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="en">Example Co</ns0:OrganizationDisplayName></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>Roland</ns0:GivenName><ns0:SurName>Hedberg</ns0:SurName><ns0:EmailAddress>roland.hedberg@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor><ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:idp"><ns0:IDPSSODescriptor WantAuthnRequestsSigned="True" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIIC8jCCAlugAwIBAgIJAJHg2V5J31I8MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+BAYTAlNFMQ0wCwYDVQQHEwRVbWVhMRgwFgYDVQQKEw9VbWVhIFVuaXZlcnNpdHkx
+EDAOBgNVBAsTB0lUIFVuaXQxEDAOBgNVBAMTB1Rlc3QgU1AwHhcNMDkxMDI2MTMz
+MTE1WhcNMTAxMDI2MTMzMTE1WjBaMQswCQYDVQQGEwJTRTENMAsGA1UEBxMEVW1l
+YTEYMBYGA1UEChMPVW1lYSBVbml2ZXJzaXR5MRAwDgYDVQQLEwdJVCBVbml0MRAw
+DgYDVQQDEwdUZXN0IFNQMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkJWP7
+bwOxtH+E15VTaulNzVQ/0cSbM5G7abqeqSNSs0l0veHr6/ROgW96ZeQ57fzVy2MC
+FiQRw2fzBs0n7leEmDJyVVtBTavYlhAVXDNa3stgvh43qCfLx+clUlOvtnsoMiiR
+mo7qf0BoPKTj7c0uLKpDpEbAHQT4OF1HRYVxMwIDAQABo4G/MIG8MB0GA1UdDgQW
+BBQ7RgbMJFDGRBu9o3tDQDuSoBy7JjCBjAYDVR0jBIGEMIGBgBQ7RgbMJFDGRBu9
+o3tDQDuSoBy7JqFepFwwWjELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGDAW
+BgNVBAoTD1VtZWEgVW5pdmVyc2l0eTEQMA4GA1UECxMHSVQgVW5pdDEQMA4GA1UE
+AxMHVGVzdCBTUIIJAJHg2V5J31I8MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
+BQADgYEAMuRwwXRnsiyWzmRikpwinnhTmbooKm5TINPE7A7gSQ710RxioQePPhZO
+zkM27NnHTrCe2rBVg0EGz7QTd1JIwLPvgoj4VTi/fSha/tXrYUaqc9AqU1kWI4WN
++vffBGQ09mo+6CffuFTZYeOhzP/2stAPwCTU4kxEoiy0KpZMANI=
+</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:8088/sso/" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationURL xml:lang="en">http://www.example.com/</ns0:OrganizationURL><ns0:OrganizationName xml:lang="en">Example Co</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="en">Example Co</ns0:OrganizationDisplayName></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>Roland</ns0:GivenName><ns0:SurName>Hedberg</ns0:SurName><ns0:EmailAddress>roland.hedberg@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor></ns0:EntitiesDescriptor>
diff --git a/tests/metadata_example.xml b/tests/metadata_example.xml
new file mode 100644
index 00000000..e567200c
--- /dev/null
+++ b/tests/metadata_example.xml
@@ -0,0 +1,50 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntitiesDescriptor
+ xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:shibmeta="urn:mace:shibboleth:metadata:1.0"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+ Name="urn:mace:example.com:test-1.0">
+ <EntityDescriptor
+ entityID="http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php"
+ xml:base="swamid-1.0/idp.umu.se-saml2.xml">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+ MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+ BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+ aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+ MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+ gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+ 3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+ efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+ A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+ iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+ U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+ mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+ h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+ U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+ mrPzGzk3ECbupFnqyREH3+ZPSdk=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
+ Location="http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Catalogix</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Catalogix</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.catalogix.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <SurName>Hedberg</SurName>
+ <EmailAddress>datordrift@catalogix.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+</EntitiesDescriptor>
diff --git a/tests/metasp.xml b/tests/metasp.xml
new file mode 100644
index 00000000..60e586f7
--- /dev/null
+++ b/tests/metasp.xml
@@ -0,0 +1,38 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata" name="urn:mace:umu.se:saml:test" validUntil="2010-12-01T09:22:16Z">
+ <ns0:EntityDescriptor entityID="urn:mace:umu.se:saml:roland:sp" validUntil="2010-12-01T09:22:16Z">
+ <ns0:SPSSODescriptor AuthnRequestsSigned="False" WantAssertionsSigned="True" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <ns0:KeyDescriptor>
+ <ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#">
+ <ns1:X509Data>
+ <ns1:X509Certificate>MIIC8jCCAlugAwIBAgIJAJHg2V5J31I8MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+BAYTAlNFMQ0wCwYDVQQHEwRVbWVhMRgwFgYDVQQKEw9VbWVhIFVuaXZlcnNpdHkx
+EDAOBgNVBAsTB0lUIFVuaXQxEDAOBgNVBAMTB1Rlc3QgU1AwHhcNMDkxMDI2MTMz
+MTE1WhcNMTAxMDI2MTMzMTE1WjBaMQswCQYDVQQGEwJTRTENMAsGA1UEBxMEVW1l
+YTEYMBYGA1UEChMPVW1lYSBVbml2ZXJzaXR5MRAwDgYDVQQLEwdJVCBVbml0MRAw
+DgYDVQQDEwdUZXN0IFNQMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkJWP7
+bwOxtH+E15VTaulNzVQ/0cSbM5G7abqeqSNSs0l0veHr6/ROgW96ZeQ57fzVy2MC
+FiQRw2fzBs0n7leEmDJyVVtBTavYlhAVXDNa3stgvh43qCfLx+clUlOvtnsoMiiR
+mo7qf0BoPKTj7c0uLKpDpEbAHQT4OF1HRYVxMwIDAQABo4G/MIG8MB0GA1UdDgQW
+BBQ7RgbMJFDGRBu9o3tDQDuSoBy7JjCBjAYDVR0jBIGEMIGBgBQ7RgbMJFDGRBu9
+o3tDQDuSoBy7JqFepFwwWjELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGDAW
+BgNVBAoTD1VtZWEgVW5pdmVyc2l0eTEQMA4GA1UECxMHSVQgVW5pdDEQMA4GA1UE
+AxMHVGVzdCBTUIIJAJHg2V5J31I8MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
+BQADgYEAMuRwwXRnsiyWzmRikpwinnhTmbooKm5TINPE7A7gSQ710RxioQePPhZO
+zkM27NnHTrCe2rBVg0EGz7QTd1JIwLPvgoj4VTi/fSha/tXrYUaqc9AqU1kWI4WN
++vffBGQ09mo+6CffuFTZYeOhzP/2stAPwCTU4kxEoiy0KpZMANI=
+</ns1:X509Certificate>
+ </ns1:X509Data>
+ </ns1:KeyInfo>
+ </ns0:KeyDescriptor>
+ <ns0:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://localhost:8087/" index="0"/>
+ <ns0:AttributeConsumingService index="0">
+ <ns0:ServiceName xml:lang="en">Rolands SP</ns0:ServiceName>
+ <ns0:RequestedAttribute FriendlyName="surName" Name="urn:oid:2.5.4.4" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <ns0:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <ns0:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"/>
+ <ns0:RequestedAttribute FriendlyName="title" Name="urn:oid:2.5.4.12" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"/>
+ </ns0:AttributeConsumingService>
+ </ns0:SPSSODescriptor>
+ </ns0:EntityDescriptor>
+</ns0:EntitiesDescriptor>
diff --git a/tests/pdp_meta.xml b/tests/pdp_meta.xml
new file mode 100644
index 00000000..5bad0db5
--- /dev/null
+++ b/tests/pdp_meta.xml
@@ -0,0 +1,52 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"
+ xmlns:ns1="http://www.w3.org/2000/09/xmldsig#">
+ <ns0:EntityDescriptor entityID="http://www.example.org/pysaml2/">
+ <ns0:PDPDescriptor
+ protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <ns0:KeyDescriptor>
+ <ns1:KeyInfo>
+ <ns1:X509Data>
+ <ns1:X509Certificate>
+ MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+ BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+ aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+ MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+ gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+ 3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+ efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+ A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+ iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+ U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+ mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+ h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+ U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+ mrPzGzk3ECbupFnqyREH3+ZPSdk=
+ </ns1:X509Certificate>
+ </ns1:X509Data>
+ </ns1:KeyInfo>
+ </ns0:KeyDescriptor>
+ <ns0:AuthzService
+ Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
+ Location="http://www.example.org/pysaml2/authz"/>
+ <ns0:NameIDFormat>urn:oasis:names:tc:SAML:2.0:attrname-format:uri
+ </ns0:NameIDFormat>
+ </ns0:PDPDescriptor>
+ <ns0:Organization>
+ <ns0:OrganizationName xml:lang="en">Exempel AB
+ </ns0:OrganizationName>
+ <ns0:OrganizationDisplayName xml:lang="se">Exempel AB
+ </ns0:OrganizationDisplayName>
+ <ns0:OrganizationDisplayName xml:lang="en">Example Co.
+ </ns0:OrganizationDisplayName>
+ <ns0:OrganizationURL xml:lang="en">http://www.example.com/
+ </ns0:OrganizationURL>
+ </ns0:Organization>
+ <ns0:ContactPerson contactType="technical">
+ <ns0:GivenName>John</ns0:GivenName>
+ <ns0:SurName>Smith</ns0:SurName>
+ <ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress>
+ </ns0:ContactPerson>
+ </ns0:EntityDescriptor>
+</ns0:EntitiesDescriptor>
diff --git a/tests/private_key.pem b/tests/private_key.pem
new file mode 100644
index 00000000..ef95f0b3
--- /dev/null
+++ b/tests/private_key.pem
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQCoOodEKMwSYOhf+HnERrrfORO2p4EY3dnk/tPafbY1S6JOOlIp
+3Yp3GyHq7xr1gbAUuwoS0QXcPURtHMu97RjiLFTGDTnXaQLzDbRyXhMwbbEQWmX1
+KYvUxMZ54k3tWr5abtWLkqK4PPEWVdUh7Q1yYOnVRd958Da/aVTeI97YKQIDAQAB
+AoGAKburRstgJMcJnpVDj9+ECFBehZd0PTj8DwTwhWleREZpE0MAkwY0jWubtG5w
+n6r2hY4I57YW4BYK3Y6hNJKW803Hc3Qv75SxlTkGEg4s2H9j9xS27jpTIoEWPEGB
+SCFUHDdcM2BGFg8C+CjLLPXoRZB3ozhPTF59EJG5kslH5QECQQDXRw8NOf7ewPf+
+4LDWhFC/VWA1iv5qSuWiUEQG0WRHls0jvP7aUAEVVjcUJIqSnDt5mbe8Y7wdOaBx
+jC2Lp22xAkEAyA0Y2heoWNwSwxFuo2IMviDifUDzxF2MJrOZWGRKzh6tpOexlwNJ
+czunHBk+Xu0c8T7c0kj/NI964ZRnnR5X+QJBAI94pxpchXS1TFIMMy60PhBV+OmW
+OZpjUglLzxpwIJHpecwQoBSk7yPmMoz1EXlGMAkJnj8qhOtBRaGHF6+UJPECQQCY
+VnDgUzedQyj+Zp3ryNSPTBds7jMzC1GYfxd82hKk13O/qbfwmU4rc/eTTB3Ux5dM
+lmQtteyxJ7mZYhts6BhxAkEArx1IwLUA6hW6tPVmrK/A7TFl+bPacg3BH8HsLitB
+H16b9Fnyk0OSJc9+vxBRgIqTSq81X44aQHr0ZINCA6oPNQ==
+-----END RSA PRIVATE KEY-----
diff --git a/tests/restrictive_idp_conf.py b/tests/restrictive_idp_conf.py
new file mode 100644
index 00000000..1df39b79
--- /dev/null
+++ b/tests/restrictive_idp_conf.py
@@ -0,0 +1,47 @@
+from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT
+from saml2.saml import NAME_FORMAT_URI
+
+BASE = "http://localhost:8089/"
+
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:idpr",
+ "name" : "Rolands restrictied IdP",
+ "service": {
+ "idp": {
+ "endpoints" : {
+ "single_sign_on_service" : [
+ (BASE+"sso", BINDING_HTTP_REDIRECT)],
+ "attribute_service" : [
+ (BASE+"aa", BINDING_SOAP)],
+ },
+ "policy": {
+ "default": {
+ "lifetime": {"minutes":15},
+ "name_form": NAME_FORMAT_URI
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "givenName": None,
+ "surName": None,
+ "mail": [".*@example.com"],
+ "eduPersonAffiliation": ["(employee|staff|faculty)"],
+ }
+ }
+ },
+ "subject_data": "subject_data.db",
+ }
+ },
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["sp_0.metadata"],
+ },
+ "attribute_map_dir" : "attributemaps",
+}
diff --git a/tests/saml2_data.py b/tests/saml2_data.py
new file mode 100644
index 00000000..a5f98416
--- /dev/null
+++ b/tests/saml2_data.py
@@ -0,0 +1,227 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2007 SIOS Technology, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Test data for saml2"""
+
+__author__ = 'tmatsuo@example.com (Takashi MATSUO)'
+
+TEST_NAME_ID = """<?xml version="1.0" encoding="utf-8"?>
+<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id">
+ tmatsuo@example.com
+</NameID>
+"""
+
+TEST_ISSUER = """<?xml version="1.0" encoding="utf-8"?>
+<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/test
+</Issuer>
+"""
+
+TEST_SUBJECT_LOCALITY = """<?xml version="1.0" encoding="utf-8"?>
+<SubjectLocality xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ Address="127.0.0.1" DNSName="localhost"/>
+"""
+
+TEST_AUTHN_CONTEXT_CLASS_REF = """<?xml version="1.0" encoding="utf-8"?>
+<AuthnContextClassRef xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/authnContextClassRef
+</AuthnContextClassRef>
+"""
+
+TEST_AUTHN_CONTEXT_DECL_REF = """<?xml version="1.0" encoding="utf-8"?>
+<AuthnContextDeclRef xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/authnContextDeclRef
+</AuthnContextDeclRef>
+"""
+
+TEST_AUTHN_CONTEXT_DECL = """<?xml version="1.0" encoding="utf-8"?>
+<AuthnContextDecl xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/authnContextDecl
+</AuthnContextDecl>
+"""
+
+TEST_AUTHENTICATING_AUTHORITY = """<?xml version="1.0" encoding="utf-8"?>
+<AuthenticatingAuthority xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/authenticatingAuthority
+</AuthenticatingAuthority>
+"""
+
+TEST_AUTHN_CONTEXT = """<?xml version="1.0" encoding="utf-8"?>
+<AuthnContext xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef>
+</AuthnContext>
+"""
+
+TEST_AUTHN_STATEMENT = """<?xml version="1.0" encoding="utf-8"?>
+<AuthnStatement xmlns="urn:oasis:names:tc:SAML:2.0:assertion" AuthnInstant="2007-08-31T01:05:02Z" SessionNotOnOrAfter="2007-09-14T01:05:02Z">
+ <AuthnContext>
+ <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</AuthnContextClassRef>
+ </AuthnContext>
+</AuthnStatement>
+"""
+
+TEST_ATTRIBUTE_VALUE = """<?xml version="1.0" encoding="utf-8"?>
+<AttributeValue xmlns="urn:oasis:names:tc:SAML:2.0:assertion">value for test attribute</AttributeValue>
+"""
+
+TEST_ATTRIBUTE = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute Name="testAttribute"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"
+ FriendlyName="test attribute"
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ <AttributeValue >value1 of test attribute</AttributeValue>
+ <AttributeValue >value2 of test attribute</AttributeValue>
+</Attribute>
+"""
+
+TEST_ATTRIBUTE_STATEMENT = """<?xml version="1.0" encoding="utf-8"?>
+<AttributeStatement xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ <Attribute Name="testAttribute"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified"
+ FriendlyName="test attribute">
+ <AttributeValue >value1 of test attribute</AttributeValue>
+ <AttributeValue >value2 of test attribute</AttributeValue>
+ </Attribute>
+ <Attribute Name="http://www.example.com/testAttribute2"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ FriendlyName="test attribute2">
+ <AttributeValue >value1 of test attribute2</AttributeValue>
+ <AttributeValue >value2 of test attribute2</AttributeValue>
+ </Attribute>
+</AttributeStatement>
+"""
+
+TEST_SUBJECT_CONFIRMATION_DATA = """<?xml version="1.0" encoding="utf-8"?>
+<SubjectConfirmationData
+ NotBefore="2007-08-31T01:05:02Z"
+ NotOnOrAfter="2007-09-14T01:05:02Z"
+ Recipient="recipient"
+ InResponseTo="responseID"
+ Address="127.0.0.1"
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+</SubjectConfirmationData>
+"""
+
+TEST_SUBJECT_CONFIRMATION = """<?xml version="1.0" encoding="utf-8"?>
+<SubjectConfirmation
+ Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ <NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id">
+ tmatsuo@example.com
+ </NameID>
+ <SubjectConfirmationData
+ NotBefore="2007-08-31T01:05:02Z"
+ NotOnOrAfter="2007-09-14T01:05:02Z"
+ Recipient="recipient"
+ InResponseTo="responseID"
+ Address="127.0.0.1">
+ </SubjectConfirmationData>
+</SubjectConfirmation>
+"""
+
+TEST_SUBJECT = """<?xml version="1.0" encoding="utf-8"?>
+<Subject xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id">
+ tmatsuo@example.com
+ </NameID>
+ <SubjectConfirmation
+ Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id2">
+ admin@example.com
+ </NameID>
+ <SubjectConfirmationData
+ NotBefore="2007-08-31T01:05:02Z"
+ NotOnOrAfter="2007-09-14T01:05:02Z"
+ Recipient="recipient"
+ InResponseTo="responseID"
+ Address="127.0.0.1">
+ </SubjectConfirmationData>
+ </SubjectConfirmation>
+</Subject>
+"""
+
+TEST_CONDITION = """<?xml version="1.0" encoding="utf-8"?>
+<Condition xmlns="urn:oasis:names:tc:SAML:2.0:assertion" xsi:type="test" ExtendedAttribute="value" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
+"""
+
+TEST_AUDIENCE = """<?xml version="1.0" encoding="utf-8"?>
+<Audience xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/Audience
+</Audience>
+"""
+
+TEST_AUDIENCE_RESTRICTION = """<?xml version="1.0" encoding="utf-8"?>
+<AudienceRestriction xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ <Audience>
+ http://www.example.com/Audience
+ </Audience>
+</AudienceRestriction>
+"""
+
+TEST_ONE_TIME_USE = """<?xml version="1.0" encoding="utf-8"?>
+<OneTimeUse xmlns="urn:oasis:names:tc:SAML:2.0:assertion"/>
+"""
+
+TEST_PROXY_RESTRICTION = """<?xml version="1.0" encoding="utf-8"?>
+<ProxyRestriction xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Count="2">
+ <Audience>http://www.example.com/Audience</Audience>
+</ProxyRestriction>
+"""
+
+TEST_CONDITIONS = """<?xml version="1.0" encoding="utf-8"?>
+<Conditions
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ NotBefore="2007-08-31T01:05:02Z"
+ NotOnOrAfter="2007-09-14T01:05:02Z">
+ <Condition
+ xsi:type="test"
+ ExtendedAttribute="value"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
+ <AudienceRestriction>
+ <Audience>
+ http://www.example.com/Audience
+ </Audience>
+ </AudienceRestriction>
+ <OneTimeUse />
+ <ProxyRestriction Count="2">
+ <Audience>http://www.example.com/Audience</Audience>
+ </ProxyRestriction>
+</Conditions>
+"""
+
+TEST_ASSERTION_ID_REF = """<?xml version="1.0" encoding="utf-8"?>
+<AssertionIDRef xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ zzlieajngjbkjggjldmgindkckkolcblndbghlhm
+</AssertionIDRef>
+"""
+
+TEST_ASSERTION_URI_REF = """<?xml version="1.0" encoding="utf-8"?>
+<AssertionURIRef xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/AssertionURIRef
+</AssertionURIRef>
+"""
+
+TEST_ACTION = """<?xml version="1.0" encoding="utf-8"?>
+<Action xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ Namespace="http://www.example.com/Namespace"/>
+"""
+
diff --git a/tests/saml2_response.xml b/tests/saml2_response.xml
new file mode 100644
index 00000000..1d38bd50
--- /dev/null
+++ b/tests/saml2_response.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0"?>
+<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ ID="_162f441d28cff78e3bb1d3c2bf3e48b5ed532605fd"
+ InResponseTo="_ae0216740b5baa4b13c79ffdb2baa82572788fd9a3" Version="2.0"
+ IssueInstant="2008-05-27T07:49:23Z"
+ Destination="https://foodle.feide.no/simplesaml/saml2/sp/AssertionConsumerService.php">
+ <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://openidp.feide.no</saml:Issuer>
+ <samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
+ <samlp:StatusCode xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </samlp:Status>
+ <saml:Assertion Version="2.0" ID="pfxb27555d8-8c06-a339-c7ae-f544b2fd1507"
+ IssueInstant="2008-05-27T07:49:23Z">
+ <saml:Issuer>https://openidp.feide.no</saml:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <ds:Reference URI="#pfxb27555d8-8c06-a339-c7ae-f544b2fd1507">
+ <ds:Transforms>
+ <ds:Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <ds:DigestValue>WUaqPW4nZ8uPyv+sf8qXsaKhHmk=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>CRq1VvptjNHenZ5aWkyD6GqQX+XLgNiqElJnyLbMUgiwrFZ5J8IEGtC8h2YiwID15ScxVt6tjQc8R3gXkP967PIlemmhYQ4US7V3oPczu4MECamj+07wAg7BCp05UVU3RI3pvi/2dQGRRX4tlXgkzUMzx8+cBeyZaI/BXKjhKEY=</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICizCCAfQCCQCY8tKaMc0BMjANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMCTk8xEjAQBgNVBAgTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEOMAwGA1UECxMFRmVpZGUxGTAXBgNVBAMTEG9wZW5pZHAuZmVpZGUubm8xKTAnBgkqhkiG9w0BCQEWGmFuZHJlYXMuc29sYmVyZ0B1bmluZXR0Lm5vMB4XDTA4MDUwODA5MjI0OFoXDTM1MDkyMzA5MjI0OFowgYkxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQxDjAMBgNVBAsTBUZlaWRlMRkwFwYDVQQDExBvcGVuaWRwLmZlaWRlLm5vMSkwJwYJKoZIhvcNAQkBFhphbmRyZWFzLnNvbGJlcmdAdW5pbmV0dC5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt8jLoqI1VTlxAZ2axiDIThWcAOXdu8KkVUWaN/SooO9O0QQ7KRUjSGKN9JK65AFRDXQkWPAu4HlnO4noYlFSLnYyDxI66LCr71x4lgFJjqLeAvB/GqBqFfIZ3YK/NrhnUqFwZu63nLrZjcUZxNaPjOOSRSDaXpv1kb5k3jOiSGECAwEAATANBgkqhkiG9w0BAQUFAAOBgQBQYj4cAafWaYfjBU2zi1ElwStIaJ5nyp/s/8B8SAPK2T79McMyccP3wSW13LHkmM1jwKe3ACFXBvqGQN0IbcH49hu0FKhYFM/GPDJcIHFBsiyMBXChpye9vBaTNEBCtU3KjjyG0hRT2mAQ9h+bkPmOvlEo/aH0xR68Z9hw4PF13w==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml:Subject>
+ <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
+ SPNameQualifier="urn:mace:feide.no:services:no.feide.foodle"
+ >_242f88493449e639aab95dd9b92b1d04234ab84fd8</saml:NameID>
+ <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml:SubjectConfirmationData NotOnOrAfter="2008-05-27T07:54:23Z"
+ InResponseTo="_ae0216740b5baa4b13c79ffdb2baa82572788fd9a3"
+ Recipient="https://foodle.feide.no/simplesaml/saml2/sp/AssertionConsumerService.php"
+ />
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Conditions NotBefore="2008-05-27T07:48:53Z" NotOnOrAfter="2008-05-27T07:54:23Z">
+ <saml:AudienceRestriction>
+ <saml:Audience>urn:mace:feide.no:services:no.feide.foodle</saml:Audience>
+ </saml:AudienceRestriction>
+ </saml:Conditions>
+ <saml:AuthnStatement AuthnInstant="2008-05-27T07:49:23Z"
+ SessionIndex="_4f39c931b35a8dd4540b0a6929a361fa134ec8f7b5">
+ <saml:AuthnContext>
+ <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+ </saml:AuthnContext>
+ </saml:AuthnStatement>
+ <saml:AttributeStatement>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="cn">
+ <saml:AttributeValue xsi:type="xs:string">Andreas Solberg</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="sn">
+ <saml:AttributeValue xsi:type="xs:string">Solberg</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="uid">
+ <saml:AttributeValue xsi:type="xs:string">andreas</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="edupersonaffiliation">
+ <saml:AttributeValue xsi:type="xs:string">employee</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="edupersonentitlement">
+ <saml:AttributeValue xsi:type="xs:string"
+ >urn:mace:feide.no:entitlement:test</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="edupersonnickname">
+ <saml:AttributeValue xsi:type="xs:string">erlang</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="eduPersonPrincipalName">
+ <saml:AttributeValue xsi:type="xs:string">andreas@rnd.feide.no</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="mail">
+ <saml:AttributeValue xsi:type="xs:string">andreas@uninett.no</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="mobile">
+ <saml:AttributeValue xsi:type="xs:string">+4741107700</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="o">
+ <saml:AttributeValue xsi:type="xs:string">Feide RnD</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="ou">
+ <saml:AttributeValue xsi:type="xs:string">Guests</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+ </saml:Assertion>
+</samlp:Response>
diff --git a/tests/saml_false_signed.xml b/tests/saml_false_signed.xml
new file mode 100644
index 00000000..a5ad7b0b
--- /dev/null
+++ b/tests/saml_false_signed.xml
@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ns0:Response xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://xenosmilus.umdc.umu.se:8087/login" ID="_5271694c3be6883137377fb076355c4bc97f28b3c1" InResponseTo="bahigehogffohiphlfmplepdpcohkhhmheppcdie" IssueInstant="2009-10-25T18:12:39Z" Version="2.0">
+ <ns1:Issuer xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php</ns1:Issuer>
+ <ns0:Status>
+ <ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </ns0:Status>
+ <ns1:Assertion xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx9e022535-4b38-cc7f-41ec-9a01bcd2936d" IssueInstant="2009-10-25T18:12:39Z" Version="2.0">
+ <ns1:Issuer>http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php</ns1:Issuer>
+ <ns2:Signature xmlns:ns2="http://www.w3.org/2000/09/xmldsig#">
+ <ns2:SignedInfo>
+ <ns2:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <ns2:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <ns2:Reference URI="#pfx9e022535-4b38-cc7f-41ec-9a01bcd2936d">
+ <ns2:Transforms>
+ <ns2:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <ns2:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </ns2:Transforms>
+ <ns2:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <ns2:DigestValue>Ij7uELbswQDq4HN6MDTFlF39Z84=</ns2:DigestValue>
+ </ns2:Reference>
+ </ns2:SignedInfo>
+ <ns2:SignatureValue>UUs1oTjqM8hgDVIrSVRPQfT/KLXar0EfXEQ2OiR+BlYzAh/3q2DQtqWHhlkP9ehs
+cncSdBB3t1mZhD2v5B5qNwnsNSuHVwEEPe3tSJ+yICVN7REXPXlm0sOsU2zSooEy
+OmuMZY0K6ERY4fNVnGEAoUZeieehC6/ljmfk14xCAlE=</ns2:SignatureValue>
+ <ns2:KeyInfo>
+ <ns2:X509Data>
+ <ns2:X509Certificate>
+ AAAAAAAAAAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+ BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+ aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+ MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+ gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+ 3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+ efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+ A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+ iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+ U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+ mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+ h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+ U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+ mrPzGzk3ECbupFnqyREH3+ZPSdk=
+ </ns2:X509Certificate>
+ </ns2:X509Data>
+ </ns2:KeyInfo>
+ </ns2:Signature>
+ <ns1:Subject>
+ <ns1:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" SPNameQualifier="xenosmilus.umdc.umu.se">
+ _cddc88563d433f556d4cc70c3162deabddea3b5019
+ </ns1:NameID>
+ <ns1:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <ns1:SubjectConfirmationData InResponseTo="bahigehogffohiphlfmplepdpcohkhhmheppcdie" NotOnOrAfter="2009-10-25T18:17:39Z" Recipient="http://xenosmilus.umdc.umu.se:8087/login"/>
+ </ns1:SubjectConfirmation>
+ </ns1:Subject>
+ <ns1:Conditions NotBefore="2009-10-25T18:12:09Z" NotOnOrAfter="2009-10-26T02:12:39Z">
+ <ns1:AudienceRestriction>
+ <ns1:Audience>xenosmilus.umdc.umu.se</ns1:Audience>
+ </ns1:AudienceRestriction>
+ </ns1:Conditions>
+ <ns1:AuthnStatement AuthnInstant="2009-10-25T18:12:39Z" SessionIndex="_788db107b9bb1b6ab94f00deebbfe3d92c999b3041">
+ <ns1:AuthnContext>
+ <ns1:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</ns1:AuthnContextClassRef>
+ </ns1:AuthnContext>
+ </ns1:AuthnStatement>
+ <ns1:AttributeStatement>
+ <ns1:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ student
+ </ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ member
+ </ns1:AttributeValue>
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ student
+ </ns1:AttributeValue>
+ </ns1:Attribute>
+ </ns1:AttributeStatement>
+ </ns1:Assertion>
+</ns0:Response>
diff --git a/tests/saml_signed.xml b/tests/saml_signed.xml
new file mode 100644
index 00000000..ca824c2f
--- /dev/null
+++ b/tests/saml_signed.xml
@@ -0,0 +1,81 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ns0:Response xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://xenosmilus.umdc.umu.se:8087/login" ID="_5271694c3be6883137377fb076355c4bc97f28b3c1" InResponseTo="bahigehogffohiphlfmplepdpcohkhhmheppcdie" IssueInstant="2009-09-25T18:12:39Z" Version="2.0">
+ <ns1:Issuer xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php</ns1:Issuer>
+ <ns0:Status>
+ <ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </ns0:Status>
+ <ns1:Assertion xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx9e022535-4b38-cc7f-41ec-9a01bcd2936d" IssueInstant="2009-09-25T18:12:39Z" Version="2.0">
+ <ns1:Issuer>http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php</ns1:Issuer>
+ <ns2:Signature xmlns:ns2="http://www.w3.org/2000/09/xmldsig#">
+ <ns2:SignedInfo>
+ <ns2:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <ns2:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <ns2:Reference URI="#pfx9e022535-4b38-cc7f-41ec-9a01bcd2936d">
+ <ns2:Transforms>
+ <ns2:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <ns2:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </ns2:Transforms>
+ <ns2:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <ns2:DigestValue>Ij7uELbswQDq4HN6MDTFlF39Z84=</ns2:DigestValue>
+ </ns2:Reference>
+ </ns2:SignedInfo>
+ <ns2:SignatureValue>UUs1oTjqM8hgDVIrSVRPQfT/KLXar0EfXEQ2OiR+BlYzAh/3q2DQtqWHhlkP9ehs
+cncSdBB3t1mZhD2v5B5qNwnsNSuHVwEEPe3tSJ+yICVN7REXPXlm0sOsU2zSooEy
+OmuMZY0K6ERY4fNVnGEAoUZeieehC6/ljmfk14xCAlE=</ns2:SignatureValue>
+ <ns2:KeyInfo>
+ <ns2:X509Data>
+ <ns2:X509Certificate>
+ MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+ BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+ aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+ MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+ gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+ 3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+ efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+ A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+ iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+ U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+ mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+ h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+ U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+ mrPzGzk3ECbupFnqyREH3+ZPSdk=
+ </ns2:X509Certificate>
+ </ns2:X509Data>
+ </ns2:KeyInfo>
+ </ns2:Signature>
+ <ns1:Subject>
+ <ns1:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" SPNameQualifier="xenosmilus.umdc.umu.se">
+ _cddc88563d433f556d4cc70c3162deabddea3b5019
+ </ns1:NameID>
+ <ns1:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <ns1:SubjectConfirmationData InResponseTo="bahigehogffohiphlfmplepdpcohkhhmheppcdie" NotOnOrAfter="2009-09-25T18:17:39Z" Recipient="http://xenosmilus.umdc.umu.se:8087/login"/>
+ </ns1:SubjectConfirmation>
+ </ns1:Subject>
+ <ns1:Conditions NotBefore="2009-09-25T18:12:09Z" NotOnOrAfter="2009-09-26T02:12:39Z">
+ <ns1:AudienceRestriction>
+ <ns1:Audience>xenosmilus.umdc.umu.se</ns1:Audience>
+ </ns1:AudienceRestriction>
+ </ns1:Conditions>
+ <ns1:AuthnStatement AuthnInstant="2009-09-25T18:12:39Z" SessionIndex="_788db107b9bb1b6ab94f00deebbfe3d92c999b3041">
+ <ns1:AuthnContext>
+ <ns1:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</ns1:AuthnContextClassRef>
+ </ns1:AuthnContext>
+ </ns1:AuthnStatement>
+ <ns1:AttributeStatement>
+ <ns1:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ student
+ </ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ member
+ </ns1:AttributeValue>
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ student
+ </ns1:AttributeValue>
+ </ns1:Attribute>
+ </ns1:AttributeStatement>
+ </ns1:Assertion>
+</ns0:Response>
diff --git a/tests/saml_unsigned.xml b/tests/saml_unsigned.xml
new file mode 100644
index 00000000..c0213bfa
--- /dev/null
+++ b/tests/saml_unsigned.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ns0:Response xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" Destination="http://xenosmilus.umdc.umu.se:8087/login" ID="_5271694c3be6883137377fb076355c4bc97f28b3c1" InResponseTo="bahigehogffohiphlfmplepdpcohkhhmheppcdie" IssueInstant="2009-10-25T18:12:39Z" Version="2.0">
+ <ns1:Issuer xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php</ns1:Issuer>
+ <ns0:Status>
+ <ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </ns0:Status>
+ <ns1:Assertion xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" ID="pfx9e022535-4b38-cc7f-41ec-9a01bcd2936d" IssueInstant="2009-10-25T18:12:39Z" Version="2.0">
+ <ns1:Issuer>http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php</ns1:Issuer>
+ <ns1:Subject>
+ <ns1:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" SPNameQualifier="xenosmilus.umdc.umu.se">
+ _cddc88563d433f556d4cc70c3162deabddea3b5019
+ </ns1:NameID>
+ <ns1:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <ns1:SubjectConfirmationData InResponseTo="bahigehogffohiphlfmplepdpcohkhhmheppcdie" NotOnOrAfter="2009-10-25T18:17:39Z" Recipient="http://xenosmilus.umdc.umu.se:8087/login"/>
+ </ns1:SubjectConfirmation>
+ </ns1:Subject>
+ <ns1:Conditions NotBefore="2009-10-25T18:12:09Z" NotOnOrAfter="2009-10-26T02:12:39Z">
+ <ns1:AudienceRestriction>
+ <ns1:Audience>xenosmilus.umdc.umu.se</ns1:Audience>
+ </ns1:AudienceRestriction>
+ </ns1:Conditions>
+ <ns1:AuthnStatement AuthnInstant="2009-10-25T18:12:39Z" SessionIndex="_788db107b9bb1b6ab94f00deebbfe3d92c999b3041">
+ <ns1:AuthnContext>
+ <ns1:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</ns1:AuthnContextClassRef>
+ </ns1:AuthnContext>
+ </ns1:AuthnStatement>
+ <ns1:AttributeStatement>
+ <ns1:Attribute Name="uid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ student
+ </ns1:AttributeValue>
+ </ns1:Attribute>
+ <ns1:Attribute Name="eduPersonAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic">
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ member
+ </ns1:AttributeValue>
+ <ns1:AttributeValue xmlns:ns2="http://www.w3.org/2001/XMLSchema-instance" ns2:type="xs:string">
+ student
+ </ns1:AttributeValue>
+ </ns1:Attribute>
+ </ns1:AttributeStatement>
+ </ns1:Assertion>
+</ns0:Response>
diff --git a/tests/samlp_data.py b/tests/samlp_data.py
new file mode 100644
index 00000000..22ce0a82
--- /dev/null
+++ b/tests/samlp_data.py
@@ -0,0 +1,454 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2007 SIOS Technology, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Test data for saml2"""
+
+__author__ = 'tmatsuo@example.com (Takashi MATSUO)'
+
+TEST_STATUS_CODE = """<?xml version="1.0" encoding="utf-8"?>
+<StatusCode xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+ Value="urn:oasis:names:tc:SAML:2.0:status:Responder">
+ <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:RequestDenied" />
+</StatusCode>
+"""
+
+TEST_STATUS = """<?xml version="1.0" encoding="utf-8"?>
+<Status xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
+ <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder">
+ <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding" />
+ </StatusCode>
+ <StatusMessage>status message</StatusMessage>
+ <StatusDetail><foo bar="bar" /></StatusDetail>
+</Status>
+"""
+
+TEST_NAME_ID_POLICY = """<?xml version="1.0" encoding="utf-8"?>
+<NameIDPolicy xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPNameQualifier="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+ AllowCreate="false"
+/>
+"""
+
+TEST_IDP_ENTRY = """<?xml version="1.0" encoding="utf-8"?>
+<IDPEntry xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+ ProviderID="http://www.example.com/provider"
+ Name="the provider"
+ Loc="http://www.example.com/Loc"
+/>
+"""
+
+TEST_IDP_LIST = """<?xml version="1.0" encoding="utf-8"?>
+<IDPList xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
+ <IDPEntry ProviderID="http://www.example.com/provider"
+ Name="the provider"
+ Loc="http://www.example.com/Loc" />
+ <GetComplete>http://www.example.com/GetComplete</GetComplete>
+</IDPList>
+"""
+
+TEST_SCOPING = """<?xml version="1.0" encoding="utf-8"?>
+<Scoping xmlns="urn:oasis:names:tc:SAML:2.0:protocol" ProxyCount="1">
+ <IDPList>
+ <IDPEntry ProviderID="http://www.example.com/provider"
+ Name="the provider"
+ Loc="http://www.example.com/Loc" />
+ <GetComplete>http://www.example.com/GetComplete</GetComplete>
+ </IDPList>
+ <RequesterID>http://www.example.com/RequesterID</RequesterID>
+</Scoping>
+"""
+
+TEST_REQUESTED_AUTHN_CONTEXT = """<?xml version="1.0" encoding="utf-8"?>
+<RequestedAuthnContext xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+ Comparison="exact">
+ <AuthnContextClassRef xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/authnContextClassRef
+ </AuthnContextClassRef>
+ <AuthnContextDeclRef xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/authnContextDeclRef
+ </AuthnContextDeclRef>
+</RequestedAuthnContext>
+"""
+
+TEST_AUTHN_REQUEST = """<?xml version="1.0" encoding="utf-8"?>
+<AuthnRequest
+ ID="request id"
+ Version="2.0"
+ IssueInstant="2007-09-14T01:05:02Z"
+ Destination="http://www.example.com/Destination"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
+ ForceAuthn="true"
+ IsPassive="true"
+ AssertionConsumerServiceIndex="1"
+ AssertionConsumerServiceURL="http://www.example.com/acs"
+ ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ AttributeConsumingServiceIndex="2"
+ ProviderName="provider name"
+ xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/test
+ </Issuer>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+ </Signature>
+ <Extensions><test/></Extensions>
+ <Subject xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id">
+ tmatsuo@example.com
+ </NameID>
+ <SubjectConfirmation
+ Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id2">
+ admin@example.com
+ </NameID>
+ <SubjectConfirmationData
+ NotBefore="2007-08-31T01:05:02Z"
+ NotOnOrAfter="2007-09-14T01:05:02Z"
+ Recipient="recipient"
+ InResponseTo="responseID"
+ Address="127.0.0.1">
+ </SubjectConfirmationData>
+ </SubjectConfirmation>
+ </Subject>
+ <NameIDPolicy xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPNameQualifier="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+ AllowCreate="false"/>
+ <Conditions
+ xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ NotBefore="2007-08-31T01:05:02Z"
+ NotOnOrAfter="2007-09-14T01:05:02Z">
+ <Condition
+ xsi:type="test"
+ ExtendedAttribute="value"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
+ <AudienceRestriction>
+ <Audience>
+ http://www.example.com/Audience
+ </Audience>
+ </AudienceRestriction>
+ <OneTimeUse />
+ <ProxyRestriction Count="2">
+ <Audience>http://www.example.com/Audience</Audience>
+ </ProxyRestriction>
+ </Conditions>
+ <RequestedAuthnContext xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+ Comparison="exact">
+ <AuthnContextClassRef xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/authnContextClassRef
+ </AuthnContextClassRef>
+ <AuthnContextDeclRef xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/authnContextDeclRef
+ </AuthnContextDeclRef>
+ </RequestedAuthnContext>
+ <Scoping xmlns="urn:oasis:names:tc:SAML:2.0:protocol" ProxyCount="1">
+ <IDPList>
+ <IDPEntry ProviderID="http://www.example.com/provider"
+ Name="the provider"
+ Loc="http://www.example.com/Loc" />
+ <GetComplete>http://www.example.com/GetComplete</GetComplete>
+ </IDPList>
+ <RequesterID>http://www.example.com/RequesterID</RequesterID>
+ </Scoping>
+</AuthnRequest>
+"""
+
+TEST_LOGOUT_REQUEST = """<?xml version="1.0" encoding="utf-8"?>
+<LogoutRequest
+ ID="request id"
+ Version="2.0"
+ IssueInstant="2007-09-14T01:05:02Z"
+ Destination="http://www.example.com/Destination"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
+ NotOnOrAfter="2007-10-14T01:05:02Z"
+ Reason="http://www.example.com/Reason"
+ xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/test
+ </Issuer>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+ </Signature>
+ <Extensions><test/></Extensions>
+ <BaseID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id">
+ tmatsuo@example.com
+ </BaseID>
+ <NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id">
+ tmatsuo@example.com
+ </NameID>
+ <EncryptedID xmlns="urn:oasis:names:tc:SAML:2.0:assertion" />
+ <SessionIndex>session index</SessionIndex>
+</LogoutRequest>
+"""
+
+TEST_LOGOUT_RESPONSE = """<?xml version="1.0" encoding="utf-8"?>
+<LogoutResponse
+ ID="response id"
+ InResponseTo="request id"
+ Version="2.0"
+ IssueInstant="2007-09-14T01:05:02Z"
+ Destination="http://www.example.com/Destination"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
+ xmlns="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/test
+ </Issuer>
+ <Signature xmlns="http://www.w3.org/2000/09/xmldsig#" Id="id">
+ <SignedInfo Id="id">
+ <CanonicalizationMethod
+ Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments">
+ </CanonicalizationMethod>
+ <SignatureMethod
+ Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1">
+ <HMACOutputLength>8</HMACOutputLength>
+ </SignatureMethod>
+ <Reference Id="id" URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <DigestValue>digest value</DigestValue>
+ </Reference>
+ </SignedInfo>
+ <SignatureValue Id="id">
+ signature value
+ </SignatureValue>
+ <KeyInfo Id="id">
+ <KeyName>
+ key name
+ </KeyName>
+ <KeyValue>
+ <DSAKeyValue>
+ <P>p</P>
+ <Q>q</Q>
+ <G>g</G>
+ <Y>y</Y>
+ <J>j</J>
+ <Seed>seed</Seed>
+ <PgenCounter>pgen counter</PgenCounter>
+ </DSAKeyValue>
+ </KeyValue>
+ <RetrievalMethod URI="http://www.example.com/URI"
+ Type="http://www.example.com/Type">
+ <Transforms>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ <Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature">
+ <XPath>xpath</XPath>
+ </Transform>
+ </Transforms>
+ </RetrievalMethod>
+ <X509Data>
+ <X509IssuerSerial>
+ <X509IssuerName>issuer name</X509IssuerName>
+ <X509IssuerNumber>1</X509IssuerNumber>
+ </X509IssuerSerial>
+ <X509SKI>x509 ski</X509SKI>
+ <X509SubjectName>x509 subject name</X509SubjectName>
+ <X509Certificate>x509 certificate</X509Certificate>
+ <X509CRL>x509 crl</X509CRL>
+ </X509Data>
+ <PGPData>
+ <PGPKeyID>pgp key id</PGPKeyID>
+ <PGPKeyPacket>pgp key packet</PGPKeyPacket>
+ </PGPData>
+ <MgmtData>
+ mgmt data
+ </MgmtData>
+ <SPKIData>
+ <SPKISexp>spki sexp</SPKISexp>
+ <SPKISexp>spki sexp2</SPKISexp>
+ </SPKIData>
+ </KeyInfo>
+ <Object Id="object_id" Encoding="http://www.w3.org/2000/09/xmldsig#base64">
+ V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo
+ </Object>
+ </Signature>
+ <Extensions><test/></Extensions>
+ <Status>
+ <StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder">
+ <StatusCode
+ Value="urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding" />
+ </StatusCode>
+ <StatusMessage>status message</StatusMessage>
+ <StatusDetail><foo bar="bar" /></StatusDetail>
+ </Status>
+</LogoutResponse>
+"""
diff --git a/tests/server2_conf.py b/tests/server2_conf.py
new file mode 100644
index 00000000..bf64dde4
--- /dev/null
+++ b/tests/server2_conf.py
@@ -0,0 +1,50 @@
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:sp",
+ "name" : "urn:mace:example.com:saml:roland:sp",
+ "description": "My own SP",
+ "service": {
+ "sp": {
+ "endpoints":{
+ "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp":["urn:mace:example.com:saml:roland:idp"],
+ "subject_data": "subject_data.db",
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ "xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["idp_soap.xml", "vo_metadata.xml"],
+ },
+ "virtual_organization" : {
+ "urn:mace:example.com:it:tek":{
+ "nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
+ "common_identifier": "umuselin",
+ }
+ },
+ "accepted_time_diff": 60,
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": ("AB Exempel", "se"),
+ "display_name": ("AB Exempel", "se"),
+ "url": "http://www.example.org",
+ },
+ "contact_person": [{
+ "given_name": "Roland",
+ "sur_name": "Hedberg",
+ "telephone_number": "+46 70 100 0000",
+ "email_address": ["tech@example.com", "tech@example.org"],
+ "contact_type": "technical"
+ },
+ ]
+}
diff --git a/tests/server3_conf.py b/tests/server3_conf.py
new file mode 100644
index 00000000..d09c1f0b
--- /dev/null
+++ b/tests/server3_conf.py
@@ -0,0 +1,49 @@
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:sp",
+ "name" : "urn:mace:example.com:saml:roland:sp",
+ "description": "My own SP",
+ "service": {
+ "sp": {
+ "endpoints":{
+ "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp":["urn:mace:example.com:saml:roland:idp"],
+ "subject_data": "subject_data.db",
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["idp_aa.xml", "vo_metadata.xml"],
+ },
+ "virtual_organization" : {
+ "urn:mace:example.com:it:tek":{
+ "nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
+ "common_identifier": "umuselin",
+ }
+ },
+ "accepted_time_diff": 60,
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": ("AB Exempel", "se"),
+ "display_name": ("AB Exempel", "se"),
+ "url": "http://www.example.org",
+ },
+ "contact_person": [{
+ "given_name": "Roland",
+ "sur_name": "Hedberg",
+ "telephone_number": "+46 70 100 0000",
+ "email_address": ["tech@example.com", "tech@example.org"],
+ "contact_type": "technical"
+ },
+ ]
+}
diff --git a/tests/server_conf.py b/tests/server_conf.py
new file mode 100644
index 00000000..d7b6505b
--- /dev/null
+++ b/tests/server_conf.py
@@ -0,0 +1,58 @@
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+CONFIG={
+ "entityid" : "urn:mace:example.com:saml:roland:sp",
+ "name" : "urn:mace:example.com:saml:roland:sp",
+ "description": "My own SP",
+ "service": {
+ "sp": {
+ "endpoints":{
+ "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp": ["urn:mace:example.com:saml:roland:idp"],
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ "ca_certs": "cacerts.txt",
+ "xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["idp.xml", "vo_metadata.xml"],
+ },
+ "virtual_organization" : {
+ "urn:mace:example.com:it:tek":{
+ "nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
+ "common_identifier": "umuselin",
+ }
+ },
+ "subject_data": "subject_data.db",
+ "accepted_time_diff": 60,
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": ("AB Exempel", "se"),
+ "display_name": ("AB Exempel", "se"),
+ "url": "http://www.example.org",
+ },
+ "contact_person": [{
+ "given_name": "Roland",
+ "sur_name": "Hedberg",
+ "telephone_number": "+46 70 100 0000",
+ "email_address": ["tech@eample.com", "tech@example.org"],
+ "contact_type": "technical"
+ },
+ ],
+ "logger": {
+ "rotating": {
+ "filename": "sp.log",
+ "maxBytes": 100000,
+ "backupCount": 5,
+ },
+ "loglevel": "warning",
+ }
+}
diff --git a/tests/server_conf_syslog.py b/tests/server_conf_syslog.py
new file mode 100644
index 00000000..44e04a0c
--- /dev/null
+++ b/tests/server_conf_syslog.py
@@ -0,0 +1,59 @@
+__author__ = 'rolandh'
+
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+CONFIG={
+ "entityid" : "urn:mace:example.com:saml:roland:sp",
+ "name" : "urn:mace:example.com:saml:roland:sp",
+ "description": "My own SP",
+ "service": {
+ "sp": {
+ "endpoints":{
+ "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp": ["urn:mace:example.com:saml:roland:idp"],
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["idp.xml", "vo_metadata.xml"],
+ },
+ "virtual_organization" : {
+ "urn:mace:example.com:it:tek":{
+ "nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
+ "common_identifier": "umuselin",
+ }
+ },
+ "subject_data": "subject_data.db",
+ "accepted_time_diff": 60,
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": ("AB Exempel", "se"),
+ "display_name": ("AB Exempel", "se"),
+ "url": "http://www.example.org",
+ },
+ "contact_person": [{
+ "given_name": "Roland",
+ "sur_name": "Hedberg",
+ "telephone_number": "+46 70 100 0000",
+ "email_address": ["tech@eample.com", "tech@example.org"],
+ "contact_type": "technical"
+ },
+ ],
+ "logger": {
+ "syslog": {
+ "address": ("localhost", 514),
+ "facility": "local3",
+ "socktype": "dgram",
+ },
+ "loglevel": "info",
+ }
+}
diff --git a/tests/simplesamlphp_authnresponse.xml b/tests/simplesamlphp_authnresponse.xml
new file mode 100644
index 00000000..93b2a615
--- /dev/null
+++ b/tests/simplesamlphp_authnresponse.xml
@@ -0,0 +1,104 @@
+<?xml version="1.0"?>
+<samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ ID="_162f441d28cff78e3bb1d3c2bf3e48b5ed532605fd"
+ InResponseTo="_ae0216740b5baa4b13c79ffdb2baa82572788fd9a3" Version="2.0"
+ IssueInstant="2008-05-27T07:49:23Z"
+ Destination="https://foodle.feide.no/simplesaml/saml2/sp/AssertionConsumerService.php">
+ <saml:Issuer xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">https://openidp.feide.no</saml:Issuer>
+ <samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol">
+ <samlp:StatusCode xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
+ </samlp:Status>
+ <saml:Assertion Version="2.0" ID="pfxb27555d8-8c06-a339-c7ae-f544b2fd1507"
+ IssueInstant="2008-05-27T07:49:23Z">
+ <saml:Issuer>https://openidp.feide.no</saml:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <ds:Reference URI="#pfxb27555d8-8c06-a339-c7ae-f544b2fd1507">
+ <ds:Transforms>
+ <ds:Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <ds:DigestValue>WUaqPW4nZ8uPyv+sf8qXsaKhHmk=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>CRq1VvptjNHenZ5aWkyD6GqQX+XLgNiqElJnyLbMUgiwrFZ5J8IEGtC8h2YiwID15ScxVt6tjQc8R3gXkP967PIlemmhYQ4US7V3oPczu4MECamj+07wAg7BCp05UVU3RI3pvi/2dQGRRX4tlXgkzUMzx8+cBeyZaI/BXKjhKEY=</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICizCCAfQCCQCY8tKaMc0BMjANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMCTk8xEjAQBgNVBAgTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEOMAwGA1UECxMFRmVpZGUxGTAXBgNVBAMTEG9wZW5pZHAuZmVpZGUubm8xKTAnBgkqhkiG9w0BCQEWGmFuZHJlYXMuc29sYmVyZ0B1bmluZXR0Lm5vMB4XDTA4MDUwODA5MjI0OFoXDTM1MDkyMzA5MjI0OFowgYkxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQxDjAMBgNVBAsTBUZlaWRlMRkwFwYDVQQDExBvcGVuaWRwLmZlaWRlLm5vMSkwJwYJKoZIhvcNAQkBFhphbmRyZWFzLnNvbGJlcmdAdW5pbmV0dC5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt8jLoqI1VTlxAZ2axiDIThWcAOXdu8KkVUWaN/SooO9O0QQ7KRUjSGKN9JK65AFRDXQkWPAu4HlnO4noYlFSLnYyDxI66LCr71x4lgFJjqLeAvB/GqBqFfIZ3YK/NrhnUqFwZu63nLrZjcUZxNaPjOOSRSDaXpv1kb5k3jOiSGECAwEAATANBgkqhkiG9w0BAQUFAAOBgQBQYj4cAafWaYfjBU2zi1ElwStIaJ5nyp/s/8B8SAPK2T79McMyccP3wSW13LHkmM1jwKe3ACFXBvqGQN0IbcH49hu0FKhYFM/GPDJcIHFBsiyMBXChpye9vBaTNEBCtU3KjjyG0hRT2mAQ9h+bkPmOvlEo/aH0xR68Z9hw4PF13w==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml:Subject>
+ <saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
+ SPNameQualifier="urn:mace:feide.no:services:no.feide.foodle"
+ >_242f88493449e639aab95dd9b92b1d04234ab84fd8</saml:NameID>
+ <saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml:SubjectConfirmationData NotOnOrAfter="2008-05-27T07:54:23Z"
+ InResponseTo="_ae0216740b5baa4b13c79ffdb2baa82572788fd9a3"
+ Recipient="https://foodle.feide.no/simplesaml/saml2/sp/AssertionConsumerService.php"
+ />
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Conditions NotBefore="2008-05-27T07:48:53Z" NotOnOrAfter="2008-05-27T07:54:23Z">
+ <saml:AudienceRestriction>
+ <saml:Audience>urn:mace:feide.no:services:no.feide.foodle</saml:Audience>
+ </saml:AudienceRestriction>
+ </saml:Conditions>
+ <saml:AuthnStatement AuthnInstant="2008-05-27T07:49:23Z"
+ SessionIndex="_4f39c931b35a8dd4540b0a6929a361fa134ec8f7b5">
+ <saml:AuthnContext>
+ <saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml:AuthnContextClassRef>
+ </saml:AuthnContext>
+ </saml:AuthnStatement>
+ <saml:AttributeStatement>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="cn">
+ <saml:AttributeValue xsi:type="xs:string">Andreas Solberg</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="sn">
+ <saml:AttributeValue xsi:type="xs:string">Solberg</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="uid">
+ <saml:AttributeValue xsi:type="xs:string">andreas</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="edupersonaffiliation">
+ <saml:AttributeValue xsi:type="xs:string">employee</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="edupersonentitlement">
+ <saml:AttributeValue xsi:type="xs:string"
+ >urn:mace:feide.no:entitlement:test</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="edupersonnickname">
+ <saml:AttributeValue xsi:type="xs:string">erlang</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="eduPersonPrincipalName">
+ <saml:AttributeValue xsi:type="xs:string">andreas@rnd.feide.no</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="mail">
+ <saml:AttributeValue xsi:type="xs:string">andreas@uninett.no</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+ Name="mobile">
+ <saml:AttributeValue xsi:type="xs:string">+4741107700</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="o">
+ <saml:AttributeValue xsi:type="xs:string">Feide RnD</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic" Name="ou">
+ <saml:AttributeValue xsi:type="xs:string">Guests</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+ </saml:Assertion>
+</samlp:Response> \ No newline at end of file
diff --git a/tests/sp_0.metadata b/tests/sp_0.metadata
new file mode 100644
index 00000000..6fb6146e
--- /dev/null
+++ b/tests/sp_0.metadata
@@ -0,0 +1,17 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:EntityDescriptor entityID="http://www.example.com/roland/sp"><ns0:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="location" /><ns0:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://localhost:8087/" index="1" /><ns0:AttributeConsumingService index="1"><ns0:ServiceName xml:lang="en">Rolands SP</ns0:ServiceName><ns0:ServiceDescription xml:lang="en">Roland own test SP</ns0:ServiceDescription><ns0:RequestedAttribute Name="surName" isRequired="true" /><ns0:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" /><ns0:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" /><ns0:RequestedAttribute FriendlyName="title" Name="urn:oid:2.5.4.12" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /></ns0:AttributeConsumingService></ns0:SPSSODescriptor></ns0:EntityDescriptor></ns0:EntitiesDescriptor>
diff --git a/tests/sp_1_conf.py b/tests/sp_1_conf.py
new file mode 100644
index 00000000..649375a9
--- /dev/null
+++ b/tests/sp_1_conf.py
@@ -0,0 +1,50 @@
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:sp",
+ "name" : "urn:mace:example.com:saml:roland:sp",
+ "description": "My own SP",
+ "service": {
+ "sp": {
+ "endpoints":{
+ "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp": ["urn:mace:example.com:saml:roland:idp"],
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["idp.xml", "vo_metadata.xml"],
+ },
+ "virtual_organization" : {
+ "urn:mace:example.com:it:tek":{
+ "nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
+ "common_identifier": "umuselin",
+ }
+ },
+ "subject_data": "subject_data.db",
+ "accepted_time_diff": 60,
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": ("AB Exempel", "se"),
+ "display_name": ("AB Exempel", "se"),
+ "url": "http://www.example.org",
+ },
+ "contact_person": [{
+ "given_name": "Roland",
+ "sur_name": "Hedberg",
+ "telephone_number": "+46 70 100 0000",
+ "email_address": ["tech@eample.com", "tech@example.org"],
+ "contact_type": "technical"
+ },
+ ],
+ "secret": "0123456789",
+}
diff --git a/tests/sp_2_conf.py b/tests/sp_2_conf.py
new file mode 100644
index 00000000..2de3a2bc
--- /dev/null
+++ b/tests/sp_2_conf.py
@@ -0,0 +1,51 @@
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:sp",
+ "name" : "urn:mace:example.com:saml:roland:sp",
+ "description": "My own SP",
+ "service": {
+ "sp": {
+ "endpoints":{
+ "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp": ["urn:mace:example.com:saml:roland:idp"],
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ "xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["idp_2.xml"],
+ },
+ "virtual_organization" : {
+ "urn:mace:example.com:it:tek":{
+ "nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
+ "common_identifier": "umuselin",
+ }
+ },
+ "subject_data": "subject_data.db",
+ "accepted_time_diff": 60,
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": ("AB Exempel", "se"),
+ "display_name": ("AB Exempel", "se"),
+ "url": "http://www.example.org",
+ },
+ "contact_person": [{
+ "given_name": "Roland",
+ "sur_name": "Hedberg",
+ "telephone_number": "+46 70 100 0000",
+ "email_address": ["tech@eample.com", "tech@example.org"],
+ "contact_type": "technical"
+ },
+ ],
+ "secret": "0123456789",
+ "only_use_keys_in_metadata": True
+ }
diff --git a/tests/sp_slo_redirect.xml b/tests/sp_slo_redirect.xml
new file mode 100644
index 00000000..7db2c837
--- /dev/null
+++ b/tests/sp_slo_redirect.xml
@@ -0,0 +1,17 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:sp"><ns0:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://lingon.catalogix.se:8087/slo" /><ns0:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://lingon.catalogix.se:8087/" index="1" /><ns0:AttributeConsumingService index="1"><ns0:ServiceName xml:lang="en">urn:mace:example.com:saml:roland:sp</ns0:ServiceName><ns0:ServiceDescription xml:lang="en">My own SP</ns0:ServiceDescription><ns0:RequestedAttribute Name="surName" isRequired="true" /><ns0:RequestedAttribute FriendlyName="givenName" Name="urn:oid:2.5.4.42" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" /><ns0:RequestedAttribute FriendlyName="mail" Name="urn:oid:0.9.2342.19200300.100.1.3" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true" /><ns0:RequestedAttribute FriendlyName="title" Name="urn:oid:2.5.4.12" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false" /></ns0:AttributeConsumingService></ns0:SPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="se">AB Exempel</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="se">AB Exempel</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="en">http://www.example.org</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>Roland</ns0:GivenName><ns0:SurName>Hedberg</ns0:SurName><ns0:EmailAddress>tech@eample.com</ns0:EmailAddress><ns0:EmailAddress>tech@example.org</ns0:EmailAddress><ns0:TelephoneNumber>+46 70 100 0000</ns0:TelephoneNumber></ns0:ContactPerson></ns0:EntityDescriptor></ns0:EntitiesDescriptor>
diff --git a/tests/sp_slo_redirect_conf.py b/tests/sp_slo_redirect_conf.py
new file mode 100644
index 00000000..7a22b8c7
--- /dev/null
+++ b/tests/sp_slo_redirect_conf.py
@@ -0,0 +1,57 @@
+from saml2 import BINDING_HTTP_REDIRECT
+from saml2.saml import NAMEID_FORMAT_PERSISTENT
+from saml2.saml import NAME_FORMAT_URI
+
+try:
+ from xmlsec_location import xmlsec_path
+except ImportError:
+ xmlsec_path = '/opt/local/bin/xmlsec1'
+
+HOME = "http://lingon.catalogix.se:8087/"
+CONFIG = {
+ "entityid" : "urn:mace:example.com:saml:roland:sp",
+ "name" : "urn:mace:example.com:saml:roland:sp",
+ "description": "My own SP",
+ "service": {
+ "sp": {
+ "endpoints":{
+ "assertion_consumer_service": [
+ (HOME, BINDING_HTTP_REDIRECT)],
+ "single_logout_service" : [
+ (HOME+"slo",BINDING_HTTP_REDIRECT)],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp": ["urn:mace:example.com:saml:roland:idp"],
+ "subject_data": "subject_data.db",
+ }
+ },
+ "debug" : 1,
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ #"xmlsec_binary" : xmlsec_path,
+ "metadata": {
+ "local": ["idp_slo_redirect.xml"],
+ },
+ "virtual_organization" : {
+ "urn:mace:example.com:it:tek":{
+ "nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
+ "common_identifier": "umuselin",
+ }
+ },
+ "accepted_time_diff": 60,
+ "attribute_map_dir" : "attributemaps",
+ "organization": {
+ "name": ("AB Exempel", "se"),
+ "display_name": ("AB Exempel", "se"),
+ "url": "http://www.example.org",
+ },
+ "contact_person": [{
+ "given_name": "Roland",
+ "sur_name": "Hedberg",
+ "telephone_number": "+46 70 100 0000",
+ "email_address": ["tech@eample.com", "tech@example.org"],
+ "contact_type": "technical"
+ },
+ ]
+}
diff --git a/tests/swamid-1.0.xml b/tests/swamid-1.0.xml
new file mode 100644
index 00000000..cf267de5
--- /dev/null
+++ b/tests/swamid-1.0.xml
@@ -0,0 +1,12695 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ This file was automatically generated - do not edit
+
+ -->
+<md:EntitiesDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" Name="http://md.swamid.se/md/swamid-1.0.xml"><ds:Signature><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI=""><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>UwN8jiLxhTQtHuuIN5oif0Qr3cg=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>h61jhhYjHAiinGbGQhu/wNApcGcrTsGgy09wCmnJIsTqe1fY4gOrpo4OUp/UeCMJ
+HlZDTkAIANPFEeKoDsJTC/w+hD3PGnUggGmME+MBqP/OsFri2QRqq0zccj7/Oakz
+6ofRvJnjVJu1XpmFatpc6NBo7m+JjFECNFcrJ6ysadi4yUohzNGOasGBsQN8V0kC
+QuKUWPxU4C+wU79mnTYZ4qx8YH+7bDy+p8A6ft2Rz4NoNPZgowc+4EilzhxJNeS0
+Ki7av+d82e1wYQ8lAGTwBpRyx+51Fc/Bwn12K6o1C+MiD8zD8us82+kKDhBcYYQI
+EAPTC3NZ7z+SwiHSZGZ0mw==</ds:SignatureValue><ds:KeyInfo><ds:X509Data>
+<X509Certificate xmlns="http://www.w3.org/2000/09/xmldsig#">MIIDdTCCAl0CBEY7EskwDQYJKoZIhvcNAQEEBQAwfzELMAkGA1UEBhMCU0UxEjAQ
+BgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMREwDwYDVQQKEwhT
+V0FNSS5zZTEPMA0GA1UECxMGU1dBTUlEMSQwIgYDVQQDExtTV0FNSUQgbWV0YWRh
+dGEgc2lnbmVyIHYxLjEwHhcNMDcwNTA0MTEwMjMzWhcNMTcwNTAxMTEwMjMzWjB/
+MQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9j
+a2hvbG0xETAPBgNVBAoTCFNXQU1JLnNlMQ8wDQYDVQQLEwZTV0FNSUQxJDAiBgNV
+BAMTG1NXQU1JRCBtZXRhZGF0YSBzaWduZXIgdjEuMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAM6wXN3pVCo98SACS6JCHjSlWj83oNL/Ct+a9hmAx1NZ
+SKg7lnEJYwWBvzJt5o/47jRQbGm94a45Yy5LVoXq4XyCKINhMxSwbRROvr8Hw6tg
+P1Z9dk5Jjejvus3gyaH3+EuEyP4aIjTlgmHDwW6HOv/m/4bOXSHB4Pisn7aocqU7
+kjpOn1f0cGodWOgGO4tP7KXs6ndcLhIkW+e/B80WEr0kocuc/pvx+aLuKSkttk/A
+fP1DFs5sqX31RXQKGrB/uEEYVv1Qvneig+RXGSbqk2Tab3BcLE/Cjnfi9Q9cH/jR
+eL/YSSafGtl+EBgXKszxjMtELhiEWsL9RrMu1HUkBusCAwEAATANBgkqhkiG9w0B
+AQQFAAOCAQEAkXaa61gp/lkEDNRFc0bzH3ZyoUFgol64F1zdAwBS3xnsCkTnAXt3
+p452daEyz+0UR5J/BruMOyvR57w1m7ckVnx/sAgRgaD6gQlUWehjKPEsx8o5iDfO
+5R1V5Rn2o7+0VuIJDDObEAtMwqn2Nk6TTzsUVfz5y9nUQAxBz3EqXnnSgRwqSwRF
+yiVkpVfwtUHIolAf6O2N9Fg1jqoqt4mQCOyRZpD0/5SRYESTY6TJjTmvoh+zOPlI
+yEiw+Zrl/FWjXtBnRnz8AVT5NRzYiMHdbTHs0Fh6elsb5b9gTBo7j6+t36m7oo2K
+DaWWpMWvuWHugEqvIAXDCI/HzTbbiWm9NQ==</X509Certificate>
+</ds:X509Data></ds:KeyInfo></ds:Signature>
+ <md:EntityDescriptor ID="_eebcbd51d43986142c070ad091b66099" entityID="https://order.kib.ki.se/shibboleth" xml:base="swamid-1.0/order.kib.ki.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://order.kib.ki.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>order3.cb.ad</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=order3.cb.ad</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAKiPmXgb0jZdMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDG9yZGVyMy5jYi5hZDAeFw0wOTAyMTAxMjM5MzZaFw0xOTAyMDgxMjM5MzZa
+MBcxFTATBgNVBAMTDG9yZGVyMy5jYi5hZDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL/0D/AlkYaW6kkDFE4cpyrTF9qSqTxeaMiiHUdjw0BAq4eH/pH/
+9asVrtl5OkNK4GRP5Grwu1Ebxu7E53etjJXnn2IHpXrDlDmfrRRhcbV4KSJrFytW
+kBXHgBvGa/R9FLyJdBSvmNO/LY0TtrZXA6Jh/ZsMxChqSMp4QqRjUv9ftCFOZr0c
+MMUQuYAZC74CwCzjD59S/u1EVgd1oj1mvk4qt/Znl5Y4UNu8Nwgvp29xXgyGC3O0
+N6ZPV2/x5aofl6rWeTiGBUBLNPV41lPIoHpAxU0mdH++FRI5EFKeIZhKKDKUFCtm
+G0nsgaMX7YUWzDas3wWZGv+bP/tGfvL7Z6ECAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+b3JkZXIzLmNiLmFkMB0GA1UdDgQWBBSXh8MggMc1hc/5JyvrlEPbZja5PDANBgkq
+hkiG9w0BAQUFAAOCAQEATJHWhMNioZKtvdDzH2IJfMecvSHxZwdg26tfLmriOJvb
+t5cJkdRcQWX74TarAoTgnQOHa4CcE6vYM0I+ihny+xxPz7uCbuwJr05qEImWnloq
+0/qLrVNVvnvQTiKWLrtm7Uew5djgf1qL1SMuHM9DOjTo0gs4YDLztDbYkBvFTA76
+0EjTdV5FU94cL+Mw/Laug0wouLqWuT77Zyc5WluQlfaS0MpQLac2qdLZNtnK+L3d
+RJm+DQbWtEH144Z3nMzk8jbylRWrrWYKFgg+6OhuwKr3AhtDvJpJoZSBJHEHFJoG
+ZnpMbRDL4QVlO6/nMZjUzttWoq+9rjmPowjbgd3RtQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>order3.cb.ad</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=order3.cb.ad</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAKiPmXgb0jZdMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDG9yZGVyMy5jYi5hZDAeFw0wOTAyMTAxMjM5MzZaFw0xOTAyMDgxMjM5MzZa
+MBcxFTATBgNVBAMTDG9yZGVyMy5jYi5hZDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL/0D/AlkYaW6kkDFE4cpyrTF9qSqTxeaMiiHUdjw0BAq4eH/pH/
+9asVrtl5OkNK4GRP5Grwu1Ebxu7E53etjJXnn2IHpXrDlDmfrRRhcbV4KSJrFytW
+kBXHgBvGa/R9FLyJdBSvmNO/LY0TtrZXA6Jh/ZsMxChqSMp4QqRjUv9ftCFOZr0c
+MMUQuYAZC74CwCzjD59S/u1EVgd1oj1mvk4qt/Znl5Y4UNu8Nwgvp29xXgyGC3O0
+N6ZPV2/x5aofl6rWeTiGBUBLNPV41lPIoHpAxU0mdH++FRI5EFKeIZhKKDKUFCtm
+G0nsgaMX7YUWzDas3wWZGv+bP/tGfvL7Z6ECAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+b3JkZXIzLmNiLmFkMB0GA1UdDgQWBBSXh8MggMc1hc/5JyvrlEPbZja5PDANBgkq
+hkiG9w0BAQUFAAOCAQEATJHWhMNioZKtvdDzH2IJfMecvSHxZwdg26tfLmriOJvb
+t5cJkdRcQWX74TarAoTgnQOHa4CcE6vYM0I+ihny+xxPz7uCbuwJr05qEImWnloq
+0/qLrVNVvnvQTiKWLrtm7Uew5djgf1qL1SMuHM9DOjTo0gs4YDLztDbYkBvFTA76
+0EjTdV5FU94cL+Mw/Laug0wouLqWuT77Zyc5WluQlfaS0MpQLac2qdLZNtnK+L3d
+RJm+DQbWtEH144Z3nMzk8jbylRWrrWYKFgg+6OhuwKr3AhtDvJpJoZSBJHEHFJoG
+ZnpMbRDL4QVlO6/nMZjUzttWoq+9rjmPowjbgd3RtQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://order.kib.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://order.kib.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://order.kib.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://order.kib.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://order.kib.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://order.kib.ki.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://order.kib.ki.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://order.kib.ki.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://order.kib.ki.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://order.kib.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://order.kib.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://order.kib.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://order.kib.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://order.kib.ki.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://order.kib.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://dedserv79.levonline.com/shibboleth" xml:base="swamid-1.0/dedserv79.levonline.com.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDqTCCAxKgAwIBAgIQR6zE+Dd0h7n/xp/glALOXTANBgkqhkiG9w0BAQUFADCB
+xDELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
+Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
+CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhh
+d3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0
+ZS5jb20wHhcNMDgxMjMxMDAwMDAwWhcNMDkxMjMxMjM1OTU5WjCBvjEfMB0GA1UE
+ChMWd3d3LnN1LmRlc2lnbm1hbnVhbC5zZTE7MDkGA1UECxMyR28gdG8gaHR0cHM6
+Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5L2luZGV4Lmh0bWwxIjAgBgNVBAsT
+GVRoYXd0ZSBTU0wxMjMgY2VydGlmaWNhdGUxGTAXBgNVBAsTEERvbWFpbiBWYWxp
+ZGF0ZWQxHzAdBgNVBAMTFnd3dy5zdS5kZXNpZ25tYW51YWwuc2UwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAOXSB2UaeXIMM6A3GLYEuJzLon24K7epkJ4+YuhI
+d5f8DkAURzp4ZQSy7xs51NH2sha/PrcJehsax0QqEfM/lZ7HVH0iXx1Rl8Ou2hXE
+69Dm3zCf4TJKXNPrayGhNfq1gWu96COQ2h7rwReQYDcLUZ6aN40fyWyx5fMDp71f
+tHk7AgMBAAGjgZ8wgZwwDAYDVR0TAQH/BAIwADA5BgNVHR8EMjAwMC6gLKAqhiho
+dHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlU2VydmVyQ0EuY3JsMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUH
+MAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5jb20wDQYJKoZIhvcNAQEFBQADgYEAyEa5
+yGXa4LSFMNuxnj6s4l9gG+pndoPlUC2c7Ux6dvD6GS17RV5Xq2ZZUk0J9yIoBAnZ
+inwJzduHXWa66JEY8lPf9ir7WKOZ6BcDMfhsYDVRoBoFlStIgXbweoaA/pJbadXH
+qlG83cbyWydqYCCYruAVslAykrwfBXAXdCs4YBs=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dedserv79.levonline.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Emanuel</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Emanuel AB</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.emanuel.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Emanuel AB</Company>
+ <GivenName>Fredrik</GivenName>
+ <SurName>Näslund</SurName>
+ <EmailAddress>fredrik.naslund@emanuel.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://mondo.su.se/Shibboleth.sso" xml:base="swamid-1.0/mondo.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mondo.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mondo.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>mondo-prod-sp01</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mondo-prod-sp01</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAM4UJR2qKYERMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD21vbmRvLXByb2Qtc3AwMTAeFw0xMDEyMDcwOTUyMjhaFw0yMDEyMDQwOTUy
+MjhaMBoxGDAWBgNVBAMTD21vbmRvLXByb2Qtc3AwMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANHDpW8ngm6S+O6mOrOLGoxikroSOp4ClimdSi1Pb4f1
+wH++06xGrPuokxkS/nmSdv2xm4mJHVwr7JeZp3p0ZHX/yxZMCw7s52w0PrN7/e9+
+Ey8VVBfDUh86jhMrKfBu+fKq63fW+qnvuFKEL84kkOeED4XvzuhwZf5+qZBhmrH1
+0GJUYTizTjPJQdltNbYVvXu9qzs6LX2P4RIg2H+Tk9bZ8a8fGgjtfvSafkp5i9t+
+J+ibw7nF/MRPamL59OGBU8djeWboRM/Oieo0Mt4aaO3W2hwbwoq38TaPKiy+VkhO
+Aa6RLmbPDTzh41l9gW2Je0lk7ioW+J/c5ozAfEbkeVcCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPbW9uZG8tcHJvZC1zcDAxMB0GA1UdDgQWBBSL7nCk9l9a+y+ESFJPaEWc
+R/E+KjANBgkqhkiG9w0BAQUFAAOCAQEArzbPoh14ZeOaO7KtyQ5b9itZL6XoGgxg
+qDfLT9pSpxeEceZ3RuZZKSO00PhSZnPmku5sERzUsmRusO51lBZa1O5chwSdQ9Wu
+qgf4nRO0eLV1DxrVNJa9YEf1C9EF1/gvroH3tVmxjGx+5MxjNe3ZVeUQU3pwqDmv
+QRqWkgrelnHcniL1hgNABqyvxnP4Gn/vMvkVMNi5pzdG+MHnmZnH7Kv8g0Cd9uNf
+3a0hM0uphP4e9/KSBhFYfswjH0mOvHjXW3/6bbimc+zxs4mNxNWP2sPtIvkCkXHM
+z/E5dFvlHgjgE2ON6BQ/LtWQP5FMV/ZXjsRSINnc12T9AQV6Q4P51Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>mondo-prod-sp01</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mondo-prod-sp01</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAM4UJR2qKYERMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD21vbmRvLXByb2Qtc3AwMTAeFw0xMDEyMDcwOTUyMjhaFw0yMDEyMDQwOTUy
+MjhaMBoxGDAWBgNVBAMTD21vbmRvLXByb2Qtc3AwMTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANHDpW8ngm6S+O6mOrOLGoxikroSOp4ClimdSi1Pb4f1
+wH++06xGrPuokxkS/nmSdv2xm4mJHVwr7JeZp3p0ZHX/yxZMCw7s52w0PrN7/e9+
+Ey8VVBfDUh86jhMrKfBu+fKq63fW+qnvuFKEL84kkOeED4XvzuhwZf5+qZBhmrH1
+0GJUYTizTjPJQdltNbYVvXu9qzs6LX2P4RIg2H+Tk9bZ8a8fGgjtfvSafkp5i9t+
+J+ibw7nF/MRPamL59OGBU8djeWboRM/Oieo0Mt4aaO3W2hwbwoq38TaPKiy+VkhO
+Aa6RLmbPDTzh41l9gW2Je0lk7ioW+J/c5ozAfEbkeVcCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPbW9uZG8tcHJvZC1zcDAxMB0GA1UdDgQWBBSL7nCk9l9a+y+ESFJPaEWc
+R/E+KjANBgkqhkiG9w0BAQUFAAOCAQEArzbPoh14ZeOaO7KtyQ5b9itZL6XoGgxg
+qDfLT9pSpxeEceZ3RuZZKSO00PhSZnPmku5sERzUsmRusO51lBZa1O5chwSdQ9Wu
+qgf4nRO0eLV1DxrVNJa9YEf1C9EF1/gvroH3tVmxjGx+5MxjNe3ZVeUQU3pwqDmv
+QRqWkgrelnHcniL1hgNABqyvxnP4Gn/vMvkVMNi5pzdG+MHnmZnH7Kv8g0Cd9uNf
+3a0hM0uphP4e9/KSBhFYfswjH0mOvHjXW3/6bbimc+zxs4mNxNWP2sPtIvkCkXHM
+z/E5dFvlHgjgE2ON6BQ/LtWQP5FMV/ZXjsRSINnc12T9AQV6Q4P51Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mondo.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mondo.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mondo.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mondo.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mondo.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mondo.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mondo.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mondo.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mondo.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mondo.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://mondo.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mondo.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://mondo.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mondo.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://mondo.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://mondo-test.su.se/Shibboleth.sso" xml:base="swamid-1.0/mondo-test.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mondo-test.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mondo-test.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>mondo-test-sp02</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mondo-test-sp02</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJANS6H+ZEuG+GMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD21vbmRvLXRlc3Qtc3AwMjAeFw0xMDExMTkxMjI2NDBaFw0yMDExMTYxMjI2
+NDBaMBoxGDAWBgNVBAMTD21vbmRvLXRlc3Qtc3AwMjCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAOIAVezbVicqgGVl4CfANA02mB+4tGTZA7w1NPbJOjP1
+Ukkj51030JFiZujGWQLyfD/EkPsVmqXBm4+WQIg8y3HzB3AEiqYymXjBGJu9WzWJ
+ViF9DGNFh6gJPjTx/M3eMGXCj75id7Im08oCIYLHohbzhD7UYGJA4CvnWDpZLZl/
+G2smP//9TO0rpV5ej4BF+uCAfRo4H612qYEzcPNhLRK+kF1cyuUEVxho14M4HiV1
+0m0+c3nqnpox8hCORiX/CY52bnHDZGOPH5frfpOmOBCTs43a/KN2p/O9Hq2mn8Cl
+ngDyeIiaOhrbQCSDlYysxU4QHXPT/hUCiCCq3PqOS9cCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPbW9uZG8tdGVzdC1zcDAyMB0GA1UdDgQWBBTFdJY70DroOGtg1pVjQxP5
+/PAqFzANBgkqhkiG9w0BAQUFAAOCAQEAZ2I4vpiyUNTHg7GepXn6s7kV6bvrCuBN
++dpr6EkktwtUhvlPXBn9QIODryfP4+H+ijSbeOgyQ+nWvvaMhFiQHHQFfRjviDnZ
+4KorilYWRdrF6/SGGxQRG0dqOnLXqlmgQiZHgIZCkCTK5GiNv1xwvjh6BJJfSD+2
+rOrfBqB3iDmnPAqhJJ+OUqwuuqyw29UIcwphzcg/0K9nDcpCNOwJ6eyEQNBVAa4g
+NRNexZusZNK19ruk+O8wYdVKjwu+iSGjWsrecrd8rUPQlRPMWfXMaltZyKSwcgp6
+gPEuvyJcqNew1GkpXzoPXU8ty7cuJ7ZgB100cnoXttIkiq13tlTaRw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>mondo-test-sp02</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mondo-test-sp02</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJANS6H+ZEuG+GMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD21vbmRvLXRlc3Qtc3AwMjAeFw0xMDExMTkxMjI2NDBaFw0yMDExMTYxMjI2
+NDBaMBoxGDAWBgNVBAMTD21vbmRvLXRlc3Qtc3AwMjCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAOIAVezbVicqgGVl4CfANA02mB+4tGTZA7w1NPbJOjP1
+Ukkj51030JFiZujGWQLyfD/EkPsVmqXBm4+WQIg8y3HzB3AEiqYymXjBGJu9WzWJ
+ViF9DGNFh6gJPjTx/M3eMGXCj75id7Im08oCIYLHohbzhD7UYGJA4CvnWDpZLZl/
+G2smP//9TO0rpV5ej4BF+uCAfRo4H612qYEzcPNhLRK+kF1cyuUEVxho14M4HiV1
+0m0+c3nqnpox8hCORiX/CY52bnHDZGOPH5frfpOmOBCTs43a/KN2p/O9Hq2mn8Cl
+ngDyeIiaOhrbQCSDlYysxU4QHXPT/hUCiCCq3PqOS9cCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPbW9uZG8tdGVzdC1zcDAyMB0GA1UdDgQWBBTFdJY70DroOGtg1pVjQxP5
+/PAqFzANBgkqhkiG9w0BAQUFAAOCAQEAZ2I4vpiyUNTHg7GepXn6s7kV6bvrCuBN
++dpr6EkktwtUhvlPXBn9QIODryfP4+H+ijSbeOgyQ+nWvvaMhFiQHHQFfRjviDnZ
+4KorilYWRdrF6/SGGxQRG0dqOnLXqlmgQiZHgIZCkCTK5GiNv1xwvjh6BJJfSD+2
+rOrfBqB3iDmnPAqhJJ+OUqwuuqyw29UIcwphzcg/0K9nDcpCNOwJ6eyEQNBVAa4g
+NRNexZusZNK19ruk+O8wYdVKjwu+iSGjWsrecrd8rUPQlRPMWfXMaltZyKSwcgp6
+gPEuvyJcqNew1GkpXzoPXU8ty7cuJ7ZgB100cnoXttIkiq13tlTaRw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mondo-test.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mondo-test.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mondo-test.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mondo-test.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mondo-test.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mondo-test.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mondo-test.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mondo-test.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mondo-test.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mondo-test.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://mondo-test.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mondo-test.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://mondo-test.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mondo-test.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://mondo-test.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://ensky.lhs.se/shibboleth" xml:base="swamid-1.0/ensky.lhs.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDGzCCAoSgAwIBAgIBADANBgkqhkiG9w0BAQQFADBtMQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxFTATBgNVBAMTDGVuc2t5Lmxocy5zZTAeFw0wODAxMDQxMzMyMjdaFw0wOTAxMDMxMzMyMjdaMG0xCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEVMBMGA1UEAxMMZW5za3kubGhzLnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2CiFF4kFxQldm58ws8hL5xZ+g9eJ+MyM51AstGYvu1RTcorlVtIZNcGSQQxdKZyh0sSxo7UYrKq5OqByycIxiya5jo7lwVrKZnd7Tto7RThgxiO6G6i3G36osvZiZpFGYgETSVQjh1XknN5n9samtrEqM6p1ASsW8iLmpcjJ0vwIDAQABo4HKMIHHMB0GA1UdDgQWBBSmAaEu+Tmvy3zW9M0oTdY68IlS+TCBlwYDVR0jBIGPMIGMgBSmAaEu+Tmvy3zW9M0oTdY68IlS+aFxpG8wbTELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMR8wHQYDVQQKExZTdG9ja2hvbG1zIHVuaXZlcnNpdGV0MRUwEwYDVQQDEwxlbnNreS5saHMuc2WCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQClgcpD+e9rYZ7Uk43AJ+Xbg/h7M8kMPzzTnikIGNIR1t+ArCoRxX/YchJ1LtCFEkOBC16HKewBxKoslypESqSOsVMyr3z/TUDvEBUaNbHLmwuD616gZK1Vb9FYAQWHmXBNeWJl09476pMXW3u9MTRL+FXFMjt7IiwIysrEcHht3Q==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ensky.lhs.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <SurName>Helpdesk</SurName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://shib-sp.kau.se/shibboleth" xml:base="swamid-1.0/shib-sp.kau.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEOzCCAyOgAwIBAgILAQAAAAABGZV7kNAwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDQyODE0NDE0MloXDTExMDQyODE0NDE0MlowbDELMAkGA1UEBhMCU0UxETAPBgNVBAgTCFZhcm1sYW5kMREwDwYDVQQHEwhLYXJsc3RhZDEeMBwGA1UEChMVS2FybHN0YWRzIHVuaXZlcnNpdGV0MRcwFQYDVQQDEw5zaGliLXNwLmthdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwWLmt/yXGpvZePRdurs9d88gTVDwLlDXBjTqTIKVjSqLL/e2wcf4KVySNd1DM2/GDf1+w5GA+gnqsjLHjER98tZIKJ9k8M3Euj1eZGdOnqDmYBd1lv7aqny1H6HI6jGaDzLWh+lyTEZYGVToMPAEqjoa4JL9UVxe8NDf7QUYSfUCAwEAAaOCAW0wggFpMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFMvK6U7CjAuzqDcmFPeN7/Z2O64rMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAZBgNVHREEEjAQgg5zaGliLXNwLmthdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEANiuwG1H0856K8Fyw42L21cA3OpGAgWGYQ8AM+wPlmxIKj8eWWNOgR/xSDNLbSVKBLY76bSLNeDbTpodz0Dxhepv0GEnUWic9qNK7mp3Y0swNLMlr3KvRpoSc3zNqjHu7DeAJvXQO+iiXdLQnwegCEaXPj6HXKOo4nETG43KW3GNLO8fAaCHnBDZqIgBqx/3jCIgIBtwZwAN6F92LTVYkzso6gi9Y15LDkqTUWuw0rTnM2xG/ceXxiLGJJ8cDVhvBpTKTedD6cslNY9DFOXyfbuToQv+4ZyCpYnnGc92CSU0AWmIabqfHozHN6aq9oGzD+/bgg5TSRP6yvb/RQgPICQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib-sp.kau.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">KAU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Karlstad university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kau.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Karlstad University</Company>
+ <GivenName>Paul</GivenName>
+ <SurName>Scott</SurName>
+ <EmailAddress>paul.scott@kau.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.wisum.umdac.umu.se/shibboleth" xml:base="swamid-1.0/www.wisum.umdac.umu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>www.wisum.umdac.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=mats.larsson@umdac.umu.se,CN=www.wisum.umdac.umu.se,OU=Umdac,O=Umdac,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEyjCCA7KgAwIBAgIJALCcJKZ84qQKMA0GCSqGSIb3DQEBBQUAMIGeMQswCQYD
+VQQGEwJTRTEVMBMGA1UECBMMVmFzdGVyYm90dGVuMQ0wCwYDVQQHEwRVbWVhMQ4w
+DAYDVQQKEwVVbWRhYzEOMAwGA1UECxMFVW1kYWMxHzAdBgNVBAMTFnd3dy53aXN1
+bS51bWRhYy51bXUuc2UxKDAmBgkqhkiG9w0BCQEWGW1hdHMubGFyc3NvbkB1bWRh
+Yy51bXUuc2UwHhcNMTAxMjA5MjEzNTI2WhcNMTMxMDIyMjEzNTI2WjCBnjELMAkG
+A1UEBhMCU0UxFTATBgNVBAgTDFZhc3RlcmJvdHRlbjENMAsGA1UEBxMEVW1lYTEO
+MAwGA1UEChMFVW1kYWMxDjAMBgNVBAsTBVVtZGFjMR8wHQYDVQQDExZ3d3cud2lz
+dW0udW1kYWMudW11LnNlMSgwJgYJKoZIhvcNAQkBFhltYXRzLmxhcnNzb25AdW1k
+YWMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgludy+/
+gDt8lUW67WutHZiJrYYro0og5ONioOkakzVgm74747J91EuYora+Y2jVMk7vXAPn
+3xvC52/2sN1kbtfhUoDCKfj4X/rkea891q4zd4hvGMMQiUU2vHX/qkcRbLuLrzXj
+7yfIq2bL4xlXSlBobMxCKHDo+AwtbPOhwEC57jwLVuQ42no57WRxoJ1gVraxpX5q
+g8maA4pUxplhfVVSl+zvH+KAyQROQ1dz02giQtpdbPpyIlK23ZlUHCNxSPKc6loo
+yUIsn7vkji2rbTxydce7R0AJDFapLF9yET2Lcszst25yCx3oPAk3YkvBtJYHjmv9
+VnNHWV8iBbeLpwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFB9YkDvP4A3oXEOz9AiS
+5wmU/Gg7MIHTBgNVHSMEgcswgciAFB9YkDvP4A3oXEOz9AiS5wmU/Gg7oYGkpIGh
+MIGeMQswCQYDVQQGEwJTRTEVMBMGA1UECBMMVmFzdGVyYm90dGVuMQ0wCwYDVQQH
+EwRVbWVhMQ4wDAYDVQQKEwVVbWRhYzEOMAwGA1UECxMFVW1kYWMxHzAdBgNVBAMT
+Fnd3dy53aXN1bS51bWRhYy51bXUuc2UxKDAmBgkqhkiG9w0BCQEWGW1hdHMubGFy
+c3NvbkB1bWRhYy51bXUuc2WCCQCwnCSmfOKkCjAMBgNVHRMEBTADAQH/MA0GCSqG
+SIb3DQEBBQUAA4IBAQBMgsLrlDuF2E2G4+NjPLSDoqyXxcsziUzhOkYyDzwPq6v7
+HyYYPJYfc8YFwp+fbYp8JqqCyUqgbC3A0/hcBXQT3TxQZoi011/8mHg97Y7aSvus
+2oBgDaeI/n2aEJCN5Ty4iRo7tujF4toZ67Afceiw8r0im0yXOCEjOmsu5IZ/usEt
+CLr8JaUWpP9FrrKkFm6qlFkn6fb3MKiK5Q5+ywH//2A32s/DTT7gsIUoA2d7sQQZ
+aeuGsLFXZYIsTtz9zAy13nUaPG+xk3JAFte9p+nYhB0+NOZY9sEKoJEK/1FW5wol
+5fMCo6rrhCpoEsDkXy1wxcYKE/WfOvySZaEiw70o
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>www.wisum.umdac.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=mats.larsson@umdac.umu.se,CN=www.wisum.umdac.umu.se,OU=Umdac,O=Umdac,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEyjCCA7KgAwIBAgIJALCcJKZ84qQKMA0GCSqGSIb3DQEBBQUAMIGeMQswCQYD
+VQQGEwJTRTEVMBMGA1UECBMMVmFzdGVyYm90dGVuMQ0wCwYDVQQHEwRVbWVhMQ4w
+DAYDVQQKEwVVbWRhYzEOMAwGA1UECxMFVW1kYWMxHzAdBgNVBAMTFnd3dy53aXN1
+bS51bWRhYy51bXUuc2UxKDAmBgkqhkiG9w0BCQEWGW1hdHMubGFyc3NvbkB1bWRh
+Yy51bXUuc2UwHhcNMTAxMjA5MjEzNTI2WhcNMTMxMDIyMjEzNTI2WjCBnjELMAkG
+A1UEBhMCU0UxFTATBgNVBAgTDFZhc3RlcmJvdHRlbjENMAsGA1UEBxMEVW1lYTEO
+MAwGA1UEChMFVW1kYWMxDjAMBgNVBAsTBVVtZGFjMR8wHQYDVQQDExZ3d3cud2lz
+dW0udW1kYWMudW11LnNlMSgwJgYJKoZIhvcNAQkBFhltYXRzLmxhcnNzb25AdW1k
+YWMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgludy+/
+gDt8lUW67WutHZiJrYYro0og5ONioOkakzVgm74747J91EuYora+Y2jVMk7vXAPn
+3xvC52/2sN1kbtfhUoDCKfj4X/rkea891q4zd4hvGMMQiUU2vHX/qkcRbLuLrzXj
+7yfIq2bL4xlXSlBobMxCKHDo+AwtbPOhwEC57jwLVuQ42no57WRxoJ1gVraxpX5q
+g8maA4pUxplhfVVSl+zvH+KAyQROQ1dz02giQtpdbPpyIlK23ZlUHCNxSPKc6loo
+yUIsn7vkji2rbTxydce7R0AJDFapLF9yET2Lcszst25yCx3oPAk3YkvBtJYHjmv9
+VnNHWV8iBbeLpwIDAQABo4IBBzCCAQMwHQYDVR0OBBYEFB9YkDvP4A3oXEOz9AiS
+5wmU/Gg7MIHTBgNVHSMEgcswgciAFB9YkDvP4A3oXEOz9AiS5wmU/Gg7oYGkpIGh
+MIGeMQswCQYDVQQGEwJTRTEVMBMGA1UECBMMVmFzdGVyYm90dGVuMQ0wCwYDVQQH
+EwRVbWVhMQ4wDAYDVQQKEwVVbWRhYzEOMAwGA1UECxMFVW1kYWMxHzAdBgNVBAMT
+Fnd3dy53aXN1bS51bWRhYy51bXUuc2UxKDAmBgkqhkiG9w0BCQEWGW1hdHMubGFy
+c3NvbkB1bWRhYy51bXUuc2WCCQCwnCSmfOKkCjAMBgNVHRMEBTADAQH/MA0GCSqG
+SIb3DQEBBQUAA4IBAQBMgsLrlDuF2E2G4+NjPLSDoqyXxcsziUzhOkYyDzwPq6v7
+HyYYPJYfc8YFwp+fbYp8JqqCyUqgbC3A0/hcBXQT3TxQZoi011/8mHg97Y7aSvus
+2oBgDaeI/n2aEJCN5Ty4iRo7tujF4toZ67Afceiw8r0im0yXOCEjOmsu5IZ/usEt
+CLr8JaUWpP9FrrKkFm6qlFkn6fb3MKiK5Q5+ywH//2A32s/DTT7gsIUoA2d7sQQZ
+aeuGsLFXZYIsTtz9zAy13nUaPG+xk3JAFte9p+nYhB0+NOZY9sEKoJEK/1FW5wol
+5fMCo6rrhCpoEsDkXy1wxcYKE/WfOvySZaEiw70o
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://beta.augustus.se" xml:base="swamid-1.0/beta.augustus.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB1zCCAUCgAwIBAgIBADANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBiZXRhLmF1Z3VzdHVzLnNlMB4XDTA3MDMwNjEwMDQxNFoXDTA3MDQwNTEwMDQxNFowGzEZMBcGA1UEAxMQYmV0YS5hdWd1c3R1cy5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAspI7ryh7WFO+CWytUzDg4U/WEKsX/ty82lQ31JdBhKkVV66vPRWz81QjzPruL7+dLLDtgcMJNPwNR8BHOHA0R/XlYsePA/GL0iGbwkXRlPs63wELlaj1TiXgtnOBRLrBRHyUIcnrq3c2tVrrUmLp4gifKIHhBgsKwZkDvUN+88UCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQCXjwpqbm73q7ZadtdRLeLCjMspJjHWMGRCJvIb+EqEaO4CFFHFl+XxSUHIkbZk3VUrTZkQ+gQSY649mhsz+TL+saFPRqQQtWIS8okALuVStN0ySkY1NRml8Ou9sq3/CRl77f02Ff5QgemFqQGilmso7XEXhLDL2kOFxKLHBtbQzg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://beta.augustus.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Genuine Text</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Genuine Text</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.genuinetext.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Know Net AB</Company>
+ <GivenName>Ingemar</GivenName>
+ <SurName>Lundström</SurName>
+ <EmailAddress>ingemar.lundstrom@knownet.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://dspace.it.su.se" xml:base="swamid-1.0/dspace.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEsDCCA5igAwIBAgILAQAAAAABGAfclPAwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDIxMTA5Mzg1OVoXDTExMDIxMTA5Mzg1OVowXDELMAkGA1UEBhMCU0UxEjAQBgNV
+BAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEY
+MBYGA1UEAxMPZHNwYWNlLml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEA44wISsGxXeYm5R3WerWQW0USE5xBKKltYPa+H1sL+SVMjl6KMABG
+PgdryRt5I++NXr/gLzyd4CXvkFoVhqEGoPNxLzlVvu0LI/Cmy2024rt/UsFnjl5t
+AoqXDDe4DsVYzT6qAR4lMuUP5LIw8ZwCgEj+3f9/J/1Mf3XHdiAstcJYcuHQlqHD
+i89QtedgEufNPqxSUga7U8nZ2reUz6GO8LnD0+pg7e5JFyJrmjoX9lyNbnjbJyX+
+7PpadkEEVtpgNIiUDwFQ8LKUHCJgwrN87vIEJ8/NR7cFGkf0RZO4qM5RX3GZThgX
+SuNWx8RkUQC3FiTcJ2mCecF73RCLeew/eQIDAQABo4IBbjCCAWowUAYDVR0gBEkw
+RzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2ln
+bi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSME
+GDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUT/xPAfwXKFqS8DEW
+7h93jl4NzX0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWdu
+Lm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAC
+hjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25h
+bC5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBoGA1UdEQQTMBGC
+D2RzcGFjZS5pdC5zdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEATd9qOAU/t9HMnCEY
+ufTL2ZIaGGt8LpPFI2poNpQQ6feZc5weJj2Z+pmVwmGX4tn6rgVUrCCgJ+DL65Xo
+8Oxj7DPl5GP+InII7tc0qb8dZX6ifQg6YtVqB5NX4HCehjHyG6pw16gyD4LuI7/G
+xPXYYgJwubkj5wpzhWyySpJvpitL4owINSmkguJo1ANmtVNascTohklWea5Cj+QH
+HSm+FKQEXFadM9rzMgNnR7yACmusHY1N6BOZ+WzdR73OBEEeoSACax5ZxH7hT0L/
+3YUqE4vXpU3HmFyvlLPs1UPSweFukJ3z7cVjOYjcyY/VcOV2NDLzY0Q+FdFmJ8w7
+3nGwlw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dspace.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Jan</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://lists.su.se/shibboleth" xml:base="swamid-1.0/lists.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB1TCCAT6gAwIBAgIJAOsd1P/iHwDdMA0GCSqGSIb3DQEBBQUAMBYxFDASBgNVBAMTC2xpc3RzLnN1LnNlMB4XDTA4MDIxMjEyNTk0NVoXDTA5MDIxMTEyNTk0NVowFjEUMBIGA1UEAxMLbGlzdHMuc3Uuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALnNTH6G15SgAwQHMCa9FLJ4g/MnmZ+2Q0m8ZvXA5OKoLY+7vpH7XrojM2/ziobcPK+pE5UNaNOpVffBUFtibabgXs2N7BUDJWjcvRqk5rxmEoMd1mCRQ6WOATBPdSkZ3xFvs0yy5y+1xRNsBji7gb326dHS/WUIDAw/62dCLG5PAgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAH7Ml0chViQ1GTX4RkL/S8bJpELYqTNBZ7+s7wMOwPF/TxJKeC6yFCkFKx4Ts8uGuJ3Bo3MsetTTUe24WD5aRO76k6p7y/HPs+nk0e0VJKz3NSktKGE/uXt59B/ax1tdVOMuZTGV9GwwlgHOMapYOBylI7Nriufub8Cgtwf4VwgQ=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://lists.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Helpdesk</GivenName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://pp-admin.it.su.se/shibboleth" xml:base="swamid-1.0/pp-admin.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEtDCCA5ygAwIBAgILAQAAAAABGexP22YwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDUxNTExMjA1OFoXDTExMDUxNTExMjA1OFowXjELMAkGA1UEBhMCU0UxEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEaMBgGA1UEAxMRcHAtYWRtaW4uaXQuc3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6OjuBsS+ovpRix7TUGMEcb+i2oovl8ByI4/zVEhEnxx5+Ge87eWcmysYeWad+HubtiZY72lcaOwCAb4LBKwHr7EzoJeF7+fw4AfprJvbBvsPcc0OMCqzqDrw6PgXizNsQV8e4PaWEKCQctkRaUAxW62rWhJh2rHMy4EIostzUNlZpwQpy78VLylAVCCM1vPJJY0w6D0PJYW6i8kpjzafaghpkNjO0rMNK+gZpW+T6oIwE5cwfKUb0hIBWC8eyczpG7bpp3Vz/Wj8aKcNPsUAMv49qKKNs+J87rQ/BnWaTvFPT65UVdxDuFmtF+pZs0pkhd9zsTjgd7/3smOuBRTzpAgMBAAGjggFwMIIBbDBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBRMpoJHRqciKnJu7I96P/+zer9o3jA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHAYDVR0RBBUwE4IRcHAtYWRtaW4uaXQuc3Uuc2UwDQYJKoZIhvcNAQEFBQADggEBAI3W3fQlz6aTvGwzQkGF1jAwCUruHjj2/Zmxyt1SiagyGDPx0SMIEm6QygWe64UgFmGOrql3eAE/4N7XfqMq6Ue4LO72I3Td6cDKVmR8jO0cjl4Uz0p4FL0gfIB/4HF7fEOGep+0LqITKt5DhG7N43naV+ZYkP0wXzfwFZhkKb95bH3csPGqAs4pwULQpD4bskN9IrwQZeSOsWHOVmrO/6T81W3zrqLwEwx1b9CRteuF6UlKHPSYCcsodl53PLCnAZU8MKXnzGN94d34gg88Es2F4XY6ulPwlr+wKBTlb0lZSH9ScgjSm3uKikSb2S57pLREth398dCkAXSBVbwL3Cg=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-admin.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>SU Helpdesk</GivenName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://pp-komm-admin.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/pp-komm-admin.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-komm-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-komm-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJAIL1xz4ljZekMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHBwOS1rb21tLWFkbWluMS5pdC5zdS5zZTAeFw0xMDA0MTMwODExMDZaFw0y
+MDA0MTAwODExMDZaMCMxITAfBgNVBAMTGHBwOS1rb21tLWFkbWluMS5pdC5zdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKb7oP0akg/pFZqs7HvD
+YH/QgeMBRF+nyF7aGwc9Fl3dqQah1VdkPP/teEr803lKrkoNcugubyO0Y9zZZuMb
+65yRcQXB0JMu3aQ+GUiSiQ5h8aQ/9D93CYrpacc7ph7VVnMctBta03dWo7zg6uTj
+DovR59k4Blmlc72cGkG24FbydYMoVo0DTAbj+EeHSB5APFx/vmz3ZTA5EBoEvGQb
+8bGby2PBPnkjW7ExcVnZbaZxR+AsjziB2lwILMd9huP7uRXo230GjqC4cAFFEfXO
+X8iCR51ekh5uNMQhDSvGhTViP+6Kkf89RaSXQ0rZgpjJymznAhZkfOuuNIWzRAqi
+udsCAwEAAaNGMEQwIwYDVR0RBBwwGoIYcHA5LWtvbW0tYWRtaW4xLml0LnN1LnNl
+MB0GA1UdDgQWBBQ58+0lsNzDRAqmUMIZRgQ0tV7IzjANBgkqhkiG9w0BAQUFAAOC
+AQEAKXaBfwubmsOke4gFS8s8M4LwFhFtxwXjN/zmLoQBvmHerCU4eT/JXm05Q6+w
+/rtF41oG8SD3Ghe/fTADARjcMnoo9gifyuofe+9GkvCBjZwSfktMGo3/0D38MfTM
+PJLds6RmW97ZOSsQMiwOZJmwF/hOxV3Wtz/EItK2vZJl9UWYF445KGPLtRkpH1uY
+MV84qSOGHth/zA9Zog4cHdal+HhqiAknQSxdXKINJIHZEQRxW0AmpzN42sHgie/N
+R12FEuHBDdtqgMbtziKhacYI87uG6/KvAHhE6bPDdmLnboviJ0/0E+CeogrT9Rju
+gWnsyGjBC5P8rFLfLiT5svPebw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-komm-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-komm-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJAIL1xz4ljZekMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHBwOS1rb21tLWFkbWluMS5pdC5zdS5zZTAeFw0xMDA0MTMwODExMDZaFw0y
+MDA0MTAwODExMDZaMCMxITAfBgNVBAMTGHBwOS1rb21tLWFkbWluMS5pdC5zdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKb7oP0akg/pFZqs7HvD
+YH/QgeMBRF+nyF7aGwc9Fl3dqQah1VdkPP/teEr803lKrkoNcugubyO0Y9zZZuMb
+65yRcQXB0JMu3aQ+GUiSiQ5h8aQ/9D93CYrpacc7ph7VVnMctBta03dWo7zg6uTj
+DovR59k4Blmlc72cGkG24FbydYMoVo0DTAbj+EeHSB5APFx/vmz3ZTA5EBoEvGQb
+8bGby2PBPnkjW7ExcVnZbaZxR+AsjziB2lwILMd9huP7uRXo230GjqC4cAFFEfXO
+X8iCR51ekh5uNMQhDSvGhTViP+6Kkf89RaSXQ0rZgpjJymznAhZkfOuuNIWzRAqi
+udsCAwEAAaNGMEQwIwYDVR0RBBwwGoIYcHA5LWtvbW0tYWRtaW4xLml0LnN1LnNl
+MB0GA1UdDgQWBBQ58+0lsNzDRAqmUMIZRgQ0tV7IzjANBgkqhkiG9w0BAQUFAAOC
+AQEAKXaBfwubmsOke4gFS8s8M4LwFhFtxwXjN/zmLoQBvmHerCU4eT/JXm05Q6+w
+/rtF41oG8SD3Ghe/fTADARjcMnoo9gifyuofe+9GkvCBjZwSfktMGo3/0D38MfTM
+PJLds6RmW97ZOSsQMiwOZJmwF/hOxV3Wtz/EItK2vZJl9UWYF445KGPLtRkpH1uY
+MV84qSOGHth/zA9Zog4cHdal+HhqiAknQSxdXKINJIHZEQRxW0AmpzN42sHgie/N
+R12FEuHBDdtqgMbtziKhacYI87uG6/KvAHhE6bPDdmLnboviJ0/0E+CeogrT9Rju
+gWnsyGjBC5P8rFLfLiT5svPebw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pp-komm-admin.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://www.sub.su.se" xml:base="swamid-1.0/www.sub.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB2TCCAUKgAwIBAgIJAIRfFzH12j9JMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNVBAMTDXd3dy5zdWIuc3Uuc2UwHhcNMDgwNTE0MTQ0NzQ5WhcNMDkwNTE0MTQ0NzQ5WjAYMRYwFAYDVQQDEw13d3cuc3ViLnN1LnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/9u6s9iHrmj7IvMgSpT8UEzo+Wld9S1QKximd7S6vkIf2arFtvC+Wr04ilfgS6Sp4fOXtGoo9nM7rp6CCdg2RNsrrPUrbs/QkLS5kii2lvQgJ+Q+cJNyJBJhUOgczKcF1nax1roIHKoRMrlRaaeYPv2hh4cVWT23gE5sd+L4pgwIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBABcE9tkmR3jTnoWrU5o54zbUKsehvKJozqBrMInvLqwyURkUG2M2jHG+RLtJ0VXBYqtEPbjq0O0kQ6JjAlciMsgv9SVyYryhMjtHZujTalMnRwLF7uWNtR62wY+w53G+7dr9F6cOh4bCXqEN/xs8SoYEymgUBrfKR8SVNxRihZFk</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.sub.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Conny</GivenName>
+ <SurName>Richardson</SurName>
+ <EmailAddress>conny.richardson@sub.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.protectnetwork.org/protectnetwork-idp" xml:base="swamid-1.0/idp.protectnetwork.org.xml">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">idp.protectnetwork.org</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIICxzCCAjCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkTELMAkGA1UEBhMCVVMx
+DjAMBgNVBAgTBVRleGFzMRcwFQYDVQQKEw45U3RhciBSZXNlYXJjaDEXMBUGA1UE
+CxMOUHJvdGVjdE5ldHdvcmsxGjAYBgNVBAMTEVByb3RlY3ROZXR3b3JrIENBMSQw
+IgYJKoZIhvcNAQkBFhVjYUBwcm90ZWN0bmV0d29yay5vcmcwHhcNMDcwMjE0MjA1
+ODA4WhcNMTcwMjExMjA1ODA4WjCBhzELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRl
+eGFzMQ8wDQYDVQQHEwZBdXN0aW4xHTAbBgNVBAoTFDlTdGFyIFJlc2VhcmNoLCBJ
+bmMuMRcwFQYDVQQLEw5Qcm90ZWN0TmV0d29yazEfMB0GA1UEAxMWaWRwLnByb3Rl
+Y3RuZXR3b3JrLm9yZzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDQt4HC/EHIKS8a
++Qd/4JE20wR91v5N7jh8ScDw6DvZ5RcvHQngXCk6FfCFUAev/dZxR31U4RpvFzCb
+j3sGB+G1AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T
+U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTRRyiPTvIDunJKy1+h
+mlkgl7/G+zAfBgNVHSMEGDAWgBQtFNiF4X/xTkU36JaWVCh08bzGgDANBgkqhkiG
+9w0BAQUFAAOBgQAm3BTIwg6Lxk3EAoLR2cDfb+jNWAtls7q077Mw3tMXxnuoi0uS
+o+LC6bPdPjC9YKujSKF34Au0s7y9bfXspClfCmyuviYVOrpVUze2h2MfHUVsKEUo
+/uivLYuMZjNp6Yrt90AoKPLPF6vU6gLAn6nsR7bhsdIqSXD/93r8HFV3NA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.protectnetwork.org:8443/protectnetwork-idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.protectnetwork.org:8443/protectnetwork-idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.protectnetwork.org/protectnetwork-idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.protectnetwork.org/protectnetwork-idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.protectnetwork.org/protectnetwork-idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.protectnetwork.org/protectnetwork-idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">idp.protectnetwork.org</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIICxzCCAjCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkTELMAkGA1UEBhMCVVMx
+DjAMBgNVBAgTBVRleGFzMRcwFQYDVQQKEw45U3RhciBSZXNlYXJjaDEXMBUGA1UE
+CxMOUHJvdGVjdE5ldHdvcmsxGjAYBgNVBAMTEVByb3RlY3ROZXR3b3JrIENBMSQw
+IgYJKoZIhvcNAQkBFhVjYUBwcm90ZWN0bmV0d29yay5vcmcwHhcNMDcwMjE0MjA1
+ODA4WhcNMTcwMjExMjA1ODA4WjCBhzELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRl
+eGFzMQ8wDQYDVQQHEwZBdXN0aW4xHTAbBgNVBAoTFDlTdGFyIFJlc2VhcmNoLCBJ
+bmMuMRcwFQYDVQQLEw5Qcm90ZWN0TmV0d29yazEfMB0GA1UEAxMWaWRwLnByb3Rl
+Y3RuZXR3b3JrLm9yZzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDQt4HC/EHIKS8a
++Qd/4JE20wR91v5N7jh8ScDw6DvZ5RcvHQngXCk6FfCFUAev/dZxR31U4RpvFzCb
+j3sGB+G1AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5T
+U0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTRRyiPTvIDunJKy1+h
+mlkgl7/G+zAfBgNVHSMEGDAWgBQtFNiF4X/xTkU36JaWVCh08bzGgDANBgkqhkiG
+9w0BAQUFAAOBgQAm3BTIwg6Lxk3EAoLR2cDfb+jNWAtls7q077Mw3tMXxnuoi0uS
+o+LC6bPdPjC9YKujSKF34Au0s7y9bfXspClfCmyuviYVOrpVUze2h2MfHUVsKEUo
+/uivLYuMZjNp6Yrt90AoKPLPF6vU6gLAn6nsR7bhsdIqSXD/93r8HFV3NA==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.protectnetwork.org:8443/protectnetwork-idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.protectnetwork.org:8443/protectnetwork-idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ProtectNetwork</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ProtectNetwork</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.protectnetwork.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <SurName>Technical Contact</SurName>
+ <EmailAddress>support@protectnetwork.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://lab03.lab.it.su.se" xml:base="swamid-1.0/lab03.lab.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB4zCCAUygAwIBAgIJAKqPtbsIKhS9MA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMTEmxhYjAzLmxhYi5pdC5zdS5zZTAeFw0wNzA1MDIwODA1NDdaFw0wODA1MDEwODA1NDdaMB0xGzAZBgNVBAMTEmxhYjAzLmxhYi5pdC5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvwFbKHSn0UpnszEG7YuVxKj+ZXKfsbcOJqHSiZMhGemw4CWc+ExXYFPDTSaphqatht3q17u9CFUkpygMo2HUWLWO5Zdk2lgpnhnT2B1xk8esRS0yjCwE0Gv9QewxaSCS+e+i5cMsXVhXD5zkBIKmW10p59YJ0qPwkRuwTcs02uUCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQB10thLCTHsz++ZC5far37xRlor/7BF3o86JBtyqXNdYszFxgWYOILxC/rYiCxZr8ON1QKQ3ZNj+sZxZm1/fAQl+4hNCs1XgvoLRqK/eW4DHZLZWjQyn9+aHI1+ADkpzARLbJf5TQCJeJSmp+f3YIbqJQptXIGcBvLBSoe1R7Drag==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://lab03.lab.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Mattias</GivenName>
+ <SurName>Amnefelt</SurName>
+ <EmailAddress>mattiasa@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://calsrv1.it.secure.su.se" xml:base="swamid-1.0/calsrv1.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB7TCCAVagAwIBAgIJALw0kc74UYP+MA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNVBAMTF2NhbHNydjEuaXQuc2VjdXJlLnN1LnNlMB4XDTA3MDUyMjA3NDA0OFoXDTA4MDUyMTA3NDA0OFowIjEgMB4GA1UEAxMXY2Fsc3J2MS5pdC5zZWN1cmUuc3Uuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKVMn+fnnV8w2GuB1KMm6gEiZqqCBrHWWUDK5SEVDy6rT2qK/VkuxyxvDPFXdd8kbpaOpqxMcy+J4QvS74xkOSKHF8ISTvX9328cU1pUe9u7Gd5C37zD5OgAUqIVq1GwvZHrSstZuoF/4LQoJJbEBquwGGd8tldflGEJtcxb7iP7AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAoFPwC0awA7gYbfZPCtUpHmly4cc8utYSgjb+rsTFGuYu5V7Ec5/o1F73vsibmRufBRyczQsX9oeNHENawKmka/0JUo1FTyTI0yN1or7LhW8mAle+80o5EVd/Xa5yP4jof+/Ey79UeLG+CuJbRiH0f9kO1e4r/fFGP60Ck76CeoU=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://calsrv1.it.secure.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Mattias</GivenName>
+ <SurName>Amnefelt</SurName>
+ <EmailAddress>mattiasa@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://samsok.libris.kb.se/shibboleth" xml:base="swamid-1.0/samsok.libris.kb.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB5TCCAU6gAwIBAgIJAKMZgDG7eScnMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNVBAMTE3NhbXNvay5saWJyaXMua2Iuc2UwHhcNMDcxMTA3MDk0MzI5WhcNMDgxMTA2MDk0MzI5WjAeMRwwGgYDVQQDExNzYW1zb2subGlicmlzLmtiLnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCydaK46C816+A1I6Ykb9AvLf0rfYlhFT6vMe0a3DM7A0HovsWl8HThJwQNTGSDowty1svAlRgBU5gQKuCA9ruc7XZi7pn0vuVgtayVvkoh9adN/8QVFvz2KY0uux7M2ewyQ+R2PA/w58LJa996RQlcHeDAdQFfg87nUFQEZauy5QIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBAHFDEp8qHZKfS1RQDYvG/pYJZ/0PHRcoDK5J2GGpQ4/SIsJBbtF/2uWLVfywNDYIP7DruWxHUOLaNE6ovJ9S1+RGi8iix8I44/Nh0EjyyQqU8w8IoyDdzUUV9fBZ2BWz0JvFT4uBZDR2b3keXr2OlxYphbx3ikXpwZrVzWQq6mKm</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://samsok.libris.kb.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Libris</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Libris</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kb.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Kungliga Biblioteket</Company>
+ <GivenName>Arvid</GivenName>
+ <SurName>Oja</SurName>
+ <EmailAddress>arvid.oja@kb.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://public.it.secure.su.se/shibboleth" xml:base="swamid-1.0/public.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEezCCA2OgAwIBAgIRAIkN3dNaPPpybQqwD4EtF8cwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0wOTExMTgwMDAwMDBaFw0xMjExMTcyMzU5NTlaME8xCzAJBgNV
+BAYTAlNFMR8wHQYDVQQKExZTdG9ja2hvbG1zIHVuaXZlcnNpdGV0MR8wHQYDVQQD
+ExZwdWJsaWMuaXQuc2VjdXJlLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEA1KmDH3snkoJ/V918DPqYEQC33ps0LE/LPd6wm1FVMPm30MfeWJ/1
+jl1pePjl4Bw/yGtPdbWRXLHgSzBJz3VtG7llWdynm7oJU67gkRxySKN/Nt5fsHqV
+9jYflaWHZydlwhKwluUBvj23w6oNZVLrpc0rojzNtw9X1B2o+FyxuZD42cyGuNEi
+/AJP/tWwmnRY6TgLwqhfAHqopoF6VKbu52E6xtRcD/3XolVvbk/Hjpvulxfwvh2z
++fuqgN+I4yHls0M7iMcqLHllalAk1who/1wW6VZbZ70AyDzEBCstQ6xub0zk8B2x
+Dc9/avEir9dkRStnwOrDQy8j6I3CxsqMmQIDAQABo4IBaTCCAWUwHwYDVR0jBBgw
+FoAUDL2TaAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFIuqOIxBDa2bI/0AGqFa
+PlMUfZJbMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQG
+CCsGAQUFBwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoG
+A1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5B
+U1NMQ0EuY3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2Ny
+dC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0
+dHA6Ly9vY3NwLnRjcy50ZXJlbmEub3JnMCEGA1UdEQQaMBiCFnB1YmxpYy5pdC5z
+ZWN1cmUuc3Uuc2UwDQYJKoZIhvcNAQEFBQADggEBAANer2ZFt47Izep8mZFjQzzQ
+zmJGSAtETMQ4gvSo9lFFiiijwevbRIfSEn2MH/wDAWaXQ9cPWMh/CklDcco82en1
+o8SmNJVKP6LIX5YQerxBsoX9quejqfEUHB5UboZrVzkte9vvET/0E4ZwZkukJAeY
+m6qFJYEF9/YbtqspBfobpPmYZi/49563GZOJrB6B2ufQZSJvh4MW/ArbaIccxbrS
+ZOyBYB9wSPfBk4E4buU7eZgCBckY2CHo+j54Zpv7nGMDqEeY94e/OF3UVGhvtOy4
+tCsXA4uQ/OvmIcURnN6u+RAoyaxMDMF9uOBLcu5+p0LgXyVdFr50VN8FRZvk5qk=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://public.it.secure.su.se/shibboleth/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Leif</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://downloads.channel8.msdn.com/shibboleth-sp" xml:base="swamid-externals-1.0/downloads.channel8.msdn.com.xml">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol http://schemas.xmlsoap.org/ws/2003/07/secext">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>www.dreamspark.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+ MIIF+jCCBOKgAwIBAgIKLqDfHAAIAAGj6DANBgkqhkiG9w0BAQUFADCBizETMBEG CgmSJomT8ixkARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEUMBIG CgmSJomT8ixkARkWBGNvcnAxFzAVBgoJkiaJk/IsZAEZFgdyZWRtb25kMSowKAYD VQQDEyFNaWNyb3NvZnQgU2VjdXJlIFNlcnZlciBBdXRob3JpdHkwHhcNMTAwNzMw MDAyMTA4WhcNMTEwNzMwMDAyMTA4WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMK V2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTETMBEGA1UEChMKRmFzdCBUcmFj azEUMBIGA1UECxMLRHJlYW0gU3BhcmsxGzAZBgNVBAMTEnd3dy5kcmVhbXNwYXJr LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtsyFSuceS0RVGHD1Qbch DWIdIGfELS06JXkb6EJELGld5j4P50fGSqMXDcPIt3jHqjt9jnd5aqJP4Z5ROs5p hJ7fXtm56taeSVTfZSQRIzlVyaIG1QSKeqdlt6GWZrlV+Gy2cKAglMcKh5/y5ISP /TbQWeJtreT+Pi/Aj0IQcGUCAwEAAaOCAvAwggLsMAsGA1UdDwQEAwIEsDBEBgkq hkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYF Kw4DAgcwCgYIKoZIhvcNAwcwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB MB0GA1UdDgQWBBT2xedjpxaZG/9bcyw3cEROspTL0DAfBgNVHSMEGDAWgBQIQuPb ThFm87UIxUDbVXwzRhGDODCCAQoGA1UdHwSCAQEwgf4wgfuggfiggfWGWGh0dHA6 Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUy MFNlY3VyZSUyMFNlcnZlciUyMEF1dGhvcml0eSg4KS5jcmyGVmh0dHA6Ly9jcmwu bWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBTZWN1cmUl MjBTZXJ2ZXIlMjBBdXRob3JpdHkoOCkuY3JshkFodHRwOi8vY29ycHBraS9jcmwv TWljcm9zb2Z0JTIwU2VjdXJlJTIwU2VydmVyJTIwQXV0aG9yaXR5KDgpLmNybDCB vwYIKwYBBQUHAQEEgbIwga8wXgYIKwYBBQUHMAKGUmh0dHA6Ly93d3cubWljcm9z b2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUyMFNlY3VyZSUyMFNlcnZlciUy MEF1dGhvcml0eSg4KS5jcnQwTQYIKwYBBQUHMAKGQWh0dHA6Ly9jb3JwcGtpL2Fp YS9NaWNyb3NvZnQlMjBTZWN1cmUlMjBTZXJ2ZXIlMjBBdXRob3JpdHkoOCkuY3J0 MD8GCSsGAQQBgjcVBwQyMDAGKCsGAQQBgjcVCIPPiU2t8gKFoZ8MgvrKfYHh+3SB T4PC7YUIjqnShWMCAWQCAQkwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAK BggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOCAQEACAHi+mcrNHJ/W+uBtnzD3mAm ai3QiLWiJE3dKuNtHV8Ba64E2l69Q7pmnFCr1eM5wlvnQcOqbVyZjk/okp4aRxBw ARn3KtvkhbSOHjaDYv3FXvobBXgenbPFydPvNmQrPGdTRSUf+q4duaYVSx2YAqpr HnYDbddNBJuFzfyywu6WSsrwgqUUW3jAaNmcrX7U5Z/sN1CQVOcx4dQ3nqXTYbgm 5+nddJhnC9PDyK4A4epAO9CA7h9023fRh9AZx17dgpRtteb+8JlV1+iMRdG/VrJK Gmnt8WCQFfOSQNChmicJikdzGfjtDjOqKA5g5CxxrwKWO7S5DaDH7Q286CkSXg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>www.dreamspark.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509Certificate>
+ MIIF+jCCBOKgAwIBAgIKLqDfHAAIAAGj6DANBgkqhkiG9w0BAQUFADCBizETMBEG CgmSJomT8ixkARkWA2NvbTEZMBcGCgmSJomT8ixkARkWCW1pY3Jvc29mdDEUMBIG CgmSJomT8ixkARkWBGNvcnAxFzAVBgoJkiaJk/IsZAEZFgdyZWRtb25kMSowKAYD VQQDEyFNaWNyb3NvZnQgU2VjdXJlIFNlcnZlciBBdXRob3JpdHkwHhcNMTAwNzMw MDAyMTA4WhcNMTEwNzMwMDAyMTA4WjB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMK V2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTETMBEGA1UEChMKRmFzdCBUcmFj azEUMBIGA1UECxMLRHJlYW0gU3BhcmsxGzAZBgNVBAMTEnd3dy5kcmVhbXNwYXJr LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtsyFSuceS0RVGHD1Qbch DWIdIGfELS06JXkb6EJELGld5j4P50fGSqMXDcPIt3jHqjt9jnd5aqJP4Z5ROs5p hJ7fXtm56taeSVTfZSQRIzlVyaIG1QSKeqdlt6GWZrlV+Gy2cKAglMcKh5/y5ISP /TbQWeJtreT+Pi/Aj0IQcGUCAwEAAaOCAvAwggLsMAsGA1UdDwQEAwIEsDBEBgkq hkiG9w0BCQ8ENzA1MA4GCCqGSIb3DQMCAgIAgDAOBggqhkiG9w0DBAICAIAwBwYF Kw4DAgcwCgYIKoZIhvcNAwcwHQYDVR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMB MB0GA1UdDgQWBBT2xedjpxaZG/9bcyw3cEROspTL0DAfBgNVHSMEGDAWgBQIQuPb ThFm87UIxUDbVXwzRhGDODCCAQoGA1UdHwSCAQEwgf4wgfuggfiggfWGWGh0dHA6 Ly9tc2NybC5taWNyb3NvZnQuY29tL3BraS9tc2NvcnAvY3JsL01pY3Jvc29mdCUy MFNlY3VyZSUyMFNlcnZlciUyMEF1dGhvcml0eSg4KS5jcmyGVmh0dHA6Ly9jcmwu bWljcm9zb2Z0LmNvbS9wa2kvbXNjb3JwL2NybC9NaWNyb3NvZnQlMjBTZWN1cmUl MjBTZXJ2ZXIlMjBBdXRob3JpdHkoOCkuY3JshkFodHRwOi8vY29ycHBraS9jcmwv TWljcm9zb2Z0JTIwU2VjdXJlJTIwU2VydmVyJTIwQXV0aG9yaXR5KDgpLmNybDCB vwYIKwYBBQUHAQEEgbIwga8wXgYIKwYBBQUHMAKGUmh0dHA6Ly93d3cubWljcm9z b2Z0LmNvbS9wa2kvbXNjb3JwL01pY3Jvc29mdCUyMFNlY3VyZSUyMFNlcnZlciUy MEF1dGhvcml0eSg4KS5jcnQwTQYIKwYBBQUHMAKGQWh0dHA6Ly9jb3JwcGtpL2Fp YS9NaWNyb3NvZnQlMjBTZWN1cmUlMjBTZXJ2ZXIlMjBBdXRob3JpdHkoOCkuY3J0 MD8GCSsGAQQBgjcVBwQyMDAGKCsGAQQBgjcVCIPPiU2t8gKFoZ8MgvrKfYHh+3SB T4PC7YUIjqnShWMCAWQCAQkwJwYJKwYBBAGCNxUKBBowGDAKBggrBgEFBQcDAjAK BggrBgEFBQcDATANBgkqhkiG9w0BAQUFAAOCAQEACAHi+mcrNHJ/W+uBtnzD3mAm ai3QiLWiJE3dKuNtHV8Ba64E2l69Q7pmnFCr1eM5wlvnQcOqbVyZjk/okp4aRxBw ARn3KtvkhbSOHjaDYv3FXvobBXgenbPFydPvNmQrPGdTRSUf+q4duaYVSx2YAqpr HnYDbddNBJuFzfyywu6WSsrwgqUUW3jAaNmcrX7U5Z/sN1CQVOcx4dQ3nqXTYbgm 5+nddJhnC9PDyK4A4epAO9CA7h9023fRh9AZx17dgpRtteb+8JlV1+iMRdG/VrJK Gmnt8WCQFfOSQNChmicJikdzGfjtDjOqKA5g5CxxrwKWO7S5DaDH7Q286CkSXg==
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="http://schemas.xmlsoap.org/ws/2003/07/secext" Location="https://www.dreamspark.com/Shibboleth.sso/ADFS"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.dreamspark.com/Shibboleth.sso/SLO/SOAP"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.dreamspark.com/Shibboleth.sso/SLO/Redirect"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.dreamspark.com/Shibboleth.sso/SLO/POST"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.dreamspark.com/Shibboleth.sso/SLO/Artifact"/>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.dreamspark.com/Shibboleth.sso/NIM/SOAP"/>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.dreamspark.com/Shibboleth.sso/NIM/Redirect"/>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.dreamspark.com/Shibboleth.sso/NIM/POST"/>
+ <ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.dreamspark.com/Shibboleth.sso/NIM/Artifact"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.dreamspark.com/Shibboleth.sso/SAML2/POST" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.dreamspark.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.dreamspark.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.dreamspark.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.dreamspark.com/Shibboleth.sso/SAML/POST" index="5"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.dreamspark.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <AssertionConsumerService Binding="http://schemas.xmlsoap.org/ws/2003/07/secext" Location="https://www.dreamspark.com/Shibboleth.sso/ADFS" index="7"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Microsoft</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Microsoft</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.microsoft.com/en/us/default.aspx</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>DreamSpark Engineering Team</GivenName>
+ <EmailAddress>dsengt@microsoft.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Scott</GivenName>
+ <SurName>Blackwell</SurName>
+ <EmailAddress>scott.blackwell@microsoft.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://mondo-web.it.su.se/shibboleth" xml:base="swamid-1.0/mondo-web.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB4zCCAUygAwIBAgIJAN5zNlbssq13MA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMTEm1vbmRvLXdlYi5pdC5zdS5zZTAeFw0wODA0MDIwNzI3MTZaFw0xNjA2MTkwNzI3MTZaMB0xGzAZBgNVBAMTEm1vbmRvLXdlYi5pdC5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA92ZD35RNWkg5x8yaykgO4gAU2j7VPrCfl9ut461Tai9XFRyK+OWp5Ln+hXguW7VylGTfcEbOjjh51gAvxX310OwiohlLXmnBdwjfMmIhv8tOjHOjlZQSuYSGC0TFCvHJu/9cvJ285S1Itcg0iqTZWhC7fOlXyEBCTBTC5dHZr2sCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQDtazBSwFaLjM2ac/Zup8SCVouGN10jYpvpMfLZWtiThdLJS1Q0q2ayq91V8kMp02Y1Wt3ruZNbC3SE0U5CvAX/KpJaYuaFJWJO7YXvfeIJwau3ZmTG4CFlf0mjd419TWErju6PXeo6wcsmaZ6vEuse7fj3596LiC6sXwry+nNzUg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mondo-web.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <SurName>IT och media Helpdesk</SurName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.hig.se/idp/shibboleth" xml:base="swamid-1.0/idp.hig.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hig.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDFDCCAfygAwIBAgIVAICBvXD19C9Alr+PA2+WCJ8AOE5kMA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5oaWcuc2UwHhcNMTAwMjEyMDgxODAxWhcNMzAw
+MjEyMDgxODAxWjAVMRMwEQYDVQQDEwppZHAuaGlnLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAyKcZZgGl30xAfWbTeXr84KoAdib1dX7geELbuBYN
+/G6x6TWZ9zBtwR0IYLAS8BU2MUHtbpg+RIp9OVMp4FzCuTpYCHjn8Mm3OHNRAZf2
+shovHPIREI1ZfINY8hOhm6yWr74cFrhLxQ+wjkoeRni1zBuChBHQzw+mcK/Dax1Q
+nMQ+Hf+VCYWagYUO3vYWadg0KVwhiPx+4ignOYAae42WFWDnzg53gxj+Ix64Nzbp
+y2xOxYIp6AvrHCX977yfKBemmDvcuyzD7VvhcSMeVAb/jEugHFWjbU786odPvDD5
+fBpAcLuB4Oncda7Lwq0jVj+xTMC7D6NAxx1Eh5AS3a5qGQIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAuaGlnLnNlhiFodHRwczovL2lkcC5oaWcuc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFEWwGXXE3qHIRmgOo2XHStrjaUU0MA0GCSqGSIb3DQEB
+BQUAA4IBAQAkPDs3NMTHVzte7dYlv6ys1VWYB5Ez9aMjvJPBVh5iwwQzXevm4qZl
+IHoGxvne5R8dkEVM1lcYryFnc7IkSRvuq0utBZcMfU+hHV56IvUNXZsUPJohO3/6
+9SkqakYzPJ3g6voaBaQdoeuvgUXL1fxEuISZkna93UHjJyIIS3T480vP49kXhoT6
+ox75FIwbx/e0e3siAlinjxdy9XbmFm6nx9mIWp4MLqw3UzEIiQG2wKyLxRFr1SnZ
+Cyr54IEx7Zg6UOLaa23i3CX0H2PXTNuik1WN2qPcPo4REEkK7wNP60vYXt7TgJXq
+4irFaazkzqSXLSi1n75Jx2hT7wpSszS5</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hig.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hig.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.hig.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.hig.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.hig.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.hig.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hig.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDFDCCAfygAwIBAgIVAICBvXD19C9Alr+PA2+WCJ8AOE5kMA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5oaWcuc2UwHhcNMTAwMjEyMDgxODAxWhcNMzAw
+MjEyMDgxODAxWjAVMRMwEQYDVQQDEwppZHAuaGlnLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAyKcZZgGl30xAfWbTeXr84KoAdib1dX7geELbuBYN
+/G6x6TWZ9zBtwR0IYLAS8BU2MUHtbpg+RIp9OVMp4FzCuTpYCHjn8Mm3OHNRAZf2
+shovHPIREI1ZfINY8hOhm6yWr74cFrhLxQ+wjkoeRni1zBuChBHQzw+mcK/Dax1Q
+nMQ+Hf+VCYWagYUO3vYWadg0KVwhiPx+4ignOYAae42WFWDnzg53gxj+Ix64Nzbp
+y2xOxYIp6AvrHCX977yfKBemmDvcuyzD7VvhcSMeVAb/jEugHFWjbU786odPvDD5
+fBpAcLuB4Oncda7Lwq0jVj+xTMC7D6NAxx1Eh5AS3a5qGQIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAuaGlnLnNlhiFodHRwczovL2lkcC5oaWcuc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFEWwGXXE3qHIRmgOo2XHStrjaUU0MA0GCSqGSIb3DQEB
+BQUAA4IBAQAkPDs3NMTHVzte7dYlv6ys1VWYB5Ez9aMjvJPBVh5iwwQzXevm4qZl
+IHoGxvne5R8dkEVM1lcYryFnc7IkSRvuq0utBZcMfU+hHV56IvUNXZsUPJohO3/6
+9SkqakYzPJ3g6voaBaQdoeuvgUXL1fxEuISZkna93UHjJyIIS3T480vP49kXhoT6
+ox75FIwbx/e0e3siAlinjxdy9XbmFm6nx9mIWp4MLqw3UzEIiQG2wKyLxRFr1SnZ
+Cyr54IEx7Zg6UOLaa23i3CX0H2PXTNuik1WN2qPcPo4REEkK7wNP60vYXt7TgJXq
+4irFaazkzqSXLSi1n75Jx2hT7wpSszS5</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hig.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hig.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">HIG</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan i Gävle</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hig.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan i Gävle</Company>
+ <EmailAddress>anders.lordal@hig.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://sp1.lab.it.su.se" xml:base="swamid-1.0/sp1.lab.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB+jCCAWOgAwIBAgIRAJVCJLoWBVtmqwrsh0psrA0wDQYJKoZIhvcNAQEFBQAwGzEZMBcGA1UEAxMQc3AxLmxhYi5pdC5zdS5zZTAeFw0wNjExMjcwODI4MDFaFw0wNjEyMzEyMzAwMDBaMBsxGTAXBgNVBAMTEHNwMS5sYWIuaXQuc3Uuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJHpeBYXpgvcLYDnlnJsATNVkEHzLsVga22m+Om1/32yCLnhH7DMlbhbaMb1r1oAX53O5rXXv5CX8AGR5rXkrADTO00LX7ChxFs3P6PhgQ/EnrSe0V71Armi82SAOHjzQkeWwjkxhLqLyWy7Y3Jw82VfBrAovUua7y+w21IGJtIJAgMBAAGjPjA8MA4GA1UdDwEB/wQEAwID6DAqBgNVHSUBAf8EIDAeBggrBgEFBQcDBAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4GBAFTiOOdKyQ+F9k++RqYiAkYYu/pXGwcl8vfhRTFX9Mnlzy/zy/ffDVBRRvhQPd0Lqm7mj/mkg1etLMb3S2fdWBa1pUeFQtSUxMqoACAngIdr+piFsbhu4u9UPUOdD8m9scpqQ1AusGxUmCBClEElZRtmqO9UwL7hD/fVE4TRU+a4</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp1.lab.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Leif</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://hr-sso.pb.su.se/shibboleth" xml:base="swamid-1.0/hr-sso.pb.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEsDCCA5igAwIBAgILAQAAAAABFmJUXjMwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3
+MTEyMTEzMTAwNFoXDTEwMTEyMTEzMTAwNFowXDELMAkGA1UEBhMCU0UxEjAQBgNV
+BAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEY
+MBYGA1UEAxMPaHItc3NvLnBiLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEA6nJtfAvJ3JnERGef+Nukx94z98YailSaHC6kwm2iWy75PJQF3wS+
+7ZUCyK19nIYjBUWHyGf5+jCa7B7hIJCjEfYSII6JIn+fkX5WZAuhuSIP8YnlHMiF
+gqCEB6QVs99YEjsOVcHdNlhCFhbLQviItaA90aLdFTXN3PIulguG/PFP5kfui0To
+epO5Ko9j2eCboDRhrS/G+Hq4ulALBigu1GT5zJinGYOtcV/0noTbv2iS8H20N4gM
+Dt0ej3CCCSMk2Gr/P/IQEjOpHfR4IHle4JWhOkPjJrRpMc5vusvAOAH8S/TpvB3y
+jpbhQtBnOhtY921vX0jPMIT0c3KsefqZDQIDAQABo4IBbjCCAWowUAYDVR0gBEkw
+RzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2ln
+bi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSME
+GDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUfU0a2PdASTZigfkX
+Ce/k93IclTAwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWdu
+Lm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAC
+hjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25h
+bC5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBoGA1UdEQQTMBGC
+D2hyLXNzby5wYi5zdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAJumC9GPp4iTr8iI1
+VlYDEHunB0Ly7ij3okLwkNk4NWIoFfFt4DJNj4i6GDWjOisk1OoFQOKYv8pw3HZw
+SHPfcgeGE/LqgF0zxqw+xHw1ND/MEavfnS5pZ/7FCEkoTCHvSImuRn/0fmV8DtQI
+xlcHgQs3YwfCaqFPuTo/VPDTJcbS1UvH3A8SWzqP4CgFobzFRH6vg2NfwHH5tRaa
+uZ2/xGhPjpAwhqYe2eduOtM/8UetFmYbOR9Ku1D2i/v2sMtEp34iE51KRCQCW7bW
+Nyyybd8JvsVdmtfi3BZLfir3u4vG7e+Wi0dIn0MMQxCk1FawoB8LjFeHGcM3h6m7
+5ezhww==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://hr-sso.pb.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Max</GivenName>
+ <SurName>Quetel</SurName>
+ <EmailAddress>max@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://cbs-vylvatest.kib.ki.se/shibboleth" xml:base="swamid-1.0/cbs-vylvatest.kib.ki.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB7TCCAVagAwIBAgIJAMV5iXtJKd2UMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNVBAMTF2Nicy12eWx2YXRlc3Qua2liLmtpLnNlMB4XDTA4MDcyMzEzMDM0OFoXDTA5MDcyMzEzMDM0OFowIjEgMB4GA1UEAxMXY2JzLXZ5bHZhdGVzdC5raWIua2kuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPAnswr/MkrQXkXZJbv3ArV/q0kowtVLnQIM6nuJjyw/96cQ7UuYFOFpIEhT+fQdthkKdSAAa74U10+r6wUqj7HgGWrKDn6HfGaYUx5vuLt7kHIuLSTdnU5xbH+9D2S1BwdK8qEjCtT5kxPk4/2mXpTVEdQRXdaxLanrIk4Sex/bAgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAvRiCRo0g0bZ8TNZWO5iCmdrMCtDTM4I9JYf0zR0hYbf61U2r1h2iE3IfC4JvNmclEDbhL/aJQrqgglG8mSyBVYN9mu3L3y+O0ZvCLGC5EOHTLVZjihfL1VDwt054lB18AkxOh2H+dkcq6B7cI0XdFesHi4iW9HGr23C22xfLIpQ=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cbs-vylvatest.kib.ki.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">KI</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Karolinska Institutet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ki.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>KI bibliotek</Company>
+ <GivenName>Ylva</GivenName>
+ <SurName>Gavel</SurName>
+ <EmailAddress>ylva.gavel@ki.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://jolu.dev.it.secure.su.se/shibboleth" xml:base="swamid-1.0/jolu.dev.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB7zCCAVigAwIBAgIJAJwEs4t2qiO0MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGGpvbHUuZGV2Lml0LnNlY3VyZS5zdS5zZTAeFw0wOTExMjMwODUzMTdaFw0x
+MDExMjMwODUzMTdaMCMxITAfBgNVBAMTGGpvbHUuZGV2Lml0LnNlY3VyZS5zdS5z
+ZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApI03wSb2s+PQr8xdpfk6yQHI
+QjHPkvKtyOlYvLpmGMhvY22xOaQjOphM9hSaRMiZ9BzmEFAsv9Mn7idq8Y/u5CdE
+Tlv9uTiqtaJBJqgggxMBtrB40x74DCkm+VBWF0Lh0nnYuO7niVPOSJoYw8JQGWPI
+ls2Cuda0Qax0phkrrasCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsG
+AQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQCLl0YaouZ/Sw0xaOsr
+xfBp6dFzqmWvNlKV8gukVPZgjSRyb27Xa7jGsxvJXHKHVn4CSKKRHhXEzDLcWmCJ
+fsIPIaFD0DlyuQL1bhaEHVUyDFf+2uusK2jWgtM7yQGGYXtzYcouXNx6VF+niADr
+uvAr3mL1jb5HpBLWvrI+MwwCcA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://jolu.dev.it.secure.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://labs.swami.se" xml:base="swamid-1.0/labs.swami.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB2TCCAUKgAwIBAgIJANxR0VNsO3LLMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNVBAMTDWxhYnMuc3dhbWkuc2UwHhcNMDcwNDEzMDgxMjM0WhcNMDgwNDEyMDgxMjM0WjAYMRYwFAYDVQQDEw1sYWJzLnN3YW1pLnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDuZSnm1OGEZ+1NPqvCPX3P7EsxMd2kEoTMHKBuTsUngFk5hU0Zk6Jr8Cf4qdwzQRsvoacZjERnzrkOQw45NuMVvLLrErD8qon0uLQGpzsqNIoQ8eJz+CIsoHeSJUGi8FKbRvrKJm9DR2vlrxAxwxuUkyyZ/f/Uvk9S8E0+rwuOEQIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBAGIkqz4KXzPlA4mrprQuGgyXJLZGbZVmWWNxqaihEzjskAdZBom1VBbVuk1KMqiHCbxn2HasBucWGdoLDkAmITFbnL5Lt5lUQ4bdSuVQgboitHHLp49H3gLFg8Jym2Mlj5jzz7ZAEQ64yf2XWhTHK894Z2+5gApkK5N7pDEwUW03</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://labs.swami.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SWAMI</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SWAMI</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.swami.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Leif</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://shibboleth.ebscohost.com" xml:base="swamid-1.0/shibboleth.ebscohost.com.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEZDCCA82gAwIBAgIQNTUPNPvSFFOtVKGg5okawzANBgkqhkiG9w0BAQUFADCB
+ujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVy
+aVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2Vy
+dmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMg
+SW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0w
+OTAzMTcwMDAwMDBaFw0xMTA0MDQyMzU5NTlaMIGbMQswCQYDVQQGEwJVUzEWMBQG
+A1UECBMNTWFzc2FjaHVzZXR0czEQMA4GA1UEBxQHSXBzd2ljaDEfMB0GA1UEChQW
+RUJTQ08gSW5kdXN0cmllcywgSW5jLjEeMBwGA1UECxQVc2hpYmJvbGV0aDEuZXBu
+ZXQuY29tMSEwHwYDVQQDFBhzaGliYm9sZXRoLmVic2NvaG9zdC5jb20wgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAKKCiIggktHn3Hhixq/YiEVnIccwPsfbvtNM
+fjfdoAhRFHAmD9MsOOBKjCURLuZ6gXPTUpNUa/C1aP9+4UaIT1ipSndKPhxsMCgg
+86o2msG1v6K5V/pGiya1aMR5s1HhmodB1ZryA+untXRV56sD2FnKjk2lwS4psAlo
+IlXW9hFLAgMBAAGjggGGMIIBgjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBGBgNV
+HR8EPzA9MDugOaA3hjVodHRwOi8vY3JsLnZlcmlzaWduLmNvbS9DbGFzczNJbnRl
+cm5hdGlvbmFsU2VydmVyLmNybDBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCow
+KAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwNAYDVR0l
+BC0wKwYJYIZIAYb4QgQBBgorBgEEAYI3CgMDBggrBgEFBQcDAQYIKwYBBQUHAwIw
+NAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2ln
+bi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJaW1hZ2UvZ2lmMCEwHzAH
+BgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYkaHR0cDovL2xvZ28udmVy
+aXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEBBQUAA4GBAKFh9LRKkCh1
+rZ/hhSaA8kQwoM4TV2QkBhU5BXcl1RZ5gmp3N5ZQJl3BlhfZQXSxSSGFWP3YGFW7
+jKRBlmOyRaP9tGXkuCqTu34Jwbjg+7n1TYnCyQV8NR5YO3Ir6Z+qUCkq5ZsVsonR
+oWySqfgtWSMHeY1vWcbPbprL6ZhRtzGl</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIFIDCCBAigAwIBAgIQRKwcchAJVesvRaoyM06LijANBgkqhkiG9w0BAQUFADCB
+vDELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL
+ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTswOQYDVQQLEzJUZXJtcyBvZiB1c2Ug
+YXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYSAoYykxMDE2MDQGA1UEAxMt
+VmVyaVNpZ24gQ2xhc3MgMyBJbnRlcm5hdGlvbmFsIFNlcnZlciBDQSAtIEczMB4X
+DTExMDQwMTAwMDAwMFoXDTEzMDQwMzIzNTk1OVowgZsxCzAJBgNVBAYTAlVTMRYw
+FAYDVQQIEw1NYXNzYWNodXNldHRzMRAwDgYDVQQHFAdJcHN3aWNoMR8wHQYDVQQK
+FBZFQlNDTyBJbmR1c3RyaWVzLCBJbmMuMR4wHAYDVQQLFBVzaGliYm9sZXRoMS5l
+cG5ldC5jb20xITAfBgNVBAMUGHNoaWJib2xldGguZWJzY29ob3N0LmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApyJV+9wzY6I+kklwGc4bazyFGsxaAMbe
+n7lPDbCJ/5z3vjmB+gKJUSxovSvIunEc/8EwQ1XgC90Kwqcaxp+0bd3E3krXSgYk
+TxoXRk64ZALF6L0g7SpwikCDWjJ3Y31L83mxjAKHgemkGrjNKXptCaU2ONa6+52M
+KBoceXisJLsCAwEAAaOCAb8wggG7MAkGA1UdEwQCMAAwCwYDVR0PBAQDAgWgMEEG
+A1UdHwQ6MDgwNqA0oDKGMGh0dHA6Ly9TVlJJbnRsLUczLWNybC52ZXJpc2lnbi5j
+b20vU1ZSSW50bEczLmNybDBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYI
+KwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwNAYDVR0lBC0w
+KwYJYIZIAYb4QgQBBgorBgEEAYI3CgMDBggrBgEFBQcDAQYIKwYBBQUHAwIwcgYI
+KwYBBQUHAQEEZjBkMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2lnbi5j
+b20wPAYIKwYBBQUHMAKGMGh0dHA6Ly9TVlJJbnRsLUczLWFpYS52ZXJpc2lnbi5j
+b20vU1ZSSW50bEczLmNlcjBuBggrBgEFBQcBDARiMGChXqBcMFowWDBWFglpbWFn
+ZS9naWYwITAfMAcGBSsOAwIaBBRLa7kolgYMu9BSOJsprEsHiyEFGDAmFiRodHRw
+Oi8vbG9nby52ZXJpc2lnbi5jb20vdnNsb2dvMS5naWYwDQYJKoZIhvcNAQEFBQAD
+ggEBAHBZHUV04SvJMdlt3Md5jc9X633k6wg9RULrZeai6odViYrmfmol8lh7I/Dd
+accxn2szmnhp0lKXaFNU33MOT/nnXGpe2dP4KD2dg7xW/ONf7/8UX5oKMcy9oxhu
+Iu+gIVKBbG6VnAO5ctHTE1w/wE7gw8Wvxkl+4Fysfd59fKzlhiaU9TGcTeroEUVd
+FKbURinepOdF2m0WyzcVLXFTLkyf9hu2Xv4A7zSC/vkWnpOT8K2+8dvh15S8n0mH
+fSXsKNn8tLSR10gYyD0sXGUYr03Upnjnkg69p4O//GRwf04NEV/NehxL2tvgjbO/
+WFUQmFDppVjUgYkCed/yDImwZoE=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.ebscohost.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">epnet.com</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">EBSCO Information Services</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ebsco.com/home/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Burns</GivenName>
+ <SurName>Ron</SurName>
+ <EmailAddress>rburns@epnet.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Flynn</GivenName>
+ <SurName>Dave</SurName>
+ <EmailAddress>dflynn@epnet.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <SurName>Customer Satisfaction</SurName>
+ <EmailAddress>eptech@epnet.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://callab0.it.secure.su.se" xml:base="swamid-1.0/callab0.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB+TCCAWKgAwIBAgIJAOlQKzLVXB5JMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNVBAMTHXNoaWJiLWNhbGxhYjAuaXQuc2VjdXJlLnN1LnNlMB4XDTA3MDMyMDEyMTMxN1oXDTA4MDMxOTEyMTMxN1owKDEmMCQGA1UEAxMdc2hpYmItY2FsbGFiMC5pdC5zZWN1cmUuc3Uuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL/+i70hIW+rIYYJ9mvNEUE1SztYa9mAZuPhH1J4li+pyvghKZQHTI3UuYpbRGEQ1/83a7MAM+6VOQmYQtZDSw8PhtJKcpd1fFhSACqpDQKgBRSwcYsQkjb52j63r3kDXT4VDosImeg0HRb+HIWo4blC8gP2sZLSKa5BHJK+87GdAgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEATDf77yw3aqQYXj4XpY3bUHrrnA9zwYrkboeTCk61s7VrNTLE0T/YEM2qFBxUOWdNxBGuuP6T30XsK2vS0VW7wHTGV+6j9KF+niUQbo/VqKOO69XaO5X0WbJKdI/WyTunmWY5uECoASNhFGcBMqcINAUSktTXlsDB6ttoP1cnjMo=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://callab0.it.secure.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://www3.genuinetext.com/shibboleth" xml:base="swamid-1.0/www3.genuinetext.com.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB5zCCAVCgAwIBAgIJAKb4Olp/yYCUMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFHd3dzMuZ2VudWluZXRleHQuY29tMB4XDTEwMDUxMDExNDkyM1oXDTExMDUx
+MDExNDkyM1owHzEdMBsGA1UEAxMUd3d3My5nZW51aW5ldGV4dC5jb20wgZ8wDQYJ
+KoZIhvcNAQEBBQADgY0AMIGJAoGBAKTr9ehjuIWCwvfybbn92AvSQjBz6zevUqFS
+snvhGBs+Wu2iudpi1SCggPTOXsHj6LD23vIA2yN6VRlul9ifD0Rc9kyU3GdxA/TR
+30x+cdNkMJr3tuhxlNqu90zsWQbfhpCz6HO+KCUR7GLhCiHiCdVPMaYPG3Kh+/kc
+karTEYZPAgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYI
+KwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAJr257dZYsCa2AMxqab/xU2cqc+fH
+/sTYnOHze5shD+5wLBO/FYcmtdj86tFEEYK5kEaEGYoh4KQqAL/EMwKUu10+80ZU
+B58pVL0eikt969S89t0/DyDnF3edU7pg6Thmom4iElIO4v+l8i8yc7Uxko4lAxi0
+v6nJ+bzAScGjfHk=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www3.genuinetext.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Genuine Text</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Genuine Text</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.genuinetext.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Knownet AB</Company>
+ <GivenName>Richard</GivenName>
+ <SurName>Bäckman</SurName>
+ <EmailAddress>rickard@knonet.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://xfire.mimas.ac.uk/shibboleth" xml:base="swamid-1.0/xfire.mimas.ac.uk.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEMjCCAxqgAwIBAgILAQAAAAABE7mOBYIwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3MDcxMjA4MzEzOFoXDTEwMDcxMjA4MzEzOFowYDELMAkGA1UEBhMCR0IxJTAjBgNVBAoTHFRoZSBVbml2ZXJzaXR5IG9mIE1hbmNoZXN0ZXIxDjAMBgNVBAsTBU1JTUFTMRowGAYDVQQDExF4ZmlyZS5taW1hcy5hYy51azCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnvcQOid24BFRMId4stwyqEmQ3jcU9pqoJI7XkIh4FgYy++lBhGFDVDxkjikhbZKgGk1NONfTGRFHJ6TYRPNNjEjDtu8eTaKVDvvgIiW+E+pbdekmHGp5/1TW30yYUxJv12tBCWSWcHuqQjbnJiM+thHvVT0Rpz269VhaI9dWZY0CAwEAAaOCAXAwggFsMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFFffHJDYEluqeqPk2YaogEb6A+BvMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAcBgNVHREEFTATghF4ZmlyZS5taW1hcy5hYy51azANBgkqhkiG9w0BAQUFAAOCAQEAgIGtV9NaiG7yikJKZQgt+GP59EkAWhGYCR8JI5gZU7z6LIyTNLO19MPb2gJiirjUQpFEEh2ZNdiYmYNzf3yZAiVNtv45BOIa+poJbWUr7wXIv48ILhIQ5uTVLXrHofOU/aq3ySpVrLB2DZ1u24GHdxjwgiaKgwk6qntO9zwSeKiK9W2bcNk2mcJh5i7WPsB3RNID/pc4KZmw7T84F0/Ju0PrT4z8ry8286iZRQbZPkTi2D1eqBI52CQIJjUPnEMUJSFLup6kGPGLqtGqqoJNc8mtot4tEQIrqfKu9coHR386P0KAJyUV3PEdkyKcpEpnl4Ky0NDDXLK0BZ4CnMh3/A==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://xfire.mimas.ac.uk/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MIMAS</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MIMAS</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://xfire.mimas.ac.uk</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <SurName>CrossFire Helpdesk</SurName>
+ <EmailAddress>crossfire@mimas.ac.uk</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>david</GivenName>
+ <SurName>Chaplin</SurName>
+ <EmailAddress>david.chaplin@manchester.ac.uk</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ross</GivenName>
+ <SurName>Macintyre</SurName>
+ <EmailAddress>Ross.MacIntyre@manchester.ac.uk</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.secure.su.se/identity" xml:base="swamid-1.0/idp.secure.su.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope xmlns:shibmeta="urn:mace:shibboleth:metadata:1.0" regexp="false">su.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEsjCCA5qgAwIBAgILAQAAAAABFxsEM3owDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3MTIyNzA5NTIxNVoXDTEwMTIyNzA5NTIxNVowXTELMAkGA1UEBhMCU0UxEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEZMBcGA1UEAxMQaWRwLnNlY3VyZS5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8J47onJaot9vYgL5d+VXRuBTlwy4quLRkcFDvAhy9YwzdDAZ0bio2qgVpXMK1aP1kvpOn6+Zy9jUKuwaUraJpE8Yp7dCzTXujrCQSS3sfy+pTwS/kcDUM/sBd16gXU4lfub56+Oiuvi9eRISDKTeZebgTskN2O7gZS91nLSo7xz/Fsrinp3oRWcqZ0VWzc0+zLIldU50ASZ/AqDQQ/JLaqI84b6Ft8JjWZKCGUqBBoRURjvDxqr2e19i2+2mu5Cbayq6IJ62yH+dP3pVd9UZntSXABaTnq2+v9dt/unhOXibzMwh87q+fI9w7SyM7Wy/r6V3qk/aes0bYI6Sj8DW0CAwEAAaOCAW8wggFrMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFMAf54GaLCmlAHIKbGBskYgJ64yTMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHREEFDASghBpZHAuc2VjdXJlLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQA2ZODtOolJMQNFz86urE/RM3LIwkaaRHv9WN743WEPVyrQ0s7XjYuHAuJCuLVhwteA0ODpbmYJHaesG1O4Hqilv/tRD+8MahGWqA2lk28T7mkx+/Hb2jsZWBIMGNNOf97sZUK100wbnsFvjvBsOAsznnRX2JKOBeemOnIPZR1EmA+VRxUaIHb2/SD63zSsa/+y8xkSYAo1Pxr9MU6jePNIPnMF7ixwfzTZElyoxKuNNbQAuxfvvbRElGs2YCmC9WBY8zGmyHfNWWblVt5tjeNH0pWu+qg1tVBSB9VZZ4xGuKgoMyoYKul4y3raQRiUCUaUmJCdAiQNqsSMpY3QpA+k</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.secure.su.se:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope xmlns:shibmeta="urn:mace:shibboleth:metadata:1.0" regexp="false">su.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEsjCCA5qgAwIBAgILAQAAAAABFxsEM3owDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3MTIyNzA5NTIxNVoXDTEwMTIyNzA5NTIxNVowXTELMAkGA1UEBhMCU0UxEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEZMBcGA1UEAxMQaWRwLnNlY3VyZS5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8J47onJaot9vYgL5d+VXRuBTlwy4quLRkcFDvAhy9YwzdDAZ0bio2qgVpXMK1aP1kvpOn6+Zy9jUKuwaUraJpE8Yp7dCzTXujrCQSS3sfy+pTwS/kcDUM/sBd16gXU4lfub56+Oiuvi9eRISDKTeZebgTskN2O7gZS91nLSo7xz/Fsrinp3oRWcqZ0VWzc0+zLIldU50ASZ/AqDQQ/JLaqI84b6Ft8JjWZKCGUqBBoRURjvDxqr2e19i2+2mu5Cbayq6IJ62yH+dP3pVd9UZntSXABaTnq2+v9dt/unhOXibzMwh87q+fI9w7SyM7Wy/r6V3qk/aes0bYI6Sj8DW0CAwEAAaOCAW8wggFrMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFMAf54GaLCmlAHIKbGBskYgJ64yTMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHREEFDASghBpZHAuc2VjdXJlLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQA2ZODtOolJMQNFz86urE/RM3LIwkaaRHv9WN743WEPVyrQ0s7XjYuHAuJCuLVhwteA0ODpbmYJHaesG1O4Hqilv/tRD+8MahGWqA2lk28T7mkx+/Hb2jsZWBIMGNNOf97sZUK100wbnsFvjvBsOAsznnRX2JKOBeemOnIPZR1EmA+VRxUaIHb2/SD63zSsa/+y8xkSYAo1Pxr9MU6jePNIPnMF7ixwfzTZElyoxKuNNbQAuxfvvbRElGs2YCmC9WBY8zGmyHfNWWblVt5tjeNH0pWu+qg1tVBSB9VZZ4xGuKgoMyoYKul4y3raQRiUCUaUmJCdAiQNqsSMpY3QpA+k</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.secure.su.se/shibboleth-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.secure.su.se/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SUOLD</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm University (old)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm University</Company>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://umdac-humpdac.ad.umu.se/shibboleth" xml:base="swamid-1.0/umdac-humpdac.ad.umu.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB7TCCAVagAwIBAgIJAPLebS0CGJJJMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNVBAMTF3VtZGFjLWh1bXBkYWMuYWQudW11LnNlMB4XDTA3MDMxMzEwNTkzNloXDTA4MDMxMjEwNTkzNlowIjEgMB4GA1UEAxMXdW1kYWMtaHVtcGRhYy5hZC51bXUuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALA5VqzzCDXki71HDlWq9gwowL+0FBFZC9bCRmjKOGe9lmZveHhJ1oWN7g5wbAbC+oAciHe5vzUoEIrkl9enqqFCgOww3LhAURSuebJzbF8fz3zjdFlyzqDIlLet54YTvfdZmro4345Z46KW/dX5QOAEslLcSUev1Eq1F1rgXMV/AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAOHWzEvOqLpAeLm19FAZS/qG5i97eH5bx7opjABmDU7IIMT2jEhBykYL6BXbfYljLT2pyBEE2oILetNT/U09Angm2Lf8JzenPUgqS8qFGl54/Gw2GcIiDBbvmPuBWqw8CRYdfBQjBZmKs+jN+Lr1uvEvim/B4PPQg2Eypp8iz/VM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://umdac-humpdac.ad.umu.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Umeå University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>UMDAC</Company>
+ <GivenName>Tommy</GivenName>
+ <SurName>Larsson</SurName>
+ <EmailAddress>tommy.larsson@umdac.umu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://sp.lhs.se/shibboleth" xml:base="swamid-1.0/sp.lhs.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEFTCCA36gAwIBAgIKGij19wAAAAAAeTANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRgwFgYDVQQKEw9MSFMgaSBTdG9ja2hvbG0xFTATBgNVBAsTDElULUF2ZGVsbmluZzEaMBgGA1UEAxMRZ3JlZW5wb2ludC5saHMuc2UwHhcNMDcxMTE1MTE0NjUxWhcNMTIxMTE1MTE1NjUxWjCBqjEcMBoGCSqGSIb3DQEJARYNc2VjQHJ0Lmxocy5zZTELMAkGA1UEBhMCU1cxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMSkwJwYDVQQKEyBTdG9ja2hvbG0gSW5zdGl0dXRlIG9mIEVkdWNhdGlvbjEWMBQGA1UECxMNSVQtZGVwYXJ0bWVudDESMBAGA1UEAxMJc3AubGhzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OuqeuhMexhFh6i1Pm0vxvhDpFmJjm9Y6M1qa6Ug+vEoWZdCv5VQEh3A5kEEMtxi1QhxkcuQhtBoi+sKweDYEcMOlktzLnaSC0wMth/VLR7y2DP5oVzl1FjIlCZ0BdSf9bZENblHNpzb0/sCaVhW09vmp74/5AqV0jLt+XgVnmxVsUBDAgTzWK9fIoDLsClc1RQSUE8asIMiKVEH7KYMOcHRYIzp4Q2++iOvtvq8EVgWZvaDVzG7/CrqFRcuk/4naMyAOKXrGNNr7qB86yFy53Be43ZZjeJv0CQC9LaJZC2QsgbsG2OcCUHbTGEFOdl5DYVfEEVpU4s336WH/eARTQIDAQABo4HjMIHgMB0GA1UdDgQWBBTwtlrmSaEvXMNXT+kQj8ULsteJCTCBvgYDVR0jBIG2MIGzgBT/0okEYerF+Z8wLX763B0yh4G60qGBiKSBhTCBgjELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRgwFgYDVQQKEw9MSFMgaSBTdG9ja2hvbG0xFTATBgNVBAsTDElULUF2ZGVsbmluZzEaMBgGA1UEAxMRZ3JlZW5wb2ludC5saHMuc2WCEEsrLPaG8gihTtyO+tjeJYcwDQYJKoZIhvcNAQEFBQADgYEAM4a5cBBOVKPXBLE6LKKrmExK2TtsOdw17EBL43RoG9IAH22mW1IY5vglf/zaYDm/WS4+8rvGJC+WP5QyMrHQQY52Z4iiSRhLs4ccbDoNR5EF3RxM9lb5tDprncT8d2VinlFztopWUQAmB6s447w+LzqXr62OKEgX3kzZvNSanZ4=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.lhs.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">LHS</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lärarhögskolan</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lhs.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>LHS</Company>
+ <GivenName>Patrik</GivenName>
+ <SurName>Blomkvist</SurName>
+ <EmailAddress>patrik.blomkvist@lhs.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://roundup.it.su.se" xml:base="swamid-1.0/roundup.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEbzCCA1egAwIBAgIRAOOIoW9xqDSfIltHyx8Jm8YwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0wOTExMTgwMDAwMDBaFw0xMjExMTcyMzU5NTlaMEkxCzAJBgNV
+BAYTAlNFMR8wHQYDVQQKExZTdG9ja2hvbG1zIHVuaXZlcnNpdGV0MRkwFwYDVQQD
+ExByb3VuZHVwLml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAyaa/LVY8eUxB/gK86emIR/C+7rG4sFaP7Jc3lNfRHQR/KmCdECwcQWShGsy1
+gnA2d5X7i/eXuWijk7dr7u5mVdCWrQ+rHBEE7DbX+9roDVIIM/eTDTo8HjpSX0pR
+3xmj8j33dJdjQUucdrfpx/1S1OwlvT7+Y5AqACyBoxH6XT4yGQHnxsPyK5JOBW1a
+S2DR3Fs3RDVkQjUFUZRdFey8YW2kmnIRKBAi1YTOi496wPpISovOmLASZZqVwMMF
+iDwLLWz6GbRvaPPa16kq9SQY2Bc4bNIqfEfXrOemqFmnvW4YUWxqAPaG1/qU3sRM
+2AW5eiGh3WYf0jC6rKHFmEY/vwIDAQABo4IBYzCCAV8wHwYDVR0jBBgwFoAUDL2T
+aAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFKwiX0euXmkvdLT+lXwy8k4d+iCg
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQz
+MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu
+Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu
+dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v
+Y3NwLnRjcy50ZXJlbmEub3JnMBsGA1UdEQQUMBKCEHJvdW5kdXAuaXQuc3Uuc2Uw
+DQYJKoZIhvcNAQEFBQADggEBABSYEIPbRorJTJHPaxXAwZU61CjKGSpTGOm6w1Eu
+kucMFRMFX+yxes/AmvgKNr+XcaWZcW1SYKd4FRIt2S6wghd0p1lMQBs2HGt6dNBO
+JDhCayjtfLhgSrAVc3aO8XLAdLqzBEL9FHHn0YJ489UL77+1qCtnt1KO4EWEHA7b
+TY93MXIatJgS0IpprD15gJ+2Tf2JEBMSv2Ne070GD/cpQ0S/mNhc0F8KZ9Dl+UBj
+TJFae2AdnxbUwP+Uyqgx3vA6xSEpHCezYy2f9KnDs77/AYQzFj2HTeyjS+CEfjfZ
+L3icoXenJnD8XOBe79BIPXkxxZCn+es6y1NoUK3d9U1iaEQ=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://roundup.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://moodle.lhs.se/shibboleth" xml:base="swamid-1.0/moodle.lhs.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIErDCCA5SgAwIBAgILAQAAAAABHGXBykcwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDkxNTExMjUxMVoXDTExMDkxNTExMjUxMVowWjELMAkGA1UEBhMCU0UxEjAQBgNV
+BAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEW
+MBQGA1UEAxMNbW9vZGxlLmxocy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBANqTklz0t3Gnkq1va4uPbxMZwOJJV1QwOrGBrCx24gSvSJWrhptcFyMw
+pll8QMneR+Pb7I4wm2YaI5rxLwtBruRdgLtxuOo3LSvhzwTZXzQtC4ouCQ1EAAHT
+ytXj6+TiC0r2s3qiWMwEvspR/VaGTGDjzoEHIM40ynsxsx3LFAFJjBpzGH8Si6IB
+mJqvXAkvuesphyLGvc8c2aTvd3Zg4GL5WR0ep2DuZo1dkpuZHUZlXmS4JVpn2yZa
+HVN/CdLP60jqxvh85HLBk9DZQ0sD3dgAgy1bV/hajO0OzYuV+VQd7kvG5wTKrlUs
+41RaZMLZGZ43t94LCtQZ5IKLZl6BQ6sCAwEAAaOCAWwwggFoMFAGA1UdIARJMEcw
+RQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24u
+bmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgw
+FoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFKgqzUsMQGdA4hivyxsK
+few6RFQvMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5u
+ZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYz
+aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwu
+Y3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAYBgNVHREEETAPgg1t
+b29kbGUubGhzLnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAsV0oNI80/L2tdAlf+ICR2
+YlEwgnkFtJGLRYZJ2uCojETA353C0NKd+IxMNuJkg7vO8fhtQbSyULRKp/XzekBx
+883u9zHDDFQOYYoTz0iLDq+6Cvx/t/b+EDO3yKt7kTRzV3idcNyygDCRAV8h2tUF
+gnZIWa5zCh0iOc5VJBW+Rupb6g9z7IYyjYopkl9ZGhwg8NwFa4qvEwwJcPgktiN/
+E0lpMFhmAzGdKZww+axLvL0lBxrPiFn747K4iJ6tc+oCCtn852zXLd/IsMY3oUWM
+t7tgUUB+rUENHrqryPN6AJ6QZR6UIWE6J6biQJVmXQldKGrGrMEnRecGyokj9kqi</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://moodle.lhs.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <SurName>helpdesk</SurName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://slcstest.uninett.no/simplesaml/shib13/sp/metadata.php" xml:base="swamid-1.0/slcstest.uninett.no.xml">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEbjCCA1agAwIBAgIJAOJ+MVIlv1k/MA0GCSqGSIb3DQEBBQUAMIGAMQswCQYDVQQGEwJOTzEVMBMGA1UECBMMU29yVHJvbmRlbGFnMRIwEAYDVQQHEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQxFjAUBgNVBAsTDVVOSU5FVFQgU2lnbWExHDAaBgNVBAMTE3NsY3N0ZXN0LnVuaW5ldHQubm8wHhcNMDgwOTE1MDkzNjM1WhcNMTgwOTEzMDkzNjM1WjCBgDELMAkGA1UEBhMCTk8xFTATBgNVBAgTDFNvclRyb25kZWxhZzESMBAGA1UEBxMJVHJvbmRoZWltMRAwDgYDVQQKEwdVTklORVRUMRYwFAYDVQQLEw1VTklORVRUIFNpZ21hMRwwGgYDVQQDExNzbGNzdGVzdC51bmluZXR0Lm5vMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2ENRSwN3ZHAUWGBJHGzBPvQFvYqqz23qXMcu9+9XpXIO+YedYIo4wslQQpEMgQM9s4fFpHDLzhP1qlZ1hACUxe/UF8IDSGWad7uI7aKjra/uzOUjMIIC2mUvS79CJFm2Oz/b2X4HVq5jLma1l8rfk4goRuNQPA8UuwKsLNcu7cpBY5J4oeTvczEl/W4hWLx8ywwW6TjmIVr3a7wYWAo8zTntDTjstxV1hwOCcZan5B2tm8rUkZpFuzq3Uip3NI+01OBwuecrPRQd7eOs3UspjVjkYJoPu4utPuB9IeCaBhxrdMi6T2Wo4TVQr78MB3WQ/n2tiyjVQALuSIfEK7M5wIDAQABo4HoMIHlMB0GA1UdDgQWBBTCmIdZOcTZtp50V847byR2vB7ODTCBtQYDVR0jBIGtMIGqgBTCmIdZOcTZtp50V847byR2vB7ODaGBhqSBgzCBgDELMAkGA1UEBhMCTk8xFTATBgNVBAgTDFNvclRyb25kZWxhZzESMBAGA1UEBxMJVHJvbmRoZWltMRAwDgYDVQQKEwdVTklORVRUMRYwFAYDVQQLEw1VTklORVRUIFNpZ21hMRwwGgYDVQQDExNzbGNzdGVzdC51bmluZXR0Lm5vggkA4n4xUiW/WT8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAn8NZnWgeQgOhIOu0PWo5XyWxysSbOL+uCFDo/FD6F90LtN/OErIFQw+FaPrRxmLK1A2msKKCforXwuJV/9QjMjuJfccc9OWpQ7zDLjN1iZEkiW+vFP3ANCaT5FYAiWtzOHVu5ldcqDZ5c4VnTPCIPwGioUZpK5BTLS0gmWUikkz1EFNtxfSBbNGCcAxK1o46rKym8ReaLV5pNoqFwji/j90ODHB37d+CGe7mdXUyRWy/Kuc3D27BUt0PKrJwzSX89KI+i8U1NdQwtXXABOi7C51FKAUAXAzcXpUPBvctdomnJm+megBgm9oCwbvm8UCAMdz9kqjI2/4ui1ZTDtql4g==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService index="0" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://slcstest.uninett.no/simplesaml/shib13/sp/AssertionConsumerService.php"/>
+ </SPSSODescriptor>
+ <ContactPerson contactType="technical">
+ <SurName>Administrator</SurName>
+ <EmailAddress>henrik.austad@uninett.no</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.cambro.umu.se/shibboleth" xml:base="swamid-1.0/www.cambro.umu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://www.cambro.umu.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>www.cambro.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.cambro.umu.se,OU=UMDAC,O=Ume\C3\A5 universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEfDCCA2SgAwIBAgIRAJbVDBL3kTyCvBmty4DBxAYwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0xMDAxMDQwMDAwMDBaFw0xMzAxMDMyMzU5NTlaMFUxCzAJBgNV
+BAYTAlNFMRowGAYDVQQKDBFVbWXDpSB1bml2ZXJzaXRldDEOMAwGA1UECxMFVU1E
+QUMxGjAYBgNVBAMTEXd3dy5jYW1icm8udW11LnNlMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAw7NcByBKGr6sdRwoLHbFjF4itjU+KOK9wb+AlBLtGnzz
+A1G3JaIPem7jdX0G/ByIo5neGCqhD+TCqyvu2yx7ZTHdqFexWCSUfGpSLUl42JdI
+EcPsKeUSC04qJHVRqazj2T+unVTkpYMpPJGlYIqDZxim8TedCDsWRMPlKu+tdQ+d
+sz6VJ1xu+CAfwVQPWEzUTb7QI23puB7kKqNlab1kcjFPUzE775KAxpnqkV1plbnH
+GO7GaSjl7kLRdrPxY22RCMWr+WVQ+bnO4AGrTBU6xar9o0Z4As4XrGORzJotbbow
+yJhmMwMZ0X6ndRMlSt6XS1/nL1GgbB7J1ADqDM3f5wIDAQABo4IBZDCCAWAwHwYD
+VR0jBBgwFoAUDL2TaAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFMPLw2KUyTHP
+1TzaE8naa35RyktIMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEB
+AgIdMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcv
+VEVSRU5BU1NMQ0EuY3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0
+cDovL2NydC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUH
+MAGGGmh0dHA6Ly9vY3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEXd3dy5j
+YW1icm8udW11LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQBASsgmwSRBnEBniuKHJyJY
+Vc2fTuUKRm3q8yFpdc/GHn84/8TapBOd+E4aLRJLRI/BpklF1uStnBQiOIDmLR3W
+mM/gaY8JqMOqZ54t0lmJBgEmhRN0cO9U0fkKCUewyrdC7figAZzjpx6qhK7JtK85
+5tbktBNFR5NKzuOLCnu8LqVY2n2n/o8zwtL6zngoo8saS9cYHyksUE1pc2ktY0Ap
+xFp1GFXSWAOs0/xobwN1SH4FHzWvEzvZMpO4pES0NjfxRQ0SwU70OGOGasHD+Jrn
+icknTeF+RsafVHg+EFL9nH4U/yB6wesYu8jG5Fsv5p+ARKVdZb9YWXaRPtH3mzpN
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>www.cambro.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.cambro.umu.se,OU=UMDAC,O=Ume\C3\A5 universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEfDCCA2SgAwIBAgIRAJbVDBL3kTyCvBmty4DBxAYwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0xMDAxMDQwMDAwMDBaFw0xMzAxMDMyMzU5NTlaMFUxCzAJBgNV
+BAYTAlNFMRowGAYDVQQKDBFVbWXDpSB1bml2ZXJzaXRldDEOMAwGA1UECxMFVU1E
+QUMxGjAYBgNVBAMTEXd3dy5jYW1icm8udW11LnNlMIIBIjANBgkqhkiG9w0BAQEF
+AAOCAQ8AMIIBCgKCAQEAw7NcByBKGr6sdRwoLHbFjF4itjU+KOK9wb+AlBLtGnzz
+A1G3JaIPem7jdX0G/ByIo5neGCqhD+TCqyvu2yx7ZTHdqFexWCSUfGpSLUl42JdI
+EcPsKeUSC04qJHVRqazj2T+unVTkpYMpPJGlYIqDZxim8TedCDsWRMPlKu+tdQ+d
+sz6VJ1xu+CAfwVQPWEzUTb7QI23puB7kKqNlab1kcjFPUzE775KAxpnqkV1plbnH
+GO7GaSjl7kLRdrPxY22RCMWr+WVQ+bnO4AGrTBU6xar9o0Z4As4XrGORzJotbbow
+yJhmMwMZ0X6ndRMlSt6XS1/nL1GgbB7J1ADqDM3f5wIDAQABo4IBZDCCAWAwHwYD
+VR0jBBgwFoAUDL2TaAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFMPLw2KUyTHP
+1TzaE8naa35RyktIMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEB
+AgIdMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcv
+VEVSRU5BU1NMQ0EuY3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0
+cDovL2NydC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUH
+MAGGGmh0dHA6Ly9vY3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEXd3dy5j
+YW1icm8udW11LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQBASsgmwSRBnEBniuKHJyJY
+Vc2fTuUKRm3q8yFpdc/GHn84/8TapBOd+E4aLRJLRI/BpklF1uStnBQiOIDmLR3W
+mM/gaY8JqMOqZ54t0lmJBgEmhRN0cO9U0fkKCUewyrdC7figAZzjpx6qhK7JtK85
+5tbktBNFR5NKzuOLCnu8LqVY2n2n/o8zwtL6zngoo8saS9cYHyksUE1pc2ktY0Ap
+xFp1GFXSWAOs0/xobwN1SH4FHzWvEzvZMpO4pES0NjfxRQ0SwU70OGOGasHD+Jrn
+icknTeF+RsafVHg+EFL9nH4U/yB6wesYu8jG5Fsv5p+ARKVdZb9YWXaRPtH3mzpN
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.cambro.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.cambro.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.cambro.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.cambro.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.cambro.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.cambro.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://cambro-utv1.umdc.umu.se/shibboleth" xml:base="swamid-1.0/cambro-utv1.umdc.umu.se.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>cambro-utv1.umdc.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=cambro-utv1.umdc.umu.se,O=Umea universitet,L=Umea,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEtTCCA52gAwIBAgILAQAAAAABH9HgmtcwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDMwNDEzMjcxMVoXDTEyMDMwNDEzMjcxMVowWTELMAkGA1UEBhMCU0UxDTALBgNV
+BAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxIDAeBgNVBAMTF2Nh
+bWJyby11dHYxLnVtZGMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA5TaLPTlLKk0TeGGRD4LP2f/PrRrFpKunsr++6ui9EsRGwRlla2lNVqsW
+AEpNFFUfQzOrrtMgbBZeCRdzWjaF5v+RDD5y7TGt+V2hqneIzCP0UlRCsYfDynVK
+3MMtIOziTGbX+W1yoSRO4U+t5kS0Ezyq3kly2sp0HRdpJOkRekaq0wOPO7b4I7M3
+w72Xa9cKsGEpqC4BVKhwLpPNvEg8Q2yQWHVEGBADRpxq8c+37w3UCpsW5lXZSTIX
+e5Bup0DzpEAofaYXYR7+xozWA5np/DttV0XES8OPySTKz4uJF12TdXtQDO71jriy
+jb1p4PzwRDWKyeV01NuAKB+pOgUpwQIDAQABo4IBdjCCAXIwUAYDVR0gBEkwRzBF
+BgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5u
+ZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAW
+gBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUWekEey2KnDs/ydaenF3j
+DgQDzxswOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWduLm5l
+dC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNo
+dHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25hbC5j
+cnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdEQQbMBmCF2Nh
+bWJyby11dHYxLnVtZGMudW11LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQB0Tg84TC+P
+edgi+MJHZw9giLhPuaw1G7YeNsPelp7BdaGG5mj6NtnObxJxpX/Ac1XFmOWrs/d8
+dIW9cdRoomW9d9fgm4asKmUwj6riLT3KcZoaxqnQrI5RqINs1SGKcRNc4OnK/4WE
+IIODbCqQMNc97u8i++Cxi1DU09qE4awAs7hEz5twv3CPaDSBy/TiQbNs8PuPIZP9
+9wef0YIBiLfnHJpjtlzM4Nm0Gmmj7Q3ikrtd0Y9xH4GLHA4M/aWDgOHT8uQcVw8A
+74ghwcgLAYhaGLgvvisof0SMPG8Fp3A3cQ735bUbCFl1+MQDSHRZOJAPB/5t+Jlu
+gZWpy/ZEPcE5
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>cambro-utv1.umdc.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=cambro-utv1.umdc.umu.se,O=Umea universitet,L=Umea,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEtTCCA52gAwIBAgILAQAAAAABH9HgmtcwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MDMwNDEzMjcxMVoXDTEyMDMwNDEzMjcxMVowWTELMAkGA1UEBhMCU0UxDTALBgNV
+BAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxIDAeBgNVBAMTF2Nh
+bWJyby11dHYxLnVtZGMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEA5TaLPTlLKk0TeGGRD4LP2f/PrRrFpKunsr++6ui9EsRGwRlla2lNVqsW
+AEpNFFUfQzOrrtMgbBZeCRdzWjaF5v+RDD5y7TGt+V2hqneIzCP0UlRCsYfDynVK
+3MMtIOziTGbX+W1yoSRO4U+t5kS0Ezyq3kly2sp0HRdpJOkRekaq0wOPO7b4I7M3
+w72Xa9cKsGEpqC4BVKhwLpPNvEg8Q2yQWHVEGBADRpxq8c+37w3UCpsW5lXZSTIX
+e5Bup0DzpEAofaYXYR7+xozWA5np/DttV0XES8OPySTKz4uJF12TdXtQDO71jriy
+jb1p4PzwRDWKyeV01NuAKB+pOgUpwQIDAQABo4IBdjCCAXIwUAYDVR0gBEkwRzBF
+BgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5u
+ZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAW
+gBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUWekEey2KnDs/ydaenF3j
+DgQDzxswOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWduLm5l
+dC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNo
+dHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25hbC5j
+cnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCIGA1UdEQQbMBmCF2Nh
+bWJyby11dHYxLnVtZGMudW11LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQB0Tg84TC+P
+edgi+MJHZw9giLhPuaw1G7YeNsPelp7BdaGG5mj6NtnObxJxpX/Ac1XFmOWrs/d8
+dIW9cdRoomW9d9fgm4asKmUwj6riLT3KcZoaxqnQrI5RqINs1SGKcRNc4OnK/4WE
+IIODbCqQMNc97u8i++Cxi1DU09qE4awAs7hEz5twv3CPaDSBy/TiQbNs8PuPIZP9
+9wef0YIBiLfnHJpjtlzM4Nm0Gmmj7Q3ikrtd0Y9xH4GLHA4M/aWDgOHT8uQcVw8A
+74ghwcgLAYhaGLgvvisof0SMPG8Fp3A3cQ735bUbCFl1+MQDSHRZOJAPB/5t+Jlu
+gZWpy/ZEPcE5
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://cambro-utv1.umdc.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://idp.umu.se/saml2/idp/metadata.php" xml:base="swamid-1.0/idp.umu.se-saml2.xml">
+ <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <shibmd:Scope regexp="false">umu.se</shibmd:Scope>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEmzCCA4OgAwIBAgILAQAAAAABH0aCSWowDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5MDIwNTExNTU1NloXDTEyMDIwNTExNTU1NlowTDELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxEzARBgNVBAMTCmlkcC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVztW5Apmw/AKx1SCpyKwGlkz89avgV9fkEwb6IANRMhcI3ftUOJ5BUVD3tsgyzGgZYNGgzYoGHvE3uvUGUHSGObLQv5Wy4a4yN36a2UCgGsaDxXBdAZDT6W9NOLDI86WbIQbKRSWZaeRPSWNkn46q3hE4q6NGh1b2ZY04y9VdvuDSqk3+8Z6w4wC+S2VPAG6hHbbG4gaEakCv/i4hA2haAI9vUP2RVu6aAdydoZR/DdI/GvIwHJsHl1QvmE9tkkAHmNwYhmykIFsMrOeQ8CCZbRswkemiuCWa0d0KyxH2eoJrVo6aAFIdz5yTALHsIli7n6YgSP/PC9TMAobUVU/AgMBAAGjggFpMIIBZTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBQ44Zw5BzMzy6v5KrfuIjONSiDc8DA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwFQYDVR0RBA4wDIIKaWRwLnVtdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAXNruvuq2mX23lgcwb7FoQXC9RGMkLnvU2+LF3QXZeGDg7VSzrfxFDEHPX6FuVH8E9KSfCemmkh/rb52oa/YXP97nLWf6tLAB6LHYp34Lx8z6FPWXi93X0vgRKrAkr8fCwk6kNO3yTyvBC8hxPX+zkMcB2Xxh281CjOE8WLTG5ORLC8Em/o4/DC+d1pu1aj24MmVdGcCKsfzXaVFiKhaB+1S8fJi539X0A/R0ig7lqzs46QzaimgcnbcFBIE4lxI0YLfl2YcOyI87jm7SPuBjDjEmNUhONbm896M82PMG4enEh47q76YYkei9ozIynoQ5kefpeSt6ru9GsnScD4eAdA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEmzCCA4OgAwIBAgILAQAAAAABH0aCSWowDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5MDIwNTExNTU1NloXDTEyMDIwNTExNTU1NlowTDELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxEzARBgNVBAMTCmlkcC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVztW5Apmw/AKx1SCpyKwGlkz89avgV9fkEwb6IANRMhcI3ftUOJ5BUVD3tsgyzGgZYNGgzYoGHvE3uvUGUHSGObLQv5Wy4a4yN36a2UCgGsaDxXBdAZDT6W9NOLDI86WbIQbKRSWZaeRPSWNkn46q3hE4q6NGh1b2ZY04y9VdvuDSqk3+8Z6w4wC+S2VPAG6hHbbG4gaEakCv/i4hA2haAI9vUP2RVu6aAdydoZR/DdI/GvIwHJsHl1QvmE9tkkAHmNwYhmykIFsMrOeQ8CCZbRswkemiuCWa0d0KyxH2eoJrVo6aAFIdz5yTALHsIli7n6YgSP/PC9TMAobUVU/AgMBAAGjggFpMIIBZTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBQ44Zw5BzMzy6v5KrfuIjONSiDc8DA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwFQYDVR0RBA4wDIIKaWRwLnVtdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAXNruvuq2mX23lgcwb7FoQXC9RGMkLnvU2+LF3QXZeGDg7VSzrfxFDEHPX6FuVH8E9KSfCemmkh/rb52oa/YXP97nLWf6tLAB6LHYp34Lx8z6FPWXi93X0vgRKrAkr8fCwk6kNO3yTyvBC8hxPX+zkMcB2Xxh281CjOE8WLTG5ORLC8Em/o4/DC+d1pu1aj24MmVdGcCKsfzXaVFiKhaB+1S8fJi539X0A/R0ig7lqzs46QzaimgcnbcFBIE4lxI0YLfl2YcOyI87jm7SPuBjDjEmNUhONbm896M82PMG4enEh47q76YYkei9ozIynoQ5kefpeSt6ru9GsnScD4eAdA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.umu.se/saml2/idp/ArtifactResolutionService.php" index="0"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.umu.se/saml2/idp/SingleLogoutService.php"/>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.umu.se/saml2/idp/SSOService.php"/>
+ </md:IDPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">UmU</md:OrganizationName>
+ <md:OrganizationName xml:lang="se">UmU</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Umeå University (SAML2)</md:OrganizationDisplayName>
+ <md:OrganizationDisplayName xml:lang="se">Umeå universitet (SAML2)</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">http://www.umu.se/english</md:OrganizationURL>
+ <md:OrganizationURL xml:lang="se">http://www.umu.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:SurName>Datordrift</md:SurName>
+ <md:EmailAddress>datordrift@umdac.umu.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://idp.umu.se/shib13/idp/metadata.php" xml:base="swamid-1.0/idp.umu.se-saml1.xml">
+ <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <md:Extensions>
+ <shibmd:Scope regexp="false">umu.se</shibmd:Scope>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEmzCCA4OgAwIBAgILAQAAAAABH0aCSWowDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5MDIwNTExNTU1NloXDTEyMDIwNTExNTU1NlowTDELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxEzARBgNVBAMTCmlkcC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVztW5Apmw/AKx1SCpyKwGlkz89avgV9fkEwb6IANRMhcI3ftUOJ5BUVD3tsgyzGgZYNGgzYoGHvE3uvUGUHSGObLQv5Wy4a4yN36a2UCgGsaDxXBdAZDT6W9NOLDI86WbIQbKRSWZaeRPSWNkn46q3hE4q6NGh1b2ZY04y9VdvuDSqk3+8Z6w4wC+S2VPAG6hHbbG4gaEakCv/i4hA2haAI9vUP2RVu6aAdydoZR/DdI/GvIwHJsHl1QvmE9tkkAHmNwYhmykIFsMrOeQ8CCZbRswkemiuCWa0d0KyxH2eoJrVo6aAFIdz5yTALHsIli7n6YgSP/PC9TMAobUVU/AgMBAAGjggFpMIIBZTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBQ44Zw5BzMzy6v5KrfuIjONSiDc8DA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwFQYDVR0RBA4wDIIKaWRwLnVtdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAXNruvuq2mX23lgcwb7FoQXC9RGMkLnvU2+LF3QXZeGDg7VSzrfxFDEHPX6FuVH8E9KSfCemmkh/rb52oa/YXP97nLWf6tLAB6LHYp34Lx8z6FPWXi93X0vgRKrAkr8fCwk6kNO3yTyvBC8hxPX+zkMcB2Xxh281CjOE8WLTG5ORLC8Em/o4/DC+d1pu1aj24MmVdGcCKsfzXaVFiKhaB+1S8fJi539X0A/R0ig7lqzs46QzaimgcnbcFBIE4lxI0YLfl2YcOyI87jm7SPuBjDjEmNUhONbm896M82PMG4enEh47q76YYkei9ozIynoQ5kefpeSt6ru9GsnScD4eAdA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEmzCCA4OgAwIBAgILAQAAAAABH0aCSWowDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5MDIwNTExNTU1NloXDTEyMDIwNTExNTU1NlowTDELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxEzARBgNVBAMTCmlkcC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVztW5Apmw/AKx1SCpyKwGlkz89avgV9fkEwb6IANRMhcI3ftUOJ5BUVD3tsgyzGgZYNGgzYoGHvE3uvUGUHSGObLQv5Wy4a4yN36a2UCgGsaDxXBdAZDT6W9NOLDI86WbIQbKRSWZaeRPSWNkn46q3hE4q6NGh1b2ZY04y9VdvuDSqk3+8Z6w4wC+S2VPAG6hHbbG4gaEakCv/i4hA2haAI9vUP2RVu6aAdydoZR/DdI/GvIwHJsHl1QvmE9tkkAHmNwYhmykIFsMrOeQ8CCZbRswkemiuCWa0d0KyxH2eoJrVo6aAFIdz5yTALHsIli7n6YgSP/PC9TMAobUVU/AgMBAAGjggFpMIIBZTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBQ44Zw5BzMzy6v5KrfuIjONSiDc8DA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwFQYDVR0RBA4wDIIKaWRwLnVtdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAXNruvuq2mX23lgcwb7FoQXC9RGMkLnvU2+LF3QXZeGDg7VSzrfxFDEHPX6FuVH8E9KSfCemmkh/rb52oa/YXP97nLWf6tLAB6LHYp34Lx8z6FPWXi93X0vgRKrAkr8fCwk6kNO3yTyvBC8hxPX+zkMcB2Xxh281CjOE8WLTG5ORLC8Em/o4/DC+d1pu1aj24MmVdGcCKsfzXaVFiKhaB+1S8fJi539X0A/R0ig7lqzs46QzaimgcnbcFBIE4lxI0YLfl2YcOyI87jm7SPuBjDjEmNUhONbm896M82PMG4enEh47q76YYkei9ozIynoQ5kefpeSt6ru9GsnScD4eAdA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</md:NameIDFormat>
+ <md:SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.umu.se/shib13/idp/SSOService.php"/>
+ </md:IDPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">UmU</md:OrganizationName>
+ <md:OrganizationName xml:lang="se">UmU</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Umeå University</md:OrganizationDisplayName>
+ <md:OrganizationDisplayName xml:lang="se">Umeå universitet</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">http://www.umu.se/english</md:OrganizationURL>
+ <md:OrganizationURL xml:lang="se">http://www.umu.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:SurName>Datordrift</md:SurName>
+ <md:EmailAddress>datordrift@umdac.umu.se</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://kurser.math.su.se/shibboleth" xml:base="swamid-1.0/kurser.math.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>kurser.math.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=kurser.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEcDCCA1igAwIBAgIQE1y2ZmHRWdeouH6Sf5z+WjANBgkqhkiG9w0BAQUFADA2
+MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
+U1NMIENBMB4XDTEwMDExOTAwMDAwMFoXDTEzMDExODIzNTk1OVowSjELMAkGA1UE
+BhMCU0UxHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxGjAYBgNVBAMT
+EWt1cnNlci5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEA6BmSQGmI4Efp95B1PMcAPi0/KsW6CZHRku76vh8IS+DBD3zV/A5EFWwlGIBt
+TohN+f6dp5ed4/9C6zlfdSyUblqb607LLeCTsmA4YPFWVon63VdE5GQL0x6Ii55I
+mD+z5d9fhNcL/NAffDAVDLB5HH7YEeX1CBa56NWQO6FHb4f2xX1eURt9+TRxCijQ
+LxhUt/RyMSCujqXE8a2j6JO5UksK7549uHd2zFXwpNMmMr8XnsEwcSj7jCT2MXyZ
+jQoGXTTCOORX2tBsWdN/q0XunCxWybZntLih2G3Q5WF0+6NVDuJtVPWsooqZlnre
+jYsPPvMiryeEVv1l6uGq6G+/FwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAUDL2T
+aAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFAZIY/QOfeb6IU8E3CmoV4n7u57a
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQz
+MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu
+Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu
+dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v
+Y3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEWt1cnNlci5tYXRoLnN1LnNl
+MA0GCSqGSIb3DQEBBQUAA4IBAQCfqwDPk9vrMyV/Lv9bzX5nCQKWAuAYlo6qX9lI
+W2IM1IES3LYHzBOt1Rbde4r56HYVy/F8z1DiG/SDTT/WZciArryOozZSTmjfkD1J
+BoRtWsNKnGckWCigaxDS/ai1aGl+X8kZTxUAMQtHIJtkeLZaz1aYv5BMCK0aDPCz
++jK9xMSMbBhWrVhs6HnkFnGhr71s7ZFbMxRv6psLSPl055grTLQK4eLQ63pWNeTM
+orcBunWAqfoXXOHt4HTclLpL01R8y9T5LvZBWpEN75u3fkRHWS/kQIXHprWp07xv
+2Zkq+NG9O7ixLXCdQrd/dZlG8/RITegnw2rhMIpEf25eTkvl
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>kurser.math.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=kurser.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEcDCCA1igAwIBAgIQE1y2ZmHRWdeouH6Sf5z+WjANBgkqhkiG9w0BAQUFADA2
+MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
+U1NMIENBMB4XDTEwMDExOTAwMDAwMFoXDTEzMDExODIzNTk1OVowSjELMAkGA1UE
+BhMCU0UxHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxGjAYBgNVBAMT
+EWt1cnNlci5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEA6BmSQGmI4Efp95B1PMcAPi0/KsW6CZHRku76vh8IS+DBD3zV/A5EFWwlGIBt
+TohN+f6dp5ed4/9C6zlfdSyUblqb607LLeCTsmA4YPFWVon63VdE5GQL0x6Ii55I
+mD+z5d9fhNcL/NAffDAVDLB5HH7YEeX1CBa56NWQO6FHb4f2xX1eURt9+TRxCijQ
+LxhUt/RyMSCujqXE8a2j6JO5UksK7549uHd2zFXwpNMmMr8XnsEwcSj7jCT2MXyZ
+jQoGXTTCOORX2tBsWdN/q0XunCxWybZntLih2G3Q5WF0+6NVDuJtVPWsooqZlnre
+jYsPPvMiryeEVv1l6uGq6G+/FwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAUDL2T
+aAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFAZIY/QOfeb6IU8E3CmoV4n7u57a
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQz
+MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu
+Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu
+dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v
+Y3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEWt1cnNlci5tYXRoLnN1LnNl
+MA0GCSqGSIb3DQEBBQUAA4IBAQCfqwDPk9vrMyV/Lv9bzX5nCQKWAuAYlo6qX9lI
+W2IM1IES3LYHzBOt1Rbde4r56HYVy/F8z1DiG/SDTT/WZciArryOozZSTmjfkD1J
+BoRtWsNKnGckWCigaxDS/ai1aGl+X8kZTxUAMQtHIJtkeLZaz1aYv5BMCK0aDPCz
++jK9xMSMbBhWrVhs6HnkFnGhr71s7ZFbMxRv6psLSPl055grTLQK4eLQ63pWNeTM
+orcBunWAqfoXXOHt4HTclLpL01R8y9T5LvZBWpEN75u3fkRHWS/kQIXHprWp07xv
+2Zkq+NG9O7ixLXCdQrd/dZlG8/RITegnw2rhMIpEf25eTkvl
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kurser.math.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kurser.math.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kurser.math.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://kurser3.math.su.se/shibboleth" xml:base="swamid-1.0/kurser3.math.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>kurser3.math.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=kurser3.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEczCCA1ugAwIBAgIRAJmPvLO1zhBHiC8cv0Ac0q8wDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0xMDAxMTkwMDAwMDBaFw0xMzAxMTgyMzU5NTlaMEsxCzAJBgNV
+BAYTAlNFMR8wHQYDVQQKExZTdG9ja2hvbG1zIHVuaXZlcnNpdGV0MRswGQYDVQQD
+ExJrdXJzZXIzLm1hdGguc3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDE0IybA6C3iZ+bkaClj4VPM+9ujYTq5UmpcUPr7ZovIHSrch5rRGSPuw3k
+MQ3dZz+1nBVCdtnbud4JwgJf+oKoHyixu5UAy4PosinJlVV+TeYHhDMB3J+O6O/7
+MVWCD7NUxgOXhwEIu1Ln9fbB2fyoH9czTgYUlz8IyBE1c5kbkU6dJ/v+TYFfYC6f
+QNTq/CKzuPPlG3I0b6fyMTF6+9BXnhGoqGzc4fbpDw466FLYbuBhwjYOGw4sHVOw
+NwZpeo1cSIZ+ynJCO4y3nLHx7Ln5yt48fkvDE8fhnDlP19hEKadctKYQzyt1X+WH
+uYPuy2bffW8LsGMNdz6zgV1yq29vAgMBAAGjggFlMIIBYTAfBgNVHSMEGDAWgBQM
+vZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQU9/hl0fzcymppShwXt+2iss1P
+VA4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wOgYDVR0f
+BDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xD
+QS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRj
+cy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDov
+L29jc3AudGNzLnRlcmVuYS5vcmcwHQYDVR0RBBYwFIISa3Vyc2VyMy5tYXRoLnN1
+LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAtyWsUSktP5GxVj19xSNmFDyap7z0/igy4
+WCTNXDGmHPIOmZfaavo5UBtZwEUB1puU2ViognByPFW1dnZzNV+nIiCokKg9gEOG
+7gEOVIzGQZTGkX/EQYlyYkhXd+tQ2Mn7v60RxtHTpmLHutNZiuwXPV/T/pq+i6aT
+WkQUjdUtED1LYCNHIy/voAwYOa8zZ5tBq3kXRveZtY3LpdKRIz6aUkHqLKmHBLF4
+ImN8nJk/9yn1zCQW8/1DzycFt9IHU/zeCG1Q41L0EU2ZAXWixc/0sVuVxn6LEcIH
+cltjAaJBgU+QoDEuKsQtzVwmR/JfWYaVaMDXCh+QwOgvP3MIq8pA
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>kurser3.math.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=kurser3.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEczCCA1ugAwIBAgIRAJmPvLO1zhBHiC8cv0Ac0q8wDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0xMDAxMTkwMDAwMDBaFw0xMzAxMTgyMzU5NTlaMEsxCzAJBgNV
+BAYTAlNFMR8wHQYDVQQKExZTdG9ja2hvbG1zIHVuaXZlcnNpdGV0MRswGQYDVQQD
+ExJrdXJzZXIzLm1hdGguc3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
+AoIBAQDE0IybA6C3iZ+bkaClj4VPM+9ujYTq5UmpcUPr7ZovIHSrch5rRGSPuw3k
+MQ3dZz+1nBVCdtnbud4JwgJf+oKoHyixu5UAy4PosinJlVV+TeYHhDMB3J+O6O/7
+MVWCD7NUxgOXhwEIu1Ln9fbB2fyoH9czTgYUlz8IyBE1c5kbkU6dJ/v+TYFfYC6f
+QNTq/CKzuPPlG3I0b6fyMTF6+9BXnhGoqGzc4fbpDw466FLYbuBhwjYOGw4sHVOw
+NwZpeo1cSIZ+ynJCO4y3nLHx7Ln5yt48fkvDE8fhnDlP19hEKadctKYQzyt1X+WH
+uYPuy2bffW8LsGMNdz6zgV1yq29vAgMBAAGjggFlMIIBYTAfBgNVHSMEGDAWgBQM
+vZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQU9/hl0fzcymppShwXt+2iss1P
+VA4wDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYB
+BQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wOgYDVR0f
+BDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xD
+QS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRj
+cy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDov
+L29jc3AudGNzLnRlcmVuYS5vcmcwHQYDVR0RBBYwFIISa3Vyc2VyMy5tYXRoLnN1
+LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAtyWsUSktP5GxVj19xSNmFDyap7z0/igy4
+WCTNXDGmHPIOmZfaavo5UBtZwEUB1puU2ViognByPFW1dnZzNV+nIiCokKg9gEOG
+7gEOVIzGQZTGkX/EQYlyYkhXd+tQ2Mn7v60RxtHTpmLHutNZiuwXPV/T/pq+i6aT
+WkQUjdUtED1LYCNHIy/voAwYOa8zZ5tBq3kXRveZtY3LpdKRIz6aUkHqLKmHBLF4
+ImN8nJk/9yn1zCQW8/1DzycFt9IHU/zeCG1Q41L0EU2ZAXWixc/0sVuVxn6LEcIH
+cltjAaJBgU+QoDEuKsQtzVwmR/JfWYaVaMDXCh+QwOgvP3MIq8pA
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser3.math.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser3.math.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser3.math.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser3.math.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kurser3.math.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kurser3.math.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser3.math.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser3.math.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kurser3.math.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kurser3.math.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kurser3.math.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kurser3.math.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kurser3.math.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kurser3.math.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://webwork.math.su.se/shibboleth" xml:base="swamid-1.0/webwork.math.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEtjCCA56gAwIBAgILAQAAAAABFmxsApMwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3
+MTEyMzEyMTIwNloXDTEwMTEyMzEyMTIwNlowXzELMAkGA1UEBhMCU0UxEjAQBgNV
+BAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEb
+MBkGA1UEAxMSd2Vid29yay5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAsV6XkCnn+GfR8hX33IfZ+Zow+CqmRYIRlt7dUOtuEaqNbEMS
+6MWb7/FBFnHWX1xzyYqv+QTyQGnPDerPHir4QaxTndeXzAIxvbYTv2EjZO9C4csf
+MVMuKTX2wukVKOxNAMbpi8TyfOIjnrxV+DXvKb9WfJjY/1NNg87KEzs2FlUFOIhw
+xRcNW9LehOvSacmUuWDQj8T2CC8kNYpSlgSr/7mhIdm2B3idf5UA4Pzr1YK6IuED
+rR55GpH36hJQpn7Uyk18pdRCHYRAI3CHTRK7xBIEOJMhLHhkYog5apIGyzm16TWf
+5HS4FP22eJ2UL2NqXMa/DVeM1sKxBzEdTCXKswIDAQABo4IBcTCCAW0wUAYDVR0g
+BEkwRzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFs
+c2lnbi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNV
+HSMEGDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUsQBGW4vC5dgk
+DZjNJQ57yQy+CMswOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxz
+aWduLm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUF
+BzAChjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRp
+b25hbC5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdEQQW
+MBSCEndlYndvcmsubWF0aC5zdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAPnp49Adh
+xwdTjVb226i9p+S4jKR/QP+tLSUmpRJkCspI7tl2an2y6bumSkTbnjMugjKPxVJH
+697737ebLAAhnbi4wMZ1zm7sEkT4BzFXTr9JUldLANQ7k1bYvKxbdmi/nngaXtF9
+zsbBXkckci3W/hUfZHSj1P/By3iy1MPEEBlZmqY/OTroqQb4Q2Nn87iJhtgnjU0t
+3M0O4Bu248RtTdXPtyQA69MJT4i1BUBqPGUIOBUs8YzZ40vvkejVJ6Y2PVTOQC4m
+gCpBEioqc6VkMW0bz9VxYvA+cMH304mW0PJne3tKFeCSJIG555XOvg3bl8bF0gUr
+x4wDuJ8mbDVyyw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://webwork.math.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Tomas</GivenName>
+ <SurName>Ericsson</SurName>
+ <EmailAddress>te@math.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://webwork2.math.su.se/shibboleth" xml:base="swamid-1.0/webwork2.math.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEtjCCA56gAwIBAgILAQAAAAABFmxsApMwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3
+MTEyMzEyMTIwNloXDTEwMTEyMzEyMTIwNlowXzELMAkGA1UEBhMCU0UxEjAQBgNV
+BAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEb
+MBkGA1UEAxMSd2Vid29yay5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAsV6XkCnn+GfR8hX33IfZ+Zow+CqmRYIRlt7dUOtuEaqNbEMS
+6MWb7/FBFnHWX1xzyYqv+QTyQGnPDerPHir4QaxTndeXzAIxvbYTv2EjZO9C4csf
+MVMuKTX2wukVKOxNAMbpi8TyfOIjnrxV+DXvKb9WfJjY/1NNg87KEzs2FlUFOIhw
+xRcNW9LehOvSacmUuWDQj8T2CC8kNYpSlgSr/7mhIdm2B3idf5UA4Pzr1YK6IuED
+rR55GpH36hJQpn7Uyk18pdRCHYRAI3CHTRK7xBIEOJMhLHhkYog5apIGyzm16TWf
+5HS4FP22eJ2UL2NqXMa/DVeM1sKxBzEdTCXKswIDAQABo4IBcTCCAW0wUAYDVR0g
+BEkwRzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFs
+c2lnbi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNV
+HSMEGDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUsQBGW4vC5dgk
+DZjNJQ57yQy+CMswOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxz
+aWduLm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUF
+BzAChjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRp
+b25hbC5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMB0GA1UdEQQW
+MBSCEndlYndvcmsubWF0aC5zdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAPnp49Adh
+xwdTjVb226i9p+S4jKR/QP+tLSUmpRJkCspI7tl2an2y6bumSkTbnjMugjKPxVJH
+697737ebLAAhnbi4wMZ1zm7sEkT4BzFXTr9JUldLANQ7k1bYvKxbdmi/nngaXtF9
+zsbBXkckci3W/hUfZHSj1P/By3iy1MPEEBlZmqY/OTroqQb4Q2Nn87iJhtgnjU0t
+3M0O4Bu248RtTdXPtyQA69MJT4i1BUBqPGUIOBUs8YzZ40vvkejVJ6Y2PVTOQC4m
+gCpBEioqc6VkMW0bz9VxYvA+cMH304mW0PJne3tKFeCSJIG555XOvg3bl8bF0gUr
+x4wDuJ8mbDVyyw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://webwork2.math.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Tomas</GivenName>
+ <SurName>Ericsson</SurName>
+ <EmailAddress>te@math.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://etenta.math.su.se/shibboleth" xml:base="swamid-1.0/etenta.math.su.se">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>etenta.math.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=etenta.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEcDCCA1igAwIBAgIQPeuEmtzAXHUS0vug+BLA6TANBgkqhkiG9w0BAQUFADA2
+MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
+U1NMIENBMB4XDTEwMDExNTAwMDAwMFoXDTEzMDExNDIzNTk1OVowSjELMAkGA1UE
+BhMCU0UxHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxGjAYBgNVBAMT
+EWV0ZW50YS5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAqTegRf6kffNbA8D4Lrij26Zu81qPigIokEhLdZrGsx5DEH5jsmoIrhoEZshV
+vBGwIJIA/IoxRZFEjcTWvaJcYG01oSr3/XBKeYjEVRSX3KxbcU5Dd2qN5YnvyxoW
+oldlTmU22TuOovup0UjkKpQ7VPzgcMU3gQ6Cx0oUHJ0KAgI6yCMooX/cR0CCjfZ6
+XTPTqtnoSYr+j2ZWGNcHUBd0AFXu6fNBxmpy/HTNY+UVeaWF5shrg2tginZkQQ2m
+1R/RFiNxC5JPv5IBrZ8YkkvLOz7rQAkVCnXAVl7bp75qpxQ3R9mAJV4KpcFHY04e
+7plxQY1ISBvoqNPJkOIhDr/sdwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAUDL2T
+aAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFEEgsYJkGCGrGtB3mPmAQMXlCOru
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQz
+MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu
+Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu
+dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v
+Y3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEWV0ZW50YS5tYXRoLnN1LnNl
+MA0GCSqGSIb3DQEBBQUAA4IBAQBSD+s+1zbkDWniGmAo0iqclGzJQU6UKqmZuIF/
+0dOT5vZ6XyyZfhRqVVAew9m+E7IUg9iZcpKF4XtL1awUR+3tAyFJs05WWX0dcIFk
+qgvOsb54NBLDwdmM1f0B5yedJVZ6VFf3pqig17V25phElY/ArJe4XyqOS0JnXrd5
+UayFwWyOsjbZ5W0YhKAi8CCOdjQkz01Es3PCo6c0AL3uKOUNvVVmF8Jrku6DPzT2
+m27FphoUCoQa8mZRcxd4h/fmEhQMg2ZTVbLz+jwjI865pueFODIgf/8IAfiTDM6y
+vC40Zznf98QP1QaaAJ1B90WydJegGcz28vmrn1SEIIlOtTic
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>etenta.math.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=etenta.math.su.se,O=Stockholms universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEcDCCA1igAwIBAgIQPeuEmtzAXHUS0vug+BLA6TANBgkqhkiG9w0BAQUFADA2
+MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
+U1NMIENBMB4XDTEwMDExNTAwMDAwMFoXDTEzMDExNDIzNTk1OVowSjELMAkGA1UE
+BhMCU0UxHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxGjAYBgNVBAMT
+EWV0ZW50YS5tYXRoLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
+AQEAqTegRf6kffNbA8D4Lrij26Zu81qPigIokEhLdZrGsx5DEH5jsmoIrhoEZshV
+vBGwIJIA/IoxRZFEjcTWvaJcYG01oSr3/XBKeYjEVRSX3KxbcU5Dd2qN5YnvyxoW
+oldlTmU22TuOovup0UjkKpQ7VPzgcMU3gQ6Cx0oUHJ0KAgI6yCMooX/cR0CCjfZ6
+XTPTqtnoSYr+j2ZWGNcHUBd0AFXu6fNBxmpy/HTNY+UVeaWF5shrg2tginZkQQ2m
+1R/RFiNxC5JPv5IBrZ8YkkvLOz7rQAkVCnXAVl7bp75qpxQ3R9mAJV4KpcFHY04e
+7plxQY1ISBvoqNPJkOIhDr/sdwIDAQABo4IBZDCCAWAwHwYDVR0jBBgwFoAUDL2T
+aAzz3qujSWsrN1dH6pDjue0wHQYDVR0OBBYEFEEgsYJkGCGrGtB3mPmAQMXlCOru
+MA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUF
+BwMBBggrBgEFBQcDAjAYBgNVHSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQz
+MDEwL6AtoCuGKWh0dHA6Ly9jcmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0Eu
+Y3JsMG0GCCsGAQUFBwEBBGEwXzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3Mu
+dGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9v
+Y3NwLnRjcy50ZXJlbmEub3JnMBwGA1UdEQQVMBOCEWV0ZW50YS5tYXRoLnN1LnNl
+MA0GCSqGSIb3DQEBBQUAA4IBAQBSD+s+1zbkDWniGmAo0iqclGzJQU6UKqmZuIF/
+0dOT5vZ6XyyZfhRqVVAew9m+E7IUg9iZcpKF4XtL1awUR+3tAyFJs05WWX0dcIFk
+qgvOsb54NBLDwdmM1f0B5yedJVZ6VFf3pqig17V25phElY/ArJe4XyqOS0JnXrd5
+UayFwWyOsjbZ5W0YhKAi8CCOdjQkz01Es3PCo6c0AL3uKOUNvVVmF8Jrku6DPzT2
+m27FphoUCoQa8mZRcxd4h/fmEhQMg2ZTVbLz+jwjI865pueFODIgf/8IAfiTDM6y
+vC40Zznf98QP1QaaAJ1B90WydJegGcz28vmrn1SEIIlOtTic
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://etenta.math.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://etenta.math.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://etenta.math.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://etenta.math.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://etenta.math.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://sp.swamid.se/shibboleth" xml:base="swamid-1.0/sp.swamid.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.swamid.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.swamid.se/Shibboleth.sso/DS/ds.sunet.se" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>https://sp.swamid.se/shibboleth</ds:KeyName>
+ <ds:KeyName>sp.swamid.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sp.swamid.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDDCCAfSgAwIBAgIJAKP67GrfYHgtMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDHNwLnN3YW1pZC5zZTAeFw0wOTA2MTYxMTA3NTRaFw0xOTA2MTQxMTA3NTRa
+MBcxFTATBgNVBAMTDHNwLnN3YW1pZC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAOVNkKXqQZrXXNCk7nE7JTsqyjuwbshkafxDCI7XN6HSaRcnR+OY
+swVYkSvGXfMr4XQLzAGyIOfYDcHwOqZina11Zf8sOdD5t6mygGKza+LzbGZN9d4y
+SosskTH1NiCVBCTdJVpfwU2+K87DKrT9xtuRf7TMDDKA3gjPtN+/IxT6hw2+oZZi
+UgQgJoGN68WO9C4c/WMfcFf7hgC7fSt4fji9MFNpJoOw9MsuaRgYEVkCaHubLj46
+Ya3NbyY48zzAuc4ix8hoLJ9dP+nUCyGKtkY81HprKGtuiu8kYSo+pC20nv1Qr8xP
+FhSU14YvXPUIVOGfX9zsGVLOQKpkb4Z4AkUCAwEAAaNbMFkwOAYDVR0RBDEwL4IM
+c3Auc3dhbWlkLnNlhh9odHRwczovL3NwLnN3YW1pZC5zZS9zaGliYm9sZXRoMB0G
+A1UdDgQWBBTpV1dUBMfW7y2/Rjo17VSql2/AijANBgkqhkiG9w0BAQUFAAOCAQEA
+SsYAA5tq6JjKqI5u2gvZfhM5S6ZKgrvciayGoezdTI6FfvpS3kWtCTZlu+CGDYIW
+VBpMtgQ84HpTrGbr3X1w25mspK+hsXi3K7SKqdfMdc0JynwNPrlL4GgmTuR/fgoo
+tuE0Wnbi7xdxpQ1qd0SFzw4gFWp1wC1+FsGtB9HLksSskgnNxniG9Z9+9WxgU6hD
+fJbH6eFgMDUPe2FpKiJ7LXqgiJWJRuK4zgFyGIZ5OFstLpkT/cXa8qNhtsbp2BPO
+jxcbsxoUpA7Qgl/OFu7gzxLkLrl4iRSwk8MTj2bjVBvqvisLJAmuiYDBd9iZvqXB
+IznEEJKY8IltpfdkKGE20g==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>https://sp.swamid.se/shibboleth</ds:KeyName>
+ <ds:KeyName>sp.swamid.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sp.swamid.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDDCCAfSgAwIBAgIJAKP67GrfYHgtMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDHNwLnN3YW1pZC5zZTAeFw0wOTA2MTYxMTA3NTRaFw0xOTA2MTQxMTA3NTRa
+MBcxFTATBgNVBAMTDHNwLnN3YW1pZC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAOVNkKXqQZrXXNCk7nE7JTsqyjuwbshkafxDCI7XN6HSaRcnR+OY
+swVYkSvGXfMr4XQLzAGyIOfYDcHwOqZina11Zf8sOdD5t6mygGKza+LzbGZN9d4y
+SosskTH1NiCVBCTdJVpfwU2+K87DKrT9xtuRf7TMDDKA3gjPtN+/IxT6hw2+oZZi
+UgQgJoGN68WO9C4c/WMfcFf7hgC7fSt4fji9MFNpJoOw9MsuaRgYEVkCaHubLj46
+Ya3NbyY48zzAuc4ix8hoLJ9dP+nUCyGKtkY81HprKGtuiu8kYSo+pC20nv1Qr8xP
+FhSU14YvXPUIVOGfX9zsGVLOQKpkb4Z4AkUCAwEAAaNbMFkwOAYDVR0RBDEwL4IM
+c3Auc3dhbWlkLnNlhh9odHRwczovL3NwLnN3YW1pZC5zZS9zaGliYm9sZXRoMB0G
+A1UdDgQWBBTpV1dUBMfW7y2/Rjo17VSql2/AijANBgkqhkiG9w0BAQUFAAOCAQEA
+SsYAA5tq6JjKqI5u2gvZfhM5S6ZKgrvciayGoezdTI6FfvpS3kWtCTZlu+CGDYIW
+VBpMtgQ84HpTrGbr3X1w25mspK+hsXi3K7SKqdfMdc0JynwNPrlL4GgmTuR/fgoo
+tuE0Wnbi7xdxpQ1qd0SFzw4gFWp1wC1+FsGtB9HLksSskgnNxniG9Z9+9WxgU6hD
+fJbH6eFgMDUPe2FpKiJ7LXqgiJWJRuK4zgFyGIZ5OFstLpkT/cXa8qNhtsbp2BPO
+jxcbsxoUpA7Qgl/OFu7gzxLkLrl4iRSwk8MTj2bjVBvqvisLJAmuiYDBd9iZvqXB
+IznEEJKY8IltpfdkKGE20g==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.swamid.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.swamid.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.swamid.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.swamid.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.swamid.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.swamid.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.swamid.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.swamid.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.swamid.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.swamid.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.swamid.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="en">SWAMID Test SP</md:ServiceName>
+ <md:ServiceDescription xml:lang="en">SWAMID Test SP</md:ServiceDescription>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:0.9.2342.19200300.100.1.3"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.42"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.4"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://connect.sunet.se/shibboleth" xml:base="swamid-1.0/connect.sunet.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.sunet.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.sunet.se/Shibboleth.sso/DS/ds.sunet.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.sunet.se/Shibboleth.sso/DS/kalmar2" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>connect01.acp.sunet.se</ds:KeyName>
+ <ds:KeyName>https://connect.sunet.se/shibboleth</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=connect01.acp.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDLjCCAhagAwIBAgIJALJTE8wpfDmAMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNV
+BAMTFmNvbm5lY3QwMS5hY3Auc3VuZXQuc2UwHhcNMDkwOTAyMTIwNTIwWhcNMTkw
+ODMxMTIwNTIwWjAhMR8wHQYDVQQDExZjb25uZWN0MDEuYWNwLnN1bmV0LnNlMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaNMBLHGgzRrAHLQDUiM+xu6
+ghKwdRqBcg171qVDeA4wSoVJLVeAY2xWKjudYzXtcwqL7qkDcHD3wOd0FLQSFfxE
+o67z4chBMNrkK9b9NgdHWp/Nb8gsdYNZt2ZjJVOD/oWTFXRHZDJhqkXFvVjL1gKu
+E3a2vDK6LRqYCLx5cyFleuRoqBvMrDxKLHvmqxo+Qt2e+ntL1sDVyKeMxgZc2s0/
+xGYFFzSVDT08XrWlgpN0AmxhfC0ULDb8YzQiJxsdeZ3C57RnC0InabCCvzPQsy9t
+c1VU/TNXkkXQn3H5aC+LUu8olnYndtFac56k/OaAUPe15/1MQVXvL8vbGG6JkQID
+AQABo2kwZzBGBgNVHREEPzA9ghZjb25uZWN0MDEuYWNwLnN1bmV0LnNlhiNodHRw
+czovL2Nvbm5lY3Quc3VuZXQuc2Uvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUxPAGA++l
+tPOMkUezKJJrwSNAz/0wDQYJKoZIhvcNAQEFBQADggEBADJJgcI6VADyB8749iGB
+UbK97Zav6/YoX3jMH21tpO0+iZyPlfCxlDmNIBSSrHmNIs7g8sBSi+z8ko2IaSKS
+Ya0fI0N+cvBoi+3Wfszq0LpUSu/5pMWiw3DacOCNesR76h+FKD/UPgUL+LDw7ebz
+K3aeVvtsIjPijrcCaUKrZg5dv/5CRx/oQLbV20L3xk5UTTO/RNrR1gef37yEowDd
+d8hQaQgw5uujjjdkr/6u03kjO6rEZAySsiBPGcpBDXAbk4lnJVQltP0MBE4pu+es
+0oZu+lC7LltiBjJxdh/7SaqdLbn7G7cApwQKqXHVFITX9ncVMM04FtM9MzMc9d4y
+bUs=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>connect01.acp.sunet.se</ds:KeyName>
+ <ds:KeyName>https://connect.sunet.se/shibboleth</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=connect01.acp.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDLjCCAhagAwIBAgIJALJTE8wpfDmAMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNV
+BAMTFmNvbm5lY3QwMS5hY3Auc3VuZXQuc2UwHhcNMDkwOTAyMTIwNTIwWhcNMTkw
+ODMxMTIwNTIwWjAhMR8wHQYDVQQDExZjb25uZWN0MDEuYWNwLnN1bmV0LnNlMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaNMBLHGgzRrAHLQDUiM+xu6
+ghKwdRqBcg171qVDeA4wSoVJLVeAY2xWKjudYzXtcwqL7qkDcHD3wOd0FLQSFfxE
+o67z4chBMNrkK9b9NgdHWp/Nb8gsdYNZt2ZjJVOD/oWTFXRHZDJhqkXFvVjL1gKu
+E3a2vDK6LRqYCLx5cyFleuRoqBvMrDxKLHvmqxo+Qt2e+ntL1sDVyKeMxgZc2s0/
+xGYFFzSVDT08XrWlgpN0AmxhfC0ULDb8YzQiJxsdeZ3C57RnC0InabCCvzPQsy9t
+c1VU/TNXkkXQn3H5aC+LUu8olnYndtFac56k/OaAUPe15/1MQVXvL8vbGG6JkQID
+AQABo2kwZzBGBgNVHREEPzA9ghZjb25uZWN0MDEuYWNwLnN1bmV0LnNlhiNodHRw
+czovL2Nvbm5lY3Quc3VuZXQuc2Uvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUxPAGA++l
+tPOMkUezKJJrwSNAz/0wDQYJKoZIhvcNAQEFBQADggEBADJJgcI6VADyB8749iGB
+UbK97Zav6/YoX3jMH21tpO0+iZyPlfCxlDmNIBSSrHmNIs7g8sBSi+z8ko2IaSKS
+Ya0fI0N+cvBoi+3Wfszq0LpUSu/5pMWiw3DacOCNesR76h+FKD/UPgUL+LDw7ebz
+K3aeVvtsIjPijrcCaUKrZg5dv/5CRx/oQLbV20L3xk5UTTO/RNrR1gef37yEowDd
+d8hQaQgw5uujjjdkr/6u03kjO6rEZAySsiBPGcpBDXAbk4lnJVQltP0MBE4pu+es
+0oZu+lC7LltiBjJxdh/7SaqdLbn7G7cApwQKqXHVFITX9ncVMM04FtM9MzMc9d4y
+bUs=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.sunet.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.sunet.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect.sunet.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.sunet.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.sunet.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://connect.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://connect.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://connect.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://connect.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="en">SUNET E-Meeting Service</md:ServiceName>
+ <md:ServiceDescription xml:lang="en">SUNET E-Meeting Service (Adobe Connect Pro)</md:ServiceDescription>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:0.9.2342.19200300.100.1.3"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.42"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.4"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://connect-test.sunet.se/shibboleth" xml:base="swamid-1.0/connect-test.sunet.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>acp-web.sunet.se</ds:KeyName>
+ <ds:KeyName>https://acp-web.sunet.se/shibboleth</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=acp-web.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDHDCCAgSgAwIBAgIJAKkN4aqE4O7tMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEGFjcC13ZWIuc3VuZXQuc2UwHhcNMDkwNjE3MTAwNTA1WhcNMTkwNjE1MTAw
+NTA1WjAbMRkwFwYDVQQDExBhY3Atd2ViLnN1bmV0LnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA3iWXh1+ub5i8ZOypk7syIpndivWpp4jbcMYpmiEX
+q9Jym97j7x9WXc0vNrmKkccoUcWU1FgoiiXso6vhdgzKkqrcBIzc/YJpphN5K3tt
+pVabdgV9TG6PJ0Q6k07bvZew9yEhpXDE3gfKLOFAKeSUILHGc2FBU32EuBqVt/sn
+zBleOEBb3tiIB9/YCZS2A6wtnvzGY1mUX27Vyv2SH6Bx/GlmWuTJRrv01avrldfv
+3CiFrCeeAfLfnljfy4WbpszzlqBQvaZFBaBRtg1AgmFNkryTCm5yO2BrM3NyurN/
+K/Uc/YBZ8thxQPSEeUVWHCStXTQGLREYwJKZMfp4yFhzeQIDAQABo2MwYTBABgNV
+HREEOTA3ghBhY3Atd2ViLnN1bmV0LnNlhiNodHRwczovL2FjcC13ZWIuc3VuZXQu
+c2Uvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUmtnePgSQNSvDZIox3d5mG/+AJb8wDQYJ
+KoZIhvcNAQEFBQADggEBAIaEDBm1eN9o7j0cQBQQNMh1FJFX2h1EklGj4YgXbqjj
+By3duIzXVAut+z4VtCTGx2CjQ1YcmSqWvx7+XFY0xEnmuAMUw8rdp0OR2Sk0iU4/
+BZt5125JOtJRRVJIDz4n9jbf6NNUsP4+HA0ukqyHDrTD0+30IV48MaWxR7HdPpyE
+bCMK0FZIQYm6d3zSgZW6ofsx24AonFZBtJBCQZxdInvqg2eYemOUh37vEBxbjWqE
+51pFWLbVUit84wy8eG3E28OPa64gc/VNk1XEj1ILLzXFV59XuZG2jzjB9xCyPmHW
+iMkYL+yQK1JqNXDJwr+eW3+iWptUXnyRCnGBrYMAvqw=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>acp-web.sunet.se</ds:KeyName>
+ <ds:KeyName>https://acp-web.sunet.se/shibboleth</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=acp-web.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDHDCCAgSgAwIBAgIJAKkN4aqE4O7tMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEGFjcC13ZWIuc3VuZXQuc2UwHhcNMDkwNjE3MTAwNTA1WhcNMTkwNjE1MTAw
+NTA1WjAbMRkwFwYDVQQDExBhY3Atd2ViLnN1bmV0LnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA3iWXh1+ub5i8ZOypk7syIpndivWpp4jbcMYpmiEX
+q9Jym97j7x9WXc0vNrmKkccoUcWU1FgoiiXso6vhdgzKkqrcBIzc/YJpphN5K3tt
+pVabdgV9TG6PJ0Q6k07bvZew9yEhpXDE3gfKLOFAKeSUILHGc2FBU32EuBqVt/sn
+zBleOEBb3tiIB9/YCZS2A6wtnvzGY1mUX27Vyv2SH6Bx/GlmWuTJRrv01avrldfv
+3CiFrCeeAfLfnljfy4WbpszzlqBQvaZFBaBRtg1AgmFNkryTCm5yO2BrM3NyurN/
+K/Uc/YBZ8thxQPSEeUVWHCStXTQGLREYwJKZMfp4yFhzeQIDAQABo2MwYTBABgNV
+HREEOTA3ghBhY3Atd2ViLnN1bmV0LnNlhiNodHRwczovL2FjcC13ZWIuc3VuZXQu
+c2Uvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUmtnePgSQNSvDZIox3d5mG/+AJb8wDQYJ
+KoZIhvcNAQEFBQADggEBAIaEDBm1eN9o7j0cQBQQNMh1FJFX2h1EklGj4YgXbqjj
+By3duIzXVAut+z4VtCTGx2CjQ1YcmSqWvx7+XFY0xEnmuAMUw8rdp0OR2Sk0iU4/
+BZt5125JOtJRRVJIDz4n9jbf6NNUsP4+HA0ukqyHDrTD0+30IV48MaWxR7HdPpyE
+bCMK0FZIQYm6d3zSgZW6ofsx24AonFZBtJBCQZxdInvqg2eYemOUh37vEBxbjWqE
+51pFWLbVUit84wy8eG3E28OPa64gc/VNk1XEj1ILLzXFV59XuZG2jzjB9xCyPmHW
+iMkYL+yQK1JqNXDJwr+eW3+iWptUXnyRCnGBrYMAvqw=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect-test.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect-test.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect-test.sunet.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect-test.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect-test.sunet.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect-test.sunet.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect-test.sunet.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect-test.sunet.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect-test.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://connect-test.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect-test.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://connect-test.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://connect-test.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://connect-test.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://login.liu.se/idp/shibboleth" xml:base="swamid-1.0/login.liu.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">liu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUUGevf/6+3wexHl4UyWmMfjha+8owDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMbG9naW4ubGl1LnNlMB4XDTA5MDYyNTA2Mjg1NloXDTI5
+MDYyNTA2Mjg1NlowFzEVMBMGA1UEAxMMbG9naW4ubGl1LnNlMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdGaEeZYE4lLbCTP3I/7SWH2dI4RfbVp0bPH
+X3TSDGUAJMf8lVwignl37pypkj1it/Ea1oOs1QAUUJF2s7eDKbbsQZ6IMEZHUCG9
+2yBt6cAA7HH8XyhyQodkTZd6JhY/HJY1oAiKXar7JSnxnVdg6365Z4rP+W4UHcHM
+ePgj6SqR0eW6qXmEIx9a/cyJ+s/R5cUiTrNDL9c0FH/watGYgesLxCxSSgijW7L1
+Cobl5Y5+Wr8i3sPPNVVtHXsp1aRI4G4YWW2qsoPF94s9f+LguJ+vHMT2URqplOZ3
+g41V7NFMqSw8f7n32BKl7ekAVBfhAwMuiKSENCuJ1vWHsXS7wwIDAQABo18wXTA8
+BgNVHREENTAzggxsb2dpbi5saXUuc2WGI2h0dHBzOi8vbG9naW4ubGl1LnNlL2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBSouPd/n3U2de/t4ArJMSZcZGlsrjANBgkq
+hkiG9w0BAQUFAAOCAQEAdupL+cmtm9wOczmRze5JGpSkrEnJLWOABVH71QGhRPd3
+bEA93XLjwiO9NPuFyLrb03IUrcgdlgkxnCoq2dla2IQBI6ky+VSuc4lCsdanI+XB
+t2SymRPiqJ60K04Rm4TYOZHsDVHPO3dE3f4mjbhx/irlPmDIM+eB88SbT1nPRQfv
+G2bsafC6oxZjtT5CDJP30lUpieKkmIneVjTmYHBLQmWvl0G5o5j5OLtVj1xhfz9r
+zB2373DVTdsTnFIbFLDF8bGXt1jhxNOT5cxviUYKI+L1VLwKRjWlFd2tUMMKKz/I
+dE1S/LL5o/3BCZXOh9Fuvm6ND4e+jSkCizMQNgm4iw==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.liu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.liu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.liu.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.liu.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://login.liu.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.liu.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">liu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUUGevf/6+3wexHl4UyWmMfjha+8owDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMbG9naW4ubGl1LnNlMB4XDTA5MDYyNTA2Mjg1NloXDTI5
+MDYyNTA2Mjg1NlowFzEVMBMGA1UEAxMMbG9naW4ubGl1LnNlMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkdGaEeZYE4lLbCTP3I/7SWH2dI4RfbVp0bPH
+X3TSDGUAJMf8lVwignl37pypkj1it/Ea1oOs1QAUUJF2s7eDKbbsQZ6IMEZHUCG9
+2yBt6cAA7HH8XyhyQodkTZd6JhY/HJY1oAiKXar7JSnxnVdg6365Z4rP+W4UHcHM
+ePgj6SqR0eW6qXmEIx9a/cyJ+s/R5cUiTrNDL9c0FH/watGYgesLxCxSSgijW7L1
+Cobl5Y5+Wr8i3sPPNVVtHXsp1aRI4G4YWW2qsoPF94s9f+LguJ+vHMT2URqplOZ3
+g41V7NFMqSw8f7n32BKl7ekAVBfhAwMuiKSENCuJ1vWHsXS7wwIDAQABo18wXTA8
+BgNVHREENTAzggxsb2dpbi5saXUuc2WGI2h0dHBzOi8vbG9naW4ubGl1LnNlL2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBSouPd/n3U2de/t4ArJMSZcZGlsrjANBgkq
+hkiG9w0BAQUFAAOCAQEAdupL+cmtm9wOczmRze5JGpSkrEnJLWOABVH71QGhRPd3
+bEA93XLjwiO9NPuFyLrb03IUrcgdlgkxnCoq2dla2IQBI6ky+VSuc4lCsdanI+XB
+t2SymRPiqJ60K04Rm4TYOZHsDVHPO3dE3f4mjbhx/irlPmDIM+eB88SbT1nPRQfv
+G2bsafC6oxZjtT5CDJP30lUpieKkmIneVjTmYHBLQmWvl0G5o5j5OLtVj1xhfz9r
+zB2373DVTdsTnFIbFLDF8bGXt1jhxNOT5cxviUYKI+L1VLwKRjWlFd2tUMMKKz/I
+dE1S/LL5o/3BCZXOh9Fuvm6ND4e+jSkCizMQNgm4iw==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.liu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.liu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">LiU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Linköping University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.liu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Linköping University</Company>
+ <GivenName>Markus</GivenName>
+ <SurName>Olausson</SurName>
+ <EmailAddress>markus.olausson@liu.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://converis.info/shibboleth" xml:base="swamid-1.0/converis.info.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>converis.info</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=converis@avedas.com,CN=converis.info,O=Avedas AG,L=Kar,ST=Bad,C=DE</ds:X509SubjectName>
+ <ds:X509Certificate>MIICaTCCAdICCQCLAbSDwUzlcTANBgkqhkiG9w0BAQUFADB5MQswCQYDVQQGEwJE
+RTEMMAoGA1UECBMDQmFkMQwwCgYDVQQHEwNLYXIxEjAQBgNVBAoTCUF2ZWRhcyBB
+RzEWMBQGA1UEAxMNY29udmVyaXMuaW5mbzEiMCAGCSqGSIb3DQEJARYTY29udmVy
+aXNAYXZlZGFzLmNvbTAeFw0wOTA2MzAxMzI3MzlaFw0xMDA2MzAxMzI3MzlaMHkx
+CzAJBgNVBAYTAkRFMQwwCgYDVQQIEwNCYWQxDDAKBgNVBAcTA0thcjESMBAGA1UE
+ChMJQXZlZGFzIEFHMRYwFAYDVQQDEw1jb252ZXJpcy5pbmZvMSIwIAYJKoZIhvcN
+AQkBFhNjb252ZXJpc0BhdmVkYXMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQC0AXsGnmd4Ue0YGctAeKBjrRxENIszZj2NjzEZ5hjGXwsvgHExBYejynR4
+x0YRlF7kVg+hkZ5jIK+t3iIDLmUkRBlMZSbkQ0EYUBHvLXECtxggRZFoFEMssB20
+Dm4F2I0bK51/ip6KZpltX81Zo44RpRjconBMc0FUZwjNYM2JUwIDAQABMA0GCSqG
+SIb3DQEBBQUAA4GBAIs+aQEHMnmVo8jm8NpzVYpPCN3/27F5IGtS0xgduAttJnYX
+lXi4upRjGaljdEqtTicQzpuZVZTnyik5KscVuSU4rtI5u1b7ybf6oL1xKiqkN7m1
+u7Xr9dYOqLXYBTCx/0NY5C+RF+dq2CYmY8fL/TILzmVGaZhXKzEYKIAPiKv3
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>converis.info</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=converis@avedas.com,CN=converis.info,O=Avedas AG,L=Kar,ST=Bad,C=DE</ds:X509SubjectName>
+ <ds:X509Certificate>MIICaTCCAdICCQCLAbSDwUzlcTANBgkqhkiG9w0BAQUFADB5MQswCQYDVQQGEwJE
+RTEMMAoGA1UECBMDQmFkMQwwCgYDVQQHEwNLYXIxEjAQBgNVBAoTCUF2ZWRhcyBB
+RzEWMBQGA1UEAxMNY29udmVyaXMuaW5mbzEiMCAGCSqGSIb3DQEJARYTY29udmVy
+aXNAYXZlZGFzLmNvbTAeFw0wOTA2MzAxMzI3MzlaFw0xMDA2MzAxMzI3MzlaMHkx
+CzAJBgNVBAYTAkRFMQwwCgYDVQQIEwNCYWQxDDAKBgNVBAcTA0thcjESMBAGA1UE
+ChMJQXZlZGFzIEFHMRYwFAYDVQQDEw1jb252ZXJpcy5pbmZvMSIwIAYJKoZIhvcN
+AQkBFhNjb252ZXJpc0BhdmVkYXMuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQC0AXsGnmd4Ue0YGctAeKBjrRxENIszZj2NjzEZ5hjGXwsvgHExBYejynR4
+x0YRlF7kVg+hkZ5jIK+t3iIDLmUkRBlMZSbkQ0EYUBHvLXECtxggRZFoFEMssB20
+Dm4F2I0bK51/ip6KZpltX81Zo44RpRjconBMc0FUZwjNYM2JUwIDAQABMA0GCSqG
+SIb3DQEBBQUAA4GBAIs+aQEHMnmVo8jm8NpzVYpPCN3/27F5IGtS0xgduAttJnYX
+lXi4upRjGaljdEqtTicQzpuZVZTnyik5KscVuSU4rtI5u1b7ybf6oL1xKiqkN7m1
+u7Xr9dYOqLXYBTCx/0NY5C+RF+dq2CYmY8fL/TILzmVGaZhXKzEYKIAPiKv3
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://converis.info/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://converis.info/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://converis.info/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://converis.info/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://converis.info/Shibboleth.sso/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://converis.info/Shibboleth.sso/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://converis.info/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://converis.info/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://converis.info/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://converis.info/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://converis.info/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://converis.info/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://converis.info/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://converis.info/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://samlidp.ki.se/idp/shibboleth" xml:base="swamid-1.0/samlidp.ki.se.xml">
+
+ <md:IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <md:Extensions>
+ <shibmd:Scope regexp="false">ki.se</shibmd:Scope>
+ </md:Extensions>
+
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVAJRIfZUHqE36X1wo3nmAK7/a0GBrMA0GCSqGSIb3DQEB
+BQUAMBgxFjAUBgNVBAMTDXNhbWxpZHAua2kuc2UwHhcNMDkwNzE1MDkxNjEwWhcN
+MjkwNzE1MDkxNjEwWjAYMRYwFAYDVQQDEw1zYW1saWRwLmtpLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndLAX/sAb7KLdWo9SO4Xh3+TvCNZ/IoJ
+Cbzn68TtEYJ80JJI0HedJRb0b7BvpZuBGFzml7TRVbRNmiXIKNpabhiVzDUKfRoJ
+wloFtyI5k3EvunGwxE9kvkTbMRutsclF1eCYAOGLxH8kyBbvAU9S3ouxJ+1BxeSi
+g2OM1dtUXVHKOAesJ+OaLc76HsrBaeLEEJlquDM5BUR9vIlqVswK9rqcJGkXVoyP
+vbTwj1y2GAwIuXo2JnJ5YQYiPHxBl4T/+jLasDC5bpxTd5G/z16tYuhtafy5hYr+
+elqBJUnANL+W1fYzlC9uzRtTYHqBT6VjrK0gji8toaiVr0oSeh6pxQIDAQABo2Ew
+XzA+BgNVHREENzA1gg1zYW1saWRwLmtpLnNlhiRodHRwczovL3NhbWxpZHAua2ku
+c2UvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFC0rBm/3TPyAM04dzkXTF/iDFeHL
+MA0GCSqGSIb3DQEBBQUAA4IBAQCVEBymTnCX9oJtcbzKBE91s84dvllXnVVYxoZe
+foKBs+1z/9vNV2YC+3jS6G2Ws5NH7MNx8uhHHNcEzpoqol8fkrhtKRr1rmEjrZHj
+hJ1+DLCDLV6/rvh9/Qw1OoozKGbERMczImkB65LddYJn/HqkJNbOio2nQe1yFuxD
+e2uMNb5IldFcRQ2O1p2slZhmR8h25g64mB9xzLso7+Y+zLoGYuIild2zlQ6QOcAP
+ZHbViHEq6MAKR86+yiVaEalpQOsUOILf21GWsZiTjT70uAMx84RzjVMS0LhgxJu5
+KgetXg7iTjcWRVve8lVZNG2foRZdbmOXow95IEKdfewtfiYR
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://samlidp.ki.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://samlidp.ki.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <md:NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+
+ <md:SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://samlidp.ki.se/idp/profile/Shibboleth/SSO"/>
+
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://samlidp.ki.se/idp/profile/SAML2/POST/SSO"/>
+
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://samlidp.ki.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://samlidp.ki.se/idp/profile/SAML2/Redirect/SSO"/>
+ </md:IDPSSODescriptor>
+
+ <md:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <md:Extensions>
+ <shibmd:Scope regexp="false">ki.se</shibmd:Scope>
+ </md:Extensions>
+
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDIDCCAgigAwIBAgIVAJRIfZUHqE36X1wo3nmAK7/a0GBrMA0GCSqGSIb3DQEB
+BQUAMBgxFjAUBgNVBAMTDXNhbWxpZHAua2kuc2UwHhcNMDkwNzE1MDkxNjEwWhcN
+MjkwNzE1MDkxNjEwWjAYMRYwFAYDVQQDEw1zYW1saWRwLmtpLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAndLAX/sAb7KLdWo9SO4Xh3+TvCNZ/IoJ
+Cbzn68TtEYJ80JJI0HedJRb0b7BvpZuBGFzml7TRVbRNmiXIKNpabhiVzDUKfRoJ
+wloFtyI5k3EvunGwxE9kvkTbMRutsclF1eCYAOGLxH8kyBbvAU9S3ouxJ+1BxeSi
+g2OM1dtUXVHKOAesJ+OaLc76HsrBaeLEEJlquDM5BUR9vIlqVswK9rqcJGkXVoyP
+vbTwj1y2GAwIuXo2JnJ5YQYiPHxBl4T/+jLasDC5bpxTd5G/z16tYuhtafy5hYr+
+elqBJUnANL+W1fYzlC9uzRtTYHqBT6VjrK0gji8toaiVr0oSeh6pxQIDAQABo2Ew
+XzA+BgNVHREENzA1gg1zYW1saWRwLmtpLnNlhiRodHRwczovL3NhbWxpZHAua2ku
+c2UvaWRwL3NoaWJib2xldGgwHQYDVR0OBBYEFC0rBm/3TPyAM04dzkXTF/iDFeHL
+MA0GCSqGSIb3DQEBBQUAA4IBAQCVEBymTnCX9oJtcbzKBE91s84dvllXnVVYxoZe
+foKBs+1z/9vNV2YC+3jS6G2Ws5NH7MNx8uhHHNcEzpoqol8fkrhtKRr1rmEjrZHj
+hJ1+DLCDLV6/rvh9/Qw1OoozKGbERMczImkB65LddYJn/HqkJNbOio2nQe1yFuxD
+e2uMNb5IldFcRQ2O1p2slZhmR8h25g64mB9xzLso7+Y+zLoGYuIild2zlQ6QOcAP
+ZHbViHEq6MAKR86+yiVaEalpQOsUOILf21GWsZiTjT70uAMx84RzjVMS0LhgxJu5
+KgetXg7iTjcWRVve8lVZNG2foRZdbmOXow95IEKdfewtfiYR
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+
+ <md:AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://samlidp.ki.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <md:AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://samlidp.ki.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <md:NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+
+ </md:AttributeAuthorityDescriptor>
+
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">KIOLD</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Karolinska Institutet (TEST)</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">http://www.ki.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:Company>Karolinska Institutet</md:Company>
+ <md:EmailAddress>it-support@ki.se</md:EmailAddress>
+ </md:ContactPerson>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://sp.wavelan.su.se/Shibboleth.sso" xml:base="swamid-1.0/sp.wavelan.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.wavelan.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.wavelan.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>wavelan-prod-sp1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=wavelan-prod-sp1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIJANU7a0lt6+5VMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
+BAMTGXdhdmVsYW4tcHJvZC1zcDEuaXQuc3Uuc2UwHhcNMDkwNzI4MTA0MzA0WhcN
+MTkwNzI2MTA0MzA0WjAkMSIwIAYDVQQDExl3YXZlbGFuLXByb2Qtc3AxLml0LnN1
+LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TYTIfV7kI7g+TIi
+x6tXtusozDHOK4sXm2StU3soSFb+WbQAyVsqDV1oqGmMUEULyPYwwo7MiXhZinii
+pMxuhiUbjc414efx5Il+etQekzkGFWnEPMCaDKt0oRKd+IgIJsS2InqvCmIKr2e9
+Hn0/z36E7enobEJFundduLIrHnAgLvbVZBekLI00293v96JHUjYshhy0i1uCtAuh
+oa+QzzbVSjZNOpIoeGMno/h4+QilRquoLuYWPjVT0Jujqrb+nN4CsebV4hAwwFun
+P1J+fVXI+JSs/H1QJqe+2fIGIZCDsUBR3xHVp7FQ9y+4b/5k9LQ8wJgamcbToC64
+8JJ3pwIDAQABo0cwRTAkBgNVHREEHTAbghl3YXZlbGFuLXByb2Qtc3AxLml0LnN1
+LnNlMB0GA1UdDgQWBBQOxqZr1tIfKe06aYoCDaMLu/t43zANBgkqhkiG9w0BAQUF
+AAOCAQEAaWCjso7/vVsDu4c6xbxKB0DoRwhGqTRC70SXC76n60CwmJNJdBP2QqZN
+B8XukYsJGr/Dkr/jO4qqVc1xi9Qfksyft6LpKdWm3mSPNL5m5i5snlukyFnYvz6m
+oaYb5vSBRyoHuz/nN979Qm6XFx+rl7sjOUhIklTLJkM0ghJRrOa137GEGdwYKmCH
+mVBY3XZTlatsogAojbHN8656Mps1cH+FzZhTYMTA+1ta4TT9Q4mTD5W/xM2k4Ldy
+xjQvMgNsCbY2jk0mgupDVYcZwa82ODKdbAMC6dFlGGHn7I8+IW05jVRrLtfR7lt7
+m/XvKye561mB0W1mWHdByCY8Q2jIWQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>wavelan-prod-sp1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=wavelan-prod-sp1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIJANU7a0lt6+5VMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
+BAMTGXdhdmVsYW4tcHJvZC1zcDEuaXQuc3Uuc2UwHhcNMDkwNzI4MTA0MzA0WhcN
+MTkwNzI2MTA0MzA0WjAkMSIwIAYDVQQDExl3YXZlbGFuLXByb2Qtc3AxLml0LnN1
+LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7TYTIfV7kI7g+TIi
+x6tXtusozDHOK4sXm2StU3soSFb+WbQAyVsqDV1oqGmMUEULyPYwwo7MiXhZinii
+pMxuhiUbjc414efx5Il+etQekzkGFWnEPMCaDKt0oRKd+IgIJsS2InqvCmIKr2e9
+Hn0/z36E7enobEJFundduLIrHnAgLvbVZBekLI00293v96JHUjYshhy0i1uCtAuh
+oa+QzzbVSjZNOpIoeGMno/h4+QilRquoLuYWPjVT0Jujqrb+nN4CsebV4hAwwFun
+P1J+fVXI+JSs/H1QJqe+2fIGIZCDsUBR3xHVp7FQ9y+4b/5k9LQ8wJgamcbToC64
+8JJ3pwIDAQABo0cwRTAkBgNVHREEHTAbghl3YXZlbGFuLXByb2Qtc3AxLml0LnN1
+LnNlMB0GA1UdDgQWBBQOxqZr1tIfKe06aYoCDaMLu/t43zANBgkqhkiG9w0BAQUF
+AAOCAQEAaWCjso7/vVsDu4c6xbxKB0DoRwhGqTRC70SXC76n60CwmJNJdBP2QqZN
+B8XukYsJGr/Dkr/jO4qqVc1xi9Qfksyft6LpKdWm3mSPNL5m5i5snlukyFnYvz6m
+oaYb5vSBRyoHuz/nN979Qm6XFx+rl7sjOUhIklTLJkM0ghJRrOa137GEGdwYKmCH
+mVBY3XZTlatsogAojbHN8656Mps1cH+FzZhTYMTA+1ta4TT9Q4mTD5W/xM2k4Ldy
+xjQvMgNsCbY2jk0mgupDVYcZwa82ODKdbAMC6dFlGGHn7I8+IW05jVRrLtfR7lt7
+m/XvKye561mB0W1mWHdByCY8Q2jIWQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.wavelan.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.wavelan.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.wavelan.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.wavelan.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.wavelan.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.wavelan.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.wavelan.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.wavelan.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.wavelan.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.wavelan.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.wavelan.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.wavelan.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.wavelan.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.wavelan.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://samadhi.kib.ki.se/shibboleth" xml:base="swamid-1.0/samadhi.kib.ki.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>samadhi</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=samadhi</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=samadhi</ds:X509IssuerName>
+ <ds:X509SerialNumber>14803890058471736656</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC3DCCAcSgAwIBAgIJAM1x+5LlJQVQMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
+BAMTB3NhbWFkaGkwHhcNMDkwODE0MTEzMzM4WhcNMTkwODEyMTEzMzM4WjASMRAw
+DgYDVQQDEwdzYW1hZGhpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+wBagrMP26PtYqxBexJdsMdyDYCT74qvR5wLeW1znJTS9I1eK8ghXZ0Wy+uGunUU7
+ePkQPDySt3dNOW6hOx9o8Z+/JqwSARj07glBpkN2psiza+7BQP/+l/4iBixGlDea
+wb59dC25cUA5k+YAV1fx6uwufQ/65iRKYilRVxzzSmorrrUuzbKA/Dh6MNCWDkU2
+ppxJ/FS0IiR88rj2ZHZbz2wb1ATLnkevD4mUuRY39P9yxb63bTeCG7GboHrVBmNt
+rrlskaeeIYNHIkiWqbPrW/IMCgMFim7r7fiYebTvhw037UtTFDnwI8DDmcfpvbff
+2hztelbzoERAkXardDqx5QIDAQABozUwMzASBgNVHREECzAJggdzYW1hZGhpMB0G
+A1UdDgQWBBTIRU/xxcULxzxNef3jHDp1W2Br7jANBgkqhkiG9w0BAQUFAAOCAQEA
+DsNpDbtB/fhZIlNN11erKFH1VKgZIsLBu86uEYwi3sqK9+DNk40sdG1U0INY21g5
+sTG/vlt6qyuLcB9C5BA+8Ms3T01vcWg+//4KM4OZuLM/0ylSDxhVCHwJU5erI9Bt
+JSqVQ12JHctvIqdIQm0JRR6CCXVdm6Wjy5vVQZEoIanxcyjd0AUF458M7arGk1RB
+pvLrKdwx16cOS9mkuq5Jg0Oj2yiUjx1WRzNzqAVQXpBb0ZZz0oKGiOqa0AgyfVKs
+aNy8twh152lw5iqjY7qxb9QDhtJpzlPnQk2CmHJbQUXrCK8cLSWSDsiCcaQVicb+
+15HeV+PRFYV9dngg8gm2vg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>samadhi</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=samadhi</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=samadhi</ds:X509IssuerName>
+ <ds:X509SerialNumber>14803890058471736656</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC3DCCAcSgAwIBAgIJAM1x+5LlJQVQMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
+BAMTB3NhbWFkaGkwHhcNMDkwODE0MTEzMzM4WhcNMTkwODEyMTEzMzM4WjASMRAw
+DgYDVQQDEwdzYW1hZGhpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+wBagrMP26PtYqxBexJdsMdyDYCT74qvR5wLeW1znJTS9I1eK8ghXZ0Wy+uGunUU7
+ePkQPDySt3dNOW6hOx9o8Z+/JqwSARj07glBpkN2psiza+7BQP/+l/4iBixGlDea
+wb59dC25cUA5k+YAV1fx6uwufQ/65iRKYilRVxzzSmorrrUuzbKA/Dh6MNCWDkU2
+ppxJ/FS0IiR88rj2ZHZbz2wb1ATLnkevD4mUuRY39P9yxb63bTeCG7GboHrVBmNt
+rrlskaeeIYNHIkiWqbPrW/IMCgMFim7r7fiYebTvhw037UtTFDnwI8DDmcfpvbff
+2hztelbzoERAkXardDqx5QIDAQABozUwMzASBgNVHREECzAJggdzYW1hZGhpMB0G
+A1UdDgQWBBTIRU/xxcULxzxNef3jHDp1W2Br7jANBgkqhkiG9w0BAQUFAAOCAQEA
+DsNpDbtB/fhZIlNN11erKFH1VKgZIsLBu86uEYwi3sqK9+DNk40sdG1U0INY21g5
+sTG/vlt6qyuLcB9C5BA+8Ms3T01vcWg+//4KM4OZuLM/0ylSDxhVCHwJU5erI9Bt
+JSqVQ12JHctvIqdIQm0JRR6CCXVdm6Wjy5vVQZEoIanxcyjd0AUF458M7arGk1RB
+pvLrKdwx16cOS9mkuq5Jg0Oj2yiUjx1WRzNzqAVQXpBb0ZZz0oKGiOqa0AgyfVKs
+aNy8twh152lw5iqjY7qxb9QDhtJpzlPnQk2CmHJbQUXrCK8cLSWSDsiCcaQVicb+
+15HeV+PRFYV9dngg8gm2vg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://samadhi.kib.ki.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://samadhi.kib.ki.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://samadhi.kib.ki.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://samadhi.kib.ki.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://samadhi.kib.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://marcus.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/marcus.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://marcus.it.su.se/Shibboleth.sso/WAYF" index="1" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>marcus.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=marcus.it.su.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=marcus.it.su.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>15962408100384379222</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAN2F3ZhHOpFWMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD21hcmN1cy5pdC5zdS5zZTAeFw0wOTA4MTcwODA5MTNaFw0xOTA4MTUwODA5
+MTNaMBoxGDAWBgNVBAMTD21hcmN1cy5pdC5zdS5zZTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJoUzHh3CK6XAbe6UlJ8SiioYdjXJGU5LgW1JpsygbEJ
+fwNJ4dhOTyiAgtsEOZ4lO7EU06PByHrmlcDmjIJcmYXUIXcIC171dslQpVcYM0Vi
+8Lu6pzFrzAQyzuDv+R0bk4BFPDpRkOyORGVi7DRdHpUZFZ0LMQqi/6T/ewOC/nRJ
+hWLg9zkCwAv7yeGNF7Q03loxu55/8Rv4KhGSa77DHHWU8Bisd+PErH4GvzT1EncD
+YW/RkTXjYNDBy2x9jObn0HtMUvtsWbSSq992SiXLfmXk6nML2m6YCDeLGVCF9vhx
+hW46jIOjgDsAE5FjCkvTdSOUemPsxNx92uC6oCyg0AMCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPbWFyY3VzLml0LnN1LnNlMB0GA1UdDgQWBBQxnjnxh3kB69c8TxWBb1wZ
+y0ccXDANBgkqhkiG9w0BAQUFAAOCAQEAJJREWXyuciC1veJVJWVpvNrQ5PIyaS02
+P3HE+lNfWgf+JOXusj5t4ZaWQg2bGL8zmayWEBvIh1MOIV6Tm3XtUIr7addFiqOe
+GnA0dEg0jXqqLKBwG3KtKsc+S3V6B6pZ3QX6NC5dcBlr/Os7i3GN8r2okZgr9Nh9
+0Ow5TS9WNvDXoXdzFKXEVv64byZzPKj1UDBiyBLfb+Fese8t0bl8EqhFTEmEbuHz
+IjK2CPinkLuGqqSMWdIAHIXRbhJKZH022rh9CE511WIInQLHi5VqcKDBRthh+pLM
+ALJ3grGodNXxRWcqAbAMSfyOPC+t9cD7n41LD6rlweKaNMW/aiS8XQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>marcus.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=marcus.it.su.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=marcus.it.su.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>15962408100384379222</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAN2F3ZhHOpFWMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD21hcmN1cy5pdC5zdS5zZTAeFw0wOTA4MTcwODA5MTNaFw0xOTA4MTUwODA5
+MTNaMBoxGDAWBgNVBAMTD21hcmN1cy5pdC5zdS5zZTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAJoUzHh3CK6XAbe6UlJ8SiioYdjXJGU5LgW1JpsygbEJ
+fwNJ4dhOTyiAgtsEOZ4lO7EU06PByHrmlcDmjIJcmYXUIXcIC171dslQpVcYM0Vi
+8Lu6pzFrzAQyzuDv+R0bk4BFPDpRkOyORGVi7DRdHpUZFZ0LMQqi/6T/ewOC/nRJ
+hWLg9zkCwAv7yeGNF7Q03loxu55/8Rv4KhGSa77DHHWU8Bisd+PErH4GvzT1EncD
+YW/RkTXjYNDBy2x9jObn0HtMUvtsWbSSq992SiXLfmXk6nML2m6YCDeLGVCF9vhx
+hW46jIOjgDsAE5FjCkvTdSOUemPsxNx92uC6oCyg0AMCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPbWFyY3VzLml0LnN1LnNlMB0GA1UdDgQWBBQxnjnxh3kB69c8TxWBb1wZ
+y0ccXDANBgkqhkiG9w0BAQUFAAOCAQEAJJREWXyuciC1veJVJWVpvNrQ5PIyaS02
+P3HE+lNfWgf+JOXusj5t4ZaWQg2bGL8zmayWEBvIh1MOIV6Tm3XtUIr7addFiqOe
+GnA0dEg0jXqqLKBwG3KtKsc+S3V6B6pZ3QX6NC5dcBlr/Os7i3GN8r2okZgr9Nh9
+0Ow5TS9WNvDXoXdzFKXEVv64byZzPKj1UDBiyBLfb+Fese8t0bl8EqhFTEmEbuHz
+IjK2CPinkLuGqqSMWdIAHIXRbhJKZH022rh9CE511WIInQLHi5VqcKDBRthh+pLM
+ALJ3grGodNXxRWcqAbAMSfyOPC+t9cD7n41LD6rlweKaNMW/aiS8XQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://marcus.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://marcus.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://marcus.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://marcus.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://marcus.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://marcus.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://marcus.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://marcus.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://marcus.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://marcus.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://marcus.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://marcus.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://marcus.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://marcus.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://kllin.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/kllin.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://kllin.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>kllin.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=kllin.it.su.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=kllin.it.su.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>15729191459207018524</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJANpJUEuaJHgcMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDmtsbGluLml0LnN1LnNlMB4XDTA5MDgxNzA4MDUyNVoXDTE5MDgxNTA4MDUy
+NVowGTEXMBUGA1UEAxMOa2xsaW4uaXQuc3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCmHDXcoZT0FPZ5enxEI0K5ECKwBDaNWdRmv2DIY9weJviZ
+DBh4LJ3ddZe411PyCXaRwsymjQxJ4KROCgr0xpjl6d26AuKZlz3fV+5HTWmwLHnj
+yW4PD5TBClAd/ukshO9pONY2Z9LApdpzGhwQ055Yusd/SRGxjrxN2OTzLsJl1Nmm
+9HBVRjABhUmMSfEnx4aKEUXwxISzRmU0mtf2/GbGIWDbcX/0q9u+AZBCMHeJmCae
+MCnPVBsr05lAmQgTkHLqrorcgTjjGl7/tELLM4pAQZMI6M1dbdJ8fYoKnRlWUHDd
+pJcobJYlkWOqF7OkCRVSQZrCjr4xWG6TAwqxqcnhAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDmtsbGluLml0LnN1LnNlMB0GA1UdDgQWBBQ5AK5fejFIsiD+5QZejcLpvF6t
+bTANBgkqhkiG9w0BAQUFAAOCAQEAD2YF3AD+9WKS4UAtQbN4/do94cnlspLh2CVL
+eJd64IzeOTFBtdP5utNFfWrZja/3L8/ZdAsuOJy//DbtgBi6nH4CmPogx8k0YeGh
+0SURQ5epR1VkZRHJXiSvQr9G3l04yQZ/UA82drixbJcr7ze5K3DeMl3lPq52uR7P
+9tWXWEuXlLLv/LNpa08YD1LR3KRncMuZX6H8buL0bI1bgu3oD7jK0MWR3jIZ0Mmk
+bjC9WQPwrYW+Ea5Y7eL5tbUEJ0p/rfQmlZDcI1JC2RNbymRnI0fopKpvQzrA+Gfz
+Kedo5bETr6pNxQLTjE3Bq7oYI/PUPOMfWf8Kd6HcLrE4NZDBOA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>kllin.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=kllin.it.su.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=kllin.it.su.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>15729191459207018524</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJANpJUEuaJHgcMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDmtsbGluLml0LnN1LnNlMB4XDTA5MDgxNzA4MDUyNVoXDTE5MDgxNTA4MDUy
+NVowGTEXMBUGA1UEAxMOa2xsaW4uaXQuc3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCmHDXcoZT0FPZ5enxEI0K5ECKwBDaNWdRmv2DIY9weJviZ
+DBh4LJ3ddZe411PyCXaRwsymjQxJ4KROCgr0xpjl6d26AuKZlz3fV+5HTWmwLHnj
+yW4PD5TBClAd/ukshO9pONY2Z9LApdpzGhwQ055Yusd/SRGxjrxN2OTzLsJl1Nmm
+9HBVRjABhUmMSfEnx4aKEUXwxISzRmU0mtf2/GbGIWDbcX/0q9u+AZBCMHeJmCae
+MCnPVBsr05lAmQgTkHLqrorcgTjjGl7/tELLM4pAQZMI6M1dbdJ8fYoKnRlWUHDd
+pJcobJYlkWOqF7OkCRVSQZrCjr4xWG6TAwqxqcnhAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDmtsbGluLml0LnN1LnNlMB0GA1UdDgQWBBQ5AK5fejFIsiD+5QZejcLpvF6t
+bTANBgkqhkiG9w0BAQUFAAOCAQEAD2YF3AD+9WKS4UAtQbN4/do94cnlspLh2CVL
+eJd64IzeOTFBtdP5utNFfWrZja/3L8/ZdAsuOJy//DbtgBi6nH4CmPogx8k0YeGh
+0SURQ5epR1VkZRHJXiSvQr9G3l04yQZ/UA82drixbJcr7ze5K3DeMl3lPq52uR7P
+9tWXWEuXlLLv/LNpa08YD1LR3KRncMuZX6H8buL0bI1bgu3oD7jK0MWR3jIZ0Mmk
+bjC9WQPwrYW+Ea5Y7eL5tbUEJ0p/rfQmlZDcI1JC2RNbymRnI0fopKpvQzrA+Gfz
+Kedo5bETr6pNxQLTjE3Bq7oYI/PUPOMfWf8Kd6HcLrE4NZDBOA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kllin.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kllin.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kllin.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kllin.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kllin.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kllin.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kllin.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kllin.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kllin.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kllin.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kllin.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kllin.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kllin.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kllin.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://ilinca.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/ilinca.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ilinca.it.su.se/Shibboleth.sso/WAYF" index="1" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>ilinca.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=ilinca.it.su.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=ilinca.it.su.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>10988849576663837321</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAJiAPHfzP+qJMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2lsaW5jYS5pdC5zdS5zZTAeFw0wOTA4MTcwODEzNDVaFw0xOTA4MTUwODEz
+NDVaMBoxGDAWBgNVBAMTD2lsaW5jYS5pdC5zdS5zZTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAOXB7HDd3xSjmS+CdKE/51gmugmfLD/rWbFl4ma/DynK
+5D7Cz//7VeSPulC9lwaKtq3SJg/f44fJBwwZpM8+H0NLkkVUtjiaj6ggaNEuvGch
+4w7KFgb6w4y2A0eSCWWj+IgNlUs3L/x3dT4A3Uu9RV9beR5KpxCgOEVzFo1d21tu
+nOsodBkDkpTxzBRizcF2yqVgWoGkEUMQw4ioHV3XtVs2C38Ax215yVhfeKkHncjL
+5SS8ecXWhgbLfw7n5KHQNCOBJsvVQE4QRTU1MmJ7uHIUk5my47Ua38X+Bozm1fqM
+UtExw+2Wg5VNiuzi08XWnwl6zgJn8qSawR9g6BR1S50CAwEAAaM9MDswGgYDVR0R
+BBMwEYIPaWxpbmNhLml0LnN1LnNlMB0GA1UdDgQWBBQzCCAfgJgB3wR0tqIaq5W7
+4pTVzjANBgkqhkiG9w0BAQUFAAOCAQEAw1gcpFHR23LG0JMZc7ESGapG1HG3kpfS
+NyqJ84WxA1HQS3oqS4JcLcDnwpUUPiC80jECQpNBqqMSxwVuqhIuE6yd4cl1gtmC
+xP0OhvLkXtD8DxCWvvVgRM1ZeYl/rtlLVOrwy5Sd9YSktJOvqugl86qvOjsfppqE
+aNKZapqL4HCp4mA6CC9+ErC6EeMH7nglt3i/O0MR8/5fTVdlYEP6fvqExn5070hH
+bOSmcNTEUPWw0E2O73AdoqVxjLhLtOra8xlJiphHwSNXeU6H46Vx9UYG8Uh1xtal
+ZUOWiUqVuxudj0Ke7D2Qx/NqyIlx99p5Omzl0NFcJLu+RgUfuF+jgg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>ilinca.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=ilinca.it.su.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=ilinca.it.su.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>10988849576663837321</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAJiAPHfzP+qJMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2lsaW5jYS5pdC5zdS5zZTAeFw0wOTA4MTcwODEzNDVaFw0xOTA4MTUwODEz
+NDVaMBoxGDAWBgNVBAMTD2lsaW5jYS5pdC5zdS5zZTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAOXB7HDd3xSjmS+CdKE/51gmugmfLD/rWbFl4ma/DynK
+5D7Cz//7VeSPulC9lwaKtq3SJg/f44fJBwwZpM8+H0NLkkVUtjiaj6ggaNEuvGch
+4w7KFgb6w4y2A0eSCWWj+IgNlUs3L/x3dT4A3Uu9RV9beR5KpxCgOEVzFo1d21tu
+nOsodBkDkpTxzBRizcF2yqVgWoGkEUMQw4ioHV3XtVs2C38Ax215yVhfeKkHncjL
+5SS8ecXWhgbLfw7n5KHQNCOBJsvVQE4QRTU1MmJ7uHIUk5my47Ua38X+Bozm1fqM
+UtExw+2Wg5VNiuzi08XWnwl6zgJn8qSawR9g6BR1S50CAwEAAaM9MDswGgYDVR0R
+BBMwEYIPaWxpbmNhLml0LnN1LnNlMB0GA1UdDgQWBBQzCCAfgJgB3wR0tqIaq5W7
+4pTVzjANBgkqhkiG9w0BAQUFAAOCAQEAw1gcpFHR23LG0JMZc7ESGapG1HG3kpfS
+NyqJ84WxA1HQS3oqS4JcLcDnwpUUPiC80jECQpNBqqMSxwVuqhIuE6yd4cl1gtmC
+xP0OhvLkXtD8DxCWvvVgRM1ZeYl/rtlLVOrwy5Sd9YSktJOvqugl86qvOjsfppqE
+aNKZapqL4HCp4mA6CC9+ErC6EeMH7nglt3i/O0MR8/5fTVdlYEP6fvqExn5070hH
+bOSmcNTEUPWw0E2O73AdoqVxjLhLtOra8xlJiphHwSNXeU6H46Vx9UYG8Uh1xtal
+ZUOWiUqVuxudj0Ke7D2Qx/NqyIlx99p5Omzl0NFcJLu+RgUfuF+jgg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ilinca.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ilinca.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilinca.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilinca.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ilinca.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ilinca.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilinca.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilinca.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilinca.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ilinca.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilinca.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ilinca.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ilinca.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ilinca.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.nordu.net/idp/shibboleth" xml:base="swamid-1.0/idp.nordu.net.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">nordu.net</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDHzCCAgegAwIBAgIUbYzFMX2BKRKmZwRSWg0HZ3/MQQwwDQYJKoZIhvcNAQEF
+BQAwGDEWMBQGA1UEAxMNaWRwLm5vcmR1Lm5ldDAeFw0wOTA5MDMxOTI4NDlaFw0y
+OTA5MDMxOTI4NDlaMBgxFjAUBgNVBAMTDWlkcC5ub3JkdS5uZXQwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSypIpdblxznunPXiwKCqwOYmj99u5S9f7
+RTR+s8EDs01uwJ8buJs0MId+s96mD8MIkobE4iwn/B6xlafbMr3/BF+XxxH8Q5WX
+Bf3aQV3ohBqur6+mRQ2C+EenzPMGHmV/FCz0cbmTsIAQHZ9Vy16H+x5uWOBVd44i
+CMLM+fgjKyYcpcEUJP9Jkn/+d36L3mdXbyqAQS2UPN+S1g37xrgR2kWW+s1lMEiR
+M/f5L+PuA3l5DxIBmK0tFo+ZPLxbr6OBWOdH6EUbfdkvfciFCVNbWBGRW5MC2aru
+ATCdtf/Vev3OngUYBGSR/94eTgMcs3Oww/ppxRS6dzntGnnCT1sPAgMBAAGjYTBf
+MD4GA1UdEQQ3MDWCDWlkcC5ub3JkdS5uZXSGJGh0dHBzOi8vaWRwLm5vcmR1Lm5l
+dC9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUwPXuksUpm5OdopeWHdoRcs6wCu0w
+DQYJKoZIhvcNAQEFBQADggEBAHiPOKmhiLnx8ecuQHmwmh4DUZvarhZXNtgxyasU
+bZAfPoZn8YiELiqYQoA/j+hoAfWcCEafMgjm8nkQO9aad1cwpGY66SIRKPAKBgsW
+nOugnrREWwYl1tXG3VWYzpgygycziYzkmwc4ysHQATKjCYdulA1tZ09YiAnZOIzY
+Q93/gA7X177nVKnAbmSkY1Nap4/rbkHIvQqk8RPSYs5AwasThkEFVk4OQpPtoTOn
+aOBLkJxpXY7rZDixrz59ny629qmOOakSCsuVkNwDPmbLQy9dKmHXTcge2xP0mDK7
+JiNCTXH29oP8kWBEBVaDxrDIrfDv53VjURS+KXqpBLjsuVE=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.nordu.net:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.nordu.net:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.nordu.net/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.nordu.net/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.nordu.net/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.nordu.net/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">nordu.net</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDHzCCAgegAwIBAgIUbYzFMX2BKRKmZwRSWg0HZ3/MQQwwDQYJKoZIhvcNAQEF
+BQAwGDEWMBQGA1UEAxMNaWRwLm5vcmR1Lm5ldDAeFw0wOTA5MDMxOTI4NDlaFw0y
+OTA5MDMxOTI4NDlaMBgxFjAUBgNVBAMTDWlkcC5ub3JkdS5uZXQwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSypIpdblxznunPXiwKCqwOYmj99u5S9f7
+RTR+s8EDs01uwJ8buJs0MId+s96mD8MIkobE4iwn/B6xlafbMr3/BF+XxxH8Q5WX
+Bf3aQV3ohBqur6+mRQ2C+EenzPMGHmV/FCz0cbmTsIAQHZ9Vy16H+x5uWOBVd44i
+CMLM+fgjKyYcpcEUJP9Jkn/+d36L3mdXbyqAQS2UPN+S1g37xrgR2kWW+s1lMEiR
+M/f5L+PuA3l5DxIBmK0tFo+ZPLxbr6OBWOdH6EUbfdkvfciFCVNbWBGRW5MC2aru
+ATCdtf/Vev3OngUYBGSR/94eTgMcs3Oww/ppxRS6dzntGnnCT1sPAgMBAAGjYTBf
+MD4GA1UdEQQ3MDWCDWlkcC5ub3JkdS5uZXSGJGh0dHBzOi8vaWRwLm5vcmR1Lm5l
+dC9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUwPXuksUpm5OdopeWHdoRcs6wCu0w
+DQYJKoZIhvcNAQEFBQADggEBAHiPOKmhiLnx8ecuQHmwmh4DUZvarhZXNtgxyasU
+bZAfPoZn8YiELiqYQoA/j+hoAfWcCEafMgjm8nkQO9aad1cwpGY66SIRKPAKBgsW
+nOugnrREWwYl1tXG3VWYzpgygycziYzkmwc4ysHQATKjCYdulA1tZ09YiAnZOIzY
+Q93/gA7X177nVKnAbmSkY1Nap4/rbkHIvQqk8RPSYs5AwasThkEFVk4OQpPtoTOn
+aOBLkJxpXY7rZDixrz59ny629qmOOakSCsuVkNwDPmbLQy9dKmHXTcge2xP0mDK7
+JiNCTXH29oP8kWBEBVaDxrDIrfDv53VjURS+KXqpBLjsuVE=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.nordu.net:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.nordu.net:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">NORDUnet</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">NORDUnet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.nordu.net</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>NORDUnet NOC</Company>
+ <EmailAddress>noc@nordu.net</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.it.gu.se/idp/shibboleth" xml:base="swamid-1.0/idp.it.gu.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">gu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUGLU4YqWFYHboh+F+iLNYkBw8XNAwDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMaWRwLml0Lmd1LnNlMB4XDTA5MDgyNDExMzA1OFoXDTI5
+MDgyNDExMzA1OFowFzEVMBMGA1UEAxMMaWRwLml0Lmd1LnNlMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOVkzaHuTCe+7lf79UnQ5iQ/8OLbJpwOxPTF
+wEPIHbMMU/aCVnxoZnwNApblqvpP2uOsQvh8d0uDv2iVC5BMN0ff9M+9rN7D/gAo
+L+w8CmWiHRudKyZLu8Gu89SGxyQ59AVCbJzGaEE9h/CmMYHCj/ONJ8mtjG9uw6u+
+Vj+L8PHXsPHQsLvcl3/D7duIYH/xHRbPzXS0imux+r/OcSCR3aCPCx3uuAfVPxGS
+9Y/ifynV586V3szIM7O15SeXKenFMKjQhzA23ZPcHhDSxWnVGUDWFDRDNAXfD7BF
+KRBCaUlWZvczqsV3eGtW8XgOmuW/7yJT5REfrrSLOKprAK8yoQIDAQABo18wXTA8
+BgNVHREENTAzggxpZHAuaXQuZ3Uuc2WGI2h0dHBzOi8vaWRwLml0Lmd1LnNlL2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBSpKDUl7ZRxhQ1/HRmVbFd+NbwxmzANBgkq
+hkiG9w0BAQUFAAOCAQEAXfaYlHQj4KRaJmMbWFV0XyNUlHNio8010vLv3t6WztlZ
+jZFL/hTQIFhmYEA04Davdk+1/1JvcRePSpg2VCxT/QwHyOR3eimmQ6FKXWls/zO/
+V01sJrlLdf/53pzXYsVSOf50UK+GtrSB3hhzrFmeaBALOysGqk2h2/UdYISXxa/e
+MyQ/aOI5u+0Wlq2RdIXF8MrtnwBTRhNXLcXYzz4fPsdjd4TmmJLQLXLmFLE/IA+/
+CP9nuvekzvPla7AXlXPwPvbUunwZIZkN3aHzMY/08FKIYRLb9VmqInKXw8tIBSqG
+MoX9SCDPBh2j39QZupTaPkylXDshurod7B2XtXdHPg==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.it.gu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.it.gu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.it.gu.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.it.gu.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.it.gu.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.it.gu.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">gu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUGLU4YqWFYHboh+F+iLNYkBw8XNAwDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMaWRwLml0Lmd1LnNlMB4XDTA5MDgyNDExMzA1OFoXDTI5
+MDgyNDExMzA1OFowFzEVMBMGA1UEAxMMaWRwLml0Lmd1LnNlMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOVkzaHuTCe+7lf79UnQ5iQ/8OLbJpwOxPTF
+wEPIHbMMU/aCVnxoZnwNApblqvpP2uOsQvh8d0uDv2iVC5BMN0ff9M+9rN7D/gAo
+L+w8CmWiHRudKyZLu8Gu89SGxyQ59AVCbJzGaEE9h/CmMYHCj/ONJ8mtjG9uw6u+
+Vj+L8PHXsPHQsLvcl3/D7duIYH/xHRbPzXS0imux+r/OcSCR3aCPCx3uuAfVPxGS
+9Y/ifynV586V3szIM7O15SeXKenFMKjQhzA23ZPcHhDSxWnVGUDWFDRDNAXfD7BF
+KRBCaUlWZvczqsV3eGtW8XgOmuW/7yJT5REfrrSLOKprAK8yoQIDAQABo18wXTA8
+BgNVHREENTAzggxpZHAuaXQuZ3Uuc2WGI2h0dHBzOi8vaWRwLml0Lmd1LnNlL2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBSpKDUl7ZRxhQ1/HRmVbFd+NbwxmzANBgkq
+hkiG9w0BAQUFAAOCAQEAXfaYlHQj4KRaJmMbWFV0XyNUlHNio8010vLv3t6WztlZ
+jZFL/hTQIFhmYEA04Davdk+1/1JvcRePSpg2VCxT/QwHyOR3eimmQ6FKXWls/zO/
+V01sJrlLdf/53pzXYsVSOf50UK+GtrSB3hhzrFmeaBALOysGqk2h2/UdYISXxa/e
+MyQ/aOI5u+0Wlq2RdIXF8MrtnwBTRhNXLcXYzz4fPsdjd4TmmJLQLXLmFLE/IA+/
+CP9nuvekzvPla7AXlXPwPvbUunwZIZkN3aHzMY/08FKIYRLb9VmqInKXw8tIBSqG
+MoX9SCDPBh2j39QZupTaPkylXDshurod7B2XtXdHPg==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.it.gu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.it.gu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">GU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Göteborgs universitet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.gu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Göteborgs universitet</Company>
+ <EmailAddress>pablo.millet@gu.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://tcs-test.sunet.se/shibboleth" xml:base="swamid-1.0/tcs-test.sunet.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>tcs-test.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=tcs-test.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJAJu2W9h/GQn5MA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEXRjcy10ZXN0LnN1bmV0LnNlMB4XDTA5MDkwNDA5MzU0N1oXDTE5MDkwMjA5
+MzU0N1owHDEaMBgGA1UEAxMRdGNzLXRlc3Quc3VuZXQuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDfOz1hNo/wrI+MBbauT55gEx1IsbEK+KGhWCEG
+N18M2XU+Afad8tG5zPjKDBGNz3JDVQRb+Dldi9VnhbIliPjMpXgpnXjNN8+bYe6X
+SrJHGOOCs3aXixtcqCvkD/kkplLf/RsfVfe3FP49JDApguR4jH3vtNCNJoECUhCH
+VTBFB3BiEx2iky2v+f3NzDoSod8o2NAXLBOC25xCk7VjRa70uiPx32eE7+izsJLs
+VJkaqKmW2n1yZsOS+9puYcr19vNSQ4awo/3uRMbPrPe8Z4cMyAJB1+xZ30VXLhV/
+6nnraUZuF1w6xNp8mFbJlwd4m41bPTitJO2AqvZMzOxrgucTAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEXRjcy10ZXN0LnN1bmV0LnNlMB0GA1UdDgQWBBQjlFq8PSW2QiXN
+5RWltu60z8K8djANBgkqhkiG9w0BAQUFAAOCAQEAVgyGn2VUctqIqVUqv/AAa7MU
+Do3b3uFe4ezNCe433XJiVJBf1ys5ifBSMEPCtexBlDAKOidaiZfylb6JudgzuDSZ
+fef2y/6Fk8wiub64E4ayKDU5LlsAs43PlOQjufDsq09BesJJFXxBBDIhP4UCL+XO
+nhVX7PZBnBPhjTmt+iUtgBkkMZJMhgDyJJZiYjLcbVfPKKQqTWRK9QUj4fc6JldX
+CmO/ILoP5fWaKzwlK5ybhHyoYH6RYjuV0CBiUlZS6iejpsRokr/aQrQ3JHPWLId+
+VExt5K7bqNQpM9wqLuSjrlCueO4wNjuSTevHKZO6uB4DcnFnNMxWsvB81dLUdg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>tcs-test.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=tcs-test.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJAJu2W9h/GQn5MA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEXRjcy10ZXN0LnN1bmV0LnNlMB4XDTA5MDkwNDA5MzU0N1oXDTE5MDkwMjA5
+MzU0N1owHDEaMBgGA1UEAxMRdGNzLXRlc3Quc3VuZXQuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDfOz1hNo/wrI+MBbauT55gEx1IsbEK+KGhWCEG
+N18M2XU+Afad8tG5zPjKDBGNz3JDVQRb+Dldi9VnhbIliPjMpXgpnXjNN8+bYe6X
+SrJHGOOCs3aXixtcqCvkD/kkplLf/RsfVfe3FP49JDApguR4jH3vtNCNJoECUhCH
+VTBFB3BiEx2iky2v+f3NzDoSod8o2NAXLBOC25xCk7VjRa70uiPx32eE7+izsJLs
+VJkaqKmW2n1yZsOS+9puYcr19vNSQ4awo/3uRMbPrPe8Z4cMyAJB1+xZ30VXLhV/
+6nnraUZuF1w6xNp8mFbJlwd4m41bPTitJO2AqvZMzOxrgucTAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEXRjcy10ZXN0LnN1bmV0LnNlMB0GA1UdDgQWBBQjlFq8PSW2QiXN
+5RWltu60z8K8djANBgkqhkiG9w0BAQUFAAOCAQEAVgyGn2VUctqIqVUqv/AAa7MU
+Do3b3uFe4ezNCe433XJiVJBf1ys5ifBSMEPCtexBlDAKOidaiZfylb6JudgzuDSZ
+fef2y/6Fk8wiub64E4ayKDU5LlsAs43PlOQjufDsq09BesJJFXxBBDIhP4UCL+XO
+nhVX7PZBnBPhjTmt+iUtgBkkMZJMhgDyJJZiYjLcbVfPKKQqTWRK9QUj4fc6JldX
+CmO/ILoP5fWaKzwlK5ybhHyoYH6RYjuV0CBiUlZS6iejpsRokr/aQrQ3JHPWLId+
+VExt5K7bqNQpM9wqLuSjrlCueO4wNjuSTevHKZO6uB4DcnFnNMxWsvB81dLUdg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://tcs-test.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tcs-test.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tcs-test.sunet.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tcs-test.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://tcs-test.sunet.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tcs-test.sunet.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tcs-test.sunet.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tcs-test.sunet.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tcs-test.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://tcs-test.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tcs-test.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://tcs-test.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tcs-test.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://tcs-test.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://identity.mdh.se/idp/shibboleth" xml:base="swamid-1.0/identity.mdh.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">mdh.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAIPxTFqNFghYnsNGOQDHDvRnU53tMA0GCSqGSIb3DQEB
+BQUAMBoxGDAWBgNVBAMTD2lkZW50aXR5Lm1kaC5zZTAeFw0wOTA5MDIxMzE5MDRa
+Fw0yOTA5MDIxMzE5MDRaMBoxGDAWBgNVBAMTD2lkZW50aXR5Lm1kaC5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBpGX8JJ+RvjMMMD3q/j01q58p8
+z0R9tuklMD5smW+Tz0JgiG3KDnynWvcYyg3s9DevNRUMmsQqzDBko771ecyhqkHy
+SoCkfVNJ9k7RaQmoaglSGZlR5N9lgcysHNA8qVqJYpUpsSFuQckr1dzS3RjngcTM
+ICcuBjy/JviV8fKzYzF0v7F9HW+BEuJXHH6lhqhDIuI4R4n7I9/lYYxJWvQZVelJ
+F6/Z+RnbqaSzViq1qcMe5AWcnZgC85i0KiIcnaKiImNRJbVrVUN+eniQSj9ROJyf
+uk7Ldhpg8gvqsaUVd2drDY43XymAu7XFVnBBX340JKgb7F8wxpvIK6Gh6ZMCAwEA
+AaNlMGMwQgYDVR0RBDswOYIPaWRlbnRpdHkubWRoLnNlhiZodHRwczovL2lkZW50
+aXR5Lm1kaC5zZS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQU/qdjANz6BbQi/0eQ
+PgsaI1I0V4MwDQYJKoZIhvcNAQEFBQADggEBAG3OEKV7S8aojN/D7UOqURiCRrjC
+Dk6wEnMLX6uIYAFCv6jc5QdkMWaaDBR0tgGhmgzRZOGnl9pvzT1AjMIhvMu2/luI
+b2oawOhycFG1rECJCpDi+gLDGhxzbQY/E9VIz+AcBAxglBFbDqqIynhFs+GZn+fv
+P7nZB2+XoE3sf8xqd2a9xO7vy1r17Q7bx8PzwklL9GdFppuRnimioYoF3atEQM6R
+7UwSK+MqY42FI27aHfIMAN7ccEun9HViAHU9HT/tng0kSydoF9VOvTI657LX7vpb
+0hhoH3UMUkrHgTwtNYpylgL6YEy/GtQHimQGN/O6aAQt1ZIyXKnuQufcnNk=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://identity.mdh.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://identity.mdh.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://identity.mdh.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://identity.mdh.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://identity.mdh.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://identity.mdh.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">mdh.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDKDCCAhCgAwIBAgIVAIPxTFqNFghYnsNGOQDHDvRnU53tMA0GCSqGSIb3DQEB
+BQUAMBoxGDAWBgNVBAMTD2lkZW50aXR5Lm1kaC5zZTAeFw0wOTA5MDIxMzE5MDRa
+Fw0yOTA5MDIxMzE5MDRaMBoxGDAWBgNVBAMTD2lkZW50aXR5Lm1kaC5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALBpGX8JJ+RvjMMMD3q/j01q58p8
+z0R9tuklMD5smW+Tz0JgiG3KDnynWvcYyg3s9DevNRUMmsQqzDBko771ecyhqkHy
+SoCkfVNJ9k7RaQmoaglSGZlR5N9lgcysHNA8qVqJYpUpsSFuQckr1dzS3RjngcTM
+ICcuBjy/JviV8fKzYzF0v7F9HW+BEuJXHH6lhqhDIuI4R4n7I9/lYYxJWvQZVelJ
+F6/Z+RnbqaSzViq1qcMe5AWcnZgC85i0KiIcnaKiImNRJbVrVUN+eniQSj9ROJyf
+uk7Ldhpg8gvqsaUVd2drDY43XymAu7XFVnBBX340JKgb7F8wxpvIK6Gh6ZMCAwEA
+AaNlMGMwQgYDVR0RBDswOYIPaWRlbnRpdHkubWRoLnNlhiZodHRwczovL2lkZW50
+aXR5Lm1kaC5zZS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQU/qdjANz6BbQi/0eQ
+PgsaI1I0V4MwDQYJKoZIhvcNAQEFBQADggEBAG3OEKV7S8aojN/D7UOqURiCRrjC
+Dk6wEnMLX6uIYAFCv6jc5QdkMWaaDBR0tgGhmgzRZOGnl9pvzT1AjMIhvMu2/luI
+b2oawOhycFG1rECJCpDi+gLDGhxzbQY/E9VIz+AcBAxglBFbDqqIynhFs+GZn+fv
+P7nZB2+XoE3sf8xqd2a9xO7vy1r17Q7bx8PzwklL9GdFppuRnimioYoF3atEQM6R
+7UwSK+MqY42FI27aHfIMAN7ccEun9HViAHU9HT/tng0kSydoF9VOvTI657LX7vpb
+0hhoH3UMUkrHgTwtNYpylgL6YEy/GtQHimQGN/O6aAQt1ZIyXKnuQufcnNk=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://identity.mdh.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://identity.mdh.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">MDH</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Mälardalen University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mdh.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Mälardalen University</Company>
+ <EmailAddress>peter.falck@mdh.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://signon.hh.se/idp/shibboleth" xml:base="swamid-1.0/signon.hh.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hh.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDHDCCAgSgAwIBAgIVANvNFOWJZe9T3CpX7Sk5ZKgztjMgMA0GCSqGSIb3DQEB
+BQUAMBcxFTATBgNVBAMTDHNpZ25vbi5oaC5zZTAeFw0wOTA5MTYwODM0MjZaFw0y
+OTA5MTYwODM0MjZaMBcxFTATBgNVBAMTDHNpZ25vbi5oaC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAIdi7+4jvkJyhmR/IHjVKV0TOJ1TBw5x8FXo
+VVDkZdixmiT/YVp6kfRsKL6yWlNKEm7X6kcrJ+xKUNYUi9n8p1uloS6tBhfG37pC
+Xt7fi7imSi882T4fUYzCR3cVAbe8k6L8UKIdWdNVGIkvXzgeBZh/qHCnvyjtF1Bd
+4mEUHh55KieKVmKCYD7TE4T14tE4xSBf7L9Dna4U9aM7Ne+xeHSW/rGGALtfZhIr
+DOZLZSBCIAzBhzwuDb2h7xYBrCBF7QEWInI8tkQPa/g/sS/5xH+nTGO0RAWY9EWu
+2V2HN3hp3/nX8smCSIKRyxWzLJ29htCrsljTLSvFVOstCU0NI/8CAwEAAaNfMF0w
+PAYDVR0RBDUwM4IMc2lnbm9uLmhoLnNlhiNodHRwczovL3NpZ25vbi5oaC5zZS9p
+ZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUQJ23SW9pFtWUbgw5WcI2qK7YSZAwDQYJ
+KoZIhvcNAQEFBQADggEBAIAl6LBd5IzC+1MxH293vgBeVnIJvRNAp0vn4BqyHgX0
+3i4lqzw/g8hj+va7kOfr1VidYoS3ur5YYnoVC7muILBy8uNeXGaRNeh7xRJHb+HF
+7eEjWvDrj2RQtaED3+1INj2bl5gR4vEt5VkWh6TVU40x4ea0V97Vm4ZO416b9L6I
+06Hp/H4L2oHEJUMdOfxhlipIXZeAxZ2lSHmGspfNRCybLAs/raVGBvq1/RSpRS+X
+vAXrKY9loLQYkufnJ3GlXmbn3eFOyxmA11Q9xTukB8qno9QI2KMxUH8N2cG0vYXB
+CXwK7XzaaZnKkk8K3Hgodpmh+2CIkt0nGwYXAFyb6RE=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://signon.hh.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://signon.hh.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://signon.hh.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://signon.hh.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://signon.hh.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://signon.hh.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hh.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDHDCCAgSgAwIBAgIVANvNFOWJZe9T3CpX7Sk5ZKgztjMgMA0GCSqGSIb3DQEB
+BQUAMBcxFTATBgNVBAMTDHNpZ25vbi5oaC5zZTAeFw0wOTA5MTYwODM0MjZaFw0y
+OTA5MTYwODM0MjZaMBcxFTATBgNVBAMTDHNpZ25vbi5oaC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAIdi7+4jvkJyhmR/IHjVKV0TOJ1TBw5x8FXo
+VVDkZdixmiT/YVp6kfRsKL6yWlNKEm7X6kcrJ+xKUNYUi9n8p1uloS6tBhfG37pC
+Xt7fi7imSi882T4fUYzCR3cVAbe8k6L8UKIdWdNVGIkvXzgeBZh/qHCnvyjtF1Bd
+4mEUHh55KieKVmKCYD7TE4T14tE4xSBf7L9Dna4U9aM7Ne+xeHSW/rGGALtfZhIr
+DOZLZSBCIAzBhzwuDb2h7xYBrCBF7QEWInI8tkQPa/g/sS/5xH+nTGO0RAWY9EWu
+2V2HN3hp3/nX8smCSIKRyxWzLJ29htCrsljTLSvFVOstCU0NI/8CAwEAAaNfMF0w
+PAYDVR0RBDUwM4IMc2lnbm9uLmhoLnNlhiNodHRwczovL3NpZ25vbi5oaC5zZS9p
+ZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQUQJ23SW9pFtWUbgw5WcI2qK7YSZAwDQYJ
+KoZIhvcNAQEFBQADggEBAIAl6LBd5IzC+1MxH293vgBeVnIJvRNAp0vn4BqyHgX0
+3i4lqzw/g8hj+va7kOfr1VidYoS3ur5YYnoVC7muILBy8uNeXGaRNeh7xRJHb+HF
+7eEjWvDrj2RQtaED3+1INj2bl5gR4vEt5VkWh6TVU40x4ea0V97Vm4ZO416b9L6I
+06Hp/H4L2oHEJUMdOfxhlipIXZeAxZ2lSHmGspfNRCybLAs/raVGBvq1/RSpRS+X
+vAXrKY9loLQYkufnJ3GlXmbn3eFOyxmA11Q9xTukB8qno9QI2KMxUH8N2cG0vYXB
+CXwK7XzaaZnKkk8K3Hgodpmh+2CIkt0nGwYXAFyb6RE=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://signon.hh.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://signon.hh.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">HH</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan i Halmstad</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hh.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan i Halmstad</Company>
+ <EmailAddress>Magnus.Moren@hh.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://shibboleth.net.lu.se/idp/shibboleth" xml:base="swamid-1.0/shibboleth.net.lu.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">lu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDOzCCAiOgAwIBAgIUHLaZATm8vxcp1L4T0A9woLa1naIwDQYJKoZIhvcNAQEF
+BQAwHzEdMBsGA1UEAxMUc2hpYmJvbGV0aC5uZXQubHUuc2UwHhcNMDkwOTMwMTE0
+ODIyWhcNMjkwOTMwMTE0ODIyWjAfMR0wGwYDVQQDExRzaGliYm9sZXRoLm5ldC5s
+dS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI+ayJjc9XUuSABN
+M0X1KTfxv2arrhq8BV59iG1I9x3+Ga8lU0HH6zNNhT+ezRzxpSzeaTZZ+RcMAJS5
+e6whhw4R92Ei25CNYQKalUwfGRP3X3shGttUXG2wdZ+5ruSje7LVBE7bS2Ek05TJ
+fnMc3O+hc5XwbpXBii2KqosrIS7kiR5FuUPOrMWE4Sr1zoE8TFhOOv8zf9AOLE++
+k6aqas7TW9KCT7W8eyHNbcevEW8VhHpM49OGyzsjuJ8X6KkKNm1rSJgLEnnBy5y+
+LuiM4Ad5LjAgcdetxGm5VgpOx8h5prX5H0R0+C8A9Pm50VuNuv9h9iLI0z42Qemm
+3A5vgrUCAwEAAaNvMG0wTAYDVR0RBEUwQ4IUc2hpYmJvbGV0aC5uZXQubHUuc2WG
+K2h0dHBzOi8vc2hpYmJvbGV0aC5uZXQubHUuc2UvaWRwL3NoaWJib2xldGgwHQYD
+VR0OBBYEFBlhR15/bdMDrBj/juMKUCB6K8TvMA0GCSqGSIb3DQEBBQUAA4IBAQBG
+XWHuslQiZD9yHWuQnMTYiB2cfp+82TNf0CIpoKzNPpcbUg4bX9NF8tyuCMAh6Tvf
+fNrkx++wXnbzjPmNKaryJDQGokz86pZdGRsNTt4dDDJSKCuSWP+kwCHf68/eklc1
+zB0hU4yYhR6vyoNz/UKA/jh6WyNPP6hoeq9XZinU+iMVIdRF5CPHM/tpbcdk6elP
+tJPbWzQInOy+wWmZvFnbN1qwvnlFkYNdH+R0QM2Pvkz7DUG2FqvsbtrKZvj/IHHh
+zlPsVj43MhXLVfk/EtgL8BmxjOW08uY3EDXl3hFwJB/XRURouZC3euoBgE41FMKb
+ADE1bHKRi4qX9DYfBN7g
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.net.lu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.net.lu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.net.lu.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.net.lu.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth.net.lu.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.net.lu.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">lu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDOzCCAiOgAwIBAgIUHLaZATm8vxcp1L4T0A9woLa1naIwDQYJKoZIhvcNAQEF
+BQAwHzEdMBsGA1UEAxMUc2hpYmJvbGV0aC5uZXQubHUuc2UwHhcNMDkwOTMwMTE0
+ODIyWhcNMjkwOTMwMTE0ODIyWjAfMR0wGwYDVQQDExRzaGliYm9sZXRoLm5ldC5s
+dS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAI+ayJjc9XUuSABN
+M0X1KTfxv2arrhq8BV59iG1I9x3+Ga8lU0HH6zNNhT+ezRzxpSzeaTZZ+RcMAJS5
+e6whhw4R92Ei25CNYQKalUwfGRP3X3shGttUXG2wdZ+5ruSje7LVBE7bS2Ek05TJ
+fnMc3O+hc5XwbpXBii2KqosrIS7kiR5FuUPOrMWE4Sr1zoE8TFhOOv8zf9AOLE++
+k6aqas7TW9KCT7W8eyHNbcevEW8VhHpM49OGyzsjuJ8X6KkKNm1rSJgLEnnBy5y+
+LuiM4Ad5LjAgcdetxGm5VgpOx8h5prX5H0R0+C8A9Pm50VuNuv9h9iLI0z42Qemm
+3A5vgrUCAwEAAaNvMG0wTAYDVR0RBEUwQ4IUc2hpYmJvbGV0aC5uZXQubHUuc2WG
+K2h0dHBzOi8vc2hpYmJvbGV0aC5uZXQubHUuc2UvaWRwL3NoaWJib2xldGgwHQYD
+VR0OBBYEFBlhR15/bdMDrBj/juMKUCB6K8TvMA0GCSqGSIb3DQEBBQUAA4IBAQBG
+XWHuslQiZD9yHWuQnMTYiB2cfp+82TNf0CIpoKzNPpcbUg4bX9NF8tyuCMAh6Tvf
+fNrkx++wXnbzjPmNKaryJDQGokz86pZdGRsNTt4dDDJSKCuSWP+kwCHf68/eklc1
+zB0hU4yYhR6vyoNz/UKA/jh6WyNPP6hoeq9XZinU+iMVIdRF5CPHM/tpbcdk6elP
+tJPbWzQInOy+wWmZvFnbN1qwvnlFkYNdH+R0QM2Pvkz7DUG2FqvsbtrKZvj/IHHh
+zlPsVj43MhXLVfk/EtgL8BmxjOW08uY3EDXl3hFwJB/XRURouZC3euoBgE41FMKb
+ADE1bHKRi4qX9DYfBN7g
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.net.lu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.net.lu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+
+ <Organization>
+ <OrganizationName xml:lang="en">LU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lunds universitet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Lunds universitet</Company>
+ <EmailAddress>Marika.Cochinescu@ldc.lu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.lnu.se/idp/shibboleth" xml:base="swamid-1.0/idp.lnu.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">lnu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEmzCCA4OgAwIBAgILAQAAAAABJCUIvfswDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MTAwNTEzMzEwNVoXDTEyMTAwNTEzMzEwNVowTDELMAkGA1UEBhMCU0UxGzAZBgNV
+BAoTEkhvZ3Nrb2xhbiBpIEthbG1hcjELMAkGA1UECxMCSVQxEzARBgNVBAMTCmlk
+cC5sbnUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRORVY50+Y
+2rmvFJS4HSE3EZKXb0UpVj2CfW9D4Vlww78CiqV0KV8HW53XHYlOUK7S+I94adaG
+XoXq19HjqjRi8979qfqzKwICRlkVFBnWkY7N5vo//pStClwdTNv+OihlDY+IA9HN
+QXrWjWTzHCbRguYBEmR0gp7l4tlqILkOCCx1yT5uia4EiJvrSFoIV/iYTQBLaGkc
+ZdO109GqUx5UJB5XxgUoT0k0rOgg1OHsOvkNGOV4/HzkwWUGIaJy462LlLBcmlXg
+IHfDCMH6lg9pBLig4nDlM2W0KzvMID7zagxFJG+K3eMjdkoK1mK12TTz24bifDpf
+XPnbSRKpkLYpAgMBAAGjggFpMIIBZTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4
+BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5
+L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgcl
+N8lCSlt2d1DhMB0GA1UdDgQWBBQCNc1rrFMLNldAEde83Hr98intIzA6BgNVHR8E
+MzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFs
+LmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUu
+Z2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwFQYDVR0RBA4wDIIKaWRwLmxudS5zZTANBgkq
+hkiG9w0BAQUFAAOCAQEAkvJr6ePi1/sSyKtaf1xdOGwde1AteooA0Z9CxG6Ddz2v
+fPbpffm08gnhXr8T2zFnjZN6r1ac3kBFSKQRWOfJiLWwjmJ6wbRYCVDjeTN++Tdf
+IZVsj7l5uyGfM2FjKwRd79Qy33KOb4KtcwgkUs6yqScb0Eeew9q+flkJItaEloaL
+nsANXWIYSHmsKeMX/1M+TqMOmUCOExgqTr4yHou54m2SdxcMGJgJp2jcmdF6gbjo
+091ewSnuK+fccVratYgDd4EX3J6uZQnICjIAJ9e44Ab1WhBPQ0Aa+W/52qjbT4yK
+1qXbJLIBEw2yRiL7ayAgirIbuJUR/7+zQVxYX9NyJw==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.lnu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.lnu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.lnu.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.lnu.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.lnu.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.lnu.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">lnu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEmzCCA4OgAwIBAgILAQAAAAABJCUIvfswDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5
+MTAwNTEzMzEwNVoXDTEyMTAwNTEzMzEwNVowTDELMAkGA1UEBhMCU0UxGzAZBgNV
+BAoTEkhvZ3Nrb2xhbiBpIEthbG1hcjELMAkGA1UECxMCSVQxEzARBgNVBAMTCmlk
+cC5sbnUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRORVY50+Y
+2rmvFJS4HSE3EZKXb0UpVj2CfW9D4Vlww78CiqV0KV8HW53XHYlOUK7S+I94adaG
+XoXq19HjqjRi8979qfqzKwICRlkVFBnWkY7N5vo//pStClwdTNv+OihlDY+IA9HN
+QXrWjWTzHCbRguYBEmR0gp7l4tlqILkOCCx1yT5uia4EiJvrSFoIV/iYTQBLaGkc
+ZdO109GqUx5UJB5XxgUoT0k0rOgg1OHsOvkNGOV4/HzkwWUGIaJy462LlLBcmlXg
+IHfDCMH6lg9pBLig4nDlM2W0KzvMID7zagxFJG+K3eMjdkoK1mK12TTz24bifDpf
+XPnbSRKpkLYpAgMBAAGjggFpMIIBZTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4
+BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5
+L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgcl
+N8lCSlt2d1DhMB0GA1UdDgQWBBQCNc1rrFMLNldAEde83Hr98intIzA6BgNVHR8E
+MzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFs
+LmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUu
+Z2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAU
+BggrBgEFBQcDAQYIKwYBBQUHAwIwFQYDVR0RBA4wDIIKaWRwLmxudS5zZTANBgkq
+hkiG9w0BAQUFAAOCAQEAkvJr6ePi1/sSyKtaf1xdOGwde1AteooA0Z9CxG6Ddz2v
+fPbpffm08gnhXr8T2zFnjZN6r1ac3kBFSKQRWOfJiLWwjmJ6wbRYCVDjeTN++Tdf
+IZVsj7l5uyGfM2FjKwRd79Qy33KOb4KtcwgkUs6yqScb0Eeew9q+flkJItaEloaL
+nsANXWIYSHmsKeMX/1M+TqMOmUCOExgqTr4yHou54m2SdxcMGJgJp2jcmdF6gbjo
+091ewSnuK+fccVratYgDd4EX3J6uZQnICjIAJ9e44Ab1WhBPQ0Aa+W/52qjbT4yK
+1qXbJLIBEw2yRiL7ayAgirIbuJUR/7+zQVxYX9NyJw==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.lnu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.lnu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">LNU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Linnéuniversitetet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lnu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Linnéuniversitetet</Company>
+ <EmailAddress>tomas.hautala@vxu.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://hbidp.hb.se/idp/shibboleth" xml:base="swamid-1.0/hbidp.hb.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hb.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEfjCCA2agAwIBAgIQQh0tAUo8tbGvjLhvMULUFjANBgkqhkiG9w0BAQUFADA2
+MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
+U1NMIENBMB4XDTA5MTAwMTAwMDAwMFoXDTEyMDkzMDIzNTk1OVowTjELMAkGA1UE
+BhMCU0UxHDAaBgNVBAoME0jDtmdza29sYW4gaSBCb3LDpXMxCzAJBgNVBAsTAklU
+MRQwEgYDVQQDEwtoYmlkcC5oYi5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBANmhPsWXpER8PlBGqHtoR1hsTeLWqTRGhaFm9Vuc57qf7xd328jkwZ3C
+tyBL65rNHYI/EVrsiA5nNAm/NLuPl5Wh8IOztI26XcHgNhYgqe6Tlpw5kN4pn0ME
++KAMAGKh1PAaKP2E3sHN2k3QdqHU0hesmaFHRAm+9JqcP++Frkdr1WVIcxYniOBa
+dorbeA+Mui3WaMsUm/tkYTOOQ3QCHi2VT9U6JOIVyuyIjX6slHhS2LkCSAKn4sKD
+DUVaeSyTxWrH12Dx/mMd8BfXV8XkjBbDNzfFizxTzHsdrj8K8y9ggGiv5+g1Mmsf
+2ehMfEhN0TNtVLaiw9Br2N7XSLLGuaMCAwEAAaOCAW4wggFqMB8GA1UdIwQYMBaA
+FAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBRNDaiYtvTh/NO79ufN3n7k
+Zx6CjjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICHTA6BgNV
+HR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNT
+TENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQu
+dGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRw
+Oi8vb2NzcC50Y3MudGVyZW5hLm9yZzAmBgNVHREEHzAdggtoYmlkcC5oYi5zZYIO
+dm0taGJpZHAuaGIuc2UwDQYJKoZIhvcNAQEFBQADggEBACUT4mjeYXLYfWz4oKhH
+ou/S52jlhiVtskXArO7Ntxk0Oy6tpSkRYgyBN4NDuaFfS//69Et4kQWfxpe7tS8X
+t2cEEtTRhYhwBpBHCMnixRxcoYyeH60fnHoeCn+w7HmD+ffyRojbtcE86O+7bRTP
+J2xZfZxoRzyEYBVfLBEcBSOYTQrlIBtZmZS/w4whSQs5ruf5X9Wj7BrFLjo8nnli
+rA6Msf8vaeuR1RNKQFHIx/vX3Aj+s2E4rq+L9O3BDAyfc1vKiNy8LLhlvYUFl9If
+NtlzTU8oxWfErMa+Y2BMXWIALruQgeQrFxbO/k4RoPBHRvCul0uUsxak1IFtfT0x
+9Ks=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://hbidp.hb.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://hbidp.hb.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://hbidp.hb.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://hbidp.hb.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://hbidp.hb.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://hbidp.hb.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hb.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIEfjCCA2agAwIBAgIQQh0tAUo8tbGvjLhvMULUFjANBgkqhkiG9w0BAQUFADA2
+MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
+U1NMIENBMB4XDTA5MTAwMTAwMDAwMFoXDTEyMDkzMDIzNTk1OVowTjELMAkGA1UE
+BhMCU0UxHDAaBgNVBAoME0jDtmdza29sYW4gaSBCb3LDpXMxCzAJBgNVBAsTAklU
+MRQwEgYDVQQDEwtoYmlkcC5oYi5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBANmhPsWXpER8PlBGqHtoR1hsTeLWqTRGhaFm9Vuc57qf7xd328jkwZ3C
+tyBL65rNHYI/EVrsiA5nNAm/NLuPl5Wh8IOztI26XcHgNhYgqe6Tlpw5kN4pn0ME
++KAMAGKh1PAaKP2E3sHN2k3QdqHU0hesmaFHRAm+9JqcP++Frkdr1WVIcxYniOBa
+dorbeA+Mui3WaMsUm/tkYTOOQ3QCHi2VT9U6JOIVyuyIjX6slHhS2LkCSAKn4sKD
+DUVaeSyTxWrH12Dx/mMd8BfXV8XkjBbDNzfFizxTzHsdrj8K8y9ggGiv5+g1Mmsf
+2ehMfEhN0TNtVLaiw9Br2N7XSLLGuaMCAwEAAaOCAW4wggFqMB8GA1UdIwQYMBaA
+FAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBRNDaiYtvTh/NO79ufN3n7k
+Zx6CjjAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggr
+BgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICHTA6BgNV
+HR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNT
+TENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQu
+dGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRw
+Oi8vb2NzcC50Y3MudGVyZW5hLm9yZzAmBgNVHREEHzAdggtoYmlkcC5oYi5zZYIO
+dm0taGJpZHAuaGIuc2UwDQYJKoZIhvcNAQEFBQADggEBACUT4mjeYXLYfWz4oKhH
+ou/S52jlhiVtskXArO7Ntxk0Oy6tpSkRYgyBN4NDuaFfS//69Et4kQWfxpe7tS8X
+t2cEEtTRhYhwBpBHCMnixRxcoYyeH60fnHoeCn+w7HmD+ffyRojbtcE86O+7bRTP
+J2xZfZxoRzyEYBVfLBEcBSOYTQrlIBtZmZS/w4whSQs5ruf5X9Wj7BrFLjo8nnli
+rA6Msf8vaeuR1RNKQFHIx/vX3Aj+s2E4rq+L9O3BDAyfc1vKiNy8LLhlvYUFl9If
+NtlzTU8oxWfErMa+Y2BMXWIALruQgeQrFxbO/k4RoPBHRvCul0uUsxak1IFtfT0x
+9Ks=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://hbidp.hb.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://hbidp.hb.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">HB</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan i Borås</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hb.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan i Borås</Company>
+ <EmailAddress>mikael.furth@hb.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://shib-idp-1.oru.se/idp/shibboleth" xml:base="swamid-1.0/shib-idp-1.oru.se.xml">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">oru.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMDCCAhigAwIBAgIVALJU7HH8NWybHvd6JV9KLneiEBQ9MA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXNoaWItaWRwLTEub3J1LnNlMB4XDTA5MTAyNjEwMjU1
+NVoXDTI5MTAyNjA5MjU1NVowHDEaMBgGA1UEAxMRc2hpYi1pZHAtMS5vcnUuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7J4bgJcpbTuu4SD8pYvDC
+D5lRoaxVTvvacSPEIt2FUTGfa+smWLJvaoxL7eaP517Re9xqqw0MyRZ2fjyDW2GU
+z84RhCMQemT6EccDCEDwubkjoq41QQFbOsk/uh40Q0a/fOniP+e9cDpq57vQTux6
+a1tFNHgbOVR/1PsCksVsY6tdVbR364otqKXIti8ddYmPB5ax5Qr4+ezD7MJwitvN
+NyOgZZ2qM8P7Y1rMN+kKb4OTPHLIhVUiCRtww3p/9HTZOhjxRZbDKNLVQjHCwv9N
+pKh+cON1k5YGSEYba28z1ZuKKvVq6cCMcgndTiMA0R8LxMi3psbWB6rohddoo8E9
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXNoaWItaWRwLTEub3J1LnNlhihodHRwczov
+L3NoaWItaWRwLTEub3J1LnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBSJG9Hv
+5hKDK9iBmJYEU3Hg0DZZPzANBgkqhkiG9w0BAQUFAAOCAQEAC1tgenssXaACi4b0
+O+j5Qno3bjq35y+cj0OC/Za2lBuD10zYiySOMcuxg7WdPDiiTKtoBdYkRRN6oKiT
+ix3hLTwuU3PjLTIZ83ytNgezEa6oK+iCGi/ecz2ax77QZ9rqpQCRNudIZjbTN6SO
+x+FduJkHovXk0Z9zfp5YZzJG2ViPYemurS8OEofkJXQKgmoFmw+LycSTMx2G6rnN
+SqQVF5wbEc9N1wy/sisZQ8yw4Err6mDAChcnrGtfFQ5aR89Xrb2VIkaOTRysytEQ
+JCVUOimhAjCyTt7bIWWH3Y1VYBQ9PfklNyHfusJ3AjqnuqYjoDiDKEz42EqLnq71
+Pz8R3A==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp-1.oru.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib-idp-1.oru.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib-idp-1.oru.se/idp/profile/Shibboleth/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shib-idp-1.oru.se/idp/profile/SAML2/POST/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shib-idp-1.oru.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shib-idp-1.oru.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">oru.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMDCCAhigAwIBAgIVALJU7HH8NWybHvd6JV9KLneiEBQ9MA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXNoaWItaWRwLTEub3J1LnNlMB4XDTA5MTAyNjEwMjU1
+NVoXDTI5MTAyNjA5MjU1NVowHDEaMBgGA1UEAxMRc2hpYi1pZHAtMS5vcnUuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC7J4bgJcpbTuu4SD8pYvDC
+D5lRoaxVTvvacSPEIt2FUTGfa+smWLJvaoxL7eaP517Re9xqqw0MyRZ2fjyDW2GU
+z84RhCMQemT6EccDCEDwubkjoq41QQFbOsk/uh40Q0a/fOniP+e9cDpq57vQTux6
+a1tFNHgbOVR/1PsCksVsY6tdVbR364otqKXIti8ddYmPB5ax5Qr4+ezD7MJwitvN
+NyOgZZ2qM8P7Y1rMN+kKb4OTPHLIhVUiCRtww3p/9HTZOhjxRZbDKNLVQjHCwv9N
+pKh+cON1k5YGSEYba28z1ZuKKvVq6cCMcgndTiMA0R8LxMi3psbWB6rohddoo8E9
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXNoaWItaWRwLTEub3J1LnNlhihodHRwczov
+L3NoaWItaWRwLTEub3J1LnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBSJG9Hv
+5hKDK9iBmJYEU3Hg0DZZPzANBgkqhkiG9w0BAQUFAAOCAQEAC1tgenssXaACi4b0
+O+j5Qno3bjq35y+cj0OC/Za2lBuD10zYiySOMcuxg7WdPDiiTKtoBdYkRRN6oKiT
+ix3hLTwuU3PjLTIZ83ytNgezEa6oK+iCGi/ecz2ax77QZ9rqpQCRNudIZjbTN6SO
+x+FduJkHovXk0Z9zfp5YZzJG2ViPYemurS8OEofkJXQKgmoFmw+LycSTMx2G6rnN
+SqQVF5wbEc9N1wy/sisZQ8yw4Err6mDAChcnrGtfFQ5aR89Xrb2VIkaOTRysytEQ
+JCVUOimhAjCyTt7bIWWH3Y1VYBQ9PfklNyHfusJ3AjqnuqYjoDiDKEz42EqLnq71
+Pz8R3A==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp-1.oru.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shib-idp-1.oru.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ORU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Örebro Universitet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.oru.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Jonny</GivenName>
+ <SurName>Ehrnberg</SurName>
+ <EmailAddress>jonny.ehrnberg@oru.se</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Mikael</GivenName>
+ <SurName>Borjesson</SurName>
+ <EmailAddress>mikael.borjesson@oru.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://tcs-escience.sunet.se/simplesamlphp/module.php/saml/sp/metadata.php/default-sp" xml:base="swamid-1.0/tcs-escience.sunet.se.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEdzCCA1+gAwIBAgIRALU7cnfbLc1oJeZ3jRMsuAswDQYJKoZIhvcNAQEFBQAwNjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5BIFNTTCBDQTAeFw0xMDAxMjIwMDAwMDBaFw0xMzAxMjEyMzU5NTlaMEUxCzAJBgNVBAYTAk5MMQ8wDQYDVQQKEwZURVJFTkExJTAjBgNVBAMTHHRjcy1lc2NpZW5jZS1zYW1sLnRlcmVuYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSe/BpU3VSa/KtSlrHIzeARGMIGg0M6ZH5eYNHSfyNV4YEYrdUhWNUHLujB4KWiCQnqZMHax3g1yiY/7f0sFzng7sMKsGECMx1RXhrBtH15IabwPQHtO25+kpUKsaeprJXh1PneKBmZ61DnDlcsJw5AGjDFL3p1iuNn/6AXMn9GibhZbe2b2gSb+e/89i9NhEpEJQgR90dzRre+xrAQjV3ahrGGs9AV4ENVP9uaH5i/h3MZG7QRZTnxSn57UTEiSWd/6LILH5IcfvhEkPPDmlXQtF9VhGXKYZBY83f0Lo8TUVtcZVxK1YU7Sb1/OY2EsKENB5dmjtZRe6rp3RgWGDrAgMBAAGjggFvMIIBazAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQUFDOLIP6//PMYotoXXSVbz65lyAIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwJwYDVR0RBCAwHoIcdGNzLWVzY2llbmNlLXNhbWwudGVyZW5hLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEApwOOAu4LUJgYdO2/sgtszmDD7aePHEgWZ7aTYKj7qVXM33TOJmqvNE2DvPmccuPt5lRHUXt1Zac4HAHaK/r6LTQRf9O9z8+T/pjqbiZD8FfZkYaCBHGU4uPXakyEgyAzUmPh5zQOIxbdoKEd9NsRmomDaZLnMn0Vc+dDxexVlDpnGzK7Du68qIS9EyzyiEHYRF6lsnwuwTAN+XYf+c8lS64H82Z3tBuFknMiI1AjV6hbJzvv3D/YBrDGehrumCtg0aKi5EFIgXg4lGj3lV4Q1Y/p0FiuosTZpIyIjTLzJ05Hvp3If6mXlxXGAWXuHYx22FwQ7v8cOCkTfmGwheeKjg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEdzCCA1+gAwIBAgIRALU7cnfbLc1oJeZ3jRMsuAswDQYJKoZIhvcNAQEFBQAwNjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5BIFNTTCBDQTAeFw0xMDAxMjIwMDAwMDBaFw0xMzAxMjEyMzU5NTlaMEUxCzAJBgNVBAYTAk5MMQ8wDQYDVQQKEwZURVJFTkExJTAjBgNVBAMTHHRjcy1lc2NpZW5jZS1zYW1sLnRlcmVuYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSe/BpU3VSa/KtSlrHIzeARGMIGg0M6ZH5eYNHSfyNV4YEYrdUhWNUHLujB4KWiCQnqZMHax3g1yiY/7f0sFzng7sMKsGECMx1RXhrBtH15IabwPQHtO25+kpUKsaeprJXh1PneKBmZ61DnDlcsJw5AGjDFL3p1iuNn/6AXMn9GibhZbe2b2gSb+e/89i9NhEpEJQgR90dzRre+xrAQjV3ahrGGs9AV4ENVP9uaH5i/h3MZG7QRZTnxSn57UTEiSWd/6LILH5IcfvhEkPPDmlXQtF9VhGXKYZBY83f0Lo8TUVtcZVxK1YU7Sb1/OY2EsKENB5dmjtZRe6rp3RgWGDrAgMBAAGjggFvMIIBazAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQUFDOLIP6//PMYotoXXSVbz65lyAIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwJwYDVR0RBCAwHoIcdGNzLWVzY2llbmNlLXNhbWwudGVyZW5hLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEApwOOAu4LUJgYdO2/sgtszmDD7aePHEgWZ7aTYKj7qVXM33TOJmqvNE2DvPmccuPt5lRHUXt1Zac4HAHaK/r6LTQRf9O9z8+T/pjqbiZD8FfZkYaCBHGU4uPXakyEgyAzUmPh5zQOIxbdoKEd9NsRmomDaZLnMn0Vc+dDxexVlDpnGzK7Du68qIS9EyzyiEHYRF6lsnwuwTAN+XYf+c8lS64H82Z3tBuFknMiI1AjV6hbJzvv3D/YBrDGehrumCtg0aKi5EFIgXg4lGj3lV4Q1Y/p0FiuosTZpIyIjTLzJ05Hvp3If6mXlxXGAWXuHYx22FwQ7v8cOCkTfmGwheeKjg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tcs-escience.sunet.se/simplesamlphp/module.php/saml/sp/saml2-logout.php/default-sp"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tcs-escience.sunet.se/simplesamlphp/module.php/saml/sp/saml2-acs.php/default-sp" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tcs-escience.sunet.se/simplesamlphp/module.php/saml/sp/saml1-acs.php/default-sp" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tcs-escience.sunet.se/simplesamlphp/module.php/saml/sp/saml2-acs.php/default-sp" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://tcs-escience.sunet.se/simplesamlphp/module.php/saml/sp/saml1-acs.php/default-sp/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>UvT</md:GivenName>
+ <md:SurName>LIS Unix</md:SurName>
+ <md:EmailAddress>lis-unix@uvt.nl</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://tcs-personal.sunet.se/simplesamlphp/module.php/saml/sp/metadata.php/default-sp" xml:base="swamid-1.0/tcs-personal.sunet.se.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEdjCCA16gAwIBAgIQaDG9O4Jn+97HiMuVnaMmcDANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTEwMDEyMjAwMDAwMFoXDTEzMDEyMTIzNTk1OVowRTELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTElMCMGA1UEAxMcdGNzLXBlcnNvbmFsLXNhbWwudGVyZW5hLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBcWpnN9ebHCveyj0WRiPOylNZXR+KG1uRaiTTT0gDjeajlUlZioQGLX0uoxqWy9D/l86LrAq6VEHX4OaBA+Xz0QonTcLz2ri1Vf1GYDjHtInc+UO6pMQHKCdbxMfS97dUXqz++H25xav/cdSPxXvc9a9mIb3DT2yaR9qsUIR2kGxXqdwoZ1fClQLJOPvEGonvlxxNBfLvaJuhvIGtKx0IXvGdnXEl3bzvp2bGPAwUxSEnFcnhjr4qmIs5QEqaqkSOmfKqwv+v2GCXdUOBjkELGVO4475tR4ouIi5rVoWmx3Tg21m/AWa5UbTBdSS6Di6n2QXsk+0j1L/FVji6exhcCAwEAAaOCAW8wggFrMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBSg83c02TvstcJr9ZOENi88KnuA+jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAnBgNVHREEIDAeghx0Y3MtcGVyc29uYWwtc2FtbC50ZXJlbmEub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQA12FYPotUO78yJ3gIa97kuYcQTX8ZwZXWm5hG39UOedTFCn7zFWCcmksL3BrT0rKp3KvRYkmQ9sQ28biv8kOfM0zlOhy7RMNCY/J5jKQpwdiRIWpzbcf+OfDmTmzBcxHJFEU8MwYjWUEwUbAfe+AYagTCZvYVx3tyfP0patzWDvg+c40nDFS4VGQ9NU9cPh1s+uYTblzh0SwDFWleT//JZELcRprsj9lEqH8wyNOEQEmtoEQn25lEpyEY4PacA7oKO95YdUEbqdlxkqtP69W8MpSKUyEXLW0fXBtoD86m7jEZD+V/5QyV8S9VUVCy+u3y2XmFeXbvUqzJHz9x3N25I</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEdjCCA16gAwIBAgIQaDG9O4Jn+97HiMuVnaMmcDANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTEwMDEyMjAwMDAwMFoXDTEzMDEyMTIzNTk1OVowRTELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTElMCMGA1UEAxMcdGNzLXBlcnNvbmFsLXNhbWwudGVyZW5hLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBcWpnN9ebHCveyj0WRiPOylNZXR+KG1uRaiTTT0gDjeajlUlZioQGLX0uoxqWy9D/l86LrAq6VEHX4OaBA+Xz0QonTcLz2ri1Vf1GYDjHtInc+UO6pMQHKCdbxMfS97dUXqz++H25xav/cdSPxXvc9a9mIb3DT2yaR9qsUIR2kGxXqdwoZ1fClQLJOPvEGonvlxxNBfLvaJuhvIGtKx0IXvGdnXEl3bzvp2bGPAwUxSEnFcnhjr4qmIs5QEqaqkSOmfKqwv+v2GCXdUOBjkELGVO4475tR4ouIi5rVoWmx3Tg21m/AWa5UbTBdSS6Di6n2QXsk+0j1L/FVji6exhcCAwEAAaOCAW8wggFrMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBSg83c02TvstcJr9ZOENi88KnuA+jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAnBgNVHREEIDAeghx0Y3MtcGVyc29uYWwtc2FtbC50ZXJlbmEub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQA12FYPotUO78yJ3gIa97kuYcQTX8ZwZXWm5hG39UOedTFCn7zFWCcmksL3BrT0rKp3KvRYkmQ9sQ28biv8kOfM0zlOhy7RMNCY/J5jKQpwdiRIWpzbcf+OfDmTmzBcxHJFEU8MwYjWUEwUbAfe+AYagTCZvYVx3tyfP0patzWDvg+c40nDFS4VGQ9NU9cPh1s+uYTblzh0SwDFWleT//JZELcRprsj9lEqH8wyNOEQEmtoEQn25lEpyEY4PacA7oKO95YdUEbqdlxkqtP69W8MpSKUyEXLW0fXBtoD86m7jEZD+V/5QyV8S9VUVCy+u3y2XmFeXbvUqzJHz9x3N25I</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tcs-personal.sunet.se/simplesamlphp/module.php/saml/sp/saml2-logout.php/default-sp"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tcs-personal.sunet.se/simplesamlphp/module.php/saml/sp/saml2-acs.php/default-sp" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tcs-personal.sunet.se/simplesamlphp/module.php/saml/sp/saml1-acs.php/default-sp" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tcs-personal.sunet.se/simplesamlphp/module.php/saml/sp/saml2-acs.php/default-sp" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://tcs-personal.sunet.se/simplesamlphp/module.php/saml/sp/saml1-acs.php/default-sp/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>UvT</md:GivenName>
+ <md:SurName>LIS Unix</md:SurName>
+ <md:EmailAddress>lis-unix@uvt.nl</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://tcs-escience-portal.terena.org/simplesamlphp/module.php/saml/sp/metadata.php/default-sp" xml:base="swamid-1.0/tcs-escience-portal.terena.org.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEdzCCA1+gAwIBAgIRALU7cnfbLc1oJeZ3jRMsuAswDQYJKoZIhvcNAQEFBQAwNjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5BIFNTTCBDQTAeFw0xMDAxMjIwMDAwMDBaFw0xMzAxMjEyMzU5NTlaMEUxCzAJBgNVBAYTAk5MMQ8wDQYDVQQKEwZURVJFTkExJTAjBgNVBAMTHHRjcy1lc2NpZW5jZS1zYW1sLnRlcmVuYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSe/BpU3VSa/KtSlrHIzeARGMIGg0M6ZH5eYNHSfyNV4YEYrdUhWNUHLujB4KWiCQnqZMHax3g1yiY/7f0sFzng7sMKsGECMx1RXhrBtH15IabwPQHtO25+kpUKsaeprJXh1PneKBmZ61DnDlcsJw5AGjDFL3p1iuNn/6AXMn9GibhZbe2b2gSb+e/89i9NhEpEJQgR90dzRre+xrAQjV3ahrGGs9AV4ENVP9uaH5i/h3MZG7QRZTnxSn57UTEiSWd/6LILH5IcfvhEkPPDmlXQtF9VhGXKYZBY83f0Lo8TUVtcZVxK1YU7Sb1/OY2EsKENB5dmjtZRe6rp3RgWGDrAgMBAAGjggFvMIIBazAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQUFDOLIP6//PMYotoXXSVbz65lyAIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwJwYDVR0RBCAwHoIcdGNzLWVzY2llbmNlLXNhbWwudGVyZW5hLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEApwOOAu4LUJgYdO2/sgtszmDD7aePHEgWZ7aTYKj7qVXM33TOJmqvNE2DvPmccuPt5lRHUXt1Zac4HAHaK/r6LTQRf9O9z8+T/pjqbiZD8FfZkYaCBHGU4uPXakyEgyAzUmPh5zQOIxbdoKEd9NsRmomDaZLnMn0Vc+dDxexVlDpnGzK7Du68qIS9EyzyiEHYRF6lsnwuwTAN+XYf+c8lS64H82Z3tBuFknMiI1AjV6hbJzvv3D/YBrDGehrumCtg0aKi5EFIgXg4lGj3lV4Q1Y/p0FiuosTZpIyIjTLzJ05Hvp3If6mXlxXGAWXuHYx22FwQ7v8cOCkTfmGwheeKjg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEdzCCA1+gAwIBAgIRALU7cnfbLc1oJeZ3jRMsuAswDQYJKoZIhvcNAQEFBQAwNjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5BIFNTTCBDQTAeFw0xMDAxMjIwMDAwMDBaFw0xMzAxMjEyMzU5NTlaMEUxCzAJBgNVBAYTAk5MMQ8wDQYDVQQKEwZURVJFTkExJTAjBgNVBAMTHHRjcy1lc2NpZW5jZS1zYW1sLnRlcmVuYS5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDSe/BpU3VSa/KtSlrHIzeARGMIGg0M6ZH5eYNHSfyNV4YEYrdUhWNUHLujB4KWiCQnqZMHax3g1yiY/7f0sFzng7sMKsGECMx1RXhrBtH15IabwPQHtO25+kpUKsaeprJXh1PneKBmZ61DnDlcsJw5AGjDFL3p1iuNn/6AXMn9GibhZbe2b2gSb+e/89i9NhEpEJQgR90dzRre+xrAQjV3ahrGGs9AV4ENVP9uaH5i/h3MZG7QRZTnxSn57UTEiSWd/6LILH5IcfvhEkPPDmlXQtF9VhGXKYZBY83f0Lo8TUVtcZVxK1YU7Sb1/OY2EsKENB5dmjtZRe6rp3RgWGDrAgMBAAGjggFvMIIBazAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQUFDOLIP6//PMYotoXXSVbz65lyAIwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYBBAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5hLm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAChilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggrBgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwJwYDVR0RBCAwHoIcdGNzLWVzY2llbmNlLXNhbWwudGVyZW5hLm9yZzANBgkqhkiG9w0BAQUFAAOCAQEApwOOAu4LUJgYdO2/sgtszmDD7aePHEgWZ7aTYKj7qVXM33TOJmqvNE2DvPmccuPt5lRHUXt1Zac4HAHaK/r6LTQRf9O9z8+T/pjqbiZD8FfZkYaCBHGU4uPXakyEgyAzUmPh5zQOIxbdoKEd9NsRmomDaZLnMn0Vc+dDxexVlDpnGzK7Du68qIS9EyzyiEHYRF6lsnwuwTAN+XYf+c8lS64H82Z3tBuFknMiI1AjV6hbJzvv3D/YBrDGehrumCtg0aKi5EFIgXg4lGj3lV4Q1Y/p0FiuosTZpIyIjTLzJ05Hvp3If6mXlxXGAWXuHYx22FwQ7v8cOCkTfmGwheeKjg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tcs-escience-portal.terena.org/simplesamlphp/module.php/saml/sp/saml2-logout.php/default-sp"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tcs-escience-portal.terena.org/simplesamlphp/module.php/saml/sp/saml2-acs.php/default-sp" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tcs-escience-portal.terena.org/simplesamlphp/module.php/saml/sp/saml1-acs.php/default-sp" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tcs-escience-portal.terena.org/simplesamlphp/module.php/saml/sp/saml2-acs.php/default-sp" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://tcs-escience-portal.terena.org/simplesamlphp/module.php/saml/sp/saml1-acs.php/default-sp/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>UvT</md:GivenName>
+ <md:SurName>LIS Unix</md:SurName>
+ <md:EmailAddress>lis-unix@uvt.nl</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://tcs-personal-portal.terena.org/simplesamlphp/module.php/saml/sp/metadata.php/default-sp" xml:base="swamid-1.0/tcs-personal-portal.terena.org.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEdjCCA16gAwIBAgIQaDG9O4Jn+97HiMuVnaMmcDANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTEwMDEyMjAwMDAwMFoXDTEzMDEyMTIzNTk1OVowRTELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTElMCMGA1UEAxMcdGNzLXBlcnNvbmFsLXNhbWwudGVyZW5hLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBcWpnN9ebHCveyj0WRiPOylNZXR+KG1uRaiTTT0gDjeajlUlZioQGLX0uoxqWy9D/l86LrAq6VEHX4OaBA+Xz0QonTcLz2ri1Vf1GYDjHtInc+UO6pMQHKCdbxMfS97dUXqz++H25xav/cdSPxXvc9a9mIb3DT2yaR9qsUIR2kGxXqdwoZ1fClQLJOPvEGonvlxxNBfLvaJuhvIGtKx0IXvGdnXEl3bzvp2bGPAwUxSEnFcnhjr4qmIs5QEqaqkSOmfKqwv+v2GCXdUOBjkELGVO4475tR4ouIi5rVoWmx3Tg21m/AWa5UbTBdSS6Di6n2QXsk+0j1L/FVji6exhcCAwEAAaOCAW8wggFrMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBSg83c02TvstcJr9ZOENi88KnuA+jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAnBgNVHREEIDAeghx0Y3MtcGVyc29uYWwtc2FtbC50ZXJlbmEub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQA12FYPotUO78yJ3gIa97kuYcQTX8ZwZXWm5hG39UOedTFCn7zFWCcmksL3BrT0rKp3KvRYkmQ9sQ28biv8kOfM0zlOhy7RMNCY/J5jKQpwdiRIWpzbcf+OfDmTmzBcxHJFEU8MwYjWUEwUbAfe+AYagTCZvYVx3tyfP0patzWDvg+c40nDFS4VGQ9NU9cPh1s+uYTblzh0SwDFWleT//JZELcRprsj9lEqH8wyNOEQEmtoEQn25lEpyEY4PacA7oKO95YdUEbqdlxkqtP69W8MpSKUyEXLW0fXBtoD86m7jEZD+V/5QyV8S9VUVCy+u3y2XmFeXbvUqzJHz9x3N25I</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEdjCCA16gAwIBAgIQaDG9O4Jn+97HiMuVnaMmcDANBgkqhkiG9w0BAQUFADA2MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEgU1NMIENBMB4XDTEwMDEyMjAwMDAwMFoXDTEzMDEyMTIzNTk1OVowRTELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTElMCMGA1UEAxMcdGNzLXBlcnNvbmFsLXNhbWwudGVyZW5hLm9yZzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANBcWpnN9ebHCveyj0WRiPOylNZXR+KG1uRaiTTT0gDjeajlUlZioQGLX0uoxqWy9D/l86LrAq6VEHX4OaBA+Xz0QonTcLz2ri1Vf1GYDjHtInc+UO6pMQHKCdbxMfS97dUXqz++H25xav/cdSPxXvc9a9mIb3DT2yaR9qsUIR2kGxXqdwoZ1fClQLJOPvEGonvlxxNBfLvaJuhvIGtKx0IXvGdnXEl3bzvp2bGPAwUxSEnFcnhjr4qmIs5QEqaqkSOmfKqwv+v2GCXdUOBjkELGVO4475tR4ouIi5rVoWmx3Tg21m/AWa5UbTBdSS6Di6n2QXsk+0j1L/FVji6exhcCAwEAAaOCAW8wggFrMB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQWBBSg83c02TvstcJr9ZOENi88KnuA+jAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzANBgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYBBQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAnBgNVHREEIDAeghx0Y3MtcGVyc29uYWwtc2FtbC50ZXJlbmEub3JnMA0GCSqGSIb3DQEBBQUAA4IBAQA12FYPotUO78yJ3gIa97kuYcQTX8ZwZXWm5hG39UOedTFCn7zFWCcmksL3BrT0rKp3KvRYkmQ9sQ28biv8kOfM0zlOhy7RMNCY/J5jKQpwdiRIWpzbcf+OfDmTmzBcxHJFEU8MwYjWUEwUbAfe+AYagTCZvYVx3tyfP0patzWDvg+c40nDFS4VGQ9NU9cPh1s+uYTblzh0SwDFWleT//JZELcRprsj9lEqH8wyNOEQEmtoEQn25lEpyEY4PacA7oKO95YdUEbqdlxkqtP69W8MpSKUyEXLW0fXBtoD86m7jEZD+V/5QyV8S9VUVCy+u3y2XmFeXbvUqzJHz9x3N25I</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tcs-personal-portal.terena.org/simplesamlphp/module.php/saml/sp/saml2-logout.php/default-sp"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tcs-personal-portal.terena.org/simplesamlphp/module.php/saml/sp/saml2-acs.php/default-sp" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tcs-personal-portal.terena.org/simplesamlphp/module.php/saml/sp/saml1-acs.php/default-sp" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tcs-personal-portal.terena.org/simplesamlphp/module.php/saml/sp/saml2-acs.php/default-sp" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://tcs-personal-portal.terena.org/simplesamlphp/module.php/saml/sp/saml1-acs.php/default-sp/artifact" index="3"/>
+ </md:SPSSODescriptor>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>UvT</md:GivenName>
+ <md:SurName>LIS Unix</md:SurName>
+ <md:EmailAddress>lis-unix@uvt.nl</md:EmailAddress>
+ </md:ContactPerson>
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://shibb1.hj.se/idp/shibboleth" xml:base="swamid-1.0/shibb1.hj.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hj.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUB7TrKFw9b8VuoROWwTsp8hJE5oowDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMc2hpYmIxLmhqLnNlMB4XDTA5MTAxMzA3MjcyNVoXDTI5
+MTAxMzA3MjcyNVowFzEVMBMGA1UEAxMMc2hpYmIxLmhqLnNlMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5R5pnnBvG4o7SW4uekwfFNvAvGSAGUf9lOu
+f7ui6bIi2J0j4mIJXbeVdGsUbXCFUKwoJB9AfBfQm/9V3Szwxk5qHoTOFOH0Y0MS
+FCimnTUv4j2lIeab980784pyfDD2dBgMzsWmFra8JXg6Y66Ag3TXTYQOX1Bodr6W
+Lff27tYfoEiUqfL1WRE3KeH2EzVaTf53zHrMwlbAifB+jhdA7AIJw9gGpMuUpzB4
+sPR5tD/M/SUJPIz37YyGbmpI3pqGoabpvZ8bBWut4Z1EnUFtd7fIwt5UMbFc4i5/
+gUL3jKpDHO7mKfZq8BstcWkgzZ1x0HHRWZFFzfowQytvHea3ewIDAQABo18wXTA8
+BgNVHREENTAzggxzaGliYjEuaGouc2WGI2h0dHBzOi8vc2hpYmIxLmhqLnNlL2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBS2nNJVvFq4dsSheCENArwBFmDmCzANBgkq
+hkiG9w0BAQUFAAOCAQEAEg326B4J0RirwToLWX/dAa5nTC2mkbzpbVnTTb06mFLp
+ZEo7uIRiucdqAFhQKN6zo0GdxRnTq+9SClFxLhiuJlG7AhnoQEVe63cyVdNcmQNs
+fkeZrOpWJvTz8tWBmhmhwgMmvUgSsJE9VGBgthyoU0W46y6sQv8/fkGz4d6ThXL1
+6BXs5VYnwyXH0q5N98XvDTOEz4u892/jdWIXVsgxipFMcnAI+Kq81w0n1leqthoK
+Fk3SN7U4Ui90TIxZGaNG/HIZTPwJWcbk/m9gLl+N8d1NYqzy4u4lnNYnZWca6WZ8
+nh4O/8qRXaXavKrASZvA1gmVGaA90C6rtK+zuVkU3g==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibb1.hj.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibb1.hj.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibb1.hj.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibb1.hj.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibb1.hj.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibb1.hj.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hj.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGzCCAgOgAwIBAgIUB7TrKFw9b8VuoROWwTsp8hJE5oowDQYJKoZIhvcNAQEF
+BQAwFzEVMBMGA1UEAxMMc2hpYmIxLmhqLnNlMB4XDTA5MTAxMzA3MjcyNVoXDTI5
+MTAxMzA3MjcyNVowFzEVMBMGA1UEAxMMc2hpYmIxLmhqLnNlMIIBIjANBgkqhkiG
+9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk5R5pnnBvG4o7SW4uekwfFNvAvGSAGUf9lOu
+f7ui6bIi2J0j4mIJXbeVdGsUbXCFUKwoJB9AfBfQm/9V3Szwxk5qHoTOFOH0Y0MS
+FCimnTUv4j2lIeab980784pyfDD2dBgMzsWmFra8JXg6Y66Ag3TXTYQOX1Bodr6W
+Lff27tYfoEiUqfL1WRE3KeH2EzVaTf53zHrMwlbAifB+jhdA7AIJw9gGpMuUpzB4
+sPR5tD/M/SUJPIz37YyGbmpI3pqGoabpvZ8bBWut4Z1EnUFtd7fIwt5UMbFc4i5/
+gUL3jKpDHO7mKfZq8BstcWkgzZ1x0HHRWZFFzfowQytvHea3ewIDAQABo18wXTA8
+BgNVHREENTAzggxzaGliYjEuaGouc2WGI2h0dHBzOi8vc2hpYmIxLmhqLnNlL2lk
+cC9zaGliYm9sZXRoMB0GA1UdDgQWBBS2nNJVvFq4dsSheCENArwBFmDmCzANBgkq
+hkiG9w0BAQUFAAOCAQEAEg326B4J0RirwToLWX/dAa5nTC2mkbzpbVnTTb06mFLp
+ZEo7uIRiucdqAFhQKN6zo0GdxRnTq+9SClFxLhiuJlG7AhnoQEVe63cyVdNcmQNs
+fkeZrOpWJvTz8tWBmhmhwgMmvUgSsJE9VGBgthyoU0W46y6sQv8/fkGz4d6ThXL1
+6BXs5VYnwyXH0q5N98XvDTOEz4u892/jdWIXVsgxipFMcnAI+Kq81w0n1leqthoK
+Fk3SN7U4Ui90TIxZGaNG/HIZTPwJWcbk/m9gLl+N8d1NYqzy4u4lnNYnZWca6WZ8
+nh4O/8qRXaXavKrASZvA1gmVGaA90C6rtK+zuVkU3g==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibb1.hj.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibb1.hj.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">HJ</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan i Jönköping</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hj.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan i Jönköping</Company>
+ <EmailAddress>Stefan.Kindh@hj.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://shibbo.ltu.se/idp/shibboleth" xml:base="swamid-1.0/shibbo.ltu.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">ltu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDHzCCAgegAwIBAgIUP6+KvKtryxxdtAf12hYO26nsSrMwDQYJKoZIhvcNAQEF
+BQAwGDEWMBQGA1UEAxMNc2hpYmJvLmx0dS5zZTAeFw0wOTEwMjcxMTUyMDNaFw0y
+OTEwMjcxMDUyMDNaMBgxFjAUBgNVBAMTDXNoaWJiby5sdHUuc2UwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZNYF4pQz13p+ghYGwBZFa/IjzXgLxpM4n
+KJ15+pCqabsxo3VJsnXgnu0monCvx7qFC+1HVfMHAj795wdq0yywGvuUiMI4ncCj
+GWi2ED3VZaZr+mpr+UW2OScWawvli/oN8vs/P1G59ykgEjtRWQ+4ndHumuHXWh7e
+3uUZA+1t/iV6EaIyaIIyDx//83skBEWDIgqZb/IVAGOFh1BUWqZBR2m6PG6ryLX/
+2opHozlbvMlWSZ1RqCmjEuCUCcgm93CS4saGZZmNt1qnt87vDY1V49Iwjin9ORr0
+PX6Ls8lUc4OWWYu+UZlOr6RTi8ravy0OOWnOJiLNnGlhgpI1MXW9AgMBAAGjYTBf
+MD4GA1UdEQQ3MDWCDXNoaWJiby5sdHUuc2WGJGh0dHBzOi8vc2hpYmJvLmx0dS5z
+ZS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQU+e389gsAkX7kVDwQ360GaU31H50w
+DQYJKoZIhvcNAQEFBQADggEBAAO2nuaLdYOmmj2HaMe7mwRBP7T6zcmSD/HGQ3Wu
+3jqMh2Iws2OW07P+TH9I64Ok/7nzud9ZphqkR71Isq7WiFRMa90dI9PSjVuf2Bp7
+ia0JP50WEAWHivmopL7eCeBWwF06zb5XpVWmsydlIizO6akOvK1vZEsWMBlDvu7h
+iY+1cCt6dGBggGgMiiTLb5MtHZEgS2AEFgT0SXMX/xZS46mb71eFoEt+F0UlQMip
+w0QVWkaY5DYbQq2Jq2x2hb2Ge38Rcrn05ebHraDuNsyKkiJqNIA0/+BSSDzHZIEA
+B2BEejurB8CAdtQkwfCKCSFl7spaJzSGPq/dt4yO4qSslJA=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibbo.ltu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibbo.ltu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibbo.ltu.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibbo.ltu.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibbo.ltu.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibbo.ltu.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">ltu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDHzCCAgegAwIBAgIUP6+KvKtryxxdtAf12hYO26nsSrMwDQYJKoZIhvcNAQEF
+BQAwGDEWMBQGA1UEAxMNc2hpYmJvLmx0dS5zZTAeFw0wOTEwMjcxMTUyMDNaFw0y
+OTEwMjcxMDUyMDNaMBgxFjAUBgNVBAMTDXNoaWJiby5sdHUuc2UwggEiMA0GCSqG
+SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCZNYF4pQz13p+ghYGwBZFa/IjzXgLxpM4n
+KJ15+pCqabsxo3VJsnXgnu0monCvx7qFC+1HVfMHAj795wdq0yywGvuUiMI4ncCj
+GWi2ED3VZaZr+mpr+UW2OScWawvli/oN8vs/P1G59ykgEjtRWQ+4ndHumuHXWh7e
+3uUZA+1t/iV6EaIyaIIyDx//83skBEWDIgqZb/IVAGOFh1BUWqZBR2m6PG6ryLX/
+2opHozlbvMlWSZ1RqCmjEuCUCcgm93CS4saGZZmNt1qnt87vDY1V49Iwjin9ORr0
+PX6Ls8lUc4OWWYu+UZlOr6RTi8ravy0OOWnOJiLNnGlhgpI1MXW9AgMBAAGjYTBf
+MD4GA1UdEQQ3MDWCDXNoaWJiby5sdHUuc2WGJGh0dHBzOi8vc2hpYmJvLmx0dS5z
+ZS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQU+e389gsAkX7kVDwQ360GaU31H50w
+DQYJKoZIhvcNAQEFBQADggEBAAO2nuaLdYOmmj2HaMe7mwRBP7T6zcmSD/HGQ3Wu
+3jqMh2Iws2OW07P+TH9I64Ok/7nzud9ZphqkR71Isq7WiFRMa90dI9PSjVuf2Bp7
+ia0JP50WEAWHivmopL7eCeBWwF06zb5XpVWmsydlIizO6akOvK1vZEsWMBlDvu7h
+iY+1cCt6dGBggGgMiiTLb5MtHZEgS2AEFgT0SXMX/xZS46mb71eFoEt+F0UlQMip
+w0QVWkaY5DYbQq2Jq2x2hb2Ge38Rcrn05ebHraDuNsyKkiJqNIA0/+BSSDzHZIEA
+B2BEejurB8CAdtQkwfCKCSFl7spaJzSGPq/dt4yO4qSslJA=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibbo.ltu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibbo.ltu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">LTU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Luleå tekniska universitet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ltu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Luleå tekniska universitet</Company>
+ <EmailAddress>Magnus.Jacobsson@ltu.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://akino.hh.se/shibboleth" xml:base="swamid-1.0/akino.hh.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>akino.hh.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=akino.hh.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6DCCAdCgAwIBAgIJANFCVxC7y6BWMA0GCSqGSIb3DQEBBQUAMBYxFDASBgNV
+BAMTC2FraW5vLmhoLnNlMB4XDTA5MTAyNzA4MjU1N1oXDTE5MTAyNTA4MjU1N1ow
+FjEUMBIGA1UEAxMLYWtpbm8uaGguc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQD2Y7TZAeEnPMmlwz3hoXDa/wFIRy6Bodm63LdzbL1cy8PQwgtZM5n7
+8CqSy0tE5dpGeGK3oqEJkalbQa9mY/+HGf4ENC7CzlRnJ/xYpLSBiAHCz0ch9+Tc
+ZqbbB7IDEhWEiwj25dZ3OG6wqveHtZGQueju34RwF9slrjAPHkXrHC0zSHLVB+hr
+upH8FHTCEJhTY80mZy1DVBEVU6s0DFDjhTX7zYeytM51tKh5iSqJ/dI4jp7GAWx5
+0pDslYxX29aGUbBaKUL83L4RpLW4hecbPiWYeG4tw5Z3pEhifCo0YEffwFJjTGsh
+TP3XAeiOVEInvmH1jK+LgUpzz7rnyy7pAgMBAAGjOTA3MBYGA1UdEQQPMA2CC2Fr
+aW5vLmhoLnNlMB0GA1UdDgQWBBQavhHSFdU5J1TVygW7QNzSuG4QTDANBgkqhkiG
+9w0BAQUFAAOCAQEAlxMSNZxBeI4qFUaUBdH0S8FSheF5ynIutcj5bXfmst4rBxRa
+CZIB+NLzwGIp2rwNM53uB3P1osDr+BilLeFUvgSiGwMYFdAHkr9Bg2WqJj9/phW3
+scmeVlwizwXyQscs8fYr9UQGGjrt+tYIJ8NbZCp7bLyjZdwjC2MGe2bDQzA/S2ye
+JfTpxJCZp5ocIfNyPCGmpf6pLBYjQbVfqO4bNJOvaArHylA8wYb5nYO1HFoqKOB/
+7ayOBgrV5oO97iUTRmBU9Ka8GIqJqdC4LIUwj6HcmCJ94rQbldH5/nbitL9ND2oY
+s2ozMUSsHZxcwpFZ7NQ4lLsgm9VihBDXZ4mTXQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>akino.hh.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=akino.hh.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6DCCAdCgAwIBAgIJANFCVxC7y6BWMA0GCSqGSIb3DQEBBQUAMBYxFDASBgNV
+BAMTC2FraW5vLmhoLnNlMB4XDTA5MTAyNzA4MjU1N1oXDTE5MTAyNTA4MjU1N1ow
+FjEUMBIGA1UEAxMLYWtpbm8uaGguc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQD2Y7TZAeEnPMmlwz3hoXDa/wFIRy6Bodm63LdzbL1cy8PQwgtZM5n7
+8CqSy0tE5dpGeGK3oqEJkalbQa9mY/+HGf4ENC7CzlRnJ/xYpLSBiAHCz0ch9+Tc
+ZqbbB7IDEhWEiwj25dZ3OG6wqveHtZGQueju34RwF9slrjAPHkXrHC0zSHLVB+hr
+upH8FHTCEJhTY80mZy1DVBEVU6s0DFDjhTX7zYeytM51tKh5iSqJ/dI4jp7GAWx5
+0pDslYxX29aGUbBaKUL83L4RpLW4hecbPiWYeG4tw5Z3pEhifCo0YEffwFJjTGsh
+TP3XAeiOVEInvmH1jK+LgUpzz7rnyy7pAgMBAAGjOTA3MBYGA1UdEQQPMA2CC2Fr
+aW5vLmhoLnNlMB0GA1UdDgQWBBQavhHSFdU5J1TVygW7QNzSuG4QTDANBgkqhkiG
+9w0BAQUFAAOCAQEAlxMSNZxBeI4qFUaUBdH0S8FSheF5ynIutcj5bXfmst4rBxRa
+CZIB+NLzwGIp2rwNM53uB3P1osDr+BilLeFUvgSiGwMYFdAHkr9Bg2WqJj9/phW3
+scmeVlwizwXyQscs8fYr9UQGGjrt+tYIJ8NbZCp7bLyjZdwjC2MGe2bDQzA/S2ye
+JfTpxJCZp5ocIfNyPCGmpf6pLBYjQbVfqO4bNJOvaArHylA8wYb5nYO1HFoqKOB/
+7ayOBgrV5oO97iUTRmBU9Ka8GIqJqdC4LIUwj6HcmCJ94rQbldH5/nbitL9ND2oY
+s2ozMUSsHZxcwpFZ7NQ4lLsgm9VihBDXZ4mTXQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://akino.hh.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://akino.hh.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://akino.hh.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://akino.hh.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://akino.hh.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://akino.hh.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://akino.hh.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://akino.hh.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://akino.hh.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://akino.hh.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://akino.hh.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://akino.hh.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://akino.hh.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://akino.hh.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://akino.hh.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://vmidgw.miun.se/idp/shibboleth" xml:base="swamid-1.0/vmidgw.miun.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">miun.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJDCCAgygAwIBAgIVAPHtItYHI9B2lBySyOcXbvJyO3g7MA0GCSqGSIb3DQEB
+BQUAMBkxFzAVBgNVBAMTDnZtaWRndy5taXVuLnNlMB4XDTA5MTAyOTEyMDQxMloX
+DTI5MTAyOTEyMDQxMlowGTEXMBUGA1UEAxMOdm1pZGd3Lm1pdW4uc2UwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUpp7w/M9xt+QmzsVWyAKKISbmaInZ
+QX4DNep5kS9SgA0GX7Cl8otK8gy+8Ezu32nyc142Lmoz2JzfeHOuAZCwpXH0yLXe
+urL1HzmGftJ0TD1JEmJjKw1wQUjcFQMLtsmBv3ojn6tG7FTZVhBcunfputIX+K0L
+BUKrZCShShgquJxEWxEg2o6BzbIE7BgYxUwdDQ0NTjOpBB7XwbBqqjIAzKPvMjJX
+07xNrRfbJpOr9zekYWyjWUqdhVncQi3xK75iquIKcrjXvbLIUcl7qLSjNgvfuUee
+MvPr/F1PA3QOB1B0EYqoUD6jf/4HYr85xvZWrz18AjmLR07VxNuAngJHAgMBAAGj
+YzBhMEAGA1UdEQQ5MDeCDnZtaWRndy5taXVuLnNlhiVodHRwczovL3ZtaWRndy5t
+aXVuLnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBTc3zYTOorpuyNzQqNZpy7m
+4ppK9zANBgkqhkiG9w0BAQUFAAOCAQEAefQmUr2yV8lZXjSn3M5CWOAa+MDVLckh
+LFJ46QBqlUf/7gbhsW+/N9BlrAEa2WiBczK/RxbvodGHZP8kfVFosYba4pe/0keQ
+bS03mvRlMAiP047mAHIXVZszLDYgrBcjhP5p+xozzYVE4Ku8A5v3klILuNNwu5OW
+hMrFcqaddz+0w/FAWlhgNqgEToUbR2xWQh5yVGZ9vkcj0priytnsBIZZWJsdlpaH
+EwQmOmY1IlHM1SSucXdJpfVc1epYD/s2fOyy+orDvK8Gh1wO7nYByGrS14Vl/gkx
+6hs9Dgk3r873PhGOHDlxxZllIH782RtYUv4QKs/MqiZQeKoDa6YjIQ==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://vmidgw.miun.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://vmidgw.miun.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://vmidgw.miun.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vmidgw.miun.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://vmidgw.miun.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://vmidgw.miun.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">miun.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDJDCCAgygAwIBAgIVAPHtItYHI9B2lBySyOcXbvJyO3g7MA0GCSqGSIb3DQEB
+BQUAMBkxFzAVBgNVBAMTDnZtaWRndy5taXVuLnNlMB4XDTA5MTAyOTEyMDQxMloX
+DTI5MTAyOTEyMDQxMlowGTEXMBUGA1UEAxMOdm1pZGd3Lm1pdW4uc2UwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCUpp7w/M9xt+QmzsVWyAKKISbmaInZ
+QX4DNep5kS9SgA0GX7Cl8otK8gy+8Ezu32nyc142Lmoz2JzfeHOuAZCwpXH0yLXe
+urL1HzmGftJ0TD1JEmJjKw1wQUjcFQMLtsmBv3ojn6tG7FTZVhBcunfputIX+K0L
+BUKrZCShShgquJxEWxEg2o6BzbIE7BgYxUwdDQ0NTjOpBB7XwbBqqjIAzKPvMjJX
+07xNrRfbJpOr9zekYWyjWUqdhVncQi3xK75iquIKcrjXvbLIUcl7qLSjNgvfuUee
+MvPr/F1PA3QOB1B0EYqoUD6jf/4HYr85xvZWrz18AjmLR07VxNuAngJHAgMBAAGj
+YzBhMEAGA1UdEQQ5MDeCDnZtaWRndy5taXVuLnNlhiVodHRwczovL3ZtaWRndy5t
+aXVuLnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBTc3zYTOorpuyNzQqNZpy7m
+4ppK9zANBgkqhkiG9w0BAQUFAAOCAQEAefQmUr2yV8lZXjSn3M5CWOAa+MDVLckh
+LFJ46QBqlUf/7gbhsW+/N9BlrAEa2WiBczK/RxbvodGHZP8kfVFosYba4pe/0keQ
+bS03mvRlMAiP047mAHIXVZszLDYgrBcjhP5p+xozzYVE4Ku8A5v3klILuNNwu5OW
+hMrFcqaddz+0w/FAWlhgNqgEToUbR2xWQh5yVGZ9vkcj0priytnsBIZZWJsdlpaH
+EwQmOmY1IlHM1SSucXdJpfVc1epYD/s2fOyy+orDvK8Gh1wO7nYByGrS14Vl/gkx
+6hs9Dgk3r873PhGOHDlxxZllIH782RtYUv4QKs/MqiZQeKoDa6YjIQ==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://vmidgw.miun.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://vmidgw.miun.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">MIUN</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Mittuniversitetet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.miun.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Mittuniversitetet</Company>
+ <EmailAddress>Ove.Olander@miun.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://bibliometrics.ki.se/shibboleth" xml:base="swamid-1.0/bibliometrics.ki.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>dakini</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=dakini</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=dakini</ds:X509IssuerName>
+ <ds:X509SerialNumber>13185477282229581982</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC2TCCAcGgAwIBAgIJALb8ObqBRvieMA0GCSqGSIb3DQEBBQUAMBExDzANBgNV
+BAMTBmRha2luaTAeFw0wOTA4MjAwODQ1MDhaFw0xOTA4MTgwODQ1MDhaMBExDzAN
+BgNVBAMTBmRha2luaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWH
+C8Fn5KzWao6uaivX319kdey1mI8ig50awhcF3wkTW+ZZxP4vkbC6YBcrmQOO1iKd
+EVj16GLWaJ8Ut+iVY/rvPgdS2jDbZ2w8BEoa0Vbzn8lcuuBM13oudRiTVVGzLY1V
+PgKzmT3n13VTPEnJeAVgS8SzA15ncMIUQaMLnXxjSzJvzk9f5dWD1Gj0cygpwMT5
+f0oKa0UjYK71kj9we96CVQEi7Rab0sO9jwr+a+nIOUbmND9cLDcsH4p33s/toxJw
+DhNNyk0qn9d31FdEdWxvjKadB3e3XQfidSQcWCi+zj7QSbg4l4JdbCT4dHxnbxhF
+wZ4QYQDb4mAwT6Z4cgMCAwEAAaM0MDIwEQYDVR0RBAowCIIGZGFraW5pMB0GA1Ud
+DgQWBBTxVcu+3um0LDAQLjN13N8+gEAKRjANBgkqhkiG9w0BAQUFAAOCAQEAbSsU
+SIRr47OU0aMebcZdoN/rRlJ0WQoMxb/bK89MiUr9AqWdCJ+DRGuQyXhieMIlOaJu
+WCqlajH795ZfZExSDDH/PG3EhcvC2rOMuBWbAxlpYc0hsXBq8NilZhiSSAqrYurG
+NEKkvNz7AU9EB9u1GMIO3p3UTKiXDVVaGL6fSseSKXsaYH6udoRz++25eDeQPUgp
+HgDpL2zWJcwd1mIaNAxIylz+rR4Rakohiwdl2dkMIT3aimODRAvQVf4wvV08Q11M
+DK12w8bmjGJp07CTu/QuoWW+jyY1S0k6Kv3LN6VtXWckviepGDFNzdGgML9V5fRJ
+fP+xp1jCheyR/F9V3w==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>dakini</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=dakini</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=dakini</ds:X509IssuerName>
+ <ds:X509SerialNumber>13185477282229581982</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC2TCCAcGgAwIBAgIJALb8ObqBRvieMA0GCSqGSIb3DQEBBQUAMBExDzANBgNV
+BAMTBmRha2luaTAeFw0wOTA4MjAwODQ1MDhaFw0xOTA4MTgwODQ1MDhaMBExDzAN
+BgNVBAMTBmRha2luaTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALWH
+C8Fn5KzWao6uaivX319kdey1mI8ig50awhcF3wkTW+ZZxP4vkbC6YBcrmQOO1iKd
+EVj16GLWaJ8Ut+iVY/rvPgdS2jDbZ2w8BEoa0Vbzn8lcuuBM13oudRiTVVGzLY1V
+PgKzmT3n13VTPEnJeAVgS8SzA15ncMIUQaMLnXxjSzJvzk9f5dWD1Gj0cygpwMT5
+f0oKa0UjYK71kj9we96CVQEi7Rab0sO9jwr+a+nIOUbmND9cLDcsH4p33s/toxJw
+DhNNyk0qn9d31FdEdWxvjKadB3e3XQfidSQcWCi+zj7QSbg4l4JdbCT4dHxnbxhF
+wZ4QYQDb4mAwT6Z4cgMCAwEAAaM0MDIwEQYDVR0RBAowCIIGZGFraW5pMB0GA1Ud
+DgQWBBTxVcu+3um0LDAQLjN13N8+gEAKRjANBgkqhkiG9w0BAQUFAAOCAQEAbSsU
+SIRr47OU0aMebcZdoN/rRlJ0WQoMxb/bK89MiUr9AqWdCJ+DRGuQyXhieMIlOaJu
+WCqlajH795ZfZExSDDH/PG3EhcvC2rOMuBWbAxlpYc0hsXBq8NilZhiSSAqrYurG
+NEKkvNz7AU9EB9u1GMIO3p3UTKiXDVVaGL6fSseSKXsaYH6udoRz++25eDeQPUgp
+HgDpL2zWJcwd1mIaNAxIylz+rR4Rakohiwdl2dkMIT3aimODRAvQVf4wvV08Q11M
+DK12w8bmjGJp07CTu/QuoWW+jyY1S0k6Kv3LN6VtXWckviepGDFNzdGgML9V5fRJ
+fP+xp1jCheyR/F9V3w==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bibliometrics.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bibliometrics.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bibliometrics.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bibliometrics.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bibliometrics.ki.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bibliometrics.ki.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bibliometrics.ki.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bibliometrics.ki.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bibliometrics.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://bibliometrics.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bibliometrics.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://bibliometrics.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://bibliometrics.ki.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://bibliometrics.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://uu.test.diva-portal.org/shibboleth" xml:base="swamid-1.0/uu.test.diva-portal.org.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://uu.test.diva-portal.org/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>diva-portal1.diva-portal.org</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=diva-portal1.diva-portal.org</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIJAJ58L93niyUPMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGRpdmEtcG9ydGFsMS5kaXZhLXBvcnRhbC5vcmcwHhcNMDkxMTIwMTQ1NDEx
+WhcNMTkxMTE4MTQ1NDExWjAnMSUwIwYDVQQDExxkaXZhLXBvcnRhbDEuZGl2YS1w
+b3J0YWwub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPHENdev
+canBV0qZ66FSROHK0WvEgxTmYMGkEPqSKt8cYgSFmxxWrbAWl4LnN4x/Ie0GZziR
+XSbzE3aGPYmxfXOWnVqdlwk50SHpt5MA+gVK8Ola8tQ7sMg0tgg6MsgykKJ1F9JF
+2PGUPaE09kzW10jkaH1sUfbBi5vOLkVONWhmD05LvE95kSzkyQLONuBgJnc3H8dw
+vwTqOgiLDa/eRLUucpGA7sFsi+ngGGgd4Ci0DRrOgwH4vXoLQpdNQ7SppommWkqr
+fDSEoOfsU1t3CFzUAq9cccNYHIsqL1lZD6L5ywhOUpkwQ7IGpZTOjJT1HTaSxqVD
+Jj2uzZV6ISPDjwIDAQABo0owSDAnBgNVHREEIDAeghxkaXZhLXBvcnRhbDEuZGl2
+YS1wb3J0YWwub3JnMB0GA1UdDgQWBBR9EtM9e7Pu3SJPhrEbTgOe7V+VEDANBgkq
+hkiG9w0BAQUFAAOCAQEApeb7TrTmVVR13KnKjSIkDyDfs5U+NNDU7N9CnqG8ag5j
+Nom8pmOKDmNs5xC2qQ/q8JuxIsaev6NyRcyD2M0AkwCdCagY4Ynrj/4CQnViyySy
+SFuYPq+gUhhSfKii7b+B41RogFtEd0SO+QWGvqhHY1JdnXsYJ3efKUrC0yVJGM54
+C/8BzU0RLd+mOogKpgmoqWE0vSrEh94dotMT/EfSikjCMJ9QHEyGncpY+uoQLw6n
+fBSKIAfLSFYUN5auSXpdicfgZQbkj6Mn7cjvVHo8dgAKnkk79gXcZ37JUHsGbuWG
+OLrNDnMD/v+8CR8xqwOFEKC7BwAJB1HWfDwaKaRRbg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>diva-portal1.diva-portal.org</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=diva-portal1.diva-portal.org</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIJAJ58L93niyUPMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGRpdmEtcG9ydGFsMS5kaXZhLXBvcnRhbC5vcmcwHhcNMDkxMTIwMTQ1NDEx
+WhcNMTkxMTE4MTQ1NDExWjAnMSUwIwYDVQQDExxkaXZhLXBvcnRhbDEuZGl2YS1w
+b3J0YWwub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPHENdev
+canBV0qZ66FSROHK0WvEgxTmYMGkEPqSKt8cYgSFmxxWrbAWl4LnN4x/Ie0GZziR
+XSbzE3aGPYmxfXOWnVqdlwk50SHpt5MA+gVK8Ola8tQ7sMg0tgg6MsgykKJ1F9JF
+2PGUPaE09kzW10jkaH1sUfbBi5vOLkVONWhmD05LvE95kSzkyQLONuBgJnc3H8dw
+vwTqOgiLDa/eRLUucpGA7sFsi+ngGGgd4Ci0DRrOgwH4vXoLQpdNQ7SppommWkqr
+fDSEoOfsU1t3CFzUAq9cccNYHIsqL1lZD6L5ywhOUpkwQ7IGpZTOjJT1HTaSxqVD
+Jj2uzZV6ISPDjwIDAQABo0owSDAnBgNVHREEIDAeghxkaXZhLXBvcnRhbDEuZGl2
+YS1wb3J0YWwub3JnMB0GA1UdDgQWBBR9EtM9e7Pu3SJPhrEbTgOe7V+VEDANBgkq
+hkiG9w0BAQUFAAOCAQEApeb7TrTmVVR13KnKjSIkDyDfs5U+NNDU7N9CnqG8ag5j
+Nom8pmOKDmNs5xC2qQ/q8JuxIsaev6NyRcyD2M0AkwCdCagY4Ynrj/4CQnViyySy
+SFuYPq+gUhhSfKii7b+B41RogFtEd0SO+QWGvqhHY1JdnXsYJ3efKUrC0yVJGM54
+C/8BzU0RLd+mOogKpgmoqWE0vSrEh94dotMT/EfSikjCMJ9QHEyGncpY+uoQLw6n
+fBSKIAfLSFYUN5auSXpdicfgZQbkj6Mn7cjvVHo8dgAKnkk79gXcZ37JUHsGbuWG
+OLrNDnMD/v+8CR8xqwOFEKC7BwAJB1HWfDwaKaRRbg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://uu.test.diva-portal.org/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://uu.test.diva-portal.org/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uu.test.diva-portal.org/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uu.test.diva-portal.org/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://uu.test.diva-portal.org/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.bth.se/idp/shibboleth" xml:base="swamid-1.0/idp.bth.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">bth.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDEzCCAfugAwIBAgIUQgDlaShYZmw+iODFd4PDl1a+3QEwDQYJKoZIhvcNAQEF
+BQAwFTETMBEGA1UEAxMKaWRwLmJ0aC5zZTAeFw0wOTExMDMxMDA0NTFaFw0yOTEx
+MDMxMDA0NTFaMBUxEzARBgNVBAMTCmlkcC5idGguc2UwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCNOKwblSFiLSbItG/y118MRAXCguQJ4e7t+/e4bYhD
+fl9Qs5gTx3QJxXRgjISLrha44rc+awS6fr4In3N61ijS/X4Q0qrD5BszzCUw2Lni
+YITovYjH9wzZ3oOt5k67rtXoDL98B+Xqbh/M8lOXkcKba3Slsbz/QKg5Qf6ZCebc
+76rl3J3fM6ebYOyiCseCVTn+avpbqNKMi7sY6vfKDIo/zCkN3ZntH4ibGOi0j9z4
+5NlHLtWLShfwF/QLLKjd2alHTbyBjdDe22li9apxZB3LhZXFVGdYqBCJu0OBeFDP
+ZA4ZSWoxXMqxDbbJofMMbHysc7teqG3mJyDm/FL6hXH/AgMBAAGjWzBZMDgGA1Ud
+EQQxMC+CCmlkcC5idGguc2WGIWh0dHBzOi8vaWRwLmJ0aC5zZS9pZHAvc2hpYmJv
+bGV0aDAdBgNVHQ4EFgQUtNB3i29Xb36JeEa7RhFXM4OYTYYwDQYJKoZIhvcNAQEF
+BQADggEBAEGhHaZmmHhnfrsYc/trO15JWt5hU/UC9J7xhiF2iIk41ymeX+gvm6n5
+h2f4/xEgvmBwV6WM+BlQE+weK+nQNceV+aAO51xTM828O9SrmZ9ZPkw7+TxGiVdM
+SnxSTRcEWngxpJ+CGpgzy1SgV7WqO2NszSP+XRRJHjb0Aw39iKLP+yfvGdR71lu/
+2WPhhxaK7wun8loJJC2WI4ORwsh3mJoYZcVEIOXe/H2Kf+Hj1le8z9j1pxEG7ECY
+DyL5sSS/5Zez+fgoNphWb1E3fB/wSvJkxDe28qOsnvsHl5H6RkSFjPK5nAM5Qfp7
+n9Phr4P3FEL3YKQK+xQiKCJXUb5WgRI=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.bth.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.bth.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.bth.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.bth.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.bth.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.bth.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">bth.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDEzCCAfugAwIBAgIUQgDlaShYZmw+iODFd4PDl1a+3QEwDQYJKoZIhvcNAQEF
+BQAwFTETMBEGA1UEAxMKaWRwLmJ0aC5zZTAeFw0wOTExMDMxMDA0NTFaFw0yOTEx
+MDMxMDA0NTFaMBUxEzARBgNVBAMTCmlkcC5idGguc2UwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQCNOKwblSFiLSbItG/y118MRAXCguQJ4e7t+/e4bYhD
+fl9Qs5gTx3QJxXRgjISLrha44rc+awS6fr4In3N61ijS/X4Q0qrD5BszzCUw2Lni
+YITovYjH9wzZ3oOt5k67rtXoDL98B+Xqbh/M8lOXkcKba3Slsbz/QKg5Qf6ZCebc
+76rl3J3fM6ebYOyiCseCVTn+avpbqNKMi7sY6vfKDIo/zCkN3ZntH4ibGOi0j9z4
+5NlHLtWLShfwF/QLLKjd2alHTbyBjdDe22li9apxZB3LhZXFVGdYqBCJu0OBeFDP
+ZA4ZSWoxXMqxDbbJofMMbHysc7teqG3mJyDm/FL6hXH/AgMBAAGjWzBZMDgGA1Ud
+EQQxMC+CCmlkcC5idGguc2WGIWh0dHBzOi8vaWRwLmJ0aC5zZS9pZHAvc2hpYmJv
+bGV0aDAdBgNVHQ4EFgQUtNB3i29Xb36JeEa7RhFXM4OYTYYwDQYJKoZIhvcNAQEF
+BQADggEBAEGhHaZmmHhnfrsYc/trO15JWt5hU/UC9J7xhiF2iIk41ymeX+gvm6n5
+h2f4/xEgvmBwV6WM+BlQE+weK+nQNceV+aAO51xTM828O9SrmZ9ZPkw7+TxGiVdM
+SnxSTRcEWngxpJ+CGpgzy1SgV7WqO2NszSP+XRRJHjb0Aw39iKLP+yfvGdR71lu/
+2WPhhxaK7wun8loJJC2WI4ORwsh3mJoYZcVEIOXe/H2Kf+Hj1le8z9j1pxEG7ECY
+DyL5sSS/5Zez+fgoNphWb1E3fB/wSvJkxDe28qOsnvsHl5H6RkSFjPK5nAM5Qfp7
+n9Phr4P3FEL3YKQK+xQiKCJXUb5WgRI=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.bth.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.bth.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">BTH</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Blekinge Tekniska Högskola (Personal)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.bth.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Tom</GivenName>
+ <SurName>Martinsson</SurName>
+ <EmailAddress>tom.martinsson@bth.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.student.bth.se/idp/shibboleth" xml:base="swamid-1.0/idp.student.bth.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">bth.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMzCCAhugAwIBAgIUXtEpwm2skeWeBBMWVN7MATD1VK8wDQYJKoZIhvcNAQEF
+BQAwHTEbMBkGA1UEAxMSaWRwLnN0dWRlbnQuYnRoLnNlMB4XDTEwMDgyNTIwMDU0
+OFoXDTMwMDgyNTIwMDU0OFowHTEbMBkGA1UEAxMSaWRwLnN0dWRlbnQuYnRoLnNl
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO+nW3r0Rzu0ojoCY0Jm
+R/GuN73dy9gDYOtvgwtFJkVdQBuEGDvVYgD4WUzCnSSy5b4EGFwAaBLIfZ4UAL2c
+fWIWJknPrfSxFqR9dLJJo9hkHMX8VBumjhzYHVZqYSm/JVGh4GYewhQmRO0iSG9a
+it5fe6ZyVG67TduhnwzFC8azRSfIgnEjaRGP2qVEiUIbfuiRRr2J88rwxyxrYCa5
+ZVMLjR9wSBRqG8P+00UDolT3Q0lvawF3pj+kEbZ2p+Y6UxZHghHi5EKMkvy1OfKy
+RYkfxXbGk2JEXGcgb3MyRLmdZoqrH0BedH2udrwzOEGUdb/cElqmpFMOyZBdwEVO
+/QIDAQABo2swaTBIBgNVHREEQTA/ghJpZHAuc3R1ZGVudC5idGguc2WGKWh0dHBz
+Oi8vaWRwLnN0dWRlbnQuYnRoLnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRA
+vpCow9+jy11YKdmATEMN1KY1dTANBgkqhkiG9w0BAQUFAAOCAQEALbZz8voHJMiE
+Tjc7RYskFIOAx7k1fmPsF4kSdPyDK8RkyHBfGHa5uJ9wBh4w5BPCp9Wy7SY5+q/y
+E9tDiISVD0NEU8KQX8u8pC1d4OdfT2x6tn+w3Ww5cNaQ3CUsD+VqefiX6Acr3ssX
+0ahszKKVCL8v7ifCqxr1q2dbABB6GV9iwKHB+vfXLIp2Upt6+y3i5+iC1C8uXul0
+TAimxX3igYDGippzeyBoy+es/c7shtdBfj3y3zhfcz/KKJvXFPVF0lwYsW8n2BM3
+nH4GzdNBUhBostxPfU/hk7XiQOMXNvgHzG2y53Vaa+RZPC45VHuFmyixxGFxktsF
+4NzN1iC8kg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.student.bth.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.student.bth.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.student.bth.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.student.bth.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.student.bth.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.student.bth.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">bth.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDMzCCAhugAwIBAgIUXtEpwm2skeWeBBMWVN7MATD1VK8wDQYJKoZIhvcNAQEF
+BQAwHTEbMBkGA1UEAxMSaWRwLnN0dWRlbnQuYnRoLnNlMB4XDTEwMDgyNTIwMDU0
+OFoXDTMwMDgyNTIwMDU0OFowHTEbMBkGA1UEAxMSaWRwLnN0dWRlbnQuYnRoLnNl
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsO+nW3r0Rzu0ojoCY0Jm
+R/GuN73dy9gDYOtvgwtFJkVdQBuEGDvVYgD4WUzCnSSy5b4EGFwAaBLIfZ4UAL2c
+fWIWJknPrfSxFqR9dLJJo9hkHMX8VBumjhzYHVZqYSm/JVGh4GYewhQmRO0iSG9a
+it5fe6ZyVG67TduhnwzFC8azRSfIgnEjaRGP2qVEiUIbfuiRRr2J88rwxyxrYCa5
+ZVMLjR9wSBRqG8P+00UDolT3Q0lvawF3pj+kEbZ2p+Y6UxZHghHi5EKMkvy1OfKy
+RYkfxXbGk2JEXGcgb3MyRLmdZoqrH0BedH2udrwzOEGUdb/cElqmpFMOyZBdwEVO
+/QIDAQABo2swaTBIBgNVHREEQTA/ghJpZHAuc3R1ZGVudC5idGguc2WGKWh0dHBz
+Oi8vaWRwLnN0dWRlbnQuYnRoLnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRA
+vpCow9+jy11YKdmATEMN1KY1dTANBgkqhkiG9w0BAQUFAAOCAQEALbZz8voHJMiE
+Tjc7RYskFIOAx7k1fmPsF4kSdPyDK8RkyHBfGHa5uJ9wBh4w5BPCp9Wy7SY5+q/y
+E9tDiISVD0NEU8KQX8u8pC1d4OdfT2x6tn+w3Ww5cNaQ3CUsD+VqefiX6Acr3ssX
+0ahszKKVCL8v7ifCqxr1q2dbABB6GV9iwKHB+vfXLIp2Upt6+y3i5+iC1C8uXul0
+TAimxX3igYDGippzeyBoy+es/c7shtdBfj3y3zhfcz/KKJvXFPVF0lwYsW8n2BM3
+nH4GzdNBUhBostxPfU/hk7XiQOMXNvgHzG2y53Vaa+RZPC45VHuFmyixxGFxktsF
+4NzN1iC8kg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.student.bth.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.student.bth.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">STUDENTS-BTH</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Blekinge Tekniska Högskola (Studenter)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.bth.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Tom</GivenName>
+ <SurName>Martinsson</SurName>
+ <EmailAddress>tom.martinsson@bth.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://account-test.unit.liu.se/shibboleth-sp" xml:base="swamid-1.0/account-test.unit.liu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>hydracenter-test</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=hydracenter-test</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJAIvqrDdZ31ugMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEGh5ZHJhY2VudGVyLXRlc3QwHhcNMDkxMDI5MTMyOTU3WhcNMTkxMDI3MTMy
+OTU3WjAbMRkwFwYDVQQDExBoeWRyYWNlbnRlci10ZXN0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA74C0BefO5DyInVmyDdbhqSegG/CF1xFOfmfrP7+u
+eV5kYs9D1j+kK8o1ZCefmB7VK4Gr7GGTDExcD8XJloEes6ijx3jaUc9LE+y11ReC
+jNNcpwk9JJ3NadIzIu9o7/On39l0GTDH473xbrI55i3SYmoBQqqFvHGHyJnEEO5K
+hlRssy3SNFBt1jfWqpHDX9ocoAIlUKivIYZwZjg6aGRxvRCZ0gVU8AFLBr4XcwRf
+t5nizTs3/VqmHrD6ICru2phHRN2tc2NgCEkatPs7rshfn5rZTuML08zmMVVgjcR1
+5lzaGE+GkL3BSHj6grIaR43Qom2l/eD2yil9JC4jfI6pLQIDAQABoz4wPDAbBgNV
+HREEFDASghBoeWRyYWNlbnRlci10ZXN0MB0GA1UdDgQWBBS2/zfSiV0VTt5wxprv
+DOiejU8O1TANBgkqhkiG9w0BAQUFAAOCAQEAn86tJFlHPE/zwsRzcYp5Dk6SwpzG
+UYhYt6eAc+8Z6gioJsyM8MD0SfwF5iFdVo88Jm2K55npbgzBj34Uxi4vIItAYpSr
+jympe4FMjW6MTOqN6vJtws1U3bn976VvflPr1d4rMoqTxAYue3S/zQ8Y179MvBrr
+F0Bc+PJrsIP4MfYN3b98OAn8kxzGSy1AU6vx/gi+SOQNh3c3kQ0HABhdGBOwmJS3
+e4QPMkOZh0KWHSZZBRc8wDpEwsXHD8q8Ag63Qz0l7DRIQnGkJyQb18ylBbg3fLEW
+fiiVqOsqvroKvOIwKEjtUzxaFg2kDWlXia4AQctOto28G9ftYkXqGxPFgA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>hydracenter-test</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=hydracenter-test</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJAIvqrDdZ31ugMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEGh5ZHJhY2VudGVyLXRlc3QwHhcNMDkxMDI5MTMyOTU3WhcNMTkxMDI3MTMy
+OTU3WjAbMRkwFwYDVQQDExBoeWRyYWNlbnRlci10ZXN0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA74C0BefO5DyInVmyDdbhqSegG/CF1xFOfmfrP7+u
+eV5kYs9D1j+kK8o1ZCefmB7VK4Gr7GGTDExcD8XJloEes6ijx3jaUc9LE+y11ReC
+jNNcpwk9JJ3NadIzIu9o7/On39l0GTDH473xbrI55i3SYmoBQqqFvHGHyJnEEO5K
+hlRssy3SNFBt1jfWqpHDX9ocoAIlUKivIYZwZjg6aGRxvRCZ0gVU8AFLBr4XcwRf
+t5nizTs3/VqmHrD6ICru2phHRN2tc2NgCEkatPs7rshfn5rZTuML08zmMVVgjcR1
+5lzaGE+GkL3BSHj6grIaR43Qom2l/eD2yil9JC4jfI6pLQIDAQABoz4wPDAbBgNV
+HREEFDASghBoeWRyYWNlbnRlci10ZXN0MB0GA1UdDgQWBBS2/zfSiV0VTt5wxprv
+DOiejU8O1TANBgkqhkiG9w0BAQUFAAOCAQEAn86tJFlHPE/zwsRzcYp5Dk6SwpzG
+UYhYt6eAc+8Z6gioJsyM8MD0SfwF5iFdVo88Jm2K55npbgzBj34Uxi4vIItAYpSr
+jympe4FMjW6MTOqN6vJtws1U3bn976VvflPr1d4rMoqTxAYue3S/zQ8Y179MvBrr
+F0Bc+PJrsIP4MfYN3b98OAn8kxzGSy1AU6vx/gi+SOQNh3c3kQ0HABhdGBOwmJS3
+e4QPMkOZh0KWHSZZBRc8wDpEwsXHD8q8Ag63Qz0l7DRIQnGkJyQb18ylBbg3fLEW
+fiiVqOsqvroKvOIwKEjtUzxaFg2kDWlXia4AQctOto28G9ftYkXqGxPFgA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://account-test.unit.liu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://account-test.unit.liu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://account-test.unit.liu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://account-test.unit.liu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://account-test.unit.liu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://account-test.unit.liu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://account-test.unit.liu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://account-test.unit.liu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://account-test.unit.liu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://account-test.unit.liu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://account-test.unit.liu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://account-test.unit.liu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://account-test.unit.liu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://account-test.unit.liu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www4.genuinetext.com/shibboleth" xml:base="swamid-1.0/www4.genuinetext.com.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://www4.genuinetext.com/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>www4.genuinetext.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www4.genuinetext.com</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDAzCCAeugAwIBAgIJAKekqkqvTaFGMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFHd3dzQuZ2VudWluZXRleHQuY29tMB4XDTEwMTEwMTEzMzMyM1oXDTIwMTAy
+OTEzMzMyM1owHzEdMBsGA1UEAxMUd3d3NC5nZW51aW5ldGV4dC5jb20wggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDADxHC/Xm6WdlyLSPS754suXc2FSqo
+xnfXXhnAE7ZfhVhD8PIanswRPq5YCAZm3MVBZUsV5cI/nlXNBOuyiv4+P5KG2fIi
+MIEaDoWSa9UCnQ8xr/nF1towuhlTkJ5FX/n8P3jIw6/crilOzD+HmL94iiCSAG87
+jU/H7fhnm10KMjfPpMthD7PxQLU0u8J+dJ0kfzRzsv+ico7v4yzTSZUOVkLiYl2z
+hw4WKWz6px2sdNpBkBGjw+BuOpVyuTHZTw8Wf/b4FWhY4WvIBM6FonH7bvIYUdgz
+sgYJEW/cYPiP590QKOQX4yPv8UWZT7QqimI5r7UVZAlwmU/nnswnIg0VAgMBAAGj
+QjBAMB8GA1UdEQQYMBaCFHd3dzQuZ2VudWluZXRleHQuY29tMB0GA1UdDgQWBBSG
+3sJULU8LbAUhqhTxd0Lej7QzGzANBgkqhkiG9w0BAQUFAAOCAQEAl+pmNhY8cPox
+x7vEvy0q1VXWbuu3BMauQs53Zv6NpLmmcXpGaPfNAKpKduYUHBCqUHeQBDyFppdz
+M/YhperS0/zQu9nwi5MKINx1/+hUG7g8WbR7FzlMAVuYByMDJSi3Ofiz57PHmjPr
+eCulUcFlFMsSpozk2vuTt5Mou92Cxv+JHvh5rvdjQf68xr1K7rS/n40igixsUwh7
+B1WDIB8S6ng+7XqUxnVH1XXfZI9JslSp1f2eNFx/3ajYGotewmVquDS5Jg6IYSJL
+kIbZGzwQ9C6RneoNDIirnfYZogu3XFNwix8uFTvl9EI4rxvJZjH5WFWr/1rWcmgo
+iMZC8zXUhA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>www4.genuinetext.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www4.genuinetext.com</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDAzCCAeugAwIBAgIJAKekqkqvTaFGMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFHd3dzQuZ2VudWluZXRleHQuY29tMB4XDTEwMTEwMTEzMzMyM1oXDTIwMTAy
+OTEzMzMyM1owHzEdMBsGA1UEAxMUd3d3NC5nZW51aW5ldGV4dC5jb20wggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDADxHC/Xm6WdlyLSPS754suXc2FSqo
+xnfXXhnAE7ZfhVhD8PIanswRPq5YCAZm3MVBZUsV5cI/nlXNBOuyiv4+P5KG2fIi
+MIEaDoWSa9UCnQ8xr/nF1towuhlTkJ5FX/n8P3jIw6/crilOzD+HmL94iiCSAG87
+jU/H7fhnm10KMjfPpMthD7PxQLU0u8J+dJ0kfzRzsv+ico7v4yzTSZUOVkLiYl2z
+hw4WKWz6px2sdNpBkBGjw+BuOpVyuTHZTw8Wf/b4FWhY4WvIBM6FonH7bvIYUdgz
+sgYJEW/cYPiP590QKOQX4yPv8UWZT7QqimI5r7UVZAlwmU/nnswnIg0VAgMBAAGj
+QjBAMB8GA1UdEQQYMBaCFHd3dzQuZ2VudWluZXRleHQuY29tMB0GA1UdDgQWBBSG
+3sJULU8LbAUhqhTxd0Lej7QzGzANBgkqhkiG9w0BAQUFAAOCAQEAl+pmNhY8cPox
+x7vEvy0q1VXWbuu3BMauQs53Zv6NpLmmcXpGaPfNAKpKduYUHBCqUHeQBDyFppdz
+M/YhperS0/zQu9nwi5MKINx1/+hUG7g8WbR7FzlMAVuYByMDJSi3Ofiz57PHmjPr
+eCulUcFlFMsSpozk2vuTt5Mou92Cxv+JHvh5rvdjQf68xr1K7rS/n40igixsUwh7
+B1WDIB8S6ng+7XqUxnVH1XXfZI9JslSp1f2eNFx/3ajYGotewmVquDS5Jg6IYSJL
+kIbZGzwQ9C6RneoNDIirnfYZogu3XFNwix8uFTvl9EI4rxvJZjH5WFWr/1rWcmgo
+iMZC8zXUhA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www4.genuinetext.com/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www4.genuinetext.com/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www4.genuinetext.com/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www4.genuinetext.com/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www4.genuinetext.com/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www4.genuinetext.com/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www4.genuinetext.com/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www4.genuinetext.com/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www4.genuinetext.com/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www4.genuinetext.com/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www4.genuinetext.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www4.genuinetext.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www4.genuinetext.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www4.genuinetext.com/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www4.genuinetext.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://beta.kib.ki.se/shibboleth" xml:base="swamid-1.0/beta.kib.ki.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>samadhi</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=samadhi</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC3DCCAcSgAwIBAgIJAM1x+5LlJQVQMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
+BAMTB3NhbWFkaGkwHhcNMDkwODE0MTEzMzM4WhcNMTkwODEyMTEzMzM4WjASMRAw
+DgYDVQQDEwdzYW1hZGhpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+wBagrMP26PtYqxBexJdsMdyDYCT74qvR5wLeW1znJTS9I1eK8ghXZ0Wy+uGunUU7
+ePkQPDySt3dNOW6hOx9o8Z+/JqwSARj07glBpkN2psiza+7BQP/+l/4iBixGlDea
+wb59dC25cUA5k+YAV1fx6uwufQ/65iRKYilRVxzzSmorrrUuzbKA/Dh6MNCWDkU2
+ppxJ/FS0IiR88rj2ZHZbz2wb1ATLnkevD4mUuRY39P9yxb63bTeCG7GboHrVBmNt
+rrlskaeeIYNHIkiWqbPrW/IMCgMFim7r7fiYebTvhw037UtTFDnwI8DDmcfpvbff
+2hztelbzoERAkXardDqx5QIDAQABozUwMzASBgNVHREECzAJggdzYW1hZGhpMB0G
+A1UdDgQWBBTIRU/xxcULxzxNef3jHDp1W2Br7jANBgkqhkiG9w0BAQUFAAOCAQEA
+DsNpDbtB/fhZIlNN11erKFH1VKgZIsLBu86uEYwi3sqK9+DNk40sdG1U0INY21g5
+sTG/vlt6qyuLcB9C5BA+8Ms3T01vcWg+//4KM4OZuLM/0ylSDxhVCHwJU5erI9Bt
+JSqVQ12JHctvIqdIQm0JRR6CCXVdm6Wjy5vVQZEoIanxcyjd0AUF458M7arGk1RB
+pvLrKdwx16cOS9mkuq5Jg0Oj2yiUjx1WRzNzqAVQXpBb0ZZz0oKGiOqa0AgyfVKs
+aNy8twh152lw5iqjY7qxb9QDhtJpzlPnQk2CmHJbQUXrCK8cLSWSDsiCcaQVicb+
+15HeV+PRFYV9dngg8gm2vg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>samadhi</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=samadhi</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC3DCCAcSgAwIBAgIJAM1x+5LlJQVQMA0GCSqGSIb3DQEBBQUAMBIxEDAOBgNV
+BAMTB3NhbWFkaGkwHhcNMDkwODE0MTEzMzM4WhcNMTkwODEyMTEzMzM4WjASMRAw
+DgYDVQQDEwdzYW1hZGhpMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+wBagrMP26PtYqxBexJdsMdyDYCT74qvR5wLeW1znJTS9I1eK8ghXZ0Wy+uGunUU7
+ePkQPDySt3dNOW6hOx9o8Z+/JqwSARj07glBpkN2psiza+7BQP/+l/4iBixGlDea
+wb59dC25cUA5k+YAV1fx6uwufQ/65iRKYilRVxzzSmorrrUuzbKA/Dh6MNCWDkU2
+ppxJ/FS0IiR88rj2ZHZbz2wb1ATLnkevD4mUuRY39P9yxb63bTeCG7GboHrVBmNt
+rrlskaeeIYNHIkiWqbPrW/IMCgMFim7r7fiYebTvhw037UtTFDnwI8DDmcfpvbff
+2hztelbzoERAkXardDqx5QIDAQABozUwMzASBgNVHREECzAJggdzYW1hZGhpMB0G
+A1UdDgQWBBTIRU/xxcULxzxNef3jHDp1W2Br7jANBgkqhkiG9w0BAQUFAAOCAQEA
+DsNpDbtB/fhZIlNN11erKFH1VKgZIsLBu86uEYwi3sqK9+DNk40sdG1U0INY21g5
+sTG/vlt6qyuLcB9C5BA+8Ms3T01vcWg+//4KM4OZuLM/0ylSDxhVCHwJU5erI9Bt
+JSqVQ12JHctvIqdIQm0JRR6CCXVdm6Wjy5vVQZEoIanxcyjd0AUF458M7arGk1RB
+pvLrKdwx16cOS9mkuq5Jg0Oj2yiUjx1WRzNzqAVQXpBb0ZZz0oKGiOqa0AgyfVKs
+aNy8twh152lw5iqjY7qxb9QDhtJpzlPnQk2CmHJbQUXrCK8cLSWSDsiCcaQVicb+
+15HeV+PRFYV9dngg8gm2vg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://beta.kib.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://beta.kib.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://beta.kib.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://beta.kib.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://beta.kib.ki.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://beta.kib.ki.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://beta.kib.ki.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://beta.kib.ki.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://beta.kib.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="http://beta.kib.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://beta.kib.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="http://beta.kib.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="http://beta.kib.ki.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="http://beta.kib.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://su.avedas.com/shibboleth" xml:base="swamid-1.0/su.avedas.com.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>su.avedas.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=b.govindarajan@avedas.com,CN=su.avedas.com,OU=Software development,O=Avedas AG,L=Karlsruhe,ST=Baden,C=DE</ds:X509SubjectName>
+ <ds:X509Certificate>MIICxTCCAi4CCQDSBWv2PjXpZTANBgkqhkiG9w0BAQUFADCBpjELMAkGA1UEBhMC
+REUxDjAMBgNVBAgTBUJhZGVuMRIwEAYDVQQHEwlLYXJsc3J1aGUxEjAQBgNVBAoT
+CUF2ZWRhcyBBRzEdMBsGA1UECxMUU29mdHdhcmUgZGV2ZWxvcG1lbnQxFjAUBgNV
+BAMTDXN1LmF2ZWRhcy5jb20xKDAmBgkqhkiG9w0BCQEWGWIuZ292aW5kYXJhamFu
+QGF2ZWRhcy5jb20wHhcNMTAxMTIyMTQyMzI0WhcNMTMxMDI2MTQyMzI0WjCBpjEL
+MAkGA1UEBhMCREUxDjAMBgNVBAgTBUJhZGVuMRIwEAYDVQQHEwlLYXJsc3J1aGUx
+EjAQBgNVBAoTCUF2ZWRhcyBBRzEdMBsGA1UECxMUU29mdHdhcmUgZGV2ZWxvcG1l
+bnQxFjAUBgNVBAMTDXN1LmF2ZWRhcy5jb20xKDAmBgkqhkiG9w0BCQEWGWIuZ292
+aW5kYXJhamFuQGF2ZWRhcy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+ALoE79SI0tNjl3nMoIXc3R+BlrwdcjBWNDPCU7c5NfQ8d5Mkf9JP9T5mgeAhCqPt
+J/t7kGeEbjySFGWl0BKo0z+BLJm2QLW5o5foQpnOOugXeC5TCw9Yt0+E01eMAVXY
+/yMdyHCJZAv1ZKis0YBOcX1tX/qNlHZtpWab4DwU82JfAgMBAAEwDQYJKoZIhvcN
+AQEFBQADgYEAqhr9F1/MhPQDlya+zlOQMziWnncW2MMqnTNwXnXhncrGE1O2l2HI
+lqJxZNCc13cfFv4IUL0cVlc/2mM5YnAMP1B5dDm0S2psJ+1ofWntqUTF19+jHz7S
+4nG4Jd5WAE9x6Oq0iF37ZyRYG5VW5y+EwjlObbyyT3ZVI1VG81F1DGI=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>su.avedas.com</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=b.govindarajan@avedas.com,CN=su.avedas.com,OU=Software development,O=Avedas AG,L=Karlsruhe,ST=Baden,C=DE</ds:X509SubjectName>
+ <ds:X509Certificate>MIICxTCCAi4CCQDSBWv2PjXpZTANBgkqhkiG9w0BAQUFADCBpjELMAkGA1UEBhMC
+REUxDjAMBgNVBAgTBUJhZGVuMRIwEAYDVQQHEwlLYXJsc3J1aGUxEjAQBgNVBAoT
+CUF2ZWRhcyBBRzEdMBsGA1UECxMUU29mdHdhcmUgZGV2ZWxvcG1lbnQxFjAUBgNV
+BAMTDXN1LmF2ZWRhcy5jb20xKDAmBgkqhkiG9w0BCQEWGWIuZ292aW5kYXJhamFu
+QGF2ZWRhcy5jb20wHhcNMTAxMTIyMTQyMzI0WhcNMTMxMDI2MTQyMzI0WjCBpjEL
+MAkGA1UEBhMCREUxDjAMBgNVBAgTBUJhZGVuMRIwEAYDVQQHEwlLYXJsc3J1aGUx
+EjAQBgNVBAoTCUF2ZWRhcyBBRzEdMBsGA1UECxMUU29mdHdhcmUgZGV2ZWxvcG1l
+bnQxFjAUBgNVBAMTDXN1LmF2ZWRhcy5jb20xKDAmBgkqhkiG9w0BCQEWGWIuZ292
+aW5kYXJhamFuQGF2ZWRhcy5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+ALoE79SI0tNjl3nMoIXc3R+BlrwdcjBWNDPCU7c5NfQ8d5Mkf9JP9T5mgeAhCqPt
+J/t7kGeEbjySFGWl0BKo0z+BLJm2QLW5o5foQpnOOugXeC5TCw9Yt0+E01eMAVXY
+/yMdyHCJZAv1ZKis0YBOcX1tX/qNlHZtpWab4DwU82JfAgMBAAEwDQYJKoZIhvcN
+AQEFBQADgYEAqhr9F1/MhPQDlya+zlOQMziWnncW2MMqnTNwXnXhncrGE1O2l2HI
+lqJxZNCc13cfFv4IUL0cVlc/2mM5YnAMP1B5dDm0S2psJ+1ofWntqUTF19+jHz7S
+4nG4Jd5WAE9x6Oq0iF37ZyRYG5VW5y+EwjlObbyyT3ZVI1VG81F1DGI=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://su.avedas.com/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://su.avedas.com/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://su.avedas.com/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://su.avedas.com/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://su.avedas.com/Shibboleth.sso/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://su.avedas.com/Shibboleth.sso/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://su.avedas.com/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://su.avedas.com/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://su.avedas.com/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://su.avedas.com/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://su.avedas.com/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://su.avedas.com/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://su.avedas.com/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://su.avedas.com/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://registrera.hb.se/shibboleth" xml:base="swamid-1.0/registrera.hb.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>registrera.hb.se</ds:KeyName>
+ <ds:KeyName>vm-registrera.hb.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=registrera.hb.se,OU=GF,O=H\C3\B6gskolan i Bor\C3\A5s,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIECjCCAvKgAwIBAgIRAMRSDmNt6njEH0n9VYTNaVgwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0wOTEyMTQwMDAwMDBaFw0xMjEyMTMyMzU5NTlaMFMxCzAJBgNV
+BAYTAlNFMRwwGgYDVQQKDBNIw7Znc2tvbGFuIGkgQm9yw6VzMQswCQYDVQQLEwJH
+RjEZMBcGA1UEAxMQcmVnaXN0cmVyYS5oYi5zZTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAyN72d/ptyFijjHr3r/6TzZUHYbBAxMBfLCLhBcTYUoSs1NmVfq4v
+j9Gg9o9p4YHNkciQ3IlG/gX6YpbhdVNVAwoer+NAAwv7kyh6pCPYs1/UbT2cNdt4
++2pmVGYYvephTGdiPD/l6+eJ2MSLIjg1OPyLLIc55/QwckVZ+aNxG5UCAwEAAaOC
+AXgwggF0MB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQW
+BBThMU05NRahK0xF+83OWb60YYywkDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzAN
+BgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50
+ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYB
+BQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0
+MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAwBgNVHREE
+KTAnghByZWdpc3RyZXJhLmhiLnNlghN2bS1yZWdpc3RyZXJhLmhiLnNlMA0GCSqG
+SIb3DQEBBQUAA4IBAQCb7n3q9y9pWZoFLkQTfjkf+/CmXKP2KqLYRDutieeAN7HG
+m4odw7GslpKCcl7wkrRRGRAMj0SIbKP8sQoBfTebL1tIM6Yj+Tba2Ew+u0aGnXpv
+YuBPTLErr2fkkk/ZcY4JeqB3FTqes195SZF8WVtxJeI88dFMjK9kOLA5CK2EE/bd
+y+LBcpEC8uLx4GF6FJl5eQbnrR25A+VDqkxY+UtAVX/3m+XIeIg6n70LvnFTJmy+
+MbcotK0FqbwSIN7oyLWe5SjUSkrf/LAD/R3CXyGZvcGuUx3cX1ur7exlKMun6/lP
+Ni1kp0+3QaewFNePHmM8yl2mPmQulTWmlzOZN9ue
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>registrera.hb.se</ds:KeyName>
+ <ds:KeyName>vm-registrera.hb.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=registrera.hb.se,OU=GF,O=H\C3\B6gskolan i Bor\C3\A5s,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIECjCCAvKgAwIBAgIRAMRSDmNt6njEH0n9VYTNaVgwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0wOTEyMTQwMDAwMDBaFw0xMjEyMTMyMzU5NTlaMFMxCzAJBgNV
+BAYTAlNFMRwwGgYDVQQKDBNIw7Znc2tvbGFuIGkgQm9yw6VzMQswCQYDVQQLEwJH
+RjEZMBcGA1UEAxMQcmVnaXN0cmVyYS5oYi5zZTCBnzANBgkqhkiG9w0BAQEFAAOB
+jQAwgYkCgYEAyN72d/ptyFijjHr3r/6TzZUHYbBAxMBfLCLhBcTYUoSs1NmVfq4v
+j9Gg9o9p4YHNkciQ3IlG/gX6YpbhdVNVAwoer+NAAwv7kyh6pCPYs1/UbT2cNdt4
++2pmVGYYvephTGdiPD/l6+eJ2MSLIjg1OPyLLIc55/QwckVZ+aNxG5UCAwEAAaOC
+AXgwggF0MB8GA1UdIwQYMBaAFAy9k2gM896ro0lrKzdXR+qQ47ntMB0GA1UdDgQW
+BBThMU05NRahK0xF+83OWb60YYywkDAOBgNVHQ8BAf8EBAMCBaAwDAYDVR0TAQH/
+BAIwADAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGAYDVR0gBBEwDzAN
+BgsrBgEEAbIxAQICHTA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLnRjcy50
+ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNybDBtBggrBgEFBQcBAQRhMF8wNQYIKwYB
+BQUHMAKGKWh0dHA6Ly9jcnQudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3J0
+MCYGCCsGAQUFBzABhhpodHRwOi8vb2NzcC50Y3MudGVyZW5hLm9yZzAwBgNVHREE
+KTAnghByZWdpc3RyZXJhLmhiLnNlghN2bS1yZWdpc3RyZXJhLmhiLnNlMA0GCSqG
+SIb3DQEBBQUAA4IBAQCb7n3q9y9pWZoFLkQTfjkf+/CmXKP2KqLYRDutieeAN7HG
+m4odw7GslpKCcl7wkrRRGRAMj0SIbKP8sQoBfTebL1tIM6Yj+Tba2Ew+u0aGnXpv
+YuBPTLErr2fkkk/ZcY4JeqB3FTqes195SZF8WVtxJeI88dFMjK9kOLA5CK2EE/bd
+y+LBcpEC8uLx4GF6FJl5eQbnrR25A+VDqkxY+UtAVX/3m+XIeIg6n70LvnFTJmy+
+MbcotK0FqbwSIN7oyLWe5SjUSkrf/LAD/R3CXyGZvcGuUx3cX1ur7exlKMun6/lP
+Ni1kp0+3QaewFNePHmM8yl2mPmQulTWmlzOZN9ue
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://registrera.hb.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://registrera.hb.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://registrera.hb.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://registrera.hb.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://registrera.hb.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://aktivering.db.umu.se/shibboleth" xml:base="swamid-1.0/aktivering.db.umu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://aktivering.db.umu.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIFgTCCBGmgAwIBAgIRANpx25pROOar5rDRfsK004UwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0wOTEyMTcwMDAwMDBaFw0xMjEyMTYyMzU5NTlaMFcxCzAJBgNV
+BAYTAlNFMRkwFwYDVQQKExBVbWVhIHVuaXZlcnNpdGV0MQ4wDAYDVQQLEwVVTURB
+QzEdMBsGA1UEAxMUYWt0aXZlcmluZy5kYi51bXUuc2UwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCi3/sGq/G/+3Q0NF5XHCyXt2A1Pf1bFc6/GTJpqZoZ
+4w6Z4qZukm/m2sg9lZt4eXGzff4J3LYfISl9YNY21qyNNx89vyGmZwreFhTKBgKM
+8HndtqQkhk/469mpVbP6nkYlqB1Yo1z4dknQY0W15/EwwdqoGSi/1RhaN5HeaGHi
+zOaEmOY8USvDg2a9C8eDFEJwr46E9R0aW3Qtanb610FYly7yZw1zq9GZGSfIcuhD
+XjBzUhgx0S+wnzp0t4g1xZa+hNbSuAb+orcy6N/Qf8G/v3TN9Deyy5QszTDh0DfM
+pKgqKlxvFToRLDUxYgMwJhCQqMyQ6su2RL/lqyt4sktczCt4n6k0/PR75TygrC3A
+XNQyGbSOKyTWii5ZTnJpsDhfgzmmS1wvfceMAQhCaEHIOmytrfEKnBhN++RDzzow
+Bes5LX9V+c34UnmbWLYuoRZSgXuDf+uo1M5D4wY/iLMfV8hrR3fxohugeICI5zHr
+dshPHf+1sGkR0GW5FZojA3MCqnvx2JXD/uzRZlklCpdvm7piaWpSUOTuozaiUvQf
+yLGFFhnoEpbABoJSCFSCQO2k2AZkAReA0tYhbYVe+mnxWZsOZRcLaQTMl6l/0uQ5
+SIVjC5S4JcDrHnHSbMLk2OIiiEFa515Maa/hNkS6MwyXKNpwpmJxB9W4rQ3MpQCI
+7wIDAQABo4IBZzCCAWMwHwYDVR0jBBgwFoAUDL2TaAzz3qujSWsrN1dH6pDjue0w
+HQYDVR0OBBYEFPA2Tckr7sjvWayvY68aF7n0jY4+MA4GA1UdDwEB/wQEAwIFoDAM
+BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAYBgNV
+HSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9j
+cmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3JsMG0GCCsGAQUFBwEBBGEw
+XzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3MudGVyZW5hLm9yZy9URVJFTkFT
+U0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLnRjcy50ZXJlbmEub3Jn
+MB8GA1UdEQQYMBaCFGFrdGl2ZXJpbmcuZGIudW11LnNlMA0GCSqGSIb3DQEBBQUA
+A4IBAQAS33vefF1HZRklXjJfPwwvpFjYN/jp1+HS9yyMxV6xy7KDl9999sdAXv7y
+NzksZxOLrI220LX6vkDno7nHrRDCoJyaD4M8kBfrQFylrlm2Z2+JPFI9HxyQiwNO
++jfje4/ZjJ5FCGQFS1fJfKS/z/h00HPxRrarCo9JbDx8n628swrUiWeu09ooRan4
+7e0pFS37NOHjDiX4xar/5ZftQdsnz/5M322LhhlMLUU7TPdB9neJnn8QxeSaLDsr
+LBQ+1+ysE+ryWjMO23qmJzxA8uVHHuiD30S2XHSsfL1clX20G2Zb5YAM6h/lZnGS
+9NeFIiSev3CzfBT/GlsNx0aGwTd/
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIFgTCCBGmgAwIBAgIRANpx25pROOar5rDRfsK004UwDQYJKoZIhvcNAQEFBQAw
+NjELMAkGA1UEBhMCTkwxDzANBgNVBAoTBlRFUkVOQTEWMBQGA1UEAxMNVEVSRU5B
+IFNTTCBDQTAeFw0wOTEyMTcwMDAwMDBaFw0xMjEyMTYyMzU5NTlaMFcxCzAJBgNV
+BAYTAlNFMRkwFwYDVQQKExBVbWVhIHVuaXZlcnNpdGV0MQ4wDAYDVQQLEwVVTURB
+QzEdMBsGA1UEAxMUYWt0aXZlcmluZy5kYi51bXUuc2UwggIiMA0GCSqGSIb3DQEB
+AQUAA4ICDwAwggIKAoICAQCi3/sGq/G/+3Q0NF5XHCyXt2A1Pf1bFc6/GTJpqZoZ
+4w6Z4qZukm/m2sg9lZt4eXGzff4J3LYfISl9YNY21qyNNx89vyGmZwreFhTKBgKM
+8HndtqQkhk/469mpVbP6nkYlqB1Yo1z4dknQY0W15/EwwdqoGSi/1RhaN5HeaGHi
+zOaEmOY8USvDg2a9C8eDFEJwr46E9R0aW3Qtanb610FYly7yZw1zq9GZGSfIcuhD
+XjBzUhgx0S+wnzp0t4g1xZa+hNbSuAb+orcy6N/Qf8G/v3TN9Deyy5QszTDh0DfM
+pKgqKlxvFToRLDUxYgMwJhCQqMyQ6su2RL/lqyt4sktczCt4n6k0/PR75TygrC3A
+XNQyGbSOKyTWii5ZTnJpsDhfgzmmS1wvfceMAQhCaEHIOmytrfEKnBhN++RDzzow
+Bes5LX9V+c34UnmbWLYuoRZSgXuDf+uo1M5D4wY/iLMfV8hrR3fxohugeICI5zHr
+dshPHf+1sGkR0GW5FZojA3MCqnvx2JXD/uzRZlklCpdvm7piaWpSUOTuozaiUvQf
+yLGFFhnoEpbABoJSCFSCQO2k2AZkAReA0tYhbYVe+mnxWZsOZRcLaQTMl6l/0uQ5
+SIVjC5S4JcDrHnHSbMLk2OIiiEFa515Maa/hNkS6MwyXKNpwpmJxB9W4rQ3MpQCI
+7wIDAQABo4IBZzCCAWMwHwYDVR0jBBgwFoAUDL2TaAzz3qujSWsrN1dH6pDjue0w
+HQYDVR0OBBYEFPA2Tckr7sjvWayvY68aF7n0jY4+MA4GA1UdDwEB/wQEAwIFoDAM
+BgNVHRMBAf8EAjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAYBgNV
+HSAEETAPMA0GCysGAQQBsjEBAgIdMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9j
+cmwudGNzLnRlcmVuYS5vcmcvVEVSRU5BU1NMQ0EuY3JsMG0GCCsGAQUFBwEBBGEw
+XzA1BggrBgEFBQcwAoYpaHR0cDovL2NydC50Y3MudGVyZW5hLm9yZy9URVJFTkFT
+U0xDQS5jcnQwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLnRjcy50ZXJlbmEub3Jn
+MB8GA1UdEQQYMBaCFGFrdGl2ZXJpbmcuZGIudW11LnNlMA0GCSqGSIb3DQEBBQUA
+A4IBAQAS33vefF1HZRklXjJfPwwvpFjYN/jp1+HS9yyMxV6xy7KDl9999sdAXv7y
+NzksZxOLrI220LX6vkDno7nHrRDCoJyaD4M8kBfrQFylrlm2Z2+JPFI9HxyQiwNO
++jfje4/ZjJ5FCGQFS1fJfKS/z/h00HPxRrarCo9JbDx8n628swrUiWeu09ooRan4
+7e0pFS37NOHjDiX4xar/5ZftQdsnz/5M322LhhlMLUU7TPdB9neJnn8QxeSaLDsr
+LBQ+1+ysE+ryWjMO23qmJzxA8uVHHuiD30S2XHSsfL1clX20G2Zb5YAM6h/lZnGS
+9NeFIiSev3CzfBT/GlsNx0aGwTd/
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aktivering.db.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aktivering.db.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aktivering.db.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aktivering.db.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aktivering.db.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://aktivering.db.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://aktivering.db.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aktivering.db.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aktivering.db.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://aktivering.db.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://aktivering.db.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://aktivering.db.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://aktivering.db.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://aktivering.db.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://aktivering.db.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://sukattool-web1.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/sukattool-web1.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>sukattool-web1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sukattool-web1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDDCCAfSgAwIBAgIJAL3b61TIut2xMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNV
+BAMTF3N1a2F0dG9vbC13ZWIxLml0LnN1LnNlMB4XDTEwMDExOTA5MzcxN1oXDTIw
+MDExNzA5MzcxN1owIjEgMB4GA1UEAxMXc3VrYXR0b29sLXdlYjEuaXQuc3Uuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKPApg+jDCZ70yR04mO0RG
+/EBpm8fUJoKb3fIxbLUQfC1mwN4tEtU1X8qonoJt8IT/xS15Jfp/EpSxzUqGth7E
+6utjdoUknaAZPG6K017fGgzdJpjzvie6/n0AhKwsykzYpU8gu81qhl3gO78RRija
+E16d7rLrVnNNgQ1/IwE77RLi3HowVcwLu0+yK1cpB1kyWm2WT6vCbsLZrY6NV4ym
+Kxg3zlAQMdvmfkTyV741yArb3YBOUgBks6uVPgUCWL9gKNGfsX7+x/IoPPK6rt85
+QEaghWrvGPT+e/b6mY/6VzGs0n93y7SHVMzi69G4zfEywLldqRHetJIVqlt2SF2X
+AgMBAAGjRTBDMCIGA1UdEQQbMBmCF3N1a2F0dG9vbC13ZWIxLml0LnN1LnNlMB0G
+A1UdDgQWBBQVTiomwldDLBRgT9cr0aRP2/RWfjANBgkqhkiG9w0BAQUFAAOCAQEA
+vDfFxDPma+KpLdbsCWFKsqchRSaz4FbeBRJAhiztr7q0dED0HjyKHQm9yEOLfBWd
+PkMcNMwNvUsEjYB4s5z4IIOwtgu1RO6H0qs78+sViT5vFs2Uw+moi210qNkbHgId
+j0x8s+EzSnC8uMZ9lgrrRP0AimdIMgvfKNqzcPmPtOi4R+yjENoITXI8HycMCDus
+6nt2vYdeRRxQ1Bwf2VZIBQJwcl6mdwvlR521h0AQXSbvDNJRkiG2tudEjISwcfGO
+YmO/RKcNgXHp4fV0sdavN5Lx8K3c/MgSyXHAW3yE1y1w36NU+VV1WXIpEjBGZv2Z
+8mD6tjWF3w9pKJ7kYVQtGA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>sukattool-web1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sukattool-web1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDDCCAfSgAwIBAgIJAL3b61TIut2xMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNV
+BAMTF3N1a2F0dG9vbC13ZWIxLml0LnN1LnNlMB4XDTEwMDExOTA5MzcxN1oXDTIw
+MDExNzA5MzcxN1owIjEgMB4GA1UEAxMXc3VrYXR0b29sLXdlYjEuaXQuc3Uuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDKPApg+jDCZ70yR04mO0RG
+/EBpm8fUJoKb3fIxbLUQfC1mwN4tEtU1X8qonoJt8IT/xS15Jfp/EpSxzUqGth7E
+6utjdoUknaAZPG6K017fGgzdJpjzvie6/n0AhKwsykzYpU8gu81qhl3gO78RRija
+E16d7rLrVnNNgQ1/IwE77RLi3HowVcwLu0+yK1cpB1kyWm2WT6vCbsLZrY6NV4ym
+Kxg3zlAQMdvmfkTyV741yArb3YBOUgBks6uVPgUCWL9gKNGfsX7+x/IoPPK6rt85
+QEaghWrvGPT+e/b6mY/6VzGs0n93y7SHVMzi69G4zfEywLldqRHetJIVqlt2SF2X
+AgMBAAGjRTBDMCIGA1UdEQQbMBmCF3N1a2F0dG9vbC13ZWIxLml0LnN1LnNlMB0G
+A1UdDgQWBBQVTiomwldDLBRgT9cr0aRP2/RWfjANBgkqhkiG9w0BAQUFAAOCAQEA
+vDfFxDPma+KpLdbsCWFKsqchRSaz4FbeBRJAhiztr7q0dED0HjyKHQm9yEOLfBWd
+PkMcNMwNvUsEjYB4s5z4IIOwtgu1RO6H0qs78+sViT5vFs2Uw+moi210qNkbHgId
+j0x8s+EzSnC8uMZ9lgrrRP0AimdIMgvfKNqzcPmPtOi4R+yjENoITXI8HycMCDus
+6nt2vYdeRRxQ1Bwf2VZIBQJwcl6mdwvlR521h0AQXSbvDNJRkiG2tudEjISwcfGO
+YmO/RKcNgXHp4fV0sdavN5Lx8K3c/MgSyXHAW3yE1y1w36NU+VV1WXIpEjBGZv2Z
+8mD6tjWF3w9pKJ7kYVQtGA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sukattool-web1.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.hgo.se/idp/shibboleth" xml:base="swamid-1.0/idp.hgo.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hgo.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDWDCCAkCgAwIBAgIES4+8uzANBgkqhkiG9w0BAQUFADBuMQswCQYDVQQGEwJT
+RTEQMA4GA1UECBMHR290bGFuZDEOMAwGA1UEBxMFVmlzYnkxCzAJBgNVBAoTAklU
+MRswGQYDVQQLExJHb3RsYW5kIFVuaXZlcnNpdHkxEzARBgNVBAMTCmlkcC5oZ28u
+c2UwHhcNMTAwMzA0MTM1OTIzWhcNMjAwMzAxMTM1OTIzWjBuMQswCQYDVQQGEwJT
+RTEQMA4GA1UECBMHR290bGFuZDEOMAwGA1UEBxMFVmlzYnkxCzAJBgNVBAoTAklU
+MRswGQYDVQQLExJHb3RsYW5kIFVuaXZlcnNpdHkxEzARBgNVBAMTCmlkcC5oZ28u
+c2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZMqgS3wqDLOKVwYHG
+5FRrM13gk+lP+Alm45T0pK192Cl3OWildw4qNiMv10oocbZUoE9PFn6PESSwF6Nt
+2nm3um4ePSbzowYwGOuRLQJfXj4FK3Dj2PO1OLD7oK4VXgka+kG93/oyEaeSfe3t
+93eFgp8bb58b42ED/CAcxvGzcHHyG0WzFTtO3hSuscy/6BKEekVefQJfpPnCuuMN
+2NothDvL+IHO7+DXMeHfH56L1P4fLz+jSMCL2hXGuZxc1f/+l9b4VpegUQx9IGk2
+Rspt3CtOHDI7hhUu5xlbxad0uyAu34dMOz/6jB3UDHYTOEoCjBGhf8RE9zeWFT5D
+VXhtAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAIZdx0R84klmPoZq7uMPh1pPJ76X
+2xpmzCoxhRqjq2Uy9HKfiu9pwo21H9w+PvXhUtdsTInAAhPl1khupPzV/uJeCybl
+mbgtQgNr5UnLtfNz7GQD0EXe0UuC+bP+Qrl6NrCke73MCOLITajJ4ggdfdF3C55e
+G1kXEv3DPMpB8tRlcf4W3fT9ZKR+6zzSOkvuMzLIzv1UBTxUas19DYYNzE3+u/9Q
+8IHjPqr0JsKZiNBRofXwLZ6y2xztQqBVDmV4yNoOLNUDDOFHYwiuR1aAJ2rNoOF7
+UTU+mTp7woVtJsWWGJRG1iDB7UxpIHdPwDBDPEfxlw11kdJ+HIyaYCrQL4A=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hgo.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hgo.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.hgo.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.hgo.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.hgo.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.hgo.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hgo.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDWDCCAkCgAwIBAgIES4+8uzANBgkqhkiG9w0BAQUFADBuMQswCQYDVQQGEwJT
+RTEQMA4GA1UECBMHR290bGFuZDEOMAwGA1UEBxMFVmlzYnkxCzAJBgNVBAoTAklU
+MRswGQYDVQQLExJHb3RsYW5kIFVuaXZlcnNpdHkxEzARBgNVBAMTCmlkcC5oZ28u
+c2UwHhcNMTAwMzA0MTM1OTIzWhcNMjAwMzAxMTM1OTIzWjBuMQswCQYDVQQGEwJT
+RTEQMA4GA1UECBMHR290bGFuZDEOMAwGA1UEBxMFVmlzYnkxCzAJBgNVBAoTAklU
+MRswGQYDVQQLExJHb3RsYW5kIFVuaXZlcnNpdHkxEzARBgNVBAMTCmlkcC5oZ28u
+c2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDZMqgS3wqDLOKVwYHG
+5FRrM13gk+lP+Alm45T0pK192Cl3OWildw4qNiMv10oocbZUoE9PFn6PESSwF6Nt
+2nm3um4ePSbzowYwGOuRLQJfXj4FK3Dj2PO1OLD7oK4VXgka+kG93/oyEaeSfe3t
+93eFgp8bb58b42ED/CAcxvGzcHHyG0WzFTtO3hSuscy/6BKEekVefQJfpPnCuuMN
+2NothDvL+IHO7+DXMeHfH56L1P4fLz+jSMCL2hXGuZxc1f/+l9b4VpegUQx9IGk2
+Rspt3CtOHDI7hhUu5xlbxad0uyAu34dMOz/6jB3UDHYTOEoCjBGhf8RE9zeWFT5D
+VXhtAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAIZdx0R84klmPoZq7uMPh1pPJ76X
+2xpmzCoxhRqjq2Uy9HKfiu9pwo21H9w+PvXhUtdsTInAAhPl1khupPzV/uJeCybl
+mbgtQgNr5UnLtfNz7GQD0EXe0UuC+bP+Qrl6NrCke73MCOLITajJ4ggdfdF3C55e
+G1kXEv3DPMpB8tRlcf4W3fT9ZKR+6zzSOkvuMzLIzv1UBTxUas19DYYNzE3+u/9Q
+8IHjPqr0JsKZiNBRofXwLZ6y2xztQqBVDmV4yNoOLNUDDOFHYwiuR1aAJ2rNoOF7
+UTU+mTp7woVtJsWWGJRG1iDB7UxpIHdPwDBDPEfxlw11kdJ+HIyaYCrQL4A=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hgo.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hgo.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">HGO</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan på Gotland</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hgo.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Joacim</GivenName>
+ <SurName>Breiler</SurName>
+ <EmailAddress>joacim.breiler@hgo.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.diva-portal.org/shibboleth" xml:base="swamid-1.0/www.diva-portal.org.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>www.diva-portal.org</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.diva-portal.org</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJALws/Gp4u0qUMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE3d3dy5kaXZhLXBvcnRhbC5vcmcwHhcNMTAwMTI2MTMzMDA0WhcNMjAwMTI0
+MTMzMDA0WjAeMRwwGgYDVQQDExN3d3cuZGl2YS1wb3J0YWwub3JnMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiqePLbYzwDdJ7db9++auHZNsjAhXhpm
+AIfDlpu0ZJ6PdxsRtwT5aQzjTkvBce7JYezri6Z8u/un+yPqA/NjAOgJvygIxfCI
+XGMMiw8FA+RX/UNtJBWTr/eJOFRLbQ3xhnmkv3qS1jODtGFrc/ycf+V9GeP2f6GV
+KT1zRoQvoXEurU/LketNnoVr6cIu+dWQXLldJbsvFepw1dIuKlWs3PauFVgiw7cV
+1wioFKcPfYUt7hg5ZpUlK2I8AszgwRQZAACqS8zNc54Q97RbgptL+ua21v4R703H
+dxtuRAWUrDe7uU4HTZucYKqomZI3pS5UbdHxDIupOl6Alot9lfTN/wIDAQABo0Ew
+PzAeBgNVHREEFzAVghN3d3cuZGl2YS1wb3J0YWwub3JnMB0GA1UdDgQWBBQyrnjR
+ZLYO63h6dvCxoMPSvgG8FDANBgkqhkiG9w0BAQUFAAOCAQEAbUAQQ0OV0npudm5T
+Rjcc/INAcF5fJ2sDejOMWa3unB5XbWHUbPmBmN0vCchVs97QUWVIsHTm6wAjdi0N
+IjW6umykM+aJ0jCRHNwD7wbwet55rHU+pxK3YxRRN5D3JdjN+ttswwNPv83r85o0
+dIEDJtDobA2HT+i6/A2uK2JR7DzpWw2RcG+iCrNmMI9L2YXIs+p5CjS32Pdmn77B
+2C9DSmBXboPTPxfmIOo1S6B4ZEtJ7W2s425lx38v4oEo+TspFAqzTDs8+fTw9/aa
+J1z0kVcxmvNLpIVh3rlkUQvNycE22FMDlp6sDtIn/KaODR5hKSGHT2Cdk4tpktkh
+H5e8OA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>www.diva-portal.org</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.diva-portal.org</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJALws/Gp4u0qUMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE3d3dy5kaXZhLXBvcnRhbC5vcmcwHhcNMTAwMTI2MTMzMDA0WhcNMjAwMTI0
+MTMzMDA0WjAeMRwwGgYDVQQDExN3d3cuZGl2YS1wb3J0YWwub3JnMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiqePLbYzwDdJ7db9++auHZNsjAhXhpm
+AIfDlpu0ZJ6PdxsRtwT5aQzjTkvBce7JYezri6Z8u/un+yPqA/NjAOgJvygIxfCI
+XGMMiw8FA+RX/UNtJBWTr/eJOFRLbQ3xhnmkv3qS1jODtGFrc/ycf+V9GeP2f6GV
+KT1zRoQvoXEurU/LketNnoVr6cIu+dWQXLldJbsvFepw1dIuKlWs3PauFVgiw7cV
+1wioFKcPfYUt7hg5ZpUlK2I8AszgwRQZAACqS8zNc54Q97RbgptL+ua21v4R703H
+dxtuRAWUrDe7uU4HTZucYKqomZI3pS5UbdHxDIupOl6Alot9lfTN/wIDAQABo0Ew
+PzAeBgNVHREEFzAVghN3d3cuZGl2YS1wb3J0YWwub3JnMB0GA1UdDgQWBBQyrnjR
+ZLYO63h6dvCxoMPSvgG8FDANBgkqhkiG9w0BAQUFAAOCAQEAbUAQQ0OV0npudm5T
+Rjcc/INAcF5fJ2sDejOMWa3unB5XbWHUbPmBmN0vCchVs97QUWVIsHTm6wAjdi0N
+IjW6umykM+aJ0jCRHNwD7wbwet55rHU+pxK3YxRRN5D3JdjN+ttswwNPv83r85o0
+dIEDJtDobA2HT+i6/A2uK2JR7DzpWw2RcG+iCrNmMI9L2YXIs+p5CjS32Pdmn77B
+2C9DSmBXboPTPxfmIOo1S6B4ZEtJ7W2s425lx38v4oEo+TspFAqzTDs8+fTw9/aa
+J1z0kVcxmvNLpIVh3rlkUQvNycE22FMDlp6sDtIn/KaODR5hKSGHT2Cdk4tpktkh
+H5e8OA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.diva-portal.org/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.diva-portal.org/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.diva-portal.org/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.diva-portal.org/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.diva-portal.org/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.diva-portal.org/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.diva-portal.org/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.diva-portal.org/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.diva-portal.org/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.diva-portal.org/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.diva-portal.org/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.diva-portal.org/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.diva-portal.org/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.diva-portal.org/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="en">DiVA</md:ServiceName>
+ <md:ServiceDescription xml:lang="en">DiVA – Academic Archive Online - is a system for electronic publishing and for registering publications produced by researchers, teachers and students. Uppsala University Library develops and maintains DiVA.</md:ServiceDescription>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:0.9.2342.19200300.100.1.3"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.42"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.4"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://pp-edu-admin.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/pp-edu-admin.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-edu-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-edu-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDDCCAfSgAwIBAgIJAI3BZZ+7nhOLMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNV
+BAMTF3BwOS1lZHUtYWRtaW4xLml0LnN1LnNlMB4XDTEwMTExMjEwMDMyOVoXDTIw
+MTEwOTEwMDMyOVowIjEgMB4GA1UEAxMXcHA5LWVkdS1hZG1pbjEuaXQuc3Uuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo1XanDZMEDvPzTvr1hPiP
+uURZEkIh9QA7lkuUhWeO2Eu4D8bwl2tV6uRx/HIcCBitvPj3SfYtju1td6ItcEO9
+D12L6dxZurSB1V0g1IXJLwCp8LbPmnRZwkMck8tuqMJbrGfSJgKAwMdm8eBx8kcj
+NCglxPuB7uXwwBTxA/21shI8K1mkd9HC6IaSQoFSMOmgem0PgcaXgZ2LQK8R4OkJ
+qygdOdE8JW/xGDunT1DHXfCijDY7pUvI1mDs0W03flErag//nv2x5gFrj3xVqntf
+lQTj/bxvCq0uTs4zFXirgkb38ZegNGRtPHdoyc8hJYW2cANu3FnKeZh76vEVKxqd
+AgMBAAGjRTBDMCIGA1UdEQQbMBmCF3BwOS1lZHUtYWRtaW4xLml0LnN1LnNlMB0G
+A1UdDgQWBBS6WuUJF+arPUZfU1vMPuBBVfWtzDANBgkqhkiG9w0BAQUFAAOCAQEA
+edbugcfpmmjX8kYOJvG+FB7iMeRyQH4zkgfWc2RaJ8ul1MKcXxRkbv0vQw5FS/yz
+J1cQ1gyFhZ/0V7/cV3tBemCxji5ogee8dWWH/qes7jDgxFY/t9qIkSdR/7RcXuab
+WTpjtDC9KLw+2oUN2DoqFHpw7PUteqBYxDgVLC7rxWs2Eupz0WOCnZr1ye4unS5A
+MXxzoMJ8RVxwFSz7Z1U5GikeMsCz2GTzZjyIfQ801tNMkqXpi8xT99mBRZFq3Z9T
+ceKcy732/kTLBPhP6K5MfKWV+Pq0gJ7R8JOcwSvgZzBrH62UIHwlJP6pB+T/DBuE
+huzT1nDeCLxTRww3QXa+xA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-edu-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-edu-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDDCCAfSgAwIBAgIJAI3BZZ+7nhOLMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNV
+BAMTF3BwOS1lZHUtYWRtaW4xLml0LnN1LnNlMB4XDTEwMTExMjEwMDMyOVoXDTIw
+MTEwOTEwMDMyOVowIjEgMB4GA1UEAxMXcHA5LWVkdS1hZG1pbjEuaXQuc3Uuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCo1XanDZMEDvPzTvr1hPiP
+uURZEkIh9QA7lkuUhWeO2Eu4D8bwl2tV6uRx/HIcCBitvPj3SfYtju1td6ItcEO9
+D12L6dxZurSB1V0g1IXJLwCp8LbPmnRZwkMck8tuqMJbrGfSJgKAwMdm8eBx8kcj
+NCglxPuB7uXwwBTxA/21shI8K1mkd9HC6IaSQoFSMOmgem0PgcaXgZ2LQK8R4OkJ
+qygdOdE8JW/xGDunT1DHXfCijDY7pUvI1mDs0W03flErag//nv2x5gFrj3xVqntf
+lQTj/bxvCq0uTs4zFXirgkb38ZegNGRtPHdoyc8hJYW2cANu3FnKeZh76vEVKxqd
+AgMBAAGjRTBDMCIGA1UdEQQbMBmCF3BwOS1lZHUtYWRtaW4xLml0LnN1LnNlMB0G
+A1UdDgQWBBS6WuUJF+arPUZfU1vMPuBBVfWtzDANBgkqhkiG9w0BAQUFAAOCAQEA
+edbugcfpmmjX8kYOJvG+FB7iMeRyQH4zkgfWc2RaJ8ul1MKcXxRkbv0vQw5FS/yz
+J1cQ1gyFhZ/0V7/cV3tBemCxji5ogee8dWWH/qes7jDgxFY/t9qIkSdR/7RcXuab
+WTpjtDC9KLw+2oUN2DoqFHpw7PUteqBYxDgVLC7rxWs2Eupz0WOCnZr1ye4unS5A
+MXxzoMJ8RVxwFSz7Z1U5GikeMsCz2GTzZjyIfQ801tNMkqXpi8xT99mBRZFq3Z9T
+ceKcy732/kTLBPhP6K5MfKWV+Pq0gJ7R8JOcwSvgZzBrH62UIHwlJP6pB+T/DBuE
+huzT1nDeCLxTRww3QXa+xA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pp-edu-admin.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://minastudier-test.su.se/Shibboleth.sso" xml:base="swamid-1.0/minastudier-test.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://minastudier-test.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://minastudier-test.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>lpwtool-test-minastudier1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lpwtool-test-minastudier1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDLTCCAhWgAwIBAgIJAO6dTFyNy8P8MA0GCSqGSIb3DQEBBQUAMC0xKzApBgNV
+BAMTImxwd3Rvb2wtdGVzdC1taW5hc3R1ZGllcjEuaXQuc3Uuc2UwHhcNMTAwNDE2
+MTMzODEyWhcNMjAwNDEzMTMzODEyWjAtMSswKQYDVQQDEyJscHd0b29sLXRlc3Qt
+bWluYXN0dWRpZXIxLml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEApE9pxymoa/IN2TGMMI4U7N2vLBkuRrQc7EQp27mKQ3iYx47Avgy+uXgO
+TdzpdNyfl7g97UoaavjGrPBruDCqDVQ6FmTZMtKyLBgcAhdYk8Rh3WJfUKxTJlLY
+m1Ul5bp331hX64/55Ol37W7ptXarWdO0JAJ+/V4p+sD0V0yXU2ER0Y6iYZebjJUj
+nVJqH7bkLrHowTHXRRRVsGBennZ/7MfeVeNgYF9E2+0zCzLBihB7AKKP/guCJ48L
+FL2UlIX16eDttaV8dYQVx7NjkZIKaGndMwTL6f2hjdTDPkxQ+kBH5Hd5mseqUkrD
+iUcJoW2J+xMPsGiE+6sxEXryIiY5xQIDAQABo1AwTjAtBgNVHREEJjAkgiJscHd0
+b29sLXRlc3QtbWluYXN0dWRpZXIxLml0LnN1LnNlMB0GA1UdDgQWBBSWNsYqg7gK
+GpoHl72/rcWgUYJ14DANBgkqhkiG9w0BAQUFAAOCAQEAilGUE3B8Be7jdqohQ7v5
+jk5N/DHRiPR5M0U1Q3GojKyL88PkMSxhoiiOxQxWbkm5vCkiTBe9TW8ImE8tW26h
+hedSYgMWqLcCG/ryNLV0kuEoufdYK01HZvjWdUOow8R7fhizWW8ui8dY4X2JqsyR
+M7jwX8Ouk5x+0OrWPGRQvtTRBQwXPcLskGsFFADXP381VWJF+x4/FUn2j6X6wh5h
+NlWn2FgI/5o342VnqfcLVgSO1EouAuHkZO3KXlBij/GPXJkhwzZz6rChMrj4vXW5
+ZK2zpCBoomJUHOg1LC4f0gDNWwog62bUCyxzXmIycz+y9n1xn0thBuOjAOQOZ32K
+Og==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>lpwtool-test-minastudier1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lpwtool-test-minastudier1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDLTCCAhWgAwIBAgIJAO6dTFyNy8P8MA0GCSqGSIb3DQEBBQUAMC0xKzApBgNV
+BAMTImxwd3Rvb2wtdGVzdC1taW5hc3R1ZGllcjEuaXQuc3Uuc2UwHhcNMTAwNDE2
+MTMzODEyWhcNMjAwNDEzMTMzODEyWjAtMSswKQYDVQQDEyJscHd0b29sLXRlc3Qt
+bWluYXN0dWRpZXIxLml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEApE9pxymoa/IN2TGMMI4U7N2vLBkuRrQc7EQp27mKQ3iYx47Avgy+uXgO
+TdzpdNyfl7g97UoaavjGrPBruDCqDVQ6FmTZMtKyLBgcAhdYk8Rh3WJfUKxTJlLY
+m1Ul5bp331hX64/55Ol37W7ptXarWdO0JAJ+/V4p+sD0V0yXU2ER0Y6iYZebjJUj
+nVJqH7bkLrHowTHXRRRVsGBennZ/7MfeVeNgYF9E2+0zCzLBihB7AKKP/guCJ48L
+FL2UlIX16eDttaV8dYQVx7NjkZIKaGndMwTL6f2hjdTDPkxQ+kBH5Hd5mseqUkrD
+iUcJoW2J+xMPsGiE+6sxEXryIiY5xQIDAQABo1AwTjAtBgNVHREEJjAkgiJscHd0
+b29sLXRlc3QtbWluYXN0dWRpZXIxLml0LnN1LnNlMB0GA1UdDgQWBBSWNsYqg7gK
+GpoHl72/rcWgUYJ14DANBgkqhkiG9w0BAQUFAAOCAQEAilGUE3B8Be7jdqohQ7v5
+jk5N/DHRiPR5M0U1Q3GojKyL88PkMSxhoiiOxQxWbkm5vCkiTBe9TW8ImE8tW26h
+hedSYgMWqLcCG/ryNLV0kuEoufdYK01HZvjWdUOow8R7fhizWW8ui8dY4X2JqsyR
+M7jwX8Ouk5x+0OrWPGRQvtTRBQwXPcLskGsFFADXP381VWJF+x4/FUn2j6X6wh5h
+NlWn2FgI/5o342VnqfcLVgSO1EouAuHkZO3KXlBij/GPXJkhwzZz6rChMrj4vXW5
+ZK2zpCBoomJUHOg1LC4f0gDNWwog62bUCyxzXmIycz+y9n1xn0thBuOjAOQOZ32K
+Og==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://minastudier-test.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://minastudier-test.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://minastudier-test.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://minastudier-test.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://minastudier-test.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://minastudier-test.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://minastudier-test.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://minastudier-test.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://minastudier-test.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://minastudier-test.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://minastudier-test.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://minastudier-test.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://minastudier-test.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://minastudier-test.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://ladok-test.su.se/Shibboleth.sso" xml:base="swamid-1.0/ladok-test.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ladok-test.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ladok-test.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>lpwtool-test-ladok1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lpwtool-test-ladok1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIJAMVcirJT+6VyMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGxwd3Rvb2wtdGVzdC1sYWRvazEuaXQuc3Uuc2UwHhcNMTAwNDE5MTMxMDQ4
+WhcNMjAwNDE2MTMxMDQ4WjAnMSUwIwYDVQQDExxscHd0b29sLXRlc3QtbGFkb2sx
+Lml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ri0W5ti
+3fLLdRMqqHTATq3B5kJ4Ys1pNbq/QXFrBtC6z9cvkkA0Bo4K4rMos5ddrwfkHWI+
+5PFJGRxeJnmzGR4S13pQ2xRTcrUKGxosnfYFUAG0y3ySDUjH/O4eU+nBmqQA5yRQ
+RYZ6O1sBN++soWRPSvDekiN5qUhjIbVKTriMPmgwWgB1NgpBuedU72l2mkakw/Eb
+X8lfkLs3gKlipttf4mHSc1OHrRGFvEfUiXQPtft4TURcSWF2w8ZF7OvOFaytQ5B8
+T1LGXx+meuzw36MSvsWiJ66mLTeCelrQmEIPNyTDU0PR8asUKI6wL3ZqW7fi/QdL
+x+OVozQUqLcpkQIDAQABo0owSDAnBgNVHREEIDAeghxscHd0b29sLXRlc3QtbGFk
+b2sxLml0LnN1LnNlMB0GA1UdDgQWBBTva47ARyx1kRrWDD9X9QK60b14SjANBgkq
+hkiG9w0BAQUFAAOCAQEAkWsA6bZZhjoVIL73BLyQ9vgZ33oey/wed0DzuGAJjJw8
+lFPoS1pO7dhSBGzoAqE6ZQAKgnt/1TERx6QsRCAV7zK2KqxDty+4UbHBgm/44zx/
+0xf68ag4URas3zoVT8iNf0/CcuZAbQ07pDO2fN0utS7vj9XuTyyViu4rMXhilNNw
+q1zkyPJTFmWA+NnWjVQrbM4Z6TJd4ImhLcItPySQDol17n7NCIWOUWIxWGjSX6Xu
+h3J6sZ7bOI4N1bWlNUIKoqzjWniHt0+6VwsmZ+XZOVgNnDkHQmta4y9/jmTbm4Vv
+fPPBQCZRQrV5zV0+mNOLgZEjYh4zXLJOA4dDFYq2gg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>lpwtool-test-ladok1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lpwtool-test-ladok1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIJAMVcirJT+6VyMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGxwd3Rvb2wtdGVzdC1sYWRvazEuaXQuc3Uuc2UwHhcNMTAwNDE5MTMxMDQ4
+WhcNMjAwNDE2MTMxMDQ4WjAnMSUwIwYDVQQDExxscHd0b29sLXRlc3QtbGFkb2sx
+Lml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ri0W5ti
+3fLLdRMqqHTATq3B5kJ4Ys1pNbq/QXFrBtC6z9cvkkA0Bo4K4rMos5ddrwfkHWI+
+5PFJGRxeJnmzGR4S13pQ2xRTcrUKGxosnfYFUAG0y3ySDUjH/O4eU+nBmqQA5yRQ
+RYZ6O1sBN++soWRPSvDekiN5qUhjIbVKTriMPmgwWgB1NgpBuedU72l2mkakw/Eb
+X8lfkLs3gKlipttf4mHSc1OHrRGFvEfUiXQPtft4TURcSWF2w8ZF7OvOFaytQ5B8
+T1LGXx+meuzw36MSvsWiJ66mLTeCelrQmEIPNyTDU0PR8asUKI6wL3ZqW7fi/QdL
+x+OVozQUqLcpkQIDAQABo0owSDAnBgNVHREEIDAeghxscHd0b29sLXRlc3QtbGFk
+b2sxLml0LnN1LnNlMB0GA1UdDgQWBBTva47ARyx1kRrWDD9X9QK60b14SjANBgkq
+hkiG9w0BAQUFAAOCAQEAkWsA6bZZhjoVIL73BLyQ9vgZ33oey/wed0DzuGAJjJw8
+lFPoS1pO7dhSBGzoAqE6ZQAKgnt/1TERx6QsRCAV7zK2KqxDty+4UbHBgm/44zx/
+0xf68ag4URas3zoVT8iNf0/CcuZAbQ07pDO2fN0utS7vj9XuTyyViu4rMXhilNNw
+q1zkyPJTFmWA+NnWjVQrbM4Z6TJd4ImhLcItPySQDol17n7NCIWOUWIxWGjSX6Xu
+h3J6sZ7bOI4N1bWlNUIKoqzjWniHt0+6VwsmZ+XZOVgNnDkHQmta4y9/jmTbm4Vv
+fPPBQCZRQrV5zV0+mNOLgZEjYh4zXLJOA4dDFYq2gg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ladok-test.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ladok-test.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok-test.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok-test.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ladok-test.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ladok-test.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok-test.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok-test.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ladok-test.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ladok-test.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok-test.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ladok-test.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok-test.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ladok-test.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://pp-redtest-admin.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/pp-redtest-admin.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-redtest-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-redtest-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGDCCAgCgAwIBAgIJAN1GOBmzBZpNMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
+BAMTG3BwOS1yZWR0ZXN0LWFkbWluMS5pdC5zdS5zZTAeFw0xMDAyMTExNTQwMTVa
+Fw0yMDAyMDkxNTQwMTVaMCYxJDAiBgNVBAMTG3BwOS1yZWR0ZXN0LWFkbWluMS5p
+dC5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN6wf865wqrS
+IwIxYALKc92Wi4eJNI5IRijMOYZHgzDvoBctTgQL0TG31psv422pUhfHODZDPN3O
+7m1P6YW9G8AcPm07afwibisYNLbntxa6acuAJ4TG1nfphE3YYojP7kLuS5Xbvjcg
+lqIXnnvVm+uP0uNaRK94jwoGFZ73Ljz6lkwsTJjzn5yMQFMBCmbG784ff8PkupxO
+YF3hm74tlm8zqhCzXIcmYU1fja8nXE5HwHdOnmZ+vOlgr9AighEKCxISsMVy4CDK
+l8uZBuw8LBGA75VXPTrjbQ0ZXEQ9Fk2t0LUbGqvcsEVWwNFnYFJgArkzehPcliWS
+t/Gn4WIpu+UCAwEAAaNJMEcwJgYDVR0RBB8wHYIbcHA5LXJlZHRlc3QtYWRtaW4x
+Lml0LnN1LnNlMB0GA1UdDgQWBBRxWsX3MhdfMIRkY57kFibMC0kN7zANBgkqhkiG
+9w0BAQUFAAOCAQEAE87UBt2539lEBTHhpaoqLHcaAwXQBnVyntRVbLY7gaLdLylq
+2Z/6vF/2DA+f3DtqaHMcAJZU2x2osERliG1Uvx5HFiVnJQ+qY+i178Qp4pSsbsPz
+vE1x+TCn61NICuLUAsrjKZGUCcgeDXK01DaP6FfdnEUfhtJQ66kIzNUQW5nHerw/
+MVJeJbX7Rt6bf8LaaIH5wcZW9JeKxXJv23kCRCMMSf4OF9grlVgwrGPknbTxnMgw
+KAeYS6PTinrbpYICMGr819vwLc0UvW7U7jylSpgfROOxIEeQlIJrDGuxBJNkwkq0
+ZM0TPzxYIudNdoRwlCMbewpIpQDmj/DTPkAsKw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-redtest-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-redtest-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGDCCAgCgAwIBAgIJAN1GOBmzBZpNMA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
+BAMTG3BwOS1yZWR0ZXN0LWFkbWluMS5pdC5zdS5zZTAeFw0xMDAyMTExNTQwMTVa
+Fw0yMDAyMDkxNTQwMTVaMCYxJDAiBgNVBAMTG3BwOS1yZWR0ZXN0LWFkbWluMS5p
+dC5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN6wf865wqrS
+IwIxYALKc92Wi4eJNI5IRijMOYZHgzDvoBctTgQL0TG31psv422pUhfHODZDPN3O
+7m1P6YW9G8AcPm07afwibisYNLbntxa6acuAJ4TG1nfphE3YYojP7kLuS5Xbvjcg
+lqIXnnvVm+uP0uNaRK94jwoGFZ73Ljz6lkwsTJjzn5yMQFMBCmbG784ff8PkupxO
+YF3hm74tlm8zqhCzXIcmYU1fja8nXE5HwHdOnmZ+vOlgr9AighEKCxISsMVy4CDK
+l8uZBuw8LBGA75VXPTrjbQ0ZXEQ9Fk2t0LUbGqvcsEVWwNFnYFJgArkzehPcliWS
+t/Gn4WIpu+UCAwEAAaNJMEcwJgYDVR0RBB8wHYIbcHA5LXJlZHRlc3QtYWRtaW4x
+Lml0LnN1LnNlMB0GA1UdDgQWBBRxWsX3MhdfMIRkY57kFibMC0kN7zANBgkqhkiG
+9w0BAQUFAAOCAQEAE87UBt2539lEBTHhpaoqLHcaAwXQBnVyntRVbLY7gaLdLylq
+2Z/6vF/2DA+f3DtqaHMcAJZU2x2osERliG1Uvx5HFiVnJQ+qY+i178Qp4pSsbsPz
+vE1x+TCn61NICuLUAsrjKZGUCcgeDXK01DaP6FfdnEUfhtJQ66kIzNUQW5nHerw/
+MVJeJbX7Rt6bf8LaaIH5wcZW9JeKxXJv23kCRCMMSf4OF9grlVgwrGPknbTxnMgw
+KAeYS6PTinrbpYICMGr819vwLc0UvW7U7jylSpgfROOxIEeQlIJrDGuxBJNkwkq0
+ZM0TPzxYIudNdoRwlCMbewpIpQDmj/DTPkAsKw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pp-redtest-admin.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://cambro-tst1.umdc.umu.se/shibboleth" xml:base="swamid-1.0/cambro-tst1.umdc.umu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>cambro-tst1.umdc.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=cambro-tst1.umdc.umu.se,OU=UMDAC,O=Ume\C3\A5 universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEhzCCA2+gAwIBAgIQNCZ6Wao5rCiMh8bMn8dl9DANBgkqhkiG9w0BAQUFADA2
+MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
+U1NMIENBMB4XDTEwMDEwNDAwMDAwMFoXDTEzMDEwMzIzNTk1OVowWzELMAkGA1UE
+BhMCU0UxGjAYBgNVBAoMEVVtZcOlIHVuaXZlcnNpdGV0MQ4wDAYDVQQLEwVVTURB
+QzEgMB4GA1UEAxMXY2FtYnJvLXRzdDEudW1kYy51bXUuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQD35dREFJcNZx8SrndY6t23IFA+HZPzlqSlYqgb
+sh5Es7k7pg2T0XllCoc8NfJB/g2OtJSVZr3ANKFaIei4q4u/blN3BFwEKQsyXbly
+lqJXKvPlOvyPzmC67vPB+2gWlLAOa2bRpGa/VkUFGis+yk+WITMwfNiHnap/Bq4Q
+gmgH9EgNDssTEHU1CCh7IrUKIpKfQVsoVLUGxoWxYLFMfGhgJfq3OtMQvvydN6hN
+ecvoeVydOvdXegI/OZGxKGGYeiWH3kqMjTmfHzCLnw5YexBr3WHxgoxar2XfQPwB
+I/5wTtVLjQZkF4QoMkP/82Q1MshaPwHpoOV40sQ3nYwgZiFVAgMBAAGjggFqMIIB
+ZjAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQU+HiE
+q3c7HVUR0vHnWLyyDOdQCyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYB
+BAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5h
+Lm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAC
+hilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggr
+BgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwIgYDVR0RBBswGYIX
+Y2FtYnJvLXRzdDEudW1kYy51bXUuc2UwDQYJKoZIhvcNAQEFBQADggEBALzxzMtR
+o8BxLXRi9FB72jRQeNu7KfRgpSrqLmAMlKQRamNl3VjinUOAuNXR7Ri4tKJ+9oAN
+vneP9Hion4ppXksU6OSUE/6zByAdF21zVe62DaczHS77urZMqgXIThDVwl0XOtai
+LlDHkbIs6OVYwrp//pPTNQ/j4GnPZOA1Ghnw+FXRHRLD1sOqZWGkCXzWJETZIH7y
+uBq90+cT5Jw5XHICeLGVy5QipR08cJS7JJTcdVPxDMqgzv0gsgVG7n4GUMkedSmI
+NRAsAsB2WLZT+aJN5LHLkPGEq64W8hV8QPUUZfsIMbnSdwpQNFG5FrA9MwCjQqe5
+n5/yB4LGJWrAQjc=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>cambro-tst1.umdc.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=cambro-tst1.umdc.umu.se,OU=UMDAC,O=Ume\C3\A5 universitet,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEhzCCA2+gAwIBAgIQNCZ6Wao5rCiMh8bMn8dl9DANBgkqhkiG9w0BAQUFADA2
+MQswCQYDVQQGEwJOTDEPMA0GA1UEChMGVEVSRU5BMRYwFAYDVQQDEw1URVJFTkEg
+U1NMIENBMB4XDTEwMDEwNDAwMDAwMFoXDTEzMDEwMzIzNTk1OVowWzELMAkGA1UE
+BhMCU0UxGjAYBgNVBAoMEVVtZcOlIHVuaXZlcnNpdGV0MQ4wDAYDVQQLEwVVTURB
+QzEgMB4GA1UEAxMXY2FtYnJvLXRzdDEudW1kYy51bXUuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQD35dREFJcNZx8SrndY6t23IFA+HZPzlqSlYqgb
+sh5Es7k7pg2T0XllCoc8NfJB/g2OtJSVZr3ANKFaIei4q4u/blN3BFwEKQsyXbly
+lqJXKvPlOvyPzmC67vPB+2gWlLAOa2bRpGa/VkUFGis+yk+WITMwfNiHnap/Bq4Q
+gmgH9EgNDssTEHU1CCh7IrUKIpKfQVsoVLUGxoWxYLFMfGhgJfq3OtMQvvydN6hN
+ecvoeVydOvdXegI/OZGxKGGYeiWH3kqMjTmfHzCLnw5YexBr3WHxgoxar2XfQPwB
+I/5wTtVLjQZkF4QoMkP/82Q1MshaPwHpoOV40sQ3nYwgZiFVAgMBAAGjggFqMIIB
+ZjAfBgNVHSMEGDAWgBQMvZNoDPPeq6NJays3V0fqkOO57TAdBgNVHQ4EFgQU+HiE
+q3c7HVUR0vHnWLyyDOdQCyUwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAw
+HQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBgGA1UdIAQRMA8wDQYLKwYB
+BAGyMQECAh0wOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC50Y3MudGVyZW5h
+Lm9yZy9URVJFTkFTU0xDQS5jcmwwbQYIKwYBBQUHAQEEYTBfMDUGCCsGAQUFBzAC
+hilodHRwOi8vY3J0LnRjcy50ZXJlbmEub3JnL1RFUkVOQVNTTENBLmNydDAmBggr
+BgEFBQcwAYYaaHR0cDovL29jc3AudGNzLnRlcmVuYS5vcmcwIgYDVR0RBBswGYIX
+Y2FtYnJvLXRzdDEudW1kYy51bXUuc2UwDQYJKoZIhvcNAQEFBQADggEBALzxzMtR
+o8BxLXRi9FB72jRQeNu7KfRgpSrqLmAMlKQRamNl3VjinUOAuNXR7Ri4tKJ+9oAN
+vneP9Hion4ppXksU6OSUE/6zByAdF21zVe62DaczHS77urZMqgXIThDVwl0XOtai
+LlDHkbIs6OVYwrp//pPTNQ/j4GnPZOA1Ghnw+FXRHRLD1sOqZWGkCXzWJETZIH7y
+uBq90+cT5Jw5XHICeLGVy5QipR08cJS7JJTcdVPxDMqgzv0gsgVG7n4GUMkedSmI
+NRAsAsB2WLZT+aJN5LHLkPGEq64W8hV8QPUUZfsIMbnSdwpQNFG5FrA9MwCjQqe5
+n5/yB4LGJWrAQjc=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://cambro-tst1.umdc.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://login.proxy.kib.ki.se/shibboleth" xml:base="swamid-1.0/login.proxy.kib.ki.se.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol http://schemas.xmlsoap.org/ws/2003/07/secext">
+ <md:Extensions>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol http://schemas.xmlsoap.org/ws/2003/07/secext" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEcDCCA1igAwIBAgIBCzANBgkqhkiG9w0BAQUFADCBhjEYMBYGA1UEAxMPcHJv
+eHkua2liLmtpLnNlMQswCQYDVQQGEwJTRTEeMBwGA1UEChMVS2Fyb2xpbnNrYSBJ
+bnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxIDAeBgkqhkiG
+9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlMB4XDTEwMDIyNjEzMjE1NloXDTIwMDIy
+NjEzMjE1NlowgYYxGDAWBgNVBAMTD3Byb3h5LmtpYi5raS5zZTELMAkGA1UEBhMC
+U0UxHjAcBgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5J
+VkVSU0lUWSBMSUJSQVJZMSAwHgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAK5QKiARTF50XEK/89+t
+tr8k7WH5Xrsq+3enTBngK7IQeCN7kHIR2OSFlanC2MOi8NiRVlKol0qH/1q+RRR9
+KHd/PGZbsLWZ1LroOgR488MKOkkF0LblnMVDt1V5kLReQSl6H2sKNayFnE22A37G
+mgtgyZ7B0BKYK3zCgNRvTfwuhkQHeNmJtpLyoa6YeSyYEMjQ+PBwvU4MhmsatBgG
+Xu/h/JL7N++BeY7aPPvLm1e0IUum+kqnnJgCdXYwVyw6Wb9wvNwyBsTwYLgiwhS+
+MINIvBjulW4qqpKp0xAdYwju9C9AJRik/7PLCnI5qpXXS62+MmwAW3jz6ryBIt/7
+x+ECAwEAAaOB5jCB4zAdBgNVHQ4EFgQUQkgS+CkU30Ybml3lbFXnt5o1OdkwgbMG
+A1UdIwSBqzCBqIAUQkgS+CkU30Ybml3lbFXnt5o1OdmhgYykgYkwgYYxGDAWBgNV
+BAMTD3Byb3h5LmtpYi5raS5zZTELMAkGA1UEBhMCU0UxHjAcBgNVBAoTFUthcm9s
+aW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMSAw
+HgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZYIBCzAMBgNVHRMEBTADAQH/
+MA0GCSqGSIb3DQEBBQUAA4IBAQBBAZDVdk+gbcH0g5221e6O9krMykXfcnO2Eoe6
+8tRxS43/9VQFLFu+YERrT/au5qvvPxEhWaG8YVXMJcKyN8nywdnov2swu73TjmnC
+0Rq9COqTAbCli5zkpi8A09cUuzshoPAnfbP+zCAGC2Bibfpn26OWwwYZ5Hi+mvUK
+83R4KeTZ1XsjqA80mq2IJTCZ4SivI/EUXR2c/lx9K2FcUgL0SU7hQdkxDuCQSlER
++z254HQ3Bsu/dQR61LpUyKeKnYUvR6Z3eriDI6aaBElRFkmgxjBAmL/esl5lmeg7
+dOkAplPQyOj+P+Uy42rzO3amgl1r/DvYexsSitOdJLqbVOrz
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.proxy.kib.ki.se/Shibboleth.sso/SAML2/POST" index="1" isDefault="true"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://login.proxy.kib.ki.se/Shibboleth.sso/SAML2/Artifact" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://login.proxy.kib.ki.se/Shibboleth.sso/SAML/POST" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://login.proxy.kib.ki.se/Shibboleth.sso/SAML/Artifact" index="4"/>
+ </md:SPSSODescriptor>
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://nordushare-dev.nordu.net/shibboleth" xml:base="swamid-1.0/nordushare-dev.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>nordushare-dev.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=nordushare-dev.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJAJ5ml9hvwGGbMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGG5vcmR1c2hhcmUtZGV2Lm5vcmR1Lm5ldDAeFw0xMDAyMjYwODQyMTBaFw0y
+MDAyMjQwODQyMTBaMCMxITAfBgNVBAMTGG5vcmR1c2hhcmUtZGV2Lm5vcmR1Lm5l
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANU+6XYCTSHlNgtFfmSN
+NFK7rDmwAo+OzunzZzQRHy9VmacRiREBVAa6qy/zR292HAiRg06oU0GCGlRO79pI
+6qTIVKOmDJ+seMzfGQ1E1dgAelort6BHebaifSM0iwacSuooopa0FOHE5usAfx/h
+Mx4iw0zKTZ9zZhRjO4zcxhRuyKjvXYzpYma9QrHDZhqJfy095zFfTwX7gNwk4YNI
+2XLDWDYpwJHXENjzvZ/lU0zugpz0Pe1apC4zsKMdNa3hrkHBRIk03SYJy5553Zii
+vldAxEGZKu2WCRbrh9v8KfyxABPBkzenNN7KQCHPPC5GM3M0hFrOF3es+KTm2S9G
+xPsCAwEAAaNGMEQwIwYDVR0RBBwwGoIYbm9yZHVzaGFyZS1kZXYubm9yZHUubmV0
+MB0GA1UdDgQWBBQ6+ZPltnZEDFIC9fI8qAdsy6y4MjANBgkqhkiG9w0BAQUFAAOC
+AQEAP22l4WOyAUSmws18L3J2GJYkQ1bcpMBhS0XJCFTY+iCrFCPUeXy8EIpSCk0Y
+IWyEeZxt+wzpZnq92+zOOe7Y0WIPpvNW0Xnp/JXsnUwX3C+G8pfzZSjsDbWEUrZW
+ywCKikjjrLEKd7WNeWoiabb8uiyTey3Fn/nAJKWQTzmfAuw3E6qGjWwEKkpKorVM
+S/V9sZaU6cn4DdwUcWYM+fLdoN+guhvq3tcoFaMXqV/h5unfWoLQKv1HU8+fciVu
+ASIdGcirEZCB5YlXPAFo2DLC11SHkDvCXxZY7+lqJVwXJkPbeFHtlXMvluu9vFz8
+KaYlHoIdpaOJncFcM6QJQyZPJQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>nordushare-dev.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=nordushare-dev.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJAJ5ml9hvwGGbMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGG5vcmR1c2hhcmUtZGV2Lm5vcmR1Lm5ldDAeFw0xMDAyMjYwODQyMTBaFw0y
+MDAyMjQwODQyMTBaMCMxITAfBgNVBAMTGG5vcmR1c2hhcmUtZGV2Lm5vcmR1Lm5l
+dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANU+6XYCTSHlNgtFfmSN
+NFK7rDmwAo+OzunzZzQRHy9VmacRiREBVAa6qy/zR292HAiRg06oU0GCGlRO79pI
+6qTIVKOmDJ+seMzfGQ1E1dgAelort6BHebaifSM0iwacSuooopa0FOHE5usAfx/h
+Mx4iw0zKTZ9zZhRjO4zcxhRuyKjvXYzpYma9QrHDZhqJfy095zFfTwX7gNwk4YNI
+2XLDWDYpwJHXENjzvZ/lU0zugpz0Pe1apC4zsKMdNa3hrkHBRIk03SYJy5553Zii
+vldAxEGZKu2WCRbrh9v8KfyxABPBkzenNN7KQCHPPC5GM3M0hFrOF3es+KTm2S9G
+xPsCAwEAAaNGMEQwIwYDVR0RBBwwGoIYbm9yZHVzaGFyZS1kZXYubm9yZHUubmV0
+MB0GA1UdDgQWBBQ6+ZPltnZEDFIC9fI8qAdsy6y4MjANBgkqhkiG9w0BAQUFAAOC
+AQEAP22l4WOyAUSmws18L3J2GJYkQ1bcpMBhS0XJCFTY+iCrFCPUeXy8EIpSCk0Y
+IWyEeZxt+wzpZnq92+zOOe7Y0WIPpvNW0Xnp/JXsnUwX3C+G8pfzZSjsDbWEUrZW
+ywCKikjjrLEKd7WNeWoiabb8uiyTey3Fn/nAJKWQTzmfAuw3E6qGjWwEKkpKorVM
+S/V9sZaU6cn4DdwUcWYM+fLdoN+guhvq3tcoFaMXqV/h5unfWoLQKv1HU8+fciVu
+ASIdGcirEZCB5YlXPAFo2DLC11SHkDvCXxZY7+lqJVwXJkPbeFHtlXMvluu9vFz8
+KaYlHoIdpaOJncFcM6QJQyZPJQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://nordushare-dev.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://mail.dev.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/mail.dev.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mail.dev.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mail.dev.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>webmail-dev-srv1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=webmail-dev-srv1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJAKpJCmpm2q5nMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHdlYm1haWwtZGV2LXNydjEwHhcNMTAwMzAyMDczMDAwWhcNMjAwMjI4MDcz
+MDAwWjAbMRkwFwYDVQQDExB3ZWJtYWlsLWRldi1zcnYxMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA8jIKGF00/h7xjEFMEmRyJMh8ntJJJBbp38Hwj33J
+jKKDKejoTF+uEOmQWg2Kn8GOLopQaI16SAohAHgkphHo8UetzZ9m2djd76foBlJ4
+ySMnQQDFWkvpToh3C+3LTOxcqz31rvf0iRKE4vEAnjPLHYVZfHBKqXc8ycsFS75z
+NibkutNAj0cNNEo20cs7NNUPQBOc+y3ZrYg3+ELHi3WNsv18rAQlag1mwLcj0/Qr
+Lu3uVB9Z/HJAR2Qv4L++LEDhL7DmHGbb8TWpjZ10Ae0pCq0HNbp4oSfo31n3IlXG
+LaeyBkFncOn2sOudPPUpPEVzaWJnvA1YJZexfjxJ95MvwQIDAQABoz4wPDAbBgNV
+HREEFDASghB3ZWJtYWlsLWRldi1zcnYxMB0GA1UdDgQWBBQf/pOG/3h0AZVgav/h
+CG0d1y2BojANBgkqhkiG9w0BAQUFAAOCAQEAbd26umAoeS11OE9RiXi1i6ZKAMfp
+m/rhW1I6FtDRqV544rc6SjYTdu1Q0mM9a1eiz+kF/ZaHWB2F7No/NPzXdrVnr+UA
+BYPevnYKoJ8rTePlqfEXZrveD7GxuEwd8Oviwz3nTQM3MfqQy6AENnJLZwAuNCSy
+JmYhmqlb70OL3eAKu5MM4QHVxEEvPzg+jr7jRjTuIYMukwggYYNZXsB9iY9g7HCI
+YnEqr6njR9Eacsn4PkturCiotvEvUfUwW2owxm7sOmTjbhqi7TOXsVRPuflDyDZk
+WE2N02fJ6075wP/nob3FKT6x2ADcJ5GVMCT2BEC8PNarzmIH3Zct59+k8Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>webmail-dev-srv1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=webmail-dev-srv1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJAKpJCmpm2q5nMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHdlYm1haWwtZGV2LXNydjEwHhcNMTAwMzAyMDczMDAwWhcNMjAwMjI4MDcz
+MDAwWjAbMRkwFwYDVQQDExB3ZWJtYWlsLWRldi1zcnYxMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEA8jIKGF00/h7xjEFMEmRyJMh8ntJJJBbp38Hwj33J
+jKKDKejoTF+uEOmQWg2Kn8GOLopQaI16SAohAHgkphHo8UetzZ9m2djd76foBlJ4
+ySMnQQDFWkvpToh3C+3LTOxcqz31rvf0iRKE4vEAnjPLHYVZfHBKqXc8ycsFS75z
+NibkutNAj0cNNEo20cs7NNUPQBOc+y3ZrYg3+ELHi3WNsv18rAQlag1mwLcj0/Qr
+Lu3uVB9Z/HJAR2Qv4L++LEDhL7DmHGbb8TWpjZ10Ae0pCq0HNbp4oSfo31n3IlXG
+LaeyBkFncOn2sOudPPUpPEVzaWJnvA1YJZexfjxJ95MvwQIDAQABoz4wPDAbBgNV
+HREEFDASghB3ZWJtYWlsLWRldi1zcnYxMB0GA1UdDgQWBBQf/pOG/3h0AZVgav/h
+CG0d1y2BojANBgkqhkiG9w0BAQUFAAOCAQEAbd26umAoeS11OE9RiXi1i6ZKAMfp
+m/rhW1I6FtDRqV544rc6SjYTdu1Q0mM9a1eiz+kF/ZaHWB2F7No/NPzXdrVnr+UA
+BYPevnYKoJ8rTePlqfEXZrveD7GxuEwd8Oviwz3nTQM3MfqQy6AENnJLZwAuNCSy
+JmYhmqlb70OL3eAKu5MM4QHVxEEvPzg+jr7jRjTuIYMukwggYYNZXsB9iY9g7HCI
+YnEqr6njR9Eacsn4PkturCiotvEvUfUwW2owxm7sOmTjbhqi7TOXsVRPuflDyDZk
+WE2N02fJ6075wP/nob3FKT6x2ADcJ5GVMCT2BEC8PNarzmIH3Zct59+k8Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mail.dev.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mail.dev.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mail.dev.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mail.dev.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mail.dev.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mail.dev.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mail.dev.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mail.dev.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mail.dev.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://mail.dev.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mail.dev.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://mail.dev.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mail.dev.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://mail.dev.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://pp-migr-admin.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/pp-migr-admin.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-migr-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-migr-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJAJYnIHUJymP2MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHBwOS1taWdyLWFkbWluMS5pdC5zdS5zZTAeFw0xMDExMTUwODE3MzRaFw0y
+MDExMTIwODE3MzRaMCMxITAfBgNVBAMTGHBwOS1taWdyLWFkbWluMS5pdC5zdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALAlEtcytCR92E2EOJA9
+FDLkLbBVPVylwurcVOr/UohgM3tWKBkNZ/NMTPzsn4t9L3IJMDYz60d5jRHiU9Vr
+XhENl+BmdkMPig+RvdPMG43O2U5rdqFmtJXhJD3YOIu93w2amXeXCMgnVkx3HhA0
+PJzbUu1CN3HKPTv1jcTPRPfZ+7OaPhYrDWOyaqNW7Uqogb7zgYZxCBrKHeCRmIYp
+1afLj9xEdRFm1xnJrOnbimm4CpCOzPH7jddxWJuDPrJ2Ft5RNoiUCtIUdMcZmq2j
+UkTlwiWMuqOu6Wmqd9mLdoDsQ6/P4bysLKbQvt6SU8n8XrH+XGn9K5CqDLQVGmtO
+YgECAwEAAaNGMEQwIwYDVR0RBBwwGoIYcHA5LW1pZ3ItYWRtaW4xLml0LnN1LnNl
+MB0GA1UdDgQWBBQ2WkUmjqZ6M4McKqZFgmCGRguF9zANBgkqhkiG9w0BAQUFAAOC
+AQEAJ+lTSAJhbYDrNKKjhQtvD57/da4FUdYUGAndPM52jti7TB8/Y7ZP8EpczedN
+ZQTu8NJEGIeqiIPhnQoEzbZLxTMWdMxIZoovKHj37PBKkGaPwzsdzYP+f7yTH/4k
+yiGZE4J6ukF4BOtlf29msSylx/R/4B7hYsdix7rwXzvv0cafolTVmREl9knJC+vS
+1MB1E+ARGUpiYXzcjAa31mggc0cVpbvqpK0675jr0zxFBWWV6cNtmAucdyDYHwLj
+jttah1YP2ZgBKT3r0I5TX0xo/LpauRdGaH4YJmVzC48uBHtzC0sfDSVMa7pFVt7a
+8Ob/mCc6LzG3hOkXdqNDD0iuzA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-migr-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-migr-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJAJYnIHUJymP2MA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHBwOS1taWdyLWFkbWluMS5pdC5zdS5zZTAeFw0xMDExMTUwODE3MzRaFw0y
+MDExMTIwODE3MzRaMCMxITAfBgNVBAMTGHBwOS1taWdyLWFkbWluMS5pdC5zdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALAlEtcytCR92E2EOJA9
+FDLkLbBVPVylwurcVOr/UohgM3tWKBkNZ/NMTPzsn4t9L3IJMDYz60d5jRHiU9Vr
+XhENl+BmdkMPig+RvdPMG43O2U5rdqFmtJXhJD3YOIu93w2amXeXCMgnVkx3HhA0
+PJzbUu1CN3HKPTv1jcTPRPfZ+7OaPhYrDWOyaqNW7Uqogb7zgYZxCBrKHeCRmIYp
+1afLj9xEdRFm1xnJrOnbimm4CpCOzPH7jddxWJuDPrJ2Ft5RNoiUCtIUdMcZmq2j
+UkTlwiWMuqOu6Wmqd9mLdoDsQ6/P4bysLKbQvt6SU8n8XrH+XGn9K5CqDLQVGmtO
+YgECAwEAAaNGMEQwIwYDVR0RBBwwGoIYcHA5LW1pZ3ItYWRtaW4xLml0LnN1LnNl
+MB0GA1UdDgQWBBQ2WkUmjqZ6M4McKqZFgmCGRguF9zANBgkqhkiG9w0BAQUFAAOC
+AQEAJ+lTSAJhbYDrNKKjhQtvD57/da4FUdYUGAndPM52jti7TB8/Y7ZP8EpczedN
+ZQTu8NJEGIeqiIPhnQoEzbZLxTMWdMxIZoovKHj37PBKkGaPwzsdzYP+f7yTH/4k
+yiGZE4J6ukF4BOtlf29msSylx/R/4B7hYsdix7rwXzvv0cafolTVmREl9knJC+vS
+1MB1E+ARGUpiYXzcjAa31mggc0cVpbvqpK0675jr0zxFBWWV6cNtmAucdyDYHwLj
+jttah1YP2ZgBKT3r0I5TX0xo/LpauRdGaH4YJmVzC48uBHtzC0sfDSVMa7pFVt7a
+8Ob/mCc6LzG3hOkXdqNDD0iuzA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pp-migr-admin.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://pp-test-admin.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/pp-test-admin.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-test-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-test-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJANQ5Gk+rX2cMMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHBwOS10ZXN0LWFkbWluMS5pdC5zdS5zZTAeFw0xMDA1MjAwNzMxMDRaFw0y
+MDA1MTcwNzMxMDRaMCMxITAfBgNVBAMTGHBwOS10ZXN0LWFkbWluMS5pdC5zdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALL6MQHP8faLRkxQb7jZ
+zGFPlqPyLONhaRH7MhayH6fjp28pPQj65KvoqR8KMEujdYtkugpXd03ZbLOzYcty
+9RXWf29K0BTmb1AcQjqcv4Ciq8Cix4tA6jD3nnuztrrELOmJ5U3pM0ebQystAyoz
+rYZhpdjIynlCcHACoG5dZPS36mhiPYVpAfIcUY2K/zPmLIgwZrsvAl8hRltuClxF
+8ZzWeY04RoXMpOLw6W8l/Yz6d+ioRZxifFt9t3ZvXnI9X6SZQ9rmQi5ii0gF1+xp
+rbrBfmhUTItFLmI1aDUiPWGTLQtwXJcqZdygyCYCSQBVKWT2hX2lW8T7WkXBM6+i
+xdUCAwEAAaNGMEQwIwYDVR0RBBwwGoIYcHA5LXRlc3QtYWRtaW4xLml0LnN1LnNl
+MB0GA1UdDgQWBBTyDEsz2V7ggY9hxIDkjnnlf26n4TANBgkqhkiG9w0BAQUFAAOC
+AQEAGL1UqHFcCT2hJXpot4U8mw6UZjTZdX9tuaMPrl8UrkWG+EJZFUo8nrpH8Pbk
+uwdugFiMmSOwXQoAEB7wKvgQJ/Tbkdw+OIIT62FYXPdEquDuOTeuM8reXN49ZVfO
+bz4duBx6ui5e0o9XdMyxjJpML1kNzrNRJJ9KeKptFfA9Zw0KGjkwTyGDdDlpvd6Z
+SQQJB5ysqsYR9Eq3kkRn7H5hO02Xu+J1EDgC/c0XBSXT9OerLozjUgGuGDI6bsCi
+q1cJ9OonqjbI45FgVw8ubcuDl1SCfN2zVNjZ27ZvRqyzxAl4xa5Bkh6QDhNqbaMd
+HXJSWiUzSKMrriekzJ2y2Pkqng==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-test-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-test-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJANQ5Gk+rX2cMMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHBwOS10ZXN0LWFkbWluMS5pdC5zdS5zZTAeFw0xMDA1MjAwNzMxMDRaFw0y
+MDA1MTcwNzMxMDRaMCMxITAfBgNVBAMTGHBwOS10ZXN0LWFkbWluMS5pdC5zdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALL6MQHP8faLRkxQb7jZ
+zGFPlqPyLONhaRH7MhayH6fjp28pPQj65KvoqR8KMEujdYtkugpXd03ZbLOzYcty
+9RXWf29K0BTmb1AcQjqcv4Ciq8Cix4tA6jD3nnuztrrELOmJ5U3pM0ebQystAyoz
+rYZhpdjIynlCcHACoG5dZPS36mhiPYVpAfIcUY2K/zPmLIgwZrsvAl8hRltuClxF
+8ZzWeY04RoXMpOLw6W8l/Yz6d+ioRZxifFt9t3ZvXnI9X6SZQ9rmQi5ii0gF1+xp
+rbrBfmhUTItFLmI1aDUiPWGTLQtwXJcqZdygyCYCSQBVKWT2hX2lW8T7WkXBM6+i
+xdUCAwEAAaNGMEQwIwYDVR0RBBwwGoIYcHA5LXRlc3QtYWRtaW4xLml0LnN1LnNl
+MB0GA1UdDgQWBBTyDEsz2V7ggY9hxIDkjnnlf26n4TANBgkqhkiG9w0BAQUFAAOC
+AQEAGL1UqHFcCT2hJXpot4U8mw6UZjTZdX9tuaMPrl8UrkWG+EJZFUo8nrpH8Pbk
+uwdugFiMmSOwXQoAEB7wKvgQJ/Tbkdw+OIIT62FYXPdEquDuOTeuM8reXN49ZVfO
+bz4duBx6ui5e0o9XdMyxjJpML1kNzrNRJJ9KeKptFfA9Zw0KGjkwTyGDdDlpvd6Z
+SQQJB5ysqsYR9Eq3kkRn7H5hO02Xu+J1EDgC/c0XBSXT9OerLozjUgGuGDI6bsCi
+q1cJ9OonqjbI45FgVw8ubcuDl1SCfN2zVNjZ27ZvRqyzxAl4xa5Bkh6QDhNqbaMd
+HXJSWiUzSKMrriekzJ2y2Pkqng==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pp-test-admin.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://swamid.user.uu.se/idp/shibboleth" xml:base="swamid-1.0/swamid.user.uu.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">user.uu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMDCCAhigAwIBAgIVAPqNghQPfCgNNR69QmGvhnv2+MJSMA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXN3YW1pZC51c2VyLnV1LnNlMB4XDTEwMDIyMzEyMzg1
+M1oXDTMwMDIyMzEyMzg1M1owHDEaMBgGA1UEAxMRc3dhbWlkLnVzZXIudXUuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0rygeUgY9WEbkLe+IWLwo
+BF1qc8RA0kusBjjaw0Oxz03yxde5xqimaajD4J+qPIusKiyxTbc+9EwbNuuqFjxd
+u8orHU1rm+yMsMqnNOC1SQWEkMIVEPs4H4x6oVmKptDiXiY7yRhA0cRXr5RHulbw
+W2JCV+2yjOYlbacHJilmq2Qne6jqfcGpeFkNrNJsQrPTF396s3xt2+47GKpDC96U
+Ts8/3S2B9IWGnhdTTPSzk71bIClX+rPlGoK2mtfZ83SNJO5/vWze7Onslp5hfYxY
+gseuGLf1knlRLAVAeY7mbbwdNVUa/0MM0aRYp5N7XLRhUL2rHE7n/mX25k1S5pnT
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXN3YW1pZC51c2VyLnV1LnNlhihodHRwczov
+L3N3YW1pZC51c2VyLnV1LnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRF76Ds
+kiLuwuqhAdDXiefnXgsEeTANBgkqhkiG9w0BAQUFAAOCAQEAVkgHOAmDQh0f85ZQ
+qkuSu8h3RYKWbd/bPGDRtoJuoo/AM3OHAo2iMndMNS37B0MF0ethPU3t5mjHl+gx
+HDHEdG/3q2daaPLeehp46CXR1QLyYYB32pJpZyf85lCmtdXf8UZC682n3gYCL2k0
+Lg5a8sRosZsnCPolLGLyy9OPcmjTQPQhO7QHH6fMjm3ob3Hyfdbuyw/J/CRJp8Rj
+lC2c5ZX/5/3+uelyIlLOK5N1daJ3oYtSooXIkaAa8GRQR6C/UAfrp41cBuclYRzW
+L+FrdTBecYrIv0m4n8mAdQeJPBH7G/4mg+FFHS8gqf97m3JPwtGlF10V5KVt5jhl
+2DlT+A==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://swamid.user.uu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://swamid.user.uu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://swamid.user.uu.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://swamid.user.uu.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://swamid.user.uu.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://swamid.user.uu.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">user.uu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMDCCAhigAwIBAgIVAPqNghQPfCgNNR69QmGvhnv2+MJSMA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXN3YW1pZC51c2VyLnV1LnNlMB4XDTEwMDIyMzEyMzg1
+M1oXDTMwMDIyMzEyMzg1M1owHDEaMBgGA1UEAxMRc3dhbWlkLnVzZXIudXUuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC0rygeUgY9WEbkLe+IWLwo
+BF1qc8RA0kusBjjaw0Oxz03yxde5xqimaajD4J+qPIusKiyxTbc+9EwbNuuqFjxd
+u8orHU1rm+yMsMqnNOC1SQWEkMIVEPs4H4x6oVmKptDiXiY7yRhA0cRXr5RHulbw
+W2JCV+2yjOYlbacHJilmq2Qne6jqfcGpeFkNrNJsQrPTF396s3xt2+47GKpDC96U
+Ts8/3S2B9IWGnhdTTPSzk71bIClX+rPlGoK2mtfZ83SNJO5/vWze7Onslp5hfYxY
+gseuGLf1knlRLAVAeY7mbbwdNVUa/0MM0aRYp5N7XLRhUL2rHE7n/mX25k1S5pnT
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXN3YW1pZC51c2VyLnV1LnNlhihodHRwczov
+L3N3YW1pZC51c2VyLnV1LnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRF76Ds
+kiLuwuqhAdDXiefnXgsEeTANBgkqhkiG9w0BAQUFAAOCAQEAVkgHOAmDQh0f85ZQ
+qkuSu8h3RYKWbd/bPGDRtoJuoo/AM3OHAo2iMndMNS37B0MF0ethPU3t5mjHl+gx
+HDHEdG/3q2daaPLeehp46CXR1QLyYYB32pJpZyf85lCmtdXf8UZC682n3gYCL2k0
+Lg5a8sRosZsnCPolLGLyy9OPcmjTQPQhO7QHH6fMjm3ob3Hyfdbuyw/J/CRJp8Rj
+lC2c5ZX/5/3+uelyIlLOK5N1daJ3oYtSooXIkaAa8GRQR6C/UAfrp41cBuclYRzW
+L+FrdTBecYrIv0m4n8mAdQeJPBH7G/4mg+FFHS8gqf97m3JPwtGlF10V5KVt5jhl
+2DlT+A==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://swamid.user.uu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://swamid.user.uu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Uppsala universitet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Uppsala universitet</Company>
+ <SurName>AKKA SAML2</SurName>
+ <EmailAddress>akka-datordrift@its.uu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://webmail-dev-srv2.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/webmail-dev-srv2.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>webmail-dev-srv2.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=webmail-dev-srv2.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIJALp+sr3Pr96pMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
+BAMTGXdlYm1haWwtZGV2LXNydjIuaXQuc3Uuc2UwHhcNMTAwMzAyMDc1MjEwWhcN
+MjAwMjI4MDc1MjEwWjAkMSIwIAYDVQQDExl3ZWJtYWlsLWRldi1zcnYyLml0LnN1
+LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMz6uJQDRCaETSuq
+ya8uJgK4Sy1P1TRbbPayGTObjPWk7DTCYHzd6mBFQCvMCNIvTq7lAcmAQ6eEq0Ln
+dEAEo3FuAAG2Lu6oGqsWARE8IMZ1UuzQCAjze1+j+62dmUsjzEdFCrnAy6CHfKNd
+jQDI3kCwB1FDvhnZWSrqF1L5Yxnzv0ohGROtRmcaHSpntQmgY+r8Urz58Cy6oaHy
+gPc6WTc6yfiF/XlgnirfEkBOm6i5PgwxhGmcz7jDLO40vO5LFWf/ttib8N905Y7+
++CYX7c20BcPAoaOA/SYztNE98CwqZQnABsiNwLSHGc1gOSjkYc8z8GFdI0gv05u1
+HFofxQIDAQABo0cwRTAkBgNVHREEHTAbghl3ZWJtYWlsLWRldi1zcnYyLml0LnN1
+LnNlMB0GA1UdDgQWBBSZtidZF1rfzZB5N3s/E9w+U6fVoTANBgkqhkiG9w0BAQUF
+AAOCAQEAkjoohGmdeQfalFNCY/i4SAudAFFCGYQ9HwA/Dq/ZM+I4yBxpYjPq//OZ
+JAgHWz3bDLd5u/5CavQAGY21pbyXbnKL7fXbVUzYn4cKBgoQoKTB+ja2aqh1UYZn
+Py1uT0M5e4g7Y8eXmqVCPslQizLa4e8ew32tkfLzvXwSGmtBBhP79xpfpsggQUGo
+nkkP4dgzSjmBMhH8Z1Jc13+FXoO/+pW1a4k0oqf9YEQ6aHjEIdB/yIP/HW7fJoOh
+O0HYCI3P0UnD/cvmWnXoM1moAkYdI1h3M/szMDeQIlVtS5C7q3CDbtzZZSjJixks
+M68Zm8v+/f6e/B+eW86E3k5xASEq0A==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>webmail-dev-srv2.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=webmail-dev-srv2.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDEjCCAfqgAwIBAgIJALp+sr3Pr96pMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNV
+BAMTGXdlYm1haWwtZGV2LXNydjIuaXQuc3Uuc2UwHhcNMTAwMzAyMDc1MjEwWhcN
+MjAwMjI4MDc1MjEwWjAkMSIwIAYDVQQDExl3ZWJtYWlsLWRldi1zcnYyLml0LnN1
+LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoMz6uJQDRCaETSuq
+ya8uJgK4Sy1P1TRbbPayGTObjPWk7DTCYHzd6mBFQCvMCNIvTq7lAcmAQ6eEq0Ln
+dEAEo3FuAAG2Lu6oGqsWARE8IMZ1UuzQCAjze1+j+62dmUsjzEdFCrnAy6CHfKNd
+jQDI3kCwB1FDvhnZWSrqF1L5Yxnzv0ohGROtRmcaHSpntQmgY+r8Urz58Cy6oaHy
+gPc6WTc6yfiF/XlgnirfEkBOm6i5PgwxhGmcz7jDLO40vO5LFWf/ttib8N905Y7+
++CYX7c20BcPAoaOA/SYztNE98CwqZQnABsiNwLSHGc1gOSjkYc8z8GFdI0gv05u1
+HFofxQIDAQABo0cwRTAkBgNVHREEHTAbghl3ZWJtYWlsLWRldi1zcnYyLml0LnN1
+LnNlMB0GA1UdDgQWBBSZtidZF1rfzZB5N3s/E9w+U6fVoTANBgkqhkiG9w0BAQUF
+AAOCAQEAkjoohGmdeQfalFNCY/i4SAudAFFCGYQ9HwA/Dq/ZM+I4yBxpYjPq//OZ
+JAgHWz3bDLd5u/5CavQAGY21pbyXbnKL7fXbVUzYn4cKBgoQoKTB+ja2aqh1UYZn
+Py1uT0M5e4g7Y8eXmqVCPslQizLa4e8ew32tkfLzvXwSGmtBBhP79xpfpsggQUGo
+nkkP4dgzSjmBMhH8Z1Jc13+FXoO/+pW1a4k0oqf9YEQ6aHjEIdB/yIP/HW7fJoOh
+O0HYCI3P0UnD/cvmWnXoM1moAkYdI1h3M/szMDeQIlVtS5C7q3CDbtzZZSjJixks
+M68Zm8v+/f6e/B+eW86E3k5xASEq0A==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://webmail-dev-srv2.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://mail.su.se/Shibboleth.sso" xml:base="swamid-1.0/mail.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mail.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mail.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>roundcube-prod-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=roundcube-prod-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJAKyIh2gmx83lMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE3JvdW5kY3ViZS1wcm9kLWFwcDEwHhcNMTAwMzEwMDY1MDEwWhcNMjAwMzA3
+MDY1MDEwWjAeMRwwGgYDVQQDExNyb3VuZGN1YmUtcHJvZC1hcHAxMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQcHsxKbp/6oebHTLXzdUJ3beXgI66UD
++IMz3ltFPXKNjEOmBZbSUsRHiXyqMXXypqkHTufMDdDzGp8KQ81xUOSm16N4EYG5
+N33zwCw699XkW49FEmlMbJ1r6L88GGOTOVqFnk7geH+Hn7VI3/c3gjjO8L3qsv7R
+gDo6eULIUzRR29df7jowa8fjSvB6tOebxoED2SlYZeslxSIMcSjGzfo6byZlfFvo
+fJFxFefcHBV73Ez0YWL0nQiyOFfKNluLVW3W4Sp8GrCDbT64ye3Pymuj0fXRmMTl
+ABwcJUWojXGV1oRk8pnyws7kYlYwSLSYA9KOg48OQSbGrzcfSYAicQIDAQABo0Ew
+PzAeBgNVHREEFzAVghNyb3VuZGN1YmUtcHJvZC1hcHAxMB0GA1UdDgQWBBQkl1j6
+iaF51HGr51+b9C6U4zYwpzANBgkqhkiG9w0BAQUFAAOCAQEAS2UGp0Tx4abtIYaK
+PmoBv63ynkPHkumYgkhO81aHGAcrgpAENHtGOUHVMnQ+dry+joasnxBps97mKlGO
+xNPGHi4js6lBauyW6UoK1bwEaJXugEwEBE0HXfarmiwRPXXBzIZlimYtmAxRyx4E
+nc8VVfNxoWyrR2g/SI3G2CFRST+o2Lx78D4suv75mY4YwLFxBs40Jy3R7TiOo5PL
+RgQ1tCNvR9FBFaPiO2lw+8eTurIoDP3zmIs7XmuF5iB+1SI3T+1PRWY+z0j48OeK
+Uv08MaF6TarxsVvf1bmG5pJEQjKKU4LzQLP/cV9FAj1bWn9nWy5sw88rYdh7JOtj
+pCVWIw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>roundcube-prod-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=roundcube-prod-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJAKyIh2gmx83lMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE3JvdW5kY3ViZS1wcm9kLWFwcDEwHhcNMTAwMzEwMDY1MDEwWhcNMjAwMzA3
+MDY1MDEwWjAeMRwwGgYDVQQDExNyb3VuZGN1YmUtcHJvZC1hcHAxMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQcHsxKbp/6oebHTLXzdUJ3beXgI66UD
++IMz3ltFPXKNjEOmBZbSUsRHiXyqMXXypqkHTufMDdDzGp8KQ81xUOSm16N4EYG5
+N33zwCw699XkW49FEmlMbJ1r6L88GGOTOVqFnk7geH+Hn7VI3/c3gjjO8L3qsv7R
+gDo6eULIUzRR29df7jowa8fjSvB6tOebxoED2SlYZeslxSIMcSjGzfo6byZlfFvo
+fJFxFefcHBV73Ez0YWL0nQiyOFfKNluLVW3W4Sp8GrCDbT64ye3Pymuj0fXRmMTl
+ABwcJUWojXGV1oRk8pnyws7kYlYwSLSYA9KOg48OQSbGrzcfSYAicQIDAQABo0Ew
+PzAeBgNVHREEFzAVghNyb3VuZGN1YmUtcHJvZC1hcHAxMB0GA1UdDgQWBBQkl1j6
+iaF51HGr51+b9C6U4zYwpzANBgkqhkiG9w0BAQUFAAOCAQEAS2UGp0Tx4abtIYaK
+PmoBv63ynkPHkumYgkhO81aHGAcrgpAENHtGOUHVMnQ+dry+joasnxBps97mKlGO
+xNPGHi4js6lBauyW6UoK1bwEaJXugEwEBE0HXfarmiwRPXXBzIZlimYtmAxRyx4E
+nc8VVfNxoWyrR2g/SI3G2CFRST+o2Lx78D4suv75mY4YwLFxBs40Jy3R7TiOo5PL
+RgQ1tCNvR9FBFaPiO2lw+8eTurIoDP3zmIs7XmuF5iB+1SI3T+1PRWY+z0j48OeK
+Uv08MaF6TarxsVvf1bmG5pJEQjKKU4LzQLP/cV9FAj1bWn9nWy5sw88rYdh7JOtj
+pCVWIw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mail.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mail.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mail.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mail.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mail.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mail.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mail.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mail.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mail.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://mail.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mail.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://mail.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mail.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://mail.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://support.it.secure.su.se/Shibboleth.sso" xml:base="swamid-1.0/support.it.secure.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://support.it.secure.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://support.it.secure.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>supportit-prod-app1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=supportit-prod-app1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIJANT23oxa4A86MA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHHN1cHBvcnRpdC1wcm9kLWFwcDEuaXQuc3Uuc2UwHhcNMTAwMzExMDk0NzEz
+WhcNMjAwMzA4MDk0NzEzWjAnMSUwIwYDVQQDExxzdXBwb3J0aXQtcHJvZC1hcHAx
+Lml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+UtpFP+x
+eC81djzXndqD3wGoZY/AVtkiyYP8F+rlWLqxUkNHw3hDmFjArWZAwzrNQT6Jo8Rq
+co8DHsNZokm6OoXzQdOSJ0ckljIPn9ea8PkBktKtPL9hNaR68iPRMOdJ0gQcn2wY
+/J2CcLbkKJfzjs25q8vkwR8NXGGcQUQ79FZFXpDs3/UTy8AjsjLpNAia+xZHlWdO
+619lnoa5I7ANAOG+P7TsqkUwtfMjO/51Dlvq8MMlqL4auld4TdrObnhDSTT7aFd4
+Gtt5UprItI0KQKMleuQk2BJm0TPX7F2/tf/Ez8EwN6ZtQjsc3jXy9RzukkHOt8BG
+ic2uk9KD4C9f+QIDAQABo0owSDAnBgNVHREEIDAeghxzdXBwb3J0aXQtcHJvZC1h
+cHAxLml0LnN1LnNlMB0GA1UdDgQWBBS9GNy2tiFiOMGG2G9Aa2g7lsM5ZjANBgkq
+hkiG9w0BAQUFAAOCAQEAV8KaoFGpV5FdowTXvscg/Hk8g6a3mGxVA5mq3lzA6K/a
+ftbQNyPN5jdQeW4Wy8M2oA9obQ16WeyI3YGn7RmQmwa0A84ss+38iTUF0o1wdECo
+thfIy5ZLEa1kPaOs047NmGBjg+txMPwOfbnc3gf34wLPHN9/pIhjhsvbD6zAdiyK
+5NTrLiKAnKEI/HdnpfsNqRdVoMAY7cAt8f1kKLgH2UHQvzIxbhnMAhSCsgVg4Aal
+uVAIccVdQXVsYL2fLNAVxt5Awluzm8FoXML9hgUPPJKmaVm1uT5EgFgll1KqBEsq
+MH+bmY3vESNhlGQNW4l11NqUtJ0P1EYReOOsEuT01g==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>supportit-prod-app1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=supportit-prod-app1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIJANT23oxa4A86MA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHHN1cHBvcnRpdC1wcm9kLWFwcDEuaXQuc3Uuc2UwHhcNMTAwMzExMDk0NzEz
+WhcNMjAwMzA4MDk0NzEzWjAnMSUwIwYDVQQDExxzdXBwb3J0aXQtcHJvZC1hcHAx
+Lml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+UtpFP+x
+eC81djzXndqD3wGoZY/AVtkiyYP8F+rlWLqxUkNHw3hDmFjArWZAwzrNQT6Jo8Rq
+co8DHsNZokm6OoXzQdOSJ0ckljIPn9ea8PkBktKtPL9hNaR68iPRMOdJ0gQcn2wY
+/J2CcLbkKJfzjs25q8vkwR8NXGGcQUQ79FZFXpDs3/UTy8AjsjLpNAia+xZHlWdO
+619lnoa5I7ANAOG+P7TsqkUwtfMjO/51Dlvq8MMlqL4auld4TdrObnhDSTT7aFd4
+Gtt5UprItI0KQKMleuQk2BJm0TPX7F2/tf/Ez8EwN6ZtQjsc3jXy9RzukkHOt8BG
+ic2uk9KD4C9f+QIDAQABo0owSDAnBgNVHREEIDAeghxzdXBwb3J0aXQtcHJvZC1h
+cHAxLml0LnN1LnNlMB0GA1UdDgQWBBS9GNy2tiFiOMGG2G9Aa2g7lsM5ZjANBgkq
+hkiG9w0BAQUFAAOCAQEAV8KaoFGpV5FdowTXvscg/Hk8g6a3mGxVA5mq3lzA6K/a
+ftbQNyPN5jdQeW4Wy8M2oA9obQ16WeyI3YGn7RmQmwa0A84ss+38iTUF0o1wdECo
+thfIy5ZLEa1kPaOs047NmGBjg+txMPwOfbnc3gf34wLPHN9/pIhjhsvbD6zAdiyK
+5NTrLiKAnKEI/HdnpfsNqRdVoMAY7cAt8f1kKLgH2UHQvzIxbhnMAhSCsgVg4Aal
+uVAIccVdQXVsYL2fLNAVxt5Awluzm8FoXML9hgUPPJKmaVm1uT5EgFgll1KqBEsq
+MH+bmY3vESNhlGQNW4l11NqUtJ0P1EYReOOsEuT01g==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://support.it.secure.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://support.it.secure.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://support.it.secure.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://support.it.secure.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://support.it.secure.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://support.it.secure.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://support.it.secure.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://support.it.secure.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://support.it.secure.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://support.it.secure.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://support.it.secure.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://support.it.secure.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://support.it.secure.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://support.it.secure.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://sp.tools.sunet.se/shibboleth" xml:base="swamid-1.0/tools.sunet.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://tools.sunet.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>sampo.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sampo.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJAI+J1ypxJJViMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDnNhbXBvLnN1bmV0LnNlMB4XDTEwMDMxNjEyNDg0NloXDTIwMDMxMzEyNDg0
+NlowGTEXMBUGA1UEAxMOc2FtcG8uc3VuZXQuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC/ptcTBImyhr19TLXOQ3D2TmMvIVPY1o1xcFiqUPdQrsPV
+N/gNBH296AKnnrNvD5q6fCDug6I08VwiBa5FFtzcUAT7bMf0Vgvh4Cnun3PiHnTJ
+AWfdI6yuSXyf3rIiUcJAXQWpNkR1vbl7w18GiU21T7GFjUTcXsr1vsLpdaWG4+/I
+IYpZmK3CtQcI7Rv/uCQLRVWdOzp3Ds/TRmXeF4q7QV17nEnz/02WOaEZsCJurPOg
+sgzgemBXd8VE/vobqYTfn7yUvmgJKcHFpVqwwkIoVyNoVoIKBjiKYbRjuXThdDfp
+EYv5gtevD6szDBRNskTrzbPWpXnA/yne8yaspNgrAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDnNhbXBvLnN1bmV0LnNlMB0GA1UdDgQWBBT5t2mmKUW7CUXjzz7ewQVxdSMf
+mjANBgkqhkiG9w0BAQUFAAOCAQEALmHceqzrAarhcb7qAc8RfR3sezshQhMd6roh
+L3xFzwkAHeUnw4ZbMkbvnl+R8LUrbJRiLEPFFtNbUqa68TcS3c/B2dDK+qpbu6nC
+jBc2tZW8Nz9ZCfxArqLn6WfJGg4Yhgo9OlfJxZbmdc0Ld0tp0d/F2FHYkVc1SbXk
+VWCSzQ48/y05mpXMcbhdp5PJuLOfX1R6VFvu04oWuA1J9NN03IYF5DwqupZIhN7i
+3+2PmYs4x/dZ1/1cYva9JUCwffmjo7sx6LbedNkKYQL/skTlL8CHo9snghUSYJSZ
+XyNIJHaDalIvdnrWnQFVketJt+fje9CgALP1Btsk1g0AyD7tYw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>sampo.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sampo.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJAI+J1ypxJJViMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDnNhbXBvLnN1bmV0LnNlMB4XDTEwMDMxNjEyNDg0NloXDTIwMDMxMzEyNDg0
+NlowGTEXMBUGA1UEAxMOc2FtcG8uc3VuZXQuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQC/ptcTBImyhr19TLXOQ3D2TmMvIVPY1o1xcFiqUPdQrsPV
+N/gNBH296AKnnrNvD5q6fCDug6I08VwiBa5FFtzcUAT7bMf0Vgvh4Cnun3PiHnTJ
+AWfdI6yuSXyf3rIiUcJAXQWpNkR1vbl7w18GiU21T7GFjUTcXsr1vsLpdaWG4+/I
+IYpZmK3CtQcI7Rv/uCQLRVWdOzp3Ds/TRmXeF4q7QV17nEnz/02WOaEZsCJurPOg
+sgzgemBXd8VE/vobqYTfn7yUvmgJKcHFpVqwwkIoVyNoVoIKBjiKYbRjuXThdDfp
+EYv5gtevD6szDBRNskTrzbPWpXnA/yne8yaspNgrAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDnNhbXBvLnN1bmV0LnNlMB0GA1UdDgQWBBT5t2mmKUW7CUXjzz7ewQVxdSMf
+mjANBgkqhkiG9w0BAQUFAAOCAQEALmHceqzrAarhcb7qAc8RfR3sezshQhMd6roh
+L3xFzwkAHeUnw4ZbMkbvnl+R8LUrbJRiLEPFFtNbUqa68TcS3c/B2dDK+qpbu6nC
+jBc2tZW8Nz9ZCfxArqLn6WfJGg4Yhgo9OlfJxZbmdc0Ld0tp0d/F2FHYkVc1SbXk
+VWCSzQ48/y05mpXMcbhdp5PJuLOfX1R6VFvu04oWuA1J9NN03IYF5DwqupZIhN7i
+3+2PmYs4x/dZ1/1cYva9JUCwffmjo7sx6LbedNkKYQL/skTlL8CHo9snghUSYJSZ
+XyNIJHaDalIvdnrWnQFVketJt+fje9CgALP1Btsk1g0AyD7tYw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://tools.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tools.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tools.sunet.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tools.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://tools.sunet.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://tools.sunet.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tools.sunet.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tools.sunet.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://tools.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://tools.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://tools.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://tools.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tools.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://tools.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://shibboleth.slu.se/idp/shibboleth" xml:base="swamid-1.0/shibboleth.slu.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">slu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMDCCAhigAwIBAgIVAJgPjWyV8mnw8Zm9lp8a5mHvQve+MA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXNoaWJib2xldGguc2x1LnNlMB4XDTEwMDMxNjExNDAy
+MVoXDTMwMDMxNjExNDAyMVowHDEaMBgGA1UEAxMRc2hpYmJvbGV0aC5zbHUuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvQU5k1AvEYedH5FYRuklo
+9wfvfTc5yHnA2NE7mFmnLqYyNhacWsb5kl53TCvHhCUh1RmTwPxDtOgAi1YmyF1X
+On/U3SPOOm3FVqDbmGOZIiYD2+R2LhvifGXvVXNvE0rJR4aK02C4cmVaxJCSpVfI
++dGBECEVvzaFy3zQEZmOyeiClFaDKlwLEBj1qWSUWWhMeryYLbNUHiR+5NznHqeB
+RfFPExXbTfjSgUXiq3c7w80AUUC8zAjxo8oQCRoCvmvhT38McCUustziUPzc6/UC
+M2h+eET25OoCCkC5/VPyfTWHfzTOTDasMvny3Jp5fASZ0JxPKAVtU+7arPBf1FmN
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXNoaWJib2xldGguc2x1LnNlhihodHRwczov
+L3NoaWJib2xldGguc2x1LnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBTDGADa
+Hy53hIGPonu2OOONEh54YDANBgkqhkiG9w0BAQUFAAOCAQEAiDlmcUcHOV/GYog4
+UlB4NsZfcfARpmNeR16jmbfXBX5gmwKAlltqUZhhKB89qPCOv/cKjlBXga3Ypdqd
+nZa7NobQlyVsJgBUB82Nh8RRsGB0jaHpAXC48ey5sKqcpVQnCcKG51svYkQHmNRD
++jza1oyX/wZLjk4whkJm0ef7vToN8xd/cYc0EyfqN7VSDXMdVUtzJDd298CGNx6Q
+Xr7EfTMM2MhwKghEOOn25472fguv+kLwaEpOWKKR5vzYPcH5kpYC29CeHCnnHrJv
+sAvj1/KeSjxuQ71kHH8n7cxIqUc+MeHZXAANL9fqDkfeT4L6RStHNUpNCVS9se5b
+xpmbgA==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.slu.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.slu.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.slu.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.slu.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth.slu.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.slu.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">slu.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMDCCAhigAwIBAgIVAJgPjWyV8mnw8Zm9lp8a5mHvQve+MA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXNoaWJib2xldGguc2x1LnNlMB4XDTEwMDMxNjExNDAy
+MVoXDTMwMDMxNjExNDAyMVowHDEaMBgGA1UEAxMRc2hpYmJvbGV0aC5zbHUuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvQU5k1AvEYedH5FYRuklo
+9wfvfTc5yHnA2NE7mFmnLqYyNhacWsb5kl53TCvHhCUh1RmTwPxDtOgAi1YmyF1X
+On/U3SPOOm3FVqDbmGOZIiYD2+R2LhvifGXvVXNvE0rJR4aK02C4cmVaxJCSpVfI
++dGBECEVvzaFy3zQEZmOyeiClFaDKlwLEBj1qWSUWWhMeryYLbNUHiR+5NznHqeB
+RfFPExXbTfjSgUXiq3c7w80AUUC8zAjxo8oQCRoCvmvhT38McCUustziUPzc6/UC
+M2h+eET25OoCCkC5/VPyfTWHfzTOTDasMvny3Jp5fASZ0JxPKAVtU+7arPBf1FmN
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXNoaWJib2xldGguc2x1LnNlhihodHRwczov
+L3NoaWJib2xldGguc2x1LnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBTDGADa
+Hy53hIGPonu2OOONEh54YDANBgkqhkiG9w0BAQUFAAOCAQEAiDlmcUcHOV/GYog4
+UlB4NsZfcfARpmNeR16jmbfXBX5gmwKAlltqUZhhKB89qPCOv/cKjlBXga3Ypdqd
+nZa7NobQlyVsJgBUB82Nh8RRsGB0jaHpAXC48ey5sKqcpVQnCcKG51svYkQHmNRD
++jza1oyX/wZLjk4whkJm0ef7vToN8xd/cYc0EyfqN7VSDXMdVUtzJDd298CGNx6Q
+Xr7EfTMM2MhwKghEOOn25472fguv+kLwaEpOWKKR5vzYPcH5kpYC29CeHCnnHrJv
+sAvj1/KeSjxuQ71kHH8n7cxIqUc+MeHZXAANL9fqDkfeT4L6RStHNUpNCVS9se5b
+xpmbgA==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.slu.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.slu.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">SLU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Sveriges Lantbruksuniversitet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.slu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Yngve</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>yngve.johansson@sogeti.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://publications.ki.se/shibboleth" xml:base="swamid-1.0/publications.ki.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>publications.ki.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=ubitdos@kib.ki.se,CN=publications.ki.se,OU=UNIVERSITY LIBRARY,O=Karolinska Institutet,L=Solna,ST=Some-State,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIE+jCCA+KgAwIBAgIJAOQykWZUCZpqMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
+VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAc
+BgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lU
+WSBMSUJSQVJZMRswGQYDVQQDExJwdWJsaWNhdGlvbnMua2kuc2UxIDAeBgkqhkiG
+9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlMB4XDTEwMDMyMzE1MzQ0OFoXDTIwMDMy
+MDE1MzQ0OFowga4xCzAJBgNVBAYTAlNFMRMwEQYDVQQIEwpTb21lLVN0YXRlMQ4w
+DAYDVQQHEwVTb2xuYTEeMBwGA1UEChMVS2Fyb2xpbnNrYSBJbnN0aXR1dGV0MRsw
+GQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxGzAZBgNVBAMTEnB1YmxpY2F0aW9u
+cy5raS5zZTEgMB4GCSqGSIb3DQEJARYRdWJpdGRvc0BraWIua2kuc2UwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC11ax7K5PjR3GFpvzT37OKa1ycH3Rt
+z0GNApRMQtS7x9q1wgRjA3dqdTSIIJettkBgyEUOfB0f1MgcaMtaNIPhDJfMCqdr
+Q6dPKp+F0b7P7jWezyWNt8gVKXSOaeJYjze56zURO+MK8CA4sTpttqgcOOv5pnhN
+wyEuYmQBYtKGvcH13jJPStsQ+s5LZ9NX/5gV64DrRI4s64d9r0FH78lHzkM2TqHI
+0ce2KeZdn3AgXy1tOW58nUKVlUNgsFZyg/GH0ICZ08tOo1YHWBu1iuZQrzfKI655
+j8R4gElSbT+Sp770OoC9qgoBsQQdh3N/Pj+/RvgSTMG3cOmtIlNu/YjpAgMBAAGj
+ggEXMIIBEzAdBgNVHQ4EFgQUjs01iDGc22yXqpCThMLfgM12WCAwgeMGA1UdIwSB
+2zCB2IAUjs01iDGc22yXqpCThMLfgM12WCChgbSkgbEwga4xCzAJBgNVBAYTAlNF
+MRMwEQYDVQQIEwpTb21lLVN0YXRlMQ4wDAYDVQQHEwVTb2xuYTEeMBwGA1UEChMV
+S2Fyb2xpbnNrYSBJbnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJB
+UlkxGzAZBgNVBAMTEnB1YmxpY2F0aW9ucy5raS5zZTEgMB4GCSqGSIb3DQEJARYR
+dWJpdGRvc0BraWIua2kuc2WCCQDkMpFmVAmaajAMBgNVHRMEBTADAQH/MA0GCSqG
+SIb3DQEBBQUAA4IBAQBcI4P5JLCJuTCKie7Ze/NucF3tBgcXllnSYo7z4NSafr0i
+CrsoBPoxg1Sr7cFXSCRWLUr7Di2WfdQLrn3ZY1sPTYKWlgEmWVYFiSph2HYv04L9
+I72Jn8DLvaNCqew7KYgCODkSFRUFxzGDlWho0cXHMwP31/dEVEa2mUwmMEzG+ScQ
+DII+Op9QBwqJ7VgT7RLwhH6txbcicwNdfQYktXy/C7ysmUAS6XW1vE3H3LDd6Oc5
+98OMIxMcebzCxLN0jT93KgoWEq2eaGQi0h4TPZ7ZGmCkVQICVvSNjEKguACD/j9o
+ryntMn54coBlF2Vqrm4Fa2XUyUIkurCv3FZtdN5W
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>publications.ki.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=ubitdos@kib.ki.se,CN=publications.ki.se,OU=UNIVERSITY LIBRARY,O=Karolinska Institutet,L=Solna,ST=Some-State,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIE+jCCA+KgAwIBAgIJAOQykWZUCZpqMA0GCSqGSIb3DQEBBQUAMIGuMQswCQYD
+VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAc
+BgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lU
+WSBMSUJSQVJZMRswGQYDVQQDExJwdWJsaWNhdGlvbnMua2kuc2UxIDAeBgkqhkiG
+9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlMB4XDTEwMDMyMzE1MzQ0OFoXDTIwMDMy
+MDE1MzQ0OFowga4xCzAJBgNVBAYTAlNFMRMwEQYDVQQIEwpTb21lLVN0YXRlMQ4w
+DAYDVQQHEwVTb2xuYTEeMBwGA1UEChMVS2Fyb2xpbnNrYSBJbnN0aXR1dGV0MRsw
+GQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxGzAZBgNVBAMTEnB1YmxpY2F0aW9u
+cy5raS5zZTEgMB4GCSqGSIb3DQEJARYRdWJpdGRvc0BraWIua2kuc2UwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC11ax7K5PjR3GFpvzT37OKa1ycH3Rt
+z0GNApRMQtS7x9q1wgRjA3dqdTSIIJettkBgyEUOfB0f1MgcaMtaNIPhDJfMCqdr
+Q6dPKp+F0b7P7jWezyWNt8gVKXSOaeJYjze56zURO+MK8CA4sTpttqgcOOv5pnhN
+wyEuYmQBYtKGvcH13jJPStsQ+s5LZ9NX/5gV64DrRI4s64d9r0FH78lHzkM2TqHI
+0ce2KeZdn3AgXy1tOW58nUKVlUNgsFZyg/GH0ICZ08tOo1YHWBu1iuZQrzfKI655
+j8R4gElSbT+Sp770OoC9qgoBsQQdh3N/Pj+/RvgSTMG3cOmtIlNu/YjpAgMBAAGj
+ggEXMIIBEzAdBgNVHQ4EFgQUjs01iDGc22yXqpCThMLfgM12WCAwgeMGA1UdIwSB
+2zCB2IAUjs01iDGc22yXqpCThMLfgM12WCChgbSkgbEwga4xCzAJBgNVBAYTAlNF
+MRMwEQYDVQQIEwpTb21lLVN0YXRlMQ4wDAYDVQQHEwVTb2xuYTEeMBwGA1UEChMV
+S2Fyb2xpbnNrYSBJbnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJB
+UlkxGzAZBgNVBAMTEnB1YmxpY2F0aW9ucy5raS5zZTEgMB4GCSqGSIb3DQEJARYR
+dWJpdGRvc0BraWIua2kuc2WCCQDkMpFmVAmaajAMBgNVHRMEBTADAQH/MA0GCSqG
+SIb3DQEBBQUAA4IBAQBcI4P5JLCJuTCKie7Ze/NucF3tBgcXllnSYo7z4NSafr0i
+CrsoBPoxg1Sr7cFXSCRWLUr7Di2WfdQLrn3ZY1sPTYKWlgEmWVYFiSph2HYv04L9
+I72Jn8DLvaNCqew7KYgCODkSFRUFxzGDlWho0cXHMwP31/dEVEa2mUwmMEzG+ScQ
+DII+Op9QBwqJ7VgT7RLwhH6txbcicwNdfQYktXy/C7ysmUAS6XW1vE3H3LDd6Oc5
+98OMIxMcebzCxLN0jT93KgoWEq2eaGQi0h4TPZ7ZGmCkVQICVvSNjEKguACD/j9o
+ryntMn54coBlF2Vqrm4Fa2XUyUIkurCv3FZtdN5W
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://publications.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://publications.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://publications.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://publications.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://publications.ki.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://publications.ki.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://publications.ki.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://publications.ki.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://publications.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://publications.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://publications.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://publications.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://publications.ki.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://publications.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://pp-prod-admin.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/pp-prod-admin.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-prod-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-prod-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJAP8sLfGcmOsKMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHBwOS1wcm9kLWFkbWluMS5pdC5zdS5zZTAeFw0xMDAzMjQxNDI3NDZaFw0y
+MDAzMjExNDI3NDZaMCMxITAfBgNVBAMTGHBwOS1wcm9kLWFkbWluMS5pdC5zdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46VBP4Q6f64DXTcKyC
+FIiKOP8CoTJy20kwZiizykrePVnSyZfAms8Zgksy2NlzLfpvDSD+wk37BbDPn1jA
+8suMqozWIFXLb+/DtT+MLmpaHOVE8vPKTHUPNh6dT4F8eOU4fBX5Ug+QYgmbWBUg
+UPuAyjyRIuV26kN0goFV7DQvuDzUoaOUEpGKu8Tt7pHOd7XFUB1ygN8cuozrCq7O
+/JLzOC2rPJR2UGmll+1f7AcJj43/ZTc05iNZQzKBZQRFUNlUElZHwDcmBZv8LNNx
+BC7tq5wzsFX51r6sW43hV7VFs9RYkWvO7lQ8lLaHa/kunM/FkmDkJEUi9TkdQJXl
+ZMUCAwEAAaNGMEQwIwYDVR0RBBwwGoIYcHA5LXByb2QtYWRtaW4xLml0LnN1LnNl
+MB0GA1UdDgQWBBR/UfLUcj9RRmh5gSsPauIy0Ytn5zANBgkqhkiG9w0BAQUFAAOC
+AQEAU07b1XSnv4SfdqKprvAqpP/4zCArsdJyOy+nBI03r9KRBxu1eU2zuVgg9DJ6
+u/nc+176NUFRta9BwOJ53ioffGkVep/8P4g3HLp/EtpxJpycgIweJ62Ydo8JOAzO
+MJXHSjF8CqVQse22yntqU43cQuDwQB3VF5+un2gvJ34al942iqz1CnRTRsSFF6Dg
+GkfLyE/a/WBCcaQYdjI3ZSOyDrH8qDqVx9zzgYdILFHC3/9Ed+0mkV7VqvAeSsFb
+yogOGjGfiq+FxU4S3pDLXKObqfMiGTnVF6HgKD1a/F6yk6iypZjpO1hG7cfQP2bC
+3kwqqXGjzwCQvYBoTqQwTDdO3A==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-prod-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-prod-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDzCCAfegAwIBAgIJAP8sLfGcmOsKMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNV
+BAMTGHBwOS1wcm9kLWFkbWluMS5pdC5zdS5zZTAeFw0xMDAzMjQxNDI3NDZaFw0y
+MDAzMjExNDI3NDZaMCMxITAfBgNVBAMTGHBwOS1wcm9kLWFkbWluMS5pdC5zdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN46VBP4Q6f64DXTcKyC
+FIiKOP8CoTJy20kwZiizykrePVnSyZfAms8Zgksy2NlzLfpvDSD+wk37BbDPn1jA
+8suMqozWIFXLb+/DtT+MLmpaHOVE8vPKTHUPNh6dT4F8eOU4fBX5Ug+QYgmbWBUg
+UPuAyjyRIuV26kN0goFV7DQvuDzUoaOUEpGKu8Tt7pHOd7XFUB1ygN8cuozrCq7O
+/JLzOC2rPJR2UGmll+1f7AcJj43/ZTc05iNZQzKBZQRFUNlUElZHwDcmBZv8LNNx
+BC7tq5wzsFX51r6sW43hV7VFs9RYkWvO7lQ8lLaHa/kunM/FkmDkJEUi9TkdQJXl
+ZMUCAwEAAaNGMEQwIwYDVR0RBBwwGoIYcHA5LXByb2QtYWRtaW4xLml0LnN1LnNl
+MB0GA1UdDgQWBBR/UfLUcj9RRmh5gSsPauIy0Ytn5zANBgkqhkiG9w0BAQUFAAOC
+AQEAU07b1XSnv4SfdqKprvAqpP/4zCArsdJyOy+nBI03r9KRBxu1eU2zuVgg9DJ6
+u/nc+176NUFRta9BwOJ53ioffGkVep/8P4g3HLp/EtpxJpycgIweJ62Ydo8JOAzO
+MJXHSjF8CqVQse22yntqU43cQuDwQB3VF5+un2gvJ34al942iqz1CnRTRsSFF6Dg
+GkfLyE/a/WBCcaQYdjI3ZSOyDrH8qDqVx9zzgYdILFHC3/9Ed+0mkV7VqvAeSsFb
+yogOGjGfiq+FxU4S3pDLXKObqfMiGTnVF6HgKD1a/F6yk6iypZjpO1hG7cfQP2bC
+3kwqqXGjzwCQvYBoTqQwTDdO3A==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pp-prod-admin.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://pp-redmigr-admin.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/pp-redmigr-admin.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-redmigr-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-redmigr-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGDCCAgCgAwIBAgIJAPjBkccnPmL8MA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
+BAMTG3BwOS1yZWRtaWdyLWFkbWluMS5pdC5zdS5zZTAeFw0xMDAzMzAxNTA5NDda
+Fw0yMDAzMjcxNTA5NDdaMCYxJDAiBgNVBAMTG3BwOS1yZWRtaWdyLWFkbWluMS5p
+dC5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN0tKl0WTMBq
+dyKpQZ3yQmkftM0VCDayH8qLRVdwIfJQGsb4FH1JY1bBxFo7MAYyNQdVo/ZjPWgc
+uxlnLMpWNwIKq4ppKGB+tz7zJ0DnPLjVM3DZhkedKr5aMqb+GkWouWS7NefBI0Ur
+79CMk9VSNu4LtL8gkdt9Sa6ZiMhNXY7UvAjk6zYD9m6Aq2LTd2OJNemXRdTS6BJN
+KdQS/GrUN34xdWtiJpP73FB6LEZ/Zr0COAqDYjC8trfPLjHgrBlys7Vz2NtInepM
+lutsmgsCDkZmw4E7ER+rnG8p4k+QHNYyW3wuJ+IXEiD5kCwc9DPtwmU5n43OOVm2
+v9arg0mH6AUCAwEAAaNJMEcwJgYDVR0RBB8wHYIbcHA5LXJlZG1pZ3ItYWRtaW4x
+Lml0LnN1LnNlMB0GA1UdDgQWBBRN8FcDcUnWdavUqpTCcyShocucpjANBgkqhkiG
+9w0BAQUFAAOCAQEANeuBGDI/Seh1/8M/ZDEXKEtSzZkMH2yTjpyVsq5wT8AJyRhG
+hpVqWzjRPTOjoHsBvSxdBEIcp55PonshjsKao9Ml80f4HRO0TYOyLqcEmSjE2/ja
+7BG2MBLqkTuynDbcEaElvwq/ISIi2QV4SCjEPClSromna6RlA1SfXxnD2aP8Sy/9
+dzuDa2tLHOGU23V6aKCzU+EPmMtqxKQiF+PH8aK/zW3ZrFhlslQh02ghh3sH+3n8
+tYKKiqdfhZMEf4oZur0E33RdJGW1nXbzqN4pXXS4kAzEIZoViyEz2/dy14YNrCzX
+gJIKAMgGoZsdVnA8bUktfVlibXOxBDcIRLeEgA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>pp9-redmigr-admin1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pp9-redmigr-admin1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGDCCAgCgAwIBAgIJAPjBkccnPmL8MA0GCSqGSIb3DQEBBQUAMCYxJDAiBgNV
+BAMTG3BwOS1yZWRtaWdyLWFkbWluMS5pdC5zdS5zZTAeFw0xMDAzMzAxNTA5NDda
+Fw0yMDAzMjcxNTA5NDdaMCYxJDAiBgNVBAMTG3BwOS1yZWRtaWdyLWFkbWluMS5p
+dC5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN0tKl0WTMBq
+dyKpQZ3yQmkftM0VCDayH8qLRVdwIfJQGsb4FH1JY1bBxFo7MAYyNQdVo/ZjPWgc
+uxlnLMpWNwIKq4ppKGB+tz7zJ0DnPLjVM3DZhkedKr5aMqb+GkWouWS7NefBI0Ur
+79CMk9VSNu4LtL8gkdt9Sa6ZiMhNXY7UvAjk6zYD9m6Aq2LTd2OJNemXRdTS6BJN
+KdQS/GrUN34xdWtiJpP73FB6LEZ/Zr0COAqDYjC8trfPLjHgrBlys7Vz2NtInepM
+lutsmgsCDkZmw4E7ER+rnG8p4k+QHNYyW3wuJ+IXEiD5kCwc9DPtwmU5n43OOVm2
+v9arg0mH6AUCAwEAAaNJMEcwJgYDVR0RBB8wHYIbcHA5LXJlZG1pZ3ItYWRtaW4x
+Lml0LnN1LnNlMB0GA1UdDgQWBBRN8FcDcUnWdavUqpTCcyShocucpjANBgkqhkiG
+9w0BAQUFAAOCAQEANeuBGDI/Seh1/8M/ZDEXKEtSzZkMH2yTjpyVsq5wT8AJyRhG
+hpVqWzjRPTOjoHsBvSxdBEIcp55PonshjsKao9Ml80f4HRO0TYOyLqcEmSjE2/ja
+7BG2MBLqkTuynDbcEaElvwq/ISIi2QV4SCjEPClSromna6RlA1SfXxnD2aP8Sy/9
+dzuDa2tLHOGU23V6aKCzU+EPmMtqxKQiF+PH8aK/zW3ZrFhlslQh02ghh3sH+3n8
+tYKKiqdfhZMEf4oZur0E33RdJGW1nXbzqN4pXXS4kAzEIZoViyEz2/dy14YNrCzX
+gJIKAMgGoZsdVnA8bUktfVlibXOxBDcIRLeEgA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://pp-redmigr-admin.it.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://brainstorm.swami.se/shibboleth" xml:base="swamid-1.0/brainstorm.swami.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://brainstorm.swamid.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>brainstorm.swami.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=brainstorm.swami.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDFTCCAf2gAwIBAgIJAO3qLFI/wxugMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2JyYWluc3Rvcm0uc3dhbWkuc2UwHhcNMTAwNDA5MTI0ODM2WhcNMjAwNDA2
+MTI0ODM2WjAeMRwwGgYDVQQDExNicmFpbnN0b3JtLnN3YW1pLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H5P1dRFYDCim0NWC4i0vT4iosyrhquG
+hSdvTXDOocdO4RhVuRasBXhV/1l0RU9Pfv2Z3H5AzceMnDz2fdBa+k25k+kCj1MC
+LkgZ8/fscLrsVPB5jyOw8CR849US4kwLT2lc5mRUpx+Z+yiTQrLoQ51YSt4c36p+
+KkaKmPA49QwYpYinjT5He553Un++O7erSYq2Euhq9nhgN42EoIItVcBcNrmPRzP9
+nCO/8jFLYRN5KCEJGsXf5131M+21S9lbxObANgqlNRFPtq+fAJb8ZeLbmLYY0giv
+aS4QswuzxzoRGNkQUmj5vCdD+Cl+aE5WWPXr/em4VbiteBdSeINAWQIDAQABo1Yw
+VDAzBgNVHREELDAqghNicmFpbnN0b3JtLnN3YW1pLnNlhhNicmFpbnN0b3JtLnN3
+YW1pLnNlMB0GA1UdDgQWBBSKEWDNIMXPNdeLGCnG+tHAd7O1RTANBgkqhkiG9w0B
+AQUFAAOCAQEAr2cfn+EqNXLVqYBOgImm0WxSiONcVSGC9e7G969D7hh4YIl6orx1
++sA+2qY5Bz06xIbCgzOIdNkuLSLsRCCayNrGaYpUmt12FA/nSw1AY3h5bJQCyU0u
++6d2/SB5WFgD4GAQSzuDEtE4VSgdEc0RRvzdijMEQdmFNNeXu3yXKWgb/chW3XzI
+XuhEAr6Wl4spIiTspgdOFCsSCASndaq+0F+MSKNvmx5RcJ5K/AZRzHw37JjvOUfc
+i9PxrmWNpope+nuhMyHOvZfJwujustm1QIqAsAlotmHOdCyUl2nt+qAvD4WwjBqM
+qaUNxvQRc9GY/GbtcpYRxQJSnCsSKsQjAw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>brainstorm.swami.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=brainstorm.swami.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDFTCCAf2gAwIBAgIJAO3qLFI/wxugMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2JyYWluc3Rvcm0uc3dhbWkuc2UwHhcNMTAwNDA5MTI0ODM2WhcNMjAwNDA2
+MTI0ODM2WjAeMRwwGgYDVQQDExNicmFpbnN0b3JtLnN3YW1pLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3H5P1dRFYDCim0NWC4i0vT4iosyrhquG
+hSdvTXDOocdO4RhVuRasBXhV/1l0RU9Pfv2Z3H5AzceMnDz2fdBa+k25k+kCj1MC
+LkgZ8/fscLrsVPB5jyOw8CR849US4kwLT2lc5mRUpx+Z+yiTQrLoQ51YSt4c36p+
+KkaKmPA49QwYpYinjT5He553Un++O7erSYq2Euhq9nhgN42EoIItVcBcNrmPRzP9
+nCO/8jFLYRN5KCEJGsXf5131M+21S9lbxObANgqlNRFPtq+fAJb8ZeLbmLYY0giv
+aS4QswuzxzoRGNkQUmj5vCdD+Cl+aE5WWPXr/em4VbiteBdSeINAWQIDAQABo1Yw
+VDAzBgNVHREELDAqghNicmFpbnN0b3JtLnN3YW1pLnNlhhNicmFpbnN0b3JtLnN3
+YW1pLnNlMB0GA1UdDgQWBBSKEWDNIMXPNdeLGCnG+tHAd7O1RTANBgkqhkiG9w0B
+AQUFAAOCAQEAr2cfn+EqNXLVqYBOgImm0WxSiONcVSGC9e7G969D7hh4YIl6orx1
++sA+2qY5Bz06xIbCgzOIdNkuLSLsRCCayNrGaYpUmt12FA/nSw1AY3h5bJQCyU0u
++6d2/SB5WFgD4GAQSzuDEtE4VSgdEc0RRvzdijMEQdmFNNeXu3yXKWgb/chW3XzI
+XuhEAr6Wl4spIiTspgdOFCsSCASndaq+0F+MSKNvmx5RcJ5K/AZRzHw37JjvOUfc
+i9PxrmWNpope+nuhMyHOvZfJwujustm1QIqAsAlotmHOdCyUl2nt+qAvD4WwjBqM
+qaUNxvQRc9GY/GbtcpYRxQJSnCsSKsQjAw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://brainstorm.swami.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://brainstorm.swami.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://brainstorm.swami.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://brainstorm.swami.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://brainstorm.swami.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://brainstorm.swami.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://brainstorm.swami.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://brainstorm.swami.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://brainstorm.swami.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://brainstorm.swami.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://brainstorm.swami.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://brainstorm.swami.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://brainstorm.swami.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://brainstorm.swami.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://kib.ki.se/shibboleth" xml:base="swamid-1.0/kib.ki.se.xml">
+
+ <md:SPSSODescriptor AuthnRequestsSigned="1" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>kib.ki.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=ubitdos@kib.ki.se,CN=kib.ki.se,OU=UNIVERSITY LIBRARY,O=Karolinska Institutet,ST=Some-State,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIErTCCA5WgAwIBAgIJAIP5IJyNmoXHMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYD
+VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEeMBwGA1UEChMVS2Fyb2xpbnNr
+YSBJbnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxEjAQBgNV
+BAMTCWtpYi5raS5zZTEgMB4GCSqGSIb3DQEJARYRdWJpdGRvc0BraWIua2kuc2Uw
+HhcNMTAwNDA4MTQ0NTQyWhcNMjAwNDA1MTQ0NTQyWjCBlTELMAkGA1UEBhMCU0Ux
+EzARBgNVBAgTClNvbWUtU3RhdGUxHjAcBgNVBAoTFUthcm9saW5za2EgSW5zdGl0
+dXRldDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMRIwEAYDVQQDEwlraWIu
+a2kuc2UxIDAeBgkqhkiG9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgHthwONaQo7EerGZrGRIxlzO3thkapS
++Xox9pt6u5M+8zAuaWnbNHNk2XFqEEntdBYG5lRmo8/EQub+OVdYwHH4uS9mLvMw
+mdBz0oKBuwPetI1PNdqJTOIMKjpsZfl/njK8A0oGZsLiDmhG1ljvFHvPK2vEo80Y
+i4piBqz7eY8ZNxtRjaROffKlnBWY971x19vFmB44xjjsDM1hiqYqOBg2IJLB4l3P
+IKJnwE9yViJKpJ0s2jIszmZ5KrgKEIplPlhPKTerl0PKUVzbYPqlTvd2d9vOaBkb
+ObcgJJiF5RR0quc/PbvFDtY2UlU9RBTVGEOlTyyTzyjVLpKHkhQNQwIDAQABo4H9
+MIH6MB0GA1UdDgQWBBRMUMeg+dfam+KBl786R+VVPe4kvzCBygYDVR0jBIHCMIG/
+gBRMUMeg+dfam+KBl786R+VVPe4kv6GBm6SBmDCBlTELMAkGA1UEBhMCU0UxEzAR
+BgNVBAgTClNvbWUtU3RhdGUxHjAcBgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRl
+dDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMRIwEAYDVQQDEwlraWIua2ku
+c2UxIDAeBgkqhkiG9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlggkAg/kgnI2ahccw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEARHxhA4kny2w4qiKh+wMt
+TwZXFCIk+RQeRtlw9ezzOf+W76A1uPTtjy3ARSN7tAKE6BDxnTetSdu7GfzhH/6B
++xJBxzBfUGFUlgkKLQoA2dOhyUUgxeay++ZL0Od0kJp+aucqhoBQVyfd0PcF4nzL
+ZTecLXwI2vQ4CFoZ8FvDu3bZ6GxWn8vkkinz3HuryBrDl2QXV7SlYgZY/J1cwOYA
+n9fNo1Prk/zTGOghvZYonL1S2LMpNuvB4ek+eH9J/kd9T0xkeDPmDzzDc4Fmptdd
+0u4/ZRFwT4KBe4fzj5hzGhrcvNz/8PAcnB1l7tck4rsDWDJfXjbQD3ehtMkWJxbA
+qQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>kib.ki.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=ubitdos@kib.ki.se,CN=kib.ki.se,OU=UNIVERSITY LIBRARY,O=Karolinska Institutet,ST=Some-State,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIErTCCA5WgAwIBAgIJAIP5IJyNmoXHMA0GCSqGSIb3DQEBBQUAMIGVMQswCQYD
+VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEeMBwGA1UEChMVS2Fyb2xpbnNr
+YSBJbnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxEjAQBgNV
+BAMTCWtpYi5raS5zZTEgMB4GCSqGSIb3DQEJARYRdWJpdGRvc0BraWIua2kuc2Uw
+HhcNMTAwNDA4MTQ0NTQyWhcNMjAwNDA1MTQ0NTQyWjCBlTELMAkGA1UEBhMCU0Ux
+EzARBgNVBAgTClNvbWUtU3RhdGUxHjAcBgNVBAoTFUthcm9saW5za2EgSW5zdGl0
+dXRldDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMRIwEAYDVQQDEwlraWIu
+a2kuc2UxIDAeBgkqhkiG9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgHthwONaQo7EerGZrGRIxlzO3thkapS
++Xox9pt6u5M+8zAuaWnbNHNk2XFqEEntdBYG5lRmo8/EQub+OVdYwHH4uS9mLvMw
+mdBz0oKBuwPetI1PNdqJTOIMKjpsZfl/njK8A0oGZsLiDmhG1ljvFHvPK2vEo80Y
+i4piBqz7eY8ZNxtRjaROffKlnBWY971x19vFmB44xjjsDM1hiqYqOBg2IJLB4l3P
+IKJnwE9yViJKpJ0s2jIszmZ5KrgKEIplPlhPKTerl0PKUVzbYPqlTvd2d9vOaBkb
+ObcgJJiF5RR0quc/PbvFDtY2UlU9RBTVGEOlTyyTzyjVLpKHkhQNQwIDAQABo4H9
+MIH6MB0GA1UdDgQWBBRMUMeg+dfam+KBl786R+VVPe4kvzCBygYDVR0jBIHCMIG/
+gBRMUMeg+dfam+KBl786R+VVPe4kv6GBm6SBmDCBlTELMAkGA1UEBhMCU0UxEzAR
+BgNVBAgTClNvbWUtU3RhdGUxHjAcBgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRl
+dDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMRIwEAYDVQQDEwlraWIua2ku
+c2UxIDAeBgkqhkiG9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlggkAg/kgnI2ahccw
+DAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEARHxhA4kny2w4qiKh+wMt
+TwZXFCIk+RQeRtlw9ezzOf+W76A1uPTtjy3ARSN7tAKE6BDxnTetSdu7GfzhH/6B
++xJBxzBfUGFUlgkKLQoA2dOhyUUgxeay++ZL0Od0kJp+aucqhoBQVyfd0PcF4nzL
+ZTecLXwI2vQ4CFoZ8FvDu3bZ6GxWn8vkkinz3HuryBrDl2QXV7SlYgZY/J1cwOYA
+n9fNo1Prk/zTGOghvZYonL1S2LMpNuvB4ek+eH9J/kd9T0xkeDPmDzzDc4Fmptdd
+0u4/ZRFwT4KBe4fzj5hzGhrcvNz/8PAcnB1l7tck4rsDWDJfXjbQD3ehtMkWJxbA
+qQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kib.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kib.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kib.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kib.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kib.ki.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kib.ki.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kib.ki.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kib.ki.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kib.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kib.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kib.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kib.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kib.ki.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kib.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://beta.lobber.se/shibboleth" xml:base="swamid-1.0/beta.lobber.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>beta.lobber.se</ds:KeyName>
+ <ds:KeyName>https://beta.lobber.se/shibboleth-sp</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=beta.lobber.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDFzCCAf+gAwIBAgIJAK3WrSSve3L0MA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDmJldGEubG9iYmVyLnNlMB4XDTEwMDQxNjA4MzUyNVoXDTIwMDQxMzA4MzUy
+NVowGTEXMBUGA1UEAxMOYmV0YS5sb2JiZXIuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDUL7NU/brgRsoszEetP0BPY9XcmjSY9BymFpvOn09zLvoY
+JDUgRa5Y54ob3vZZ6dkIBhqZulbTM1/8OMyOFk3zL/SkJJK4Ga7xVelT3JdQGwIU
+TvSuxg2p8CXVijurqVtYp8wWsVyelrpLiQh1X7JSqLlSordJBsFJrKlj7Y8eTqy6
+CuEaWXV4E6pqTmlM2Q+WILSG0G7j8YYw9FVlzTDaF5xM4FhQsYa3DWHNZUZlmB/E
+BBUJmcPpZCDOQP/n5dZnQrDQYSuDudy3UpkuHQHf4B8yiffdOKMFzHcTfQDuMJXw
+h6sA5Xrq1WpsOwn9kgONyDm8ML3IFJC3AYLOLvfdAgMBAAGjYjBgMD8GA1UdEQQ4
+MDaCDmJldGEubG9iYmVyLnNlhiRodHRwczovL2JldGEubG9iYmVyLnNlL3NoaWJi
+b2xldGgtc3AwHQYDVR0OBBYEFEWVLP4kBg/gV79XUV32F6dX7kKBMA0GCSqGSIb3
+DQEBBQUAA4IBAQA666NJBd3xPuNy6PRToyJvGmltOxIsn2HFHANX5xqc7GK9v6vw
+zVhVTpx64sZFC6/B/laF9RNmtr9IxiI2wk43ZkdFtoADGlXMKevQ4+CjdLbqb4VP
+TisAp2vpojnlXtmdj3UCzOmiMjgLlRQY8WN1/vMVBNeYKtJSyXfl4mWVNUTBxnAq
+D46Wa7GYLUVqlWdkWDHBznr4QA4MRxhJDOsm9aVVDq4yAOwCQrHdY+xDokcx4mdN
+5dNwkP7gqpYuryKTfnI32kaRKL+kMXotFg6r+qAaIEo67D3LMnWJE75aZb16HVwz
+/MAyn2Vwd/VAgvtvblNu62vT9+d6mW7zQqTZ
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>beta.lobber.se</ds:KeyName>
+ <ds:KeyName>https://beta.lobber.se/shibboleth-sp</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=beta.lobber.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDFzCCAf+gAwIBAgIJAK3WrSSve3L0MA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDmJldGEubG9iYmVyLnNlMB4XDTEwMDQxNjA4MzUyNVoXDTIwMDQxMzA4MzUy
+NVowGTEXMBUGA1UEAxMOYmV0YS5sb2JiZXIuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDUL7NU/brgRsoszEetP0BPY9XcmjSY9BymFpvOn09zLvoY
+JDUgRa5Y54ob3vZZ6dkIBhqZulbTM1/8OMyOFk3zL/SkJJK4Ga7xVelT3JdQGwIU
+TvSuxg2p8CXVijurqVtYp8wWsVyelrpLiQh1X7JSqLlSordJBsFJrKlj7Y8eTqy6
+CuEaWXV4E6pqTmlM2Q+WILSG0G7j8YYw9FVlzTDaF5xM4FhQsYa3DWHNZUZlmB/E
+BBUJmcPpZCDOQP/n5dZnQrDQYSuDudy3UpkuHQHf4B8yiffdOKMFzHcTfQDuMJXw
+h6sA5Xrq1WpsOwn9kgONyDm8ML3IFJC3AYLOLvfdAgMBAAGjYjBgMD8GA1UdEQQ4
+MDaCDmJldGEubG9iYmVyLnNlhiRodHRwczovL2JldGEubG9iYmVyLnNlL3NoaWJi
+b2xldGgtc3AwHQYDVR0OBBYEFEWVLP4kBg/gV79XUV32F6dX7kKBMA0GCSqGSIb3
+DQEBBQUAA4IBAQA666NJBd3xPuNy6PRToyJvGmltOxIsn2HFHANX5xqc7GK9v6vw
+zVhVTpx64sZFC6/B/laF9RNmtr9IxiI2wk43ZkdFtoADGlXMKevQ4+CjdLbqb4VP
+TisAp2vpojnlXtmdj3UCzOmiMjgLlRQY8WN1/vMVBNeYKtJSyXfl4mWVNUTBxnAq
+D46Wa7GYLUVqlWdkWDHBznr4QA4MRxhJDOsm9aVVDq4yAOwCQrHdY+xDokcx4mdN
+5dNwkP7gqpYuryKTfnI32kaRKL+kMXotFg6r+qAaIEo67D3LMnWJE75aZb16HVwz
+/MAyn2Vwd/VAgvtvblNu62vT9+d6mW7zQqTZ
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://beta.lobber.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://beta.lobber.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://beta.lobber.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://beta.lobber.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://beta.lobber.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://beta.lobber.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://beta.lobber.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://beta.lobber.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://beta.lobber.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://beta.lobber.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://beta.lobber.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://beta.lobber.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://beta.lobber.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://beta.lobber.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="en">SUNET Lobber (BETA)</md:ServiceName>
+ <md:ServiceDescription xml:lang="en">SUNET Lobber (BETA) - a BitTorrent data distribution service</md:ServiceDescription>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:0.9.2342.19200300.100.1.3"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.42"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.4"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.7"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.his.se/idp/shibboleth" xml:base="swamid-1.0/idp.his.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">his.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFDCCAfygAwIBAgIVAOlJBVpaMgEd+tU+i5F9QK3R5+6IMA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5oaXMuc2UwHhcNMTAwNDE0MTIxNTI0WhcNMzAw
+NDE0MTIxNTI0WjAVMRMwEQYDVQQDEwppZHAuaGlzLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAm+RktUz4LD4GyD5AIBsAfy40Z7mZvYdKdCaTWAmd
+WucpWyu/0H2J3SFtXgOGedzgWjm7nbTmrnZHB87zc/yVuGdtpebq4Ye0XdBLg2A4
+H43lyPdknzQDxD035wzfcyi6/+PRzTK0jucR9KGtEPkNhPg0ziAbHggROKQ1ylNd
+RAul/8b2wDOA4yzBvO4FYFQj+H9bgge869M65P5f/AdBZAWtXy0Ox4G+2ysZfOSi
+7rGMyiX1/s+hgLO2AdosfAnQkKUOax3YsyRzyqbCu8PHEuDciwI2y968Kuq7kv7J
+7vMbZmPLcO4mLjsRnxrfyKlGG+Jpg0BGxRlMlmKn79kdEwIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAuaGlzLnNlhiFodHRwczovL2lkcC5oaXMuc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFE1bH9W+VqwoZnGTvPca0DNTcLL3MA0GCSqGSIb3DQEB
+BQUAA4IBAQBUX+vjv7eCQRljAwrRjH8jNoJyUwMIjQsyStbHM7A5y7+MIdOjBELv
+eNYBKGHHEMOiPiB0uPPFrgdN82q8l3PCcYMAYO6aWcwBJsHTpcEBx0lVa4OmW0/r
+Bc4RC+rrqNNf8XkYQnD80Px3ncb0OfXmNwSLnLDIKOoQq7hh4DGY73K66vi0sSor
+9e7hji23KpjhR2vPqmiNAvJuEMzDolB3hn2oz+rWfwynb85vFAghd4gJxTMPzsUj
+hNY1IDFKGebFhCWmlG7MMPDm/omu6mBurSE9EAhVTretr0YXxmkfFrOvDysPOYWj
+drVlFNv2EtdNX1C9u3EJYqslqtyXv2nZ
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.his.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.his.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.his.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.his.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.his.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.his.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">his.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFDCCAfygAwIBAgIVAOlJBVpaMgEd+tU+i5F9QK3R5+6IMA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5oaXMuc2UwHhcNMTAwNDE0MTIxNTI0WhcNMzAw
+NDE0MTIxNTI0WjAVMRMwEQYDVQQDEwppZHAuaGlzLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAm+RktUz4LD4GyD5AIBsAfy40Z7mZvYdKdCaTWAmd
+WucpWyu/0H2J3SFtXgOGedzgWjm7nbTmrnZHB87zc/yVuGdtpebq4Ye0XdBLg2A4
+H43lyPdknzQDxD035wzfcyi6/+PRzTK0jucR9KGtEPkNhPg0ziAbHggROKQ1ylNd
+RAul/8b2wDOA4yzBvO4FYFQj+H9bgge869M65P5f/AdBZAWtXy0Ox4G+2ysZfOSi
+7rGMyiX1/s+hgLO2AdosfAnQkKUOax3YsyRzyqbCu8PHEuDciwI2y968Kuq7kv7J
+7vMbZmPLcO4mLjsRnxrfyKlGG+Jpg0BGxRlMlmKn79kdEwIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAuaGlzLnNlhiFodHRwczovL2lkcC5oaXMuc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFE1bH9W+VqwoZnGTvPca0DNTcLL3MA0GCSqGSIb3DQEB
+BQUAA4IBAQBUX+vjv7eCQRljAwrRjH8jNoJyUwMIjQsyStbHM7A5y7+MIdOjBELv
+eNYBKGHHEMOiPiB0uPPFrgdN82q8l3PCcYMAYO6aWcwBJsHTpcEBx0lVa4OmW0/r
+Bc4RC+rrqNNf8XkYQnD80Px3ncb0OfXmNwSLnLDIKOoQq7hh4DGY73K66vi0sSor
+9e7hji23KpjhR2vPqmiNAvJuEMzDolB3hn2oz+rWfwynb85vFAghd4gJxTMPzsUj
+hNY1IDFKGebFhCWmlG7MMPDm/omu6mBurSE9EAhVTretr0YXxmkfFrOvDysPOYWj
+drVlFNv2EtdNX1C9u3EJYqslqtyXv2nZ
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.his.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.his.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">HIS</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan i Skövde</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.his.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan i Skövde</Company>
+ <EmailAddress>netadmin@his.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://users.hv.se/login/shib13/idp/metadata.php" xml:base="swamid-1.0/users.hv.se-shib1.xml">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">hv.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://users.hv.se/login/shib13/idp/SSOService.php"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">HV</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan Väst (SAML1)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hv.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Magnus</GivenName>
+ <SurName>Andersson</SurName>
+ <EmailAddress>Magnus.Andersson@hv.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://users.hv.se/login/saml2/idp/metadata.php" xml:base="swamid-1.0/users.hv.se-saml2.xml">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">hv.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICgTCCAeoCCQCbOlrWDdX7FTANBgkqhkiG9w0BAQUFADCBhDELMAkGA1UEBhMCTk8xGDAWBgNVBAgTD0FuZHJlYXMgU29sYmVyZzEMMAoGA1UEBxMDRm9vMRAwDgYDVQQKEwdVTklORVRUMRgwFgYDVQQDEw9mZWlkZS5lcmxhbmcubm8xITAfBgkqhkiG9w0BCQEWEmFuZHJlYXNAdW5pbmV0dC5ubzAeFw0wNzA2MTUxMjAxMzVaFw0wNzA4MTQxMjAxMzVaMIGEMQswCQYDVQQGEwJOTzEYMBYGA1UECBMPQW5kcmVhcyBTb2xiZXJnMQwwCgYDVQQHEwNGb28xEDAOBgNVBAoTB1VOSU5FVFQxGDAWBgNVBAMTD2ZlaWRlLmVybGFuZy5ubzEhMB8GCSqGSIb3DQEJARYSYW5kcmVhc0B1bmluZXR0Lm5vMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDivbhR7P516x/S3BqKxupQe0LONoliupiBOesCO3SHbDrl3+q9IbfnfmE04rNuMcPsIxB161TdDpIesLCn7c8aPHISKOtPlAeTZSnb8QAu7aRjZq3+PbrP5uW3TcfCGPtKTytHOge/OlJbo078dVhXQ14d1EDwXJW1rRXuUt4C8QIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACDVfp86HObqY+e8BUoWQ9+VMQx1ASDohBjwOsg2WykUqRXF+dLfcUH9dWR63CtZIKFDbStNomPnQz7nbK+onygwBspVEbnHuUihZq3ZUdmumQqCw4Uvs/1Uvq3orOo/WJVhTyvLgFVK2QarQ4/67OZfHd7R+POBXhophSMv1ZOo</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://users.hv.se/login/saml2/idp/SingleLogoutService.php"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://users.hv.se/login/saml2/idp/SSOService.php"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">HV</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan Väst (SAML2)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hv.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Magnus</GivenName>
+ <SurName>Andersson</SurName>
+ <EmailAddress>Magnus.Andersson@hv.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www07test.sub.su.se" xml:base="swamid-1.0/www07test.sub.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>swamid</ds:KeyName>
+ <ds:KeyName>www07test.sub.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www07test.sub.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIB5TCCAU6gAwIBAgIJAMMRnP48jAtqMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE3d3dzA3dGVzdC5zdWIuc3Uuc2UwHhcNMDkxMjA4MTAyMjMzWhcNMTIxMjA3
+MTAyMjMzWjAeMRwwGgYDVQQDExN3d3cwN3Rlc3Quc3ViLnN1LnNlMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC9adDbmgkldLxg7+sU4Yh7vgHpMpCWJx3PJG4z
+1oqyG2AdYjjWeNkXpindtpadS7KaVcV+Zoc1PzqLOdp89gX5J84sox/XzCPu/RAZ
+lxtruQxRXbkYYTQYtOJaevl6eaPWsR1r2x/RQ8IW9iNOAiuw3D1CudvvphPi0M4p
+Yma7NwIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsG
+AQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBAKgR4QcvuxFjM3GXE1iyl8ehd5VkQv7x
+bi95mXj6IdK6mzg5QwofBSltHWNKv/AHpPuBzWd0LjCstdWeJXOCoEJe7twLsFGG
+kU+Y2c688RcV0cUVNvcympR5pYNU7ky0uPd/RCV4vnZ9DQqAKCcB/3wZ2cbfyBIR
+gG19ycA9AsUe
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>swamid</ds:KeyName>
+ <ds:KeyName>www07test.sub.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www07test.sub.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIB5TCCAU6gAwIBAgIJAMMRnP48jAtqMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE3d3dzA3dGVzdC5zdWIuc3Uuc2UwHhcNMDkxMjA4MTAyMjMzWhcNMTIxMjA3
+MTAyMjMzWjAeMRwwGgYDVQQDExN3d3cwN3Rlc3Quc3ViLnN1LnNlMIGfMA0GCSqG
+SIb3DQEBAQUAA4GNADCBiQKBgQC9adDbmgkldLxg7+sU4Yh7vgHpMpCWJx3PJG4z
+1oqyG2AdYjjWeNkXpindtpadS7KaVcV+Zoc1PzqLOdp89gX5J84sox/XzCPu/RAZ
+lxtruQxRXbkYYTQYtOJaevl6eaPWsR1r2x/RQ8IW9iNOAiuw3D1CudvvphPi0M4p
+Yma7NwIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsG
+AQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBAKgR4QcvuxFjM3GXE1iyl8ehd5VkQv7x
+bi95mXj6IdK6mzg5QwofBSltHWNKv/AHpPuBzWd0LjCstdWeJXOCoEJe7twLsFGG
+kU+Y2c688RcV0cUVNvcympR5pYNU7ky0uPd/RCV4vnZ9DQqAKCcB/3wZ2cbfyBIR
+gG19ycA9AsUe
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www07test.sub.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www07test.sub.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www07test.sub.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www07test.sub.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www07test.sub.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www07test.sub.su.se/Shibboleth.sso/SAML/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www07test.sub.su.se/Shibboleth.sso/SAML/Artifact" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www07test.sub.su.se/Shibboleth.sso/SAML2/POST" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www07test.sub.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www07test.sub.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www07test.sub.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor ID="_bfc65d391837d34b486a08045cce1cfca197d45e" entityID="https://sp.kau.se/shibboleth" xml:base="swamid-1.0/sp.kau.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.kau.se/Shibboleth.sso/Login"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.kau.se/Shibboleth.sso/Login" index="1"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.kau.se/Shibboleth.sso/WAYF/ds.swamid.se"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://sp.kau.se/Shibboleth.sso/DS/ds.swamid.se"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.kau.se/Shibboleth.sso/DS/ds.swamid.se" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>sp.kau.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sp.kau.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC4jCCAcqgAwIBAgIJAK8+Q8SJp9cxMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
+BAMTCXNwLmthdS5zZTAeFw0xMTA1MDYxMzUxMzBaFw0yMTA1MDMxMzUxMzBaMBQx
+EjAQBgNVBAMTCXNwLmthdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAOOdtYpLS733ksNrv8cVKtY8PCkrL8sa12dMH/Lp2Sm+eqNkJzwbmKPJm6Iu
+rp+Psc/bs767KNqDFRKi+s8iHuKIDCQnkliScR0w0wHzSiHMqEVo3OmU4hYxyYia
+7b3GNY9QYgwbalIuXvIoEVtSP6+19bnreeq0HbR+xCVOnA0EWSJHbIxIcEs1sH3n
+WVtgW5TTJqcasNp9FRtBYgUu5m6tbBZRzEpv2vjgSnhB+D67E6gfUIllWy7EoBFf
+NKtvN6KXr+Md44HanVMg6O+UOLeXY2+niXlP4sVXytCjkXMkZzBnOarPKkEa1yaP
+yyEV1FIoEVJRbQLcYHzhtVX/D+UCAwEAAaM3MDUwFAYDVR0RBA0wC4IJc3Aua2F1
+LnNlMB0GA1UdDgQWBBTDV+sbuDL/6+3K3mKMQvA4B/ctdzANBgkqhkiG9w0BAQUF
+AAOCAQEAKWQPKSkdt82pOnMqFfK07Tyx0tvH04m7TKJKQzL+FcXe4uzv2O1D9Hmg
+9SOoAxvG62KlFlFPkqjEUAuYxEfMWhrftdcWAR3VRu4vBO3QXRxvSuB2lLE487NE
+IWfQbZU6cfz+C8OondMuTtEChkvc5WJAd1HYdUzF0eRSSdKUgJmT4j9fUX0USS3E
+oVtdy2lFcEQT6i7/0v8wrxndGmfGHi6vkiVUvLitX1gdUxx/egzZ9vq+uWa/FxU7
+Jyw22KeyhvX+Ph1pO0iJh3yjDwSbVRDzMN5GU+aPBpeUVUxhYF3CTP4gh8rUAPJC
+myMZEHsgIBf3jkmE9uQfRGeQLiSxfg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.kau.se/Shibboleth.sso/Artifact/SOAP" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.kau.se/Shibboleth.sso/SAML2/POST" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.kau.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.kau.se/Shibboleth.sso/SAML2/Artifact" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.kau.se/Shibboleth.sso/SAML2/ECP" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.kau.se/Shibboleth.sso/SAML/POST" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.kau.se/Shibboleth.sso/SAML/Artifact" index="5"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://fordrop.irt.kth.se/shibboleth" xml:base="swamid-1.0/fordrop.irt.kth.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://fordrop.irt.kth.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>fordrop.irt.kth.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=fordrop.irt.kth.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDETCCAfmgAwIBAgIJALYWrF8Mgt6iMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEmZvcmRyb3AuaXJ0Lmt0aC5zZTAeFw0xMDA0MjMxMjEwMTRaFw0yMDA0MjAx
+MjEwMTRaMB0xGzAZBgNVBAMTEmZvcmRyb3AuaXJ0Lmt0aC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALDjcpcRnb1b7Cfk9KuJpabF6iLe62b0p1mi
+CfGwleRoaANiDGHu01m4gnXvsA6yk1bedJP6z7Pl0rQkMZ2tlDcCEMg8AwyTQL2v
+Y10C20c+rSbfXoWNUI8jyAtLsNBKwsSTvid64x8l5gGpJZCpgfvK6kYJcrLokLqs
+6lWrrad/VecTHzklXWEAhxeCD7eUUJtC0Y4Fi8XhKS7BKKI7JG+YbPocVnP/opFh
+WGe4Q6+wPWU1I7X1HC2bKrEpvwVZsgFN4V0E7wnrDe1yotM6CqlsuWPvyCD4/IYB
+AnOtiMZJMQ0hbeaYoXW+oSvD/aYkJSfQEfMN+4hdo9L1OyvPIwMCAwEAAaNUMFIw
+MQYDVR0RBCowKIISZm9yZHJvcC5pcnQua3RoLnNlhhJmb3Jkcm9wLmlydC5rdGgu
+c2UwHQYDVR0OBBYEFE5WIOqS0aJWpa1XenjHOgjF1BINMA0GCSqGSIb3DQEBBQUA
+A4IBAQBOLO7wR5XjinscjsU2AvZ9s6shS/pcIA+4/OyNYmHr4i3frmu31WqMfY1j
+WhUpLHCKl4EYJubk0HwAq25b8l7Jwmz2UbtyZ7QvV1vGUqo0oxVK9p0rS7ojO1f7
+mrdBB0U3Axu4vW+ckKyGR6NRDYMobRrG04XCOi88NskTHL3VLRA6zNegFre9VdJI
+pw3UvNnJVA9f5U6hOjK5BhxhE/6sNwRDWWWsLlkjzWtqFbTkmRU6cicyvDoD2jzS
+Gf34FPGbKFm1+jJpyOoBAfizkFtGFRM3zkyhGZtGcQgUobPdCUEpCnAkqOIs/bpZ
+3IRNZyiAYdh9b48o6SY/HQuZn5VP
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>fordrop.irt.kth.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=fordrop.irt.kth.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDETCCAfmgAwIBAgIJALYWrF8Mgt6iMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEmZvcmRyb3AuaXJ0Lmt0aC5zZTAeFw0xMDA0MjMxMjEwMTRaFw0yMDA0MjAx
+MjEwMTRaMB0xGzAZBgNVBAMTEmZvcmRyb3AuaXJ0Lmt0aC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALDjcpcRnb1b7Cfk9KuJpabF6iLe62b0p1mi
+CfGwleRoaANiDGHu01m4gnXvsA6yk1bedJP6z7Pl0rQkMZ2tlDcCEMg8AwyTQL2v
+Y10C20c+rSbfXoWNUI8jyAtLsNBKwsSTvid64x8l5gGpJZCpgfvK6kYJcrLokLqs
+6lWrrad/VecTHzklXWEAhxeCD7eUUJtC0Y4Fi8XhKS7BKKI7JG+YbPocVnP/opFh
+WGe4Q6+wPWU1I7X1HC2bKrEpvwVZsgFN4V0E7wnrDe1yotM6CqlsuWPvyCD4/IYB
+AnOtiMZJMQ0hbeaYoXW+oSvD/aYkJSfQEfMN+4hdo9L1OyvPIwMCAwEAAaNUMFIw
+MQYDVR0RBCowKIISZm9yZHJvcC5pcnQua3RoLnNlhhJmb3Jkcm9wLmlydC5rdGgu
+c2UwHQYDVR0OBBYEFE5WIOqS0aJWpa1XenjHOgjF1BINMA0GCSqGSIb3DQEBBQUA
+A4IBAQBOLO7wR5XjinscjsU2AvZ9s6shS/pcIA+4/OyNYmHr4i3frmu31WqMfY1j
+WhUpLHCKl4EYJubk0HwAq25b8l7Jwmz2UbtyZ7QvV1vGUqo0oxVK9p0rS7ojO1f7
+mrdBB0U3Axu4vW+ckKyGR6NRDYMobRrG04XCOi88NskTHL3VLRA6zNegFre9VdJI
+pw3UvNnJVA9f5U6hOjK5BhxhE/6sNwRDWWWsLlkjzWtqFbTkmRU6cicyvDoD2jzS
+Gf34FPGbKFm1+jJpyOoBAfizkFtGFRM3zkyhGZtGcQgUobPdCUEpCnAkqOIs/bpZ
+3IRNZyiAYdh9b48o6SY/HQuZn5VP
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://fordrop.irt.kth.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://fordrop.irt.kth.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fordrop.irt.kth.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://fordrop.irt.kth.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://fordrop.irt.kth.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://minastudier.su.se/Shibboleth.sso" xml:base="swamid-1.0/minastudier.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://minastudier.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://minastudier.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>lpwtool-prod-minastudier1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lpwtool-prod-minastudier1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDLTCCAhWgAwIBAgIJALTp+wTwop0PMA0GCSqGSIb3DQEBBQUAMC0xKzApBgNV
+BAMTImxwd3Rvb2wtcHJvZC1taW5hc3R1ZGllcjEuaXQuc3Uuc2UwHhcNMTAwMjI0
+MTU1MTU1WhcNMjAwMjIyMTU1MTU1WjAtMSswKQYDVQQDEyJscHd0b29sLXByb2Qt
+bWluYXN0dWRpZXIxLml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAx59TlYR92Fuzux/IiWYU3rv/fByvOlbCtiIFyfyLsV//YayVDv/mICYc
+/AiWxDW/Tq7rw1z/rgXvyYldvGjSuV2jOtpDVOIbTKHcZn8O9yWw15g3Xc4ACLTN
+/SGQPL93m3qkyDFGDntrJwrPbg+SDAQG/NzYtPOQ8yWA8d62kwn9DOxgd7HumZoi
+8I+PGxp1Z4A1+SisHonXoSmhwwX6P8btKB3c/2hYLaoikICDXT707K0E61oHbSf3
+jpCGV+MeFEemaPOj0FxrH3LJ4ofGuzaToIo1b9eGBNz9YoC4q/EWxqb78jpPw8bp
+c7tj7lqftz9JbMvxPwUZHq9noFfpgwIDAQABo1AwTjAtBgNVHREEJjAkgiJscHd0
+b29sLXByb2QtbWluYXN0dWRpZXIxLml0LnN1LnNlMB0GA1UdDgQWBBTHi0oC+SaS
+VSASMRoOhZSb6u+L8DANBgkqhkiG9w0BAQUFAAOCAQEAvQ5BaMnza3JwJJu+V5UF
+U1ZYvCBn/TWc7ALet4xVcTdoxgq5FiKw8reYWGtijL5Yoi/V/roFFuiyjSeQYhKq
+6Vr7KmHktnsJn+/cQpzbyjBqo3LTaBtYqbucXlZrpkyy0e1Ia8aijNgbP1acvWfM
+oxvaNaulccXcbDc+x7XU51ihKeTg9UthoE6SBKyWdlCjJOJ7n/K4CHVegD0nVST3
+mcNaiB+aLmlSoII63FqK3VMRBmrlTQ1C3ab25fTDxlg/5NC6mVZbcDAe4poIReLo
+a9ooP6ZBaNOCD9BevPOlcZZGPGZBB8XOnZS8uREdpxtGAgucwZEchAru2lrYxzEV
+pA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>lpwtool-prod-minastudier1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lpwtool-prod-minastudier1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDLTCCAhWgAwIBAgIJALTp+wTwop0PMA0GCSqGSIb3DQEBBQUAMC0xKzApBgNV
+BAMTImxwd3Rvb2wtcHJvZC1taW5hc3R1ZGllcjEuaXQuc3Uuc2UwHhcNMTAwMjI0
+MTU1MTU1WhcNMjAwMjIyMTU1MTU1WjAtMSswKQYDVQQDEyJscHd0b29sLXByb2Qt
+bWluYXN0dWRpZXIxLml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
+CgKCAQEAx59TlYR92Fuzux/IiWYU3rv/fByvOlbCtiIFyfyLsV//YayVDv/mICYc
+/AiWxDW/Tq7rw1z/rgXvyYldvGjSuV2jOtpDVOIbTKHcZn8O9yWw15g3Xc4ACLTN
+/SGQPL93m3qkyDFGDntrJwrPbg+SDAQG/NzYtPOQ8yWA8d62kwn9DOxgd7HumZoi
+8I+PGxp1Z4A1+SisHonXoSmhwwX6P8btKB3c/2hYLaoikICDXT707K0E61oHbSf3
+jpCGV+MeFEemaPOj0FxrH3LJ4ofGuzaToIo1b9eGBNz9YoC4q/EWxqb78jpPw8bp
+c7tj7lqftz9JbMvxPwUZHq9noFfpgwIDAQABo1AwTjAtBgNVHREEJjAkgiJscHd0
+b29sLXByb2QtbWluYXN0dWRpZXIxLml0LnN1LnNlMB0GA1UdDgQWBBTHi0oC+SaS
+VSASMRoOhZSb6u+L8DANBgkqhkiG9w0BAQUFAAOCAQEAvQ5BaMnza3JwJJu+V5UF
+U1ZYvCBn/TWc7ALet4xVcTdoxgq5FiKw8reYWGtijL5Yoi/V/roFFuiyjSeQYhKq
+6Vr7KmHktnsJn+/cQpzbyjBqo3LTaBtYqbucXlZrpkyy0e1Ia8aijNgbP1acvWfM
+oxvaNaulccXcbDc+x7XU51ihKeTg9UthoE6SBKyWdlCjJOJ7n/K4CHVegD0nVST3
+mcNaiB+aLmlSoII63FqK3VMRBmrlTQ1C3ab25fTDxlg/5NC6mVZbcDAe4poIReLo
+a9ooP6ZBaNOCD9BevPOlcZZGPGZBB8XOnZS8uREdpxtGAgucwZEchAru2lrYxzEV
+pA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://minastudier.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://minastudier.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://minastudier.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://minastudier.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://minastudier.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://minastudier.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://minastudier.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://minastudier.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://minastudier.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://minastudier.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://minastudier.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://minastudier.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://minastudier.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://minastudier.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://ladok.su.se/Shibboleth.sso" xml:base="swamid-1.0/ladok.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ladok.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ladok.su.se/Shibboleth.sso/WAYF/wavelan" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>lpwtool-prod-ladok1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lpwtool-prod-ladok1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIJAKAlvioJS4MwMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGxwd3Rvb2wtcHJvZC1sYWRvazEuaXQuc3Uuc2UwHhcNMTAwMjI0MTU0NTUy
+WhcNMjAwMjIyMTU0NTUyWjAnMSUwIwYDVQQDExxscHd0b29sLXByb2QtbGFkb2sx
+Lml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseNPMakP
+gEk64DPwWm63DxiReYuQTvgZqSZHZDS/5XjpgWsFcG/at4fEnymd21lL0YVDJq3D
+a1ERNofKiPnDGWa84wzlZIEF4EG72I7hZkX/rLnXU6jaoUfI4umX0hdCySNJGRAR
+f6CyTaSyLp8lfI44DwHrtR76oo/8FZ/+/i5u2cosSBK6S9eZ+JVMYnvgeXNmO2/W
+1vgBq2JRQmxjKON1Os73jz/z/cr0wIbil8Adl9zmRjKebwrVZpgh2/90vkCL/JR0
+FpcbHZuPlwVkydk8aaeRmmThcNl3AHbjMQ1BBOFxKgTDX499JKk2GnVwGP6KpeVH
+IZf+JpCs8Y1vIQIDAQABo0owSDAnBgNVHREEIDAeghxscHd0b29sLXByb2QtbGFk
+b2sxLml0LnN1LnNlMB0GA1UdDgQWBBSsRm1AtkLKxRbwQnzJJgzdBGnzRjANBgkq
+hkiG9w0BAQUFAAOCAQEAIqWjPq4bS0KK38rA89JlY2snXM/Xp3GCxdqL/J6AIijX
+wAekdKoK1XRvQ6u/m2iPyDdS5dyLf89qqzIR4IY5XDWQaOPCUYMc+B0Rx0blg8JM
+TIzxu8I8K2lycbWlvY2JxE/4yROSay2gSB5NSm0iaH/dATuu+/p1+0Ntm+7VXXJ7
+3D7J621eGxC9fDcw7eM1PrezvXlVszyPk2Djb7lyXzHCxhhqlfFEm9Po2+Uw0AWS
+dVRlM1/Sf6CV2UYcaNPxvKg8An7pzvSVBruVpx1nbzD4zj9Cr/idPzAFmXB0Ikom
+R3H6+4G4tQJixe4WRSG0z0Z1inVFppE5WqimH/Cp4Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>lpwtool-prod-ladok1.it.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=lpwtool-prod-ladok1.it.su.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGzCCAgOgAwIBAgIJAKAlvioJS4MwMA0GCSqGSIb3DQEBBQUAMCcxJTAjBgNV
+BAMTHGxwd3Rvb2wtcHJvZC1sYWRvazEuaXQuc3Uuc2UwHhcNMTAwMjI0MTU0NTUy
+WhcNMjAwMjIyMTU0NTUyWjAnMSUwIwYDVQQDExxscHd0b29sLXByb2QtbGFkb2sx
+Lml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseNPMakP
+gEk64DPwWm63DxiReYuQTvgZqSZHZDS/5XjpgWsFcG/at4fEnymd21lL0YVDJq3D
+a1ERNofKiPnDGWa84wzlZIEF4EG72I7hZkX/rLnXU6jaoUfI4umX0hdCySNJGRAR
+f6CyTaSyLp8lfI44DwHrtR76oo/8FZ/+/i5u2cosSBK6S9eZ+JVMYnvgeXNmO2/W
+1vgBq2JRQmxjKON1Os73jz/z/cr0wIbil8Adl9zmRjKebwrVZpgh2/90vkCL/JR0
+FpcbHZuPlwVkydk8aaeRmmThcNl3AHbjMQ1BBOFxKgTDX499JKk2GnVwGP6KpeVH
+IZf+JpCs8Y1vIQIDAQABo0owSDAnBgNVHREEIDAeghxscHd0b29sLXByb2QtbGFk
+b2sxLml0LnN1LnNlMB0GA1UdDgQWBBSsRm1AtkLKxRbwQnzJJgzdBGnzRjANBgkq
+hkiG9w0BAQUFAAOCAQEAIqWjPq4bS0KK38rA89JlY2snXM/Xp3GCxdqL/J6AIijX
+wAekdKoK1XRvQ6u/m2iPyDdS5dyLf89qqzIR4IY5XDWQaOPCUYMc+B0Rx0blg8JM
+TIzxu8I8K2lycbWlvY2JxE/4yROSay2gSB5NSm0iaH/dATuu+/p1+0Ntm+7VXXJ7
+3D7J621eGxC9fDcw7eM1PrezvXlVszyPk2Djb7lyXzHCxhhqlfFEm9Po2+Uw0AWS
+dVRlM1/Sf6CV2UYcaNPxvKg8An7pzvSVBruVpx1nbzD4zj9Cr/idPzAFmXB0Ikom
+R3H6+4G4tQJixe4WRSG0z0Z1inVFppE5WqimH/Cp4Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ladok.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ladok.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ladok.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ladok.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ladok.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ladok.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ladok.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ladok.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ladok.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ladok.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://bardo.kib.ki.se/shibboleth" xml:base="swamid-1.0/bardo.kib.ki.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=ubitdos@kib.ki.se,OU=UNIVERSITY LIBRARY,O=Karolinska Institutet,L=Solna,ST=Some-State,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEoTCCA4mgAwIBAgIJAPgJfZPJ50S3MA0GCSqGSIb3DQEBBQUAMIGRMQswCQYD
+VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAc
+BgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lU
+WSBMSUJSQVJZMSAwHgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZTAeFw0x
+MDA0MjYxNTA3NDlaFw0yMDA0MjMxNTA3NDlaMIGRMQswCQYDVQQGEwJTRTETMBEG
+A1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAcBgNVBAoTFUthcm9s
+aW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMSAw
+HgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMguawtCfXJd8QvEcaJJRObZfUu9b6rNSzbD/oeC9F3C
+Xi8HL8CpxJrgVrGAf0e/Lo6+rsAkxDedhy9bDVQz/YRdNGeH1/iLMBkI2e/EHua8
+BPm+PQlgl+IpJxU7UJu8+w15ZWoMfsV/WIIdSEng5du3GzgNVsBcaiHEhaQEwkUR
+llXwU5qdcM0QPIwBG2gCARZbn71SEWc/RF5U4D7NLG5LmDViulyy7keN7cK1i3Zr
+o/ELQIPxg7TFqrd7FYkyuVCbZXnDYwC5lQryBkX6kgdqVMCWPEq+uP2RrKjG2HWf
+WOJLW6iP6WtDk0zNUawYVqtL2mAKJposchRXd0/Q0eUCAwEAAaOB+TCB9jAdBgNV
+HQ4EFgQUVlUIXb0klUOqoxNqV3UegOlhaF0wgcYGA1UdIwSBvjCBu4AUVlUIXb0k
+lUOqoxNqV3UegOlhaF2hgZekgZQwgZExCzAJBgNVBAYTAlNFMRMwEQYDVQQIEwpT
+b21lLVN0YXRlMQ4wDAYDVQQHEwVTb2xuYTEeMBwGA1UEChMVS2Fyb2xpbnNrYSBJ
+bnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxIDAeBgkqhkiG
+9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlggkA+Al9k8nnRLcwDAYDVR0TBAUwAwEB
+/zANBgkqhkiG9w0BAQUFAAOCAQEASuzSo7iQmc/qRRUH/za/LCeeH1G6EAva6ces
+RVAYdCGdkQ/pqFugqWc6Qdq7mm/s+tBCMMOe3ccCF7o7XVRFdceZ9RCOpvHFvHz3
+tItH5Zg0P8c2y7t6mClGeCxWCJN+LTzJkvp98tLslcJTmovQP5yXk2/jv93BsFb2
+iIHG49rm09C2YWRUcZIB/XS51QbfVMKf/mj5IugY0GzkA4Xnyvci9QtDtIHVgR1H
+F7OS9qmtSRPsGKvvKYsjKq2BdMoSm1NNvklVEwuHKjVFkyjr3yt4ALR8uyASKUCj
+HVVQRnTpfX0jh7zIizoQL7IjwaYgz7X3qCu2b3JjZdz6gsuKNA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=ubitdos@kib.ki.se,OU=UNIVERSITY LIBRARY,O=Karolinska Institutet,L=Solna,ST=Some-State,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEoTCCA4mgAwIBAgIJAPgJfZPJ50S3MA0GCSqGSIb3DQEBBQUAMIGRMQswCQYD
+VQQGEwJTRTETMBEGA1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAc
+BgNVBAoTFUthcm9saW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lU
+WSBMSUJSQVJZMSAwHgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZTAeFw0x
+MDA0MjYxNTA3NDlaFw0yMDA0MjMxNTA3NDlaMIGRMQswCQYDVQQGEwJTRTETMBEG
+A1UECBMKU29tZS1TdGF0ZTEOMAwGA1UEBxMFU29sbmExHjAcBgNVBAoTFUthcm9s
+aW5za2EgSW5zdGl0dXRldDEbMBkGA1UECxMSVU5JVkVSU0lUWSBMSUJSQVJZMSAw
+HgYJKoZIhvcNAQkBFhF1Yml0ZG9zQGtpYi5raS5zZTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAMguawtCfXJd8QvEcaJJRObZfUu9b6rNSzbD/oeC9F3C
+Xi8HL8CpxJrgVrGAf0e/Lo6+rsAkxDedhy9bDVQz/YRdNGeH1/iLMBkI2e/EHua8
+BPm+PQlgl+IpJxU7UJu8+w15ZWoMfsV/WIIdSEng5du3GzgNVsBcaiHEhaQEwkUR
+llXwU5qdcM0QPIwBG2gCARZbn71SEWc/RF5U4D7NLG5LmDViulyy7keN7cK1i3Zr
+o/ELQIPxg7TFqrd7FYkyuVCbZXnDYwC5lQryBkX6kgdqVMCWPEq+uP2RrKjG2HWf
+WOJLW6iP6WtDk0zNUawYVqtL2mAKJposchRXd0/Q0eUCAwEAAaOB+TCB9jAdBgNV
+HQ4EFgQUVlUIXb0klUOqoxNqV3UegOlhaF0wgcYGA1UdIwSBvjCBu4AUVlUIXb0k
+lUOqoxNqV3UegOlhaF2hgZekgZQwgZExCzAJBgNVBAYTAlNFMRMwEQYDVQQIEwpT
+b21lLVN0YXRlMQ4wDAYDVQQHEwVTb2xuYTEeMBwGA1UEChMVS2Fyb2xpbnNrYSBJ
+bnN0aXR1dGV0MRswGQYDVQQLExJVTklWRVJTSVRZIExJQlJBUlkxIDAeBgkqhkiG
+9w0BCQEWEXViaXRkb3NAa2liLmtpLnNlggkA+Al9k8nnRLcwDAYDVR0TBAUwAwEB
+/zANBgkqhkiG9w0BAQUFAAOCAQEASuzSo7iQmc/qRRUH/za/LCeeH1G6EAva6ces
+RVAYdCGdkQ/pqFugqWc6Qdq7mm/s+tBCMMOe3ccCF7o7XVRFdceZ9RCOpvHFvHz3
+tItH5Zg0P8c2y7t6mClGeCxWCJN+LTzJkvp98tLslcJTmovQP5yXk2/jv93BsFb2
+iIHG49rm09C2YWRUcZIB/XS51QbfVMKf/mj5IugY0GzkA4Xnyvci9QtDtIHVgR1H
+F7OS9qmtSRPsGKvvKYsjKq2BdMoSm1NNvklVEwuHKjVFkyjr3yt4ALR8uyASKUCj
+HVVQRnTpfX0jh7zIizoQL7IjwaYgz7X3qCu2b3JjZdz6gsuKNA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bardo.kib.ki.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bardo.kib.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bardo.kib.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bardo.kib.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bardo.kib.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://bardo.kib.ki.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://bardo.kib.ki.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bardo.kib.ki.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bardo.kib.ki.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://bardo.kib.ki.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://canit.nordu.net/shibboleth" xml:base="swamid-1.0/canit.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://canit.nordu.net/Shibboleth.sso/DS/kalmar3" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>canit.nordu.net</ds:KeyName>
+ <ds:KeyName>https://canit.nordu.net/shibboleth</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=canit.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAO/nNPqDBCrnMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2Nhbml0Lm5vcmR1Lm5ldDAeFw0xMDA1MjAyMTUxMzRaFw0yMDA1MTcyMTUx
+MzRaMBoxGDAWBgNVBAMTD2Nhbml0Lm5vcmR1Lm5ldDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALfQeLKTUhs0gBj90i/FarDm1qm6HYUelLlxK5JJamU+
+BQGaODimGYrh2IzqGUMRxafshp1Z82v2W9ApQKHXO1m7Jg37F/jXmmOLPoF/P4vJ
+gh+c+H8WnPaNOJpWEJlQ/HQaMe6MZ/dZCUNbBnd6MN9vj+MvWH/4mKxIB+HAuOyi
+BAZr2hZyeafWU3+1bHVxUJZQuidYUVY09Jahvp1+kDargSuu0CLClyxqiJtiQN3P
+mAwjveC+Eo83s3/WvEYYkwMYmXYWQf5Rsy7ezKyg6QNfdIfQL1T0hOVmRXwYnzVY
+3zypH/tIaOeAa++fehFQiXB8v7wtTJSpFS9oFsaEFeMCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPY2FuaXQubm9yZHUubmV0MB0GA1UdDgQWBBS0ezKIFjEF0O8UJQKM/2D1
+tp9scDANBgkqhkiG9w0BAQUFAAOCAQEAYWr+FCcA+9Q10RVl7b76EbZaKVjmNsey
+endNf62gKsdu7zbwyAxHVOQ+XA5qZS6kLQThVnF5IJASWO9OJWF3x3Q62TLEXtw0
+cde5YFPhrfdZqRof1dptwD7Bt7kTl6vUV1V5wt1nXMax+rZv6tj08mRaUqBfWZ8w
+obZ3raXz4kaDjT1EGFjwbIc4rS7mZjYwuTGT79zB19BIR5qnL4YvXu44koq02p4S
+9TW8EETE3axOzPF3Vvtmag2vgX9pFJ7G/gFt3Adt6ZKzo1a6GZ9kZKIaE5Dr2Tnn
+VXfcZO7EtnsxYb035Zcei+quLWwJFAIKXwMSWZQEVo4WXa83B8oKnw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>canit.nordu.net</ds:KeyName>
+ <ds:KeyName>https://canit.nordu.net/shibboleth</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=canit.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAO/nNPqDBCrnMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2Nhbml0Lm5vcmR1Lm5ldDAeFw0xMDA1MjAyMTUxMzRaFw0yMDA1MTcyMTUx
+MzRaMBoxGDAWBgNVBAMTD2Nhbml0Lm5vcmR1Lm5ldDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBALfQeLKTUhs0gBj90i/FarDm1qm6HYUelLlxK5JJamU+
+BQGaODimGYrh2IzqGUMRxafshp1Z82v2W9ApQKHXO1m7Jg37F/jXmmOLPoF/P4vJ
+gh+c+H8WnPaNOJpWEJlQ/HQaMe6MZ/dZCUNbBnd6MN9vj+MvWH/4mKxIB+HAuOyi
+BAZr2hZyeafWU3+1bHVxUJZQuidYUVY09Jahvp1+kDargSuu0CLClyxqiJtiQN3P
+mAwjveC+Eo83s3/WvEYYkwMYmXYWQf5Rsy7ezKyg6QNfdIfQL1T0hOVmRXwYnzVY
+3zypH/tIaOeAa++fehFQiXB8v7wtTJSpFS9oFsaEFeMCAwEAAaM9MDswGgYDVR0R
+BBMwEYIPY2FuaXQubm9yZHUubmV0MB0GA1UdDgQWBBS0ezKIFjEF0O8UJQKM/2D1
+tp9scDANBgkqhkiG9w0BAQUFAAOCAQEAYWr+FCcA+9Q10RVl7b76EbZaKVjmNsey
+endNf62gKsdu7zbwyAxHVOQ+XA5qZS6kLQThVnF5IJASWO9OJWF3x3Q62TLEXtw0
+cde5YFPhrfdZqRof1dptwD7Bt7kTl6vUV1V5wt1nXMax+rZv6tj08mRaUqBfWZ8w
+obZ3raXz4kaDjT1EGFjwbIc4rS7mZjYwuTGT79zB19BIR5qnL4YvXu44koq02p4S
+9TW8EETE3axOzPF3Vvtmag2vgX9pFJ7G/gFt3Adt6ZKzo1a6GZ9kZKIaE5Dr2Tnn
+VXfcZO7EtnsxYb035Zcei+quLWwJFAIKXwMSWZQEVo4WXa83B8oKnw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://canit.nordu.net/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://canit.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://canit.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://canit.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://canit.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://canit.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://canit.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://canit.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://canit.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://canit.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://canit.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://canit.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://canit.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://canit.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://canit.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://unitcf.se/shibboleth" xml:base="swamid-1.0/unitcf.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://unitcf.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>unitcf.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=unitcf.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC7TCCAdWgAwIBAgIJAPLtJRFIh63tMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
+BAMTCXVuaXRjZi5zZTAeFw0xMDA1MjYyMDI1MzZaFw0yMDA1MjMyMDI1MzZaMBQx
+EjAQBgNVBAMTCXVuaXRjZi5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAK4QYuhlDS3lqTEx/GMTYbcXm26G1r8bQJy31fW873gWXsB+WLOv9WPXNjBM
+R/WOli0VgSMesjliHSv9BwBQ8J0rLHD3snvj/yp3aHAvBFdElw1GK3+DrK8JN34X
+pgl1KPBzmsS8lwYyyoZYCfmCxrczKs1ZIa3YBuOWLmxFh5P2TS1oaqdwlxQ+N8Xp
+Xvv29rMpn5GsSjd8Ue1In2rHO0+4+oewiyQ0SKBpMSiNjxC5c50gT1dpeK2XUZLI
+ovvTWIPJuUzLX6b7Ft0gEw/kwvcDlVl/C/GNqOtEVPsD/mp03/eVVZVISpj7AUP1
+l7rli6ep61P5ccxH60HjaxzknyECAwEAAaNCMEAwHwYDVR0RBBgwFoIJdW5pdGNm
+LnNlhgl1bml0Y2Yuc2UwHQYDVR0OBBYEFDoYivNyzl6FLDkqruQ/1XAUQBOhMA0G
+CSqGSIb3DQEBBQUAA4IBAQCN10PiM/GBO8l9cArV3pSiuy/T1nTVEHF8cbiwzauM
+Zq1dkTh52ccMeeIFItqGZ5c6IxM/KYJhGCrPw8IfICrVe2h+iLdKfu3nI8KgYIc8
+IYvoxNXSPTHiGAA5E1l2MyxAjkP89dUZgnTposoErzmFfsAas+YU28PuIFtB9E4H
+wkGECUu1qorOSdf5XxpxOLootvH6e06In5RLJR5M7Be8uBHDsJPs+w2/TqFmfu8n
+SUnwp5njZX1iqAiERi1qmNuxK4CgeQbaGUqdAngBmO560yd8gaxWcKKSPB1xyZk7
+IGfIdN4NBcMSvwweZYGgdB368AlQ5QP/h0xigpr/VCZG
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>unitcf.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=unitcf.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC7TCCAdWgAwIBAgIJAPLtJRFIh63tMA0GCSqGSIb3DQEBBQUAMBQxEjAQBgNV
+BAMTCXVuaXRjZi5zZTAeFw0xMDA1MjYyMDI1MzZaFw0yMDA1MjMyMDI1MzZaMBQx
+EjAQBgNVBAMTCXVuaXRjZi5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
+ggEBAK4QYuhlDS3lqTEx/GMTYbcXm26G1r8bQJy31fW873gWXsB+WLOv9WPXNjBM
+R/WOli0VgSMesjliHSv9BwBQ8J0rLHD3snvj/yp3aHAvBFdElw1GK3+DrK8JN34X
+pgl1KPBzmsS8lwYyyoZYCfmCxrczKs1ZIa3YBuOWLmxFh5P2TS1oaqdwlxQ+N8Xp
+Xvv29rMpn5GsSjd8Ue1In2rHO0+4+oewiyQ0SKBpMSiNjxC5c50gT1dpeK2XUZLI
+ovvTWIPJuUzLX6b7Ft0gEw/kwvcDlVl/C/GNqOtEVPsD/mp03/eVVZVISpj7AUP1
+l7rli6ep61P5ccxH60HjaxzknyECAwEAAaNCMEAwHwYDVR0RBBgwFoIJdW5pdGNm
+LnNlhgl1bml0Y2Yuc2UwHQYDVR0OBBYEFDoYivNyzl6FLDkqruQ/1XAUQBOhMA0G
+CSqGSIb3DQEBBQUAA4IBAQCN10PiM/GBO8l9cArV3pSiuy/T1nTVEHF8cbiwzauM
+Zq1dkTh52ccMeeIFItqGZ5c6IxM/KYJhGCrPw8IfICrVe2h+iLdKfu3nI8KgYIc8
+IYvoxNXSPTHiGAA5E1l2MyxAjkP89dUZgnTposoErzmFfsAas+YU28PuIFtB9E4H
+wkGECUu1qorOSdf5XxpxOLootvH6e06In5RLJR5M7Be8uBHDsJPs+w2/TqFmfu8n
+SUnwp5njZX1iqAiERi1qmNuxK4CgeQbaGUqdAngBmO560yd8gaxWcKKSPB1xyZk7
+IGfIdN4NBcMSvwweZYGgdB368AlQ5QP/h0xigpr/VCZG
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://unitcf.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://unitcf.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://unitcf.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://unitcf.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://unitcf.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://unitcf.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://unitcf.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://unitcf.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://unitcf.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://unitcf.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://unitcf.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://unitcf.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://unitcf.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://unitcf.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://unitcf.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://crowd.nordu.net/shibboleth" xml:base="swamid-1.0/crowd.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://crowd.nordu.net/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://crowd.nordu.net/Shibboleth.sso/DS/nordu.net" index="2"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://crowd.nordu.net/Shibboleth.sso/DS/kalmar2" index="3"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>crowd.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=crowd.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJANmt8Ciw6kb/MA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2Nyb3dkLm5vcmR1Lm5ldDAeFw0xMDA1MzExMTI4MzVaFw0yMDA1MjgxMTI4
+MzVaMBoxGDAWBgNVBAMTD2Nyb3dkLm5vcmR1Lm5ldDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAPX2dT9VdcfFwxu7VA00KB7MmJj43/ReptLZNF1qEIEY
+LurgE63gRpalC1RLNx40V0a692ae9vlUJwr5SSuPE///KcIGe7MqKYqxMNR0EVUM
+gkLl/Iws6X6IKPXZFg/WeE/C/cmU6OzaTwdPBmg360Ys9veUOnt/3/ddRhSGRlr/
+QhrFJwZpeRQG/G7f8wIrvVT6HvsY1QOjW6YV43fon8eMBFz1WV7dAAx4L5d1JXX3
+EH+vY6a1nRj98qZPXZ7MY4HBMS8uU/B2/zTN+N9DFBpbwHYWvZQynIviGrUlgGi6
+bDMJH2k+sTGgy9EGZcaAqb2AECMidmXJk3/nOsX5cFECAwEAAaM9MDswGgYDVR0R
+BBMwEYIPY3Jvd2Qubm9yZHUubmV0MB0GA1UdDgQWBBTvR6U7d9zdmqbIl+g3SLa9
+8CChvzANBgkqhkiG9w0BAQUFAAOCAQEAWvDhU3Tk+cCZoThs2I2HLChX7cEjsjz9
+3ZHdWbsgJzPS0xVAdoR1FraNf6PYUvZxbDhsoO2UEZS5IUyOxdWWuP2jaqUpVxY/
+1fSTQQbvOujO+fZzNhJ8nIy/4FgFDWWqABHbVTfGVzImcxC1AJoQ8jkU9Dio5dIl
+uKQCDz8fu1hbkQZ/NP53cNDkTV0t/bvRtEHGrOJYc1rEFRuTLSkPvItsGffWHhIC
+mCrhgP7LeIv2iiNK7qgbhaFRHXAs/JMXAc/Y4YD1renUQCA4cLPF679N4oixMvxD
+Neib9lWMnEYRIynoqQE3UXYnb3GDinEg/soKH73QAq0dyjcfuk30FA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>crowd.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=crowd.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJANmt8Ciw6kb/MA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2Nyb3dkLm5vcmR1Lm5ldDAeFw0xMDA1MzExMTI4MzVaFw0yMDA1MjgxMTI4
+MzVaMBoxGDAWBgNVBAMTD2Nyb3dkLm5vcmR1Lm5ldDCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBAPX2dT9VdcfFwxu7VA00KB7MmJj43/ReptLZNF1qEIEY
+LurgE63gRpalC1RLNx40V0a692ae9vlUJwr5SSuPE///KcIGe7MqKYqxMNR0EVUM
+gkLl/Iws6X6IKPXZFg/WeE/C/cmU6OzaTwdPBmg360Ys9veUOnt/3/ddRhSGRlr/
+QhrFJwZpeRQG/G7f8wIrvVT6HvsY1QOjW6YV43fon8eMBFz1WV7dAAx4L5d1JXX3
+EH+vY6a1nRj98qZPXZ7MY4HBMS8uU/B2/zTN+N9DFBpbwHYWvZQynIviGrUlgGi6
+bDMJH2k+sTGgy9EGZcaAqb2AECMidmXJk3/nOsX5cFECAwEAAaM9MDswGgYDVR0R
+BBMwEYIPY3Jvd2Qubm9yZHUubmV0MB0GA1UdDgQWBBTvR6U7d9zdmqbIl+g3SLa9
+8CChvzANBgkqhkiG9w0BAQUFAAOCAQEAWvDhU3Tk+cCZoThs2I2HLChX7cEjsjz9
+3ZHdWbsgJzPS0xVAdoR1FraNf6PYUvZxbDhsoO2UEZS5IUyOxdWWuP2jaqUpVxY/
+1fSTQQbvOujO+fZzNhJ8nIy/4FgFDWWqABHbVTfGVzImcxC1AJoQ8jkU9Dio5dIl
+uKQCDz8fu1hbkQZ/NP53cNDkTV0t/bvRtEHGrOJYc1rEFRuTLSkPvItsGffWHhIC
+mCrhgP7LeIv2iiNK7qgbhaFRHXAs/JMXAc/Y4YD1renUQCA4cLPF679N4oixMvxD
+Neib9lWMnEYRIynoqQE3UXYnb3GDinEg/soKH73QAq0dyjcfuk30FA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://crowd.nordu.net/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://crowd.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://crowd.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowd.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://crowd.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://crowd.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://crowd.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowd.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://crowd.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowd.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://crowd.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://crowd.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://crowd.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://crowd.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://crowd.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="en">NORDUnet Tools</md:ServiceName>
+ <md:ServiceDescription xml:lang="en">NORDUnet Tools (confluence, jira)</md:ServiceDescription>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:0.9.2342.19200300.100.1.3"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.42"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.4"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://rt-test-app1.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/rt-test-app1.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>rt-test-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=rt-test-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAO32CkJlX+/pMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDHJ0LXRlc3QtYXBwMTAeFw0xMDA3MTkxMDExNTRaFw0yMDA3MTYxMDExNTRa
+MBcxFTATBgNVBAMTDHJ0LXRlc3QtYXBwMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL130rFvSTBveOvloRg3fezPY4Phi14vff2sP9uVKijx0FKEx7DG
+RKJN6D5nZmXt4x5UzG3LetcfhjPlBu97q28RXLKDA3ICjvJwYaxtezuiYgfLogqK
+QlupoWqM9JuH0NHgkbcqjfuDrCv7dA6ONizN4rQQ//XMIx0sFw0lHgDsrBJM2tsD
+U52W0RakUuWzRxaCdq+fLpvzp3RlFrxnhGrtW6tUiXaIrJL/eyXF+MNi6XMKdo0N
+mdiEs7o4+5bsOMjT+KY1s+Dgdun2Wn9Bx9ahoV0AdNA2NUQJAmIn2w99/2Ysu4up
+NsqxE3HSrTEBjhqxYMF8LnqmC2NHDznRSTUCAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+cnQtdGVzdC1hcHAxMB0GA1UdDgQWBBQ6wPVxoa6YNM3Iv0a7ubYtHi4rujANBgkq
+hkiG9w0BAQUFAAOCAQEArbBt80mU0Hqg7HkeFD6Flx4feO95NvY+g2t7sUXFoVio
+kU9boN762OeaYBru7+d0aEx2iYdCuHcGXIDFMzutyqGzuRGAaPK0EqxQHZ0s5BbE
+BHTfmiFlQ8DZmsSgrHdlkYN3ZlEbtGWTE3CZDV407tuYV+/gu2JQ76K53rbpJC2C
+dYOhRYC97dn+EEhw8yHGBwdmzDXUdl7jSJUZbtXkShGgMazynH2mdaHbk4UO28Zr
+O/b1/rN0BuKDZ2rdvggEhT3YAPmEpW+qS9F06BJSJovryHCAmlvyy7pLYwscXHzd
+UNpiKN2S312lAEnoyhck4u1vFyWNvQpeW9Q0iNvykQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>rt-test-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=rt-test-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAO32CkJlX+/pMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDHJ0LXRlc3QtYXBwMTAeFw0xMDA3MTkxMDExNTRaFw0yMDA3MTYxMDExNTRa
+MBcxFTATBgNVBAMTDHJ0LXRlc3QtYXBwMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL130rFvSTBveOvloRg3fezPY4Phi14vff2sP9uVKijx0FKEx7DG
+RKJN6D5nZmXt4x5UzG3LetcfhjPlBu97q28RXLKDA3ICjvJwYaxtezuiYgfLogqK
+QlupoWqM9JuH0NHgkbcqjfuDrCv7dA6ONizN4rQQ//XMIx0sFw0lHgDsrBJM2tsD
+U52W0RakUuWzRxaCdq+fLpvzp3RlFrxnhGrtW6tUiXaIrJL/eyXF+MNi6XMKdo0N
+mdiEs7o4+5bsOMjT+KY1s+Dgdun2Wn9Bx9ahoV0AdNA2NUQJAmIn2w99/2Ysu4up
+NsqxE3HSrTEBjhqxYMF8LnqmC2NHDznRSTUCAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+cnQtdGVzdC1hcHAxMB0GA1UdDgQWBBQ6wPVxoa6YNM3Iv0a7ubYtHi4rujANBgkq
+hkiG9w0BAQUFAAOCAQEArbBt80mU0Hqg7HkeFD6Flx4feO95NvY+g2t7sUXFoVio
+kU9boN762OeaYBru7+d0aEx2iYdCuHcGXIDFMzutyqGzuRGAaPK0EqxQHZ0s5BbE
+BHTfmiFlQ8DZmsSgrHdlkYN3ZlEbtGWTE3CZDV407tuYV+/gu2JQ76K53rbpJC2C
+dYOhRYC97dn+EEhw8yHGBwdmzDXUdl7jSJUZbtXkShGgMazynH2mdaHbk4UO28Zr
+O/b1/rN0BuKDZ2rdvggEhT3YAPmEpW+qS9F06BJSJovryHCAmlvyy7pLYwscXHzd
+UNpiKN2S312lAEnoyhck4u1vFyWNvQpeW9Q0iNvykQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://rt-test-app1.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://webapp-utv.ita.mdh.se/shibboleth" xml:base="swamid-1.0/webapp-utv.ita.mdh.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>v-bus.ita.mdh.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=v-bus.ita.mdh.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC7zCCAdegAwIBAgIBADANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExB2LWJ1
+cy5pdGEubWRoLnNlMB4XDTEwMDcwMTEwMDI0MFoXDTIwMDYyODEwMDI0MFowGzEZ
+MBcGA1UEAxMQdi1idXMuaXRhLm1kaC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAM0c4T2DWUsZAVs1kTwviQb6nzXgkRHUlb9Rc5gK+AM7sP2cWscY
+6lsBqnnJqnKRxQ2gnu6fEWr/g3rTZSeR/L4vxPCP99tbgULTvvb0/TiotyTABPrj
+v1JF2uCMsOP1qn7upLp5mRLQq+fcW2w/D+RlihYPkoS4Up1go7/JO5ClFeIzdAQ0
+ixPDBjMxqF/DVQ9m7G9RysOgZLWlnR3CTHhxQG9mLXopkqBGM5xRqSLVghLUu4lV
+wcpAmu54gOG/b93D9ue9P+JlLLxkYxZ9wLFQcnceY+WA90Me+AwZ0goieTicSVC/
+2jg3RsQDOu2XFFc3sPnIYpR+0KYEO4F0pCMCAwEAAaM+MDwwGwYDVR0RBBQwEoIQ
+di1idXMuaXRhLm1kaC5zZTAdBgNVHQ4EFgQUwhL0egDc1L7Y/HR/EPW7ISIJkFkw
+DQYJKoZIhvcNAQEFBQADggEBACr96wsmELGnAT1EnTmePCh+oFR1j8GnTp/9CRUK
+4bhyBGBxKSTbYo0xHNT5sadC7XkeJpSzFkMprvM1kyZSS07SGlpluRqFsqTY5fzy
+sJ38nAdmdPApSkQpAvSwahi8G0ypVc3YOntoXE8jUaN5CjdRk3iAfNrNVD4BW9PM
+POXR8OXczDAkW9TEEPTf0ssyTmGmeHReH8wz2LmjXD33B8jEXAl/+03ANlGaptw9
+OH42t1fxzvwRrnUXZv8WyUQrrzjHTcs5+SbfqaVlewI8KRHTNC4XUefcGULgC1rK
+p4Dxx1fOE+4Z6F1w818nIPfOIFisdZ0n+f4Qt3oL1+WqEsM=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>v-bus.ita.mdh.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=v-bus.ita.mdh.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC7zCCAdegAwIBAgIBADANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExB2LWJ1
+cy5pdGEubWRoLnNlMB4XDTEwMDcwMTEwMDI0MFoXDTIwMDYyODEwMDI0MFowGzEZ
+MBcGA1UEAxMQdi1idXMuaXRhLm1kaC5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAM0c4T2DWUsZAVs1kTwviQb6nzXgkRHUlb9Rc5gK+AM7sP2cWscY
+6lsBqnnJqnKRxQ2gnu6fEWr/g3rTZSeR/L4vxPCP99tbgULTvvb0/TiotyTABPrj
+v1JF2uCMsOP1qn7upLp5mRLQq+fcW2w/D+RlihYPkoS4Up1go7/JO5ClFeIzdAQ0
+ixPDBjMxqF/DVQ9m7G9RysOgZLWlnR3CTHhxQG9mLXopkqBGM5xRqSLVghLUu4lV
+wcpAmu54gOG/b93D9ue9P+JlLLxkYxZ9wLFQcnceY+WA90Me+AwZ0goieTicSVC/
+2jg3RsQDOu2XFFc3sPnIYpR+0KYEO4F0pCMCAwEAAaM+MDwwGwYDVR0RBBQwEoIQ
+di1idXMuaXRhLm1kaC5zZTAdBgNVHQ4EFgQUwhL0egDc1L7Y/HR/EPW7ISIJkFkw
+DQYJKoZIhvcNAQEFBQADggEBACr96wsmELGnAT1EnTmePCh+oFR1j8GnTp/9CRUK
+4bhyBGBxKSTbYo0xHNT5sadC7XkeJpSzFkMprvM1kyZSS07SGlpluRqFsqTY5fzy
+sJ38nAdmdPApSkQpAvSwahi8G0ypVc3YOntoXE8jUaN5CjdRk3iAfNrNVD4BW9PM
+POXR8OXczDAkW9TEEPTf0ssyTmGmeHReH8wz2LmjXD33B8jEXAl/+03ANlGaptw9
+OH42t1fxzvwRrnUXZv8WyUQrrzjHTcs5+SbfqaVlewI8KRHTNC4XUefcGULgC1rK
+p4Dxx1fOE+4Z6F1w818nIPfOIFisdZ0n+f4Qt3oL1+WqEsM=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://webapp-utv.ita.mdh.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://portal.mdh.se/shibboleth" xml:base="swamid-1.0/portal.mdh.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://portal.mdh.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>v-portila.ita.mdh.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=v-portila.ita.mdh.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+zCCAeOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMR0wGwYDVQQDExR2LXBv
+cnRpbGEuaXRhLm1kaC5zZTAeFw0xMDA3MDEyMzIzNTBaFw0yMDA2MjgyMzIzNTBa
+MB8xHTAbBgNVBAMTFHYtcG9ydGlsYS5pdGEubWRoLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAl1TuX2zjSyC3YD4Y2+09x8Ur20kl4YdjZRR6bwNa
+bPXAA3OnShY5cUvy4E6lBRepoCMCXoKYptcqGt0+zxtHYcYuSnWLs/Z0BevURIQW
+exo1CF2vI2xssmxxEDoXoB39moRkqjfRHaDqq4INw+2/a823lSqit+e1OOBYML7O
+UyP+wJLtDzo7MbKXlV0hi7iMQVtXJaqPPvrNrRivCkC0dHBg77RCK9Dw1pNmirvt
+mlvMEkzAOBVUKmaXBcH0NvvRHVaMIxYKDlDHI5q0J8GqTVyVvVtHRMZToB5x+5h1
+qQHVsEvXYWH1CHM9jRsMnYx7b2/GR7eBtzh30DsXaPaI2wIDAQABo0IwQDAfBgNV
+HREEGDAWghR2LXBvcnRpbGEuaXRhLm1kaC5zZTAdBgNVHQ4EFgQU8vkDhvnqzteG
+BBZeQrlIsl7PdFUwDQYJKoZIhvcNAQEFBQADggEBAAXe9EMJcx4J6tBAkU8yKDfX
+xLPT4vqGdClX6Qz6FxpErbFvNt4MUuHHnDjwMqrEB1u0OF5huMMFMMx5gpHEJpw5
+zZqkpPGKmUjDCynPCCh3zNClMOjf1NKzLfLmo4osJMSftPE0O6x3G7oDfKwck80G
+bKEjtT8vAK0IpDaKe3p5dq2lLNtfwecGyx8//pfyWgRABuJxbnrtJrENOjET45ns
+lkNHmBszvmK5Ed6NDhPnepjCOkXlHqg73CCx3E6+exvUCJ2700RntZIT8UFKu1K6
+7IwuqV1dJoBbpIG+G9/qOzGuo09N5tDfiZvjQ10D3dubNLbH9I+FdtMPeZj8KtM=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>v-portila.ita.mdh.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=v-portila.ita.mdh.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+zCCAeOgAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMR0wGwYDVQQDExR2LXBv
+cnRpbGEuaXRhLm1kaC5zZTAeFw0xMDA3MDEyMzIzNTBaFw0yMDA2MjgyMzIzNTBa
+MB8xHTAbBgNVBAMTFHYtcG9ydGlsYS5pdGEubWRoLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAl1TuX2zjSyC3YD4Y2+09x8Ur20kl4YdjZRR6bwNa
+bPXAA3OnShY5cUvy4E6lBRepoCMCXoKYptcqGt0+zxtHYcYuSnWLs/Z0BevURIQW
+exo1CF2vI2xssmxxEDoXoB39moRkqjfRHaDqq4INw+2/a823lSqit+e1OOBYML7O
+UyP+wJLtDzo7MbKXlV0hi7iMQVtXJaqPPvrNrRivCkC0dHBg77RCK9Dw1pNmirvt
+mlvMEkzAOBVUKmaXBcH0NvvRHVaMIxYKDlDHI5q0J8GqTVyVvVtHRMZToB5x+5h1
+qQHVsEvXYWH1CHM9jRsMnYx7b2/GR7eBtzh30DsXaPaI2wIDAQABo0IwQDAfBgNV
+HREEGDAWghR2LXBvcnRpbGEuaXRhLm1kaC5zZTAdBgNVHQ4EFgQU8vkDhvnqzteG
+BBZeQrlIsl7PdFUwDQYJKoZIhvcNAQEFBQADggEBAAXe9EMJcx4J6tBAkU8yKDfX
+xLPT4vqGdClX6Qz6FxpErbFvNt4MUuHHnDjwMqrEB1u0OF5huMMFMMx5gpHEJpw5
+zZqkpPGKmUjDCynPCCh3zNClMOjf1NKzLfLmo4osJMSftPE0O6x3G7oDfKwck80G
+bKEjtT8vAK0IpDaKe3p5dq2lLNtfwecGyx8//pfyWgRABuJxbnrtJrENOjET45ns
+lkNHmBszvmK5Ed6NDhPnepjCOkXlHqg73CCx3E6+exvUCJ2700RntZIT8UFKu1K6
+7IwuqV1dJoBbpIG+G9/qOzGuo09N5tDfiZvjQ10D3dubNLbH9I+FdtMPeZj8KtM=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://portal.mdh.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://portal.mdh.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://portal.mdh.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://portal.mdh.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://portal.mdh.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://portal.mdh.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://portal.mdh.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://portal.mdh.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://portal.mdh.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://portal.mdh.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://portal.mdh.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://portal.mdh.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://portal.mdh.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://portal.mdh.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://portal.mdh.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://confluence.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/confluence.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://confluence.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://confluence.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>confluence-prod-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=confluence-prod-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDAzCCAeugAwIBAgIJAIF9hDgxtaCJMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFGNvbmZsdWVuY2UtcHJvZC1hcHAxMB4XDTEwMDgxNzEyNDg1OFoXDTIwMDgx
+NDEyNDg1OFowHzEdMBsGA1UEAxMUY29uZmx1ZW5jZS1wcm9kLWFwcDEwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTnCJFt8KxDiKGg8q4R98rpkGrGe8F
+IxSZX/rYsbOShpAS4BybJIBsYPcU+DbWC3YXyYfC+iI1lYczw2hhfiENmrv7KEdB
+hHxA6+hCuDuPcH44EjQ/mT0Hx/SWdBSglzcQRnPHKCdedlJhdsV3gDeWTV2EYgrT
+GOB/k9pfDr2T6nvMnI1aPj33esHKfeVLqNALDRQuFyo7vEU5pejlarjIG7F+2KES
+MVunVGglxJTWvTT1FNqxuAR9j04p8XcMLj6NU20W9C2WaRPHC80crKLgBqcuymAY
+k2swFURnV5ubBRtWY/tIjMoYNeWgadsaKJFy2x7hJruM3qxUhT+LhRR9AgMBAAGj
+QjBAMB8GA1UdEQQYMBaCFGNvbmZsdWVuY2UtcHJvZC1hcHAxMB0GA1UdDgQWBBQR
+M1tnhL0IxstpiHXStoO0Ghr6YTANBgkqhkiG9w0BAQUFAAOCAQEA0DES8eLg3jwz
+tj0RkUS2IU574YX5B7WA/ZokuKVWnsZlhkVTQxzn1xvirV+wWhSf0mHQzSMfEEbR
+Gtattonij6QCTKIDC9Whay+xjZRKag49yu/GEzyPYx6vU8mn0C3xvSlZPAyzwLU3
+g4cLnO3NPUpsArNLkWBT5KZ9t7ms85fkwgYLVhOJVavbDbfvslx4R6Cuf1w6kyxa
+Uaa6b/2SBvN9dsAzmri0E4IEP21lWe9+k42cYuCbrJIQMJ3x7M+uvzi3JJB4s6ze
+qVpQDZd93P9YLQGNulZ1J4JdseJC6nAeXZY+iAiEBCyhx0+NQnlt+BZt7m76yNYi
+01e+X7VXbQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>confluence-prod-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=confluence-prod-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDAzCCAeugAwIBAgIJAIF9hDgxtaCJMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFGNvbmZsdWVuY2UtcHJvZC1hcHAxMB4XDTEwMDgxNzEyNDg1OFoXDTIwMDgx
+NDEyNDg1OFowHzEdMBsGA1UEAxMUY29uZmx1ZW5jZS1wcm9kLWFwcDEwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTnCJFt8KxDiKGg8q4R98rpkGrGe8F
+IxSZX/rYsbOShpAS4BybJIBsYPcU+DbWC3YXyYfC+iI1lYczw2hhfiENmrv7KEdB
+hHxA6+hCuDuPcH44EjQ/mT0Hx/SWdBSglzcQRnPHKCdedlJhdsV3gDeWTV2EYgrT
+GOB/k9pfDr2T6nvMnI1aPj33esHKfeVLqNALDRQuFyo7vEU5pejlarjIG7F+2KES
+MVunVGglxJTWvTT1FNqxuAR9j04p8XcMLj6NU20W9C2WaRPHC80crKLgBqcuymAY
+k2swFURnV5ubBRtWY/tIjMoYNeWgadsaKJFy2x7hJruM3qxUhT+LhRR9AgMBAAGj
+QjBAMB8GA1UdEQQYMBaCFGNvbmZsdWVuY2UtcHJvZC1hcHAxMB0GA1UdDgQWBBQR
+M1tnhL0IxstpiHXStoO0Ghr6YTANBgkqhkiG9w0BAQUFAAOCAQEA0DES8eLg3jwz
+tj0RkUS2IU574YX5B7WA/ZokuKVWnsZlhkVTQxzn1xvirV+wWhSf0mHQzSMfEEbR
+Gtattonij6QCTKIDC9Whay+xjZRKag49yu/GEzyPYx6vU8mn0C3xvSlZPAyzwLU3
+g4cLnO3NPUpsArNLkWBT5KZ9t7ms85fkwgYLVhOJVavbDbfvslx4R6Cuf1w6kyxa
+Uaa6b/2SBvN9dsAzmri0E4IEP21lWe9+k42cYuCbrJIQMJ3x7M+uvzi3JJB4s6ze
+qVpQDZd93P9YLQGNulZ1J4JdseJC6nAeXZY+iAiEBCyhx0+NQnlt+BZt7m76yNYi
+01e+X7VXbQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://confluence.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://confluence.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://confluence.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://confluence.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://confluence.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://confluence.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://confluence.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://confluence.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://confluence.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://confluence.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://confluence.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://confluence.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://confluence.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://confluence.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://confluence.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://jira.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/jira.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://jira.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://jira.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>jira-prod-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=jira-prod-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJAKO40oiNNokAMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDmppcmEtcHJvZC1hcHAxMB4XDTEwMDgyMzEwMDkwOFoXDTIwMDgyMDEwMDkw
+OFowGTEXMBUGA1UEAxMOamlyYS1wcm9kLWFwcDEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDK1jIyprLcwZSC0tZxTwUerRm0igvgtt0WP5SeETSOtioh
+aBURLewSZ1Z+ea2WLaOIn6tW5jgKykVRcSMeaJ5JkW59KrzJo9+qJgJkd+izp4HF
+w3jSubP1Xo3OADW6Vf4LsH3FTIcFaGfWaAI0hfX2R+N4Llwwnci4l/0Yth65sZPH
+xufMzH7b/JJf1ZGHpVsYiX6VVz0QCZM5n4dLJUxwpdmR1IsyVmuABo9i130MlBjt
+Ot1aXWWf/XlhajMUkeuqFdEfpBqiBOSzV7nkRP7IAnxbzCE8z5hac5OAB+o8ueOu
+GztmeB/n+7lwOiN4MtqdoYlNpJRig42qIlwimtSDAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDmppcmEtcHJvZC1hcHAxMB0GA1UdDgQWBBQNbTCMshQI1Adr7JFGtx1Q8beG
+sTANBgkqhkiG9w0BAQUFAAOCAQEAN1YvkrZ45WXs56AUGcykmQ2m3YMjueiQP0Zt
+cyUJmJ6OMomhTA6eSoNvqv5h/g1dgVnF25wpsDhgwhJM1zgP6gArad02PfWrWVfx
+r/RrT2wGIYiqAnceTgtSJ7jbqKn2q2KZ6a4TKWiJDfYCPfA/ZLHgHanDCOaV8w12
+/JaEWVZldvm+MMLd9/pc8mr3TskEtunCs88mTT+xESt0alNJHnZX76ZPBQOVvzE9
+TSPz6L4JJM7OYEx92swJuDyjcGUWx6SHiumZtFh6t5FxlpIi2+bnV3iw9QP6M5dd
+FdYOem7PdnMNtROBFXZZ+vv1hrOfYBy7FrvBe49J9Yub+jaHWw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>jira-prod-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=jira-prod-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJAKO40oiNNokAMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDmppcmEtcHJvZC1hcHAxMB4XDTEwMDgyMzEwMDkwOFoXDTIwMDgyMDEwMDkw
+OFowGTEXMBUGA1UEAxMOamlyYS1wcm9kLWFwcDEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDK1jIyprLcwZSC0tZxTwUerRm0igvgtt0WP5SeETSOtioh
+aBURLewSZ1Z+ea2WLaOIn6tW5jgKykVRcSMeaJ5JkW59KrzJo9+qJgJkd+izp4HF
+w3jSubP1Xo3OADW6Vf4LsH3FTIcFaGfWaAI0hfX2R+N4Llwwnci4l/0Yth65sZPH
+xufMzH7b/JJf1ZGHpVsYiX6VVz0QCZM5n4dLJUxwpdmR1IsyVmuABo9i130MlBjt
+Ot1aXWWf/XlhajMUkeuqFdEfpBqiBOSzV7nkRP7IAnxbzCE8z5hac5OAB+o8ueOu
+GztmeB/n+7lwOiN4MtqdoYlNpJRig42qIlwimtSDAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDmppcmEtcHJvZC1hcHAxMB0GA1UdDgQWBBQNbTCMshQI1Adr7JFGtx1Q8beG
+sTANBgkqhkiG9w0BAQUFAAOCAQEAN1YvkrZ45WXs56AUGcykmQ2m3YMjueiQP0Zt
+cyUJmJ6OMomhTA6eSoNvqv5h/g1dgVnF25wpsDhgwhJM1zgP6gArad02PfWrWVfx
+r/RrT2wGIYiqAnceTgtSJ7jbqKn2q2KZ6a4TKWiJDfYCPfA/ZLHgHanDCOaV8w12
+/JaEWVZldvm+MMLd9/pc8mr3TskEtunCs88mTT+xESt0alNJHnZX76ZPBQOVvzE9
+TSPz6L4JJM7OYEx92swJuDyjcGUWx6SHiumZtFh6t5FxlpIi2+bnV3iw9QP6M5dd
+FdYOem7PdnMNtROBFXZZ+vv1hrOfYBy7FrvBe49J9Yub+jaHWw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://jira.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://jira.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://jira.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://jira.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://jira.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://jira.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://confluence-test.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/confluence-test.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://confluence-test.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://confluence-test.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>confluence-test-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=confluence-test-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDAzCCAeugAwIBAgIJAJQUUOiUg8ASMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFGNvbmZsdWVuY2UtdGVzdC1hcHAxMB4XDTEwMDgyNTExMjk1MloXDTIwMDgy
+MjExMjk1MlowHzEdMBsGA1UEAxMUY29uZmx1ZW5jZS10ZXN0LWFwcDEwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD3uzS0TzAX9UDxeTLasLorhR1rU2o
+fvADYWfz6drVXKKOszC58UmQ30+ks6J+90S2TOk9TuYUOkehaGnzGPLq1YqIV7x4
+P2z7iRIIvGH5dNVI7C5iIS83WOF5XQtARtiR2IzZxcfZC+1bXMzv+FeQk27Cyg5b
+go1tKzjnJENNFbaLNZghXBZkwJRbI989p/mydIKbyfO8k8tWN+nOgWncjwuvEXdD
+j1cYBMgPJbmXWjzoRN6CRc0OjPyswCbiB3l5Jc/8ddh7TxjHx+MOloJLSABwdi/0
+EWjxJQZuJrRC6it4fnfjFX/C4r8p6DtdCJhLdfVN/s1IvbDwuqRTUYV9AgMBAAGj
+QjBAMB8GA1UdEQQYMBaCFGNvbmZsdWVuY2UtdGVzdC1hcHAxMB0GA1UdDgQWBBR8
+x5c7zq1zB49voRdZxIAGX3uNRTANBgkqhkiG9w0BAQUFAAOCAQEAQE1qdCNGxQ+D
+eoCw6J1Xz7pTMrztfiJrk48+Yn4MQ48D+kgB0vRpY6jL0DNHrnXziQFqlx9E1boJ
+F0JpeKOrFav+pkmiCw+paDwURg1+Eh7hwt8cMwkTpb7Pl29TZxLlrlvCm4rBp91R
++FVbzcyCJWvmle/PwusArj+I4TqwZDmb9kNNeENfxRT/pBjfbOKqJGAhJiz4BuBg
+a/C1W3rYB0JDWS1GBFsYrsPAYA23B4F4DtaHtUz9LVhBCI90ldxWaFQQN9tSuULf
+ZKpdnb5jA70+hVxEavkcihAmu6B3bcGTIO7ycrdcE31iW8VIXGf2jOictM35XLhU
+Uc3kqnPScQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>confluence-test-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=confluence-test-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDAzCCAeugAwIBAgIJAJQUUOiUg8ASMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV
+BAMTFGNvbmZsdWVuY2UtdGVzdC1hcHAxMB4XDTEwMDgyNTExMjk1MloXDTIwMDgy
+MjExMjk1MlowHzEdMBsGA1UEAxMUY29uZmx1ZW5jZS10ZXN0LWFwcDEwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDD3uzS0TzAX9UDxeTLasLorhR1rU2o
+fvADYWfz6drVXKKOszC58UmQ30+ks6J+90S2TOk9TuYUOkehaGnzGPLq1YqIV7x4
+P2z7iRIIvGH5dNVI7C5iIS83WOF5XQtARtiR2IzZxcfZC+1bXMzv+FeQk27Cyg5b
+go1tKzjnJENNFbaLNZghXBZkwJRbI989p/mydIKbyfO8k8tWN+nOgWncjwuvEXdD
+j1cYBMgPJbmXWjzoRN6CRc0OjPyswCbiB3l5Jc/8ddh7TxjHx+MOloJLSABwdi/0
+EWjxJQZuJrRC6it4fnfjFX/C4r8p6DtdCJhLdfVN/s1IvbDwuqRTUYV9AgMBAAGj
+QjBAMB8GA1UdEQQYMBaCFGNvbmZsdWVuY2UtdGVzdC1hcHAxMB0GA1UdDgQWBBR8
+x5c7zq1zB49voRdZxIAGX3uNRTANBgkqhkiG9w0BAQUFAAOCAQEAQE1qdCNGxQ+D
+eoCw6J1Xz7pTMrztfiJrk48+Yn4MQ48D+kgB0vRpY6jL0DNHrnXziQFqlx9E1boJ
+F0JpeKOrFav+pkmiCw+paDwURg1+Eh7hwt8cMwkTpb7Pl29TZxLlrlvCm4rBp91R
++FVbzcyCJWvmle/PwusArj+I4TqwZDmb9kNNeENfxRT/pBjfbOKqJGAhJiz4BuBg
+a/C1W3rYB0JDWS1GBFsYrsPAYA23B4F4DtaHtUz9LVhBCI90ldxWaFQQN9tSuULf
+ZKpdnb5jA70+hVxEavkcihAmu6B3bcGTIO7ycrdcE31iW8VIXGf2jOictM35XLhU
+Uc3kqnPScQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://confluence-test.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://confluence-test.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://confluence-test.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://confluence-test.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://confluence-test.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://confluence-test.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://confluence-test.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://confluence-test.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://confluence-test.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://confluence-test.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://confluence-test.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://confluence-test.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://confluence-test.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://confluence-test.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://confluence-test.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://mailfilter.sunet.se/shibboleth" xml:base="swamid-1.0/mailfilter.sunet.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mailfilter.sunet.se/Shibboleth.sso/DS/ds.sunet.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://mailfilter.sunet.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>mailfilter.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mailfilter.sunet.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=mailfilter.sunet.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>11414469578012237281</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJAJ5oV5rQ7B3hMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE21haWxmaWx0ZXIuc3VuZXQuc2UwHhcNMTAwODI2MTk0NDIyWhcNMjAwODIz
+MTk0NDIyWjAeMRwwGgYDVQQDExNtYWlsZmlsdGVyLnN1bmV0LnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwGz7eWqtVCW3Be28I+IPpODVQDPQIwi
+chEFFSJdlkF7c9XN806yVAaGvsOrnNaFUTM5h/Gc4Hak1A0puoLI1aMkyeA0sMWb
+Mi6owbVDrjXGoD4gAoC9AIhqfj0NtE8zGlbGsL0dezM68NJwIt2C30U1rzOfUS53
+rngSTvleQK0lnd8I2Sys+msN6kP+4N64A3IBg6A2AVZtaadB6fJIoxQrQOhU3N1U
+AfaK8TcLaclVC5PfiwuJuiSLM0RgMy68B0Fht0V6lUpdiBoF5nU4sKAVYjZz+ZHo
+pi6sntIe+FchSvmDXf7zqqLS/NQiM+bD65T/nvazAbtBIbKmWb817wIDAQABo0Ew
+PzAeBgNVHREEFzAVghNtYWlsZmlsdGVyLnN1bmV0LnNlMB0GA1UdDgQWBBQ+3/bs
+Sg4SKO4FCGqYge9BF2au7TANBgkqhkiG9w0BAQUFAAOCAQEAVxV3i2vePzZeSjyy
+/i7KiU62byrG6YVBpUnmuofRuNtrC0pvnEMlGYI93pqOuQOe0sw5CEweIIyeTfQ2
+7AlQPA3kiIyvG1mubSJH421oJWXt1GJD/RRH56uJtGUzOykEC350lwcQ3chnQauO
+TJuwybaXhBX3CiHaq2aUt4rLRCiY4q3i2n0x/K5h3YajaI1I/6kSmA/2i6N7kUM3
+ywk5dDSfqTd62MTtqC8hJXQj0pQlQ/9GBeoyE83uTSrPR+Fo3bcGPu6WPs3FeQY5
+EeerFHSYV6H0U7y47ZJcBMX2n4xZXMZbTYTlX1AHOYiU3y7I/ZCvSuZScFBK5Lk/
+KHCx/w==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>mailfilter.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mailfilter.sunet.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=mailfilter.sunet.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>11414469578012237281</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJAJ5oV5rQ7B3hMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE21haWxmaWx0ZXIuc3VuZXQuc2UwHhcNMTAwODI2MTk0NDIyWhcNMjAwODIz
+MTk0NDIyWjAeMRwwGgYDVQQDExNtYWlsZmlsdGVyLnN1bmV0LnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwGz7eWqtVCW3Be28I+IPpODVQDPQIwi
+chEFFSJdlkF7c9XN806yVAaGvsOrnNaFUTM5h/Gc4Hak1A0puoLI1aMkyeA0sMWb
+Mi6owbVDrjXGoD4gAoC9AIhqfj0NtE8zGlbGsL0dezM68NJwIt2C30U1rzOfUS53
+rngSTvleQK0lnd8I2Sys+msN6kP+4N64A3IBg6A2AVZtaadB6fJIoxQrQOhU3N1U
+AfaK8TcLaclVC5PfiwuJuiSLM0RgMy68B0Fht0V6lUpdiBoF5nU4sKAVYjZz+ZHo
+pi6sntIe+FchSvmDXf7zqqLS/NQiM+bD65T/nvazAbtBIbKmWb817wIDAQABo0Ew
+PzAeBgNVHREEFzAVghNtYWlsZmlsdGVyLnN1bmV0LnNlMB0GA1UdDgQWBBQ+3/bs
+Sg4SKO4FCGqYge9BF2au7TANBgkqhkiG9w0BAQUFAAOCAQEAVxV3i2vePzZeSjyy
+/i7KiU62byrG6YVBpUnmuofRuNtrC0pvnEMlGYI93pqOuQOe0sw5CEweIIyeTfQ2
+7AlQPA3kiIyvG1mubSJH421oJWXt1GJD/RRH56uJtGUzOykEC350lwcQ3chnQauO
+TJuwybaXhBX3CiHaq2aUt4rLRCiY4q3i2n0x/K5h3YajaI1I/6kSmA/2i6N7kUM3
+ywk5dDSfqTd62MTtqC8hJXQj0pQlQ/9GBeoyE83uTSrPR+Fo3bcGPu6WPs3FeQY5
+EeerFHSYV6H0U7y47ZJcBMX2n4xZXMZbTYTlX1AHOYiU3y7I/ZCvSuZScFBK5Lk/
+KHCx/w==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mailfilter.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mailfilter.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mailfilter.sunet.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mailfilter.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mailfilter.sunet.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mailfilter.sunet.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mailfilter.sunet.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mailfilter.sunet.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mailfilter.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://mailfilter.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mailfilter.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://mailfilter.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mailfilter.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://mailfilter.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://jira-test.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/jira-test.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://jira-test.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://jira-test.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>jira-test-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=jira-test-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJALGCNK9nNxZDMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDmppcmEtdGVzdC1hcHAxMB4XDTEwMDgyNjEyMzI1MloXDTIwMDgyMzEyMzI1
+MlowGTEXMBUGA1UEAxMOamlyYS10ZXN0LWFwcDEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDO4PWB2RnZzDupQuf0rCArOypgHuDgHZxndiGjGQz80v2N
+3eYm7nPaJC9pTMZX8p6zhYw1CPRn+Gi8u53gRZKT2i7+drIBBHZPc1spTYLM4sUZ
+NlLWpaGfGLkRFfbq518xL6HGRRVmMcZlSAERhht6AqOxbfgoK88dihomUEnX4ANE
+wLbBJPHg/tERZnqjlwLF+Ftbpk9+Gfq9X7A5FSKo7Za+j6Puk1EzzzxqdmN60Jlf
+F9/T9eQh7zw3pJUKemh7/wp4zkNwkp7iyOhq1389QqUDFx74hZOQjFB60lm0z/Vp
+HFgq0nlvHOGE2cpTcq6MmFT3r8RFpTzft00y2QENAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDmppcmEtdGVzdC1hcHAxMB0GA1UdDgQWBBSL7ZJAZ3DDSKpgRMGXwhP9aNbZ
+7zANBgkqhkiG9w0BAQUFAAOCAQEAJtgLdreha5LTqtjQgQuXu+2l3iT2tHS0oX0I
+ZKcL+r2e3eSBY/r2maj4rI2y727zBQblf+slQBe0mAbBV0EGycgUiibukAQpIAze
+2I2EgrGBuWkFJJPGi71fOwiZFBJpHO2fSHc5wxEhgipRJrC4Es4TjZ2d2VbpAIC/
+zVshHJgtGbOSJmyi3OOih0YSwWX6sGWPNHEb7jKmfadfLreVEG30bVUDtxKy5tZA
+I0v8p/Tq2BIBdK6rTSh/5u2UVR52qJLh8Y7/+HG8DukTaEHWtPmLbuR3NZ2mWgdn
+SKTYQay0lG3RNe7C3dTRD2RvZznqpkhRVqNqWJHGdfuP4uiVfQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>jira-test-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=jira-test-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC8TCCAdmgAwIBAgIJALGCNK9nNxZDMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDmppcmEtdGVzdC1hcHAxMB4XDTEwMDgyNjEyMzI1MloXDTIwMDgyMzEyMzI1
+MlowGTEXMBUGA1UEAxMOamlyYS10ZXN0LWFwcDEwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDO4PWB2RnZzDupQuf0rCArOypgHuDgHZxndiGjGQz80v2N
+3eYm7nPaJC9pTMZX8p6zhYw1CPRn+Gi8u53gRZKT2i7+drIBBHZPc1spTYLM4sUZ
+NlLWpaGfGLkRFfbq518xL6HGRRVmMcZlSAERhht6AqOxbfgoK88dihomUEnX4ANE
+wLbBJPHg/tERZnqjlwLF+Ftbpk9+Gfq9X7A5FSKo7Za+j6Puk1EzzzxqdmN60Jlf
+F9/T9eQh7zw3pJUKemh7/wp4zkNwkp7iyOhq1389QqUDFx74hZOQjFB60lm0z/Vp
+HFgq0nlvHOGE2cpTcq6MmFT3r8RFpTzft00y2QENAgMBAAGjPDA6MBkGA1UdEQQS
+MBCCDmppcmEtdGVzdC1hcHAxMB0GA1UdDgQWBBSL7ZJAZ3DDSKpgRMGXwhP9aNbZ
+7zANBgkqhkiG9w0BAQUFAAOCAQEAJtgLdreha5LTqtjQgQuXu+2l3iT2tHS0oX0I
+ZKcL+r2e3eSBY/r2maj4rI2y727zBQblf+slQBe0mAbBV0EGycgUiibukAQpIAze
+2I2EgrGBuWkFJJPGi71fOwiZFBJpHO2fSHc5wxEhgipRJrC4Es4TjZ2d2VbpAIC/
+zVshHJgtGbOSJmyi3OOih0YSwWX6sGWPNHEb7jKmfadfLreVEG30bVUDtxKy5tZA
+I0v8p/Tq2BIBdK6rTSh/5u2UVR52qJLh8Y7/+HG8DukTaEHWtPmLbuR3NZ2mWgdn
+SKTYQay0lG3RNe7C3dTRD2RvZznqpkhRVqNqWJHGdfuP4uiVfQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira-test.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira-test.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://jira-test.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira-test.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira-test.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jira-test.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://jira-test.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira-test.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira-test.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://jira-test.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://jira-test.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jira-test.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://jira-test.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jira-test.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://jira-test.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://rt.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/rt.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://rt.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://rt.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>rt-prod-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=rt-prod-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAKBIS5cDlLWNMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDHJ0LXByb2QtYXBwMTAeFw0xMDA4MzAxMTA2MDlaFw0yMDA4MjcxMTA2MDla
+MBcxFTATBgNVBAMTDHJ0LXByb2QtYXBwMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAOw1y25D6e+K8IV5nk9FGd3fFOwQyMwE2ghr0PmG8/gzYB67MKKc
+qI0BmnJqU9mzeyBtFGsjWPZg4zNYPHg2Xtlr7pbjnJbs9xCDoTYmi0pogHgN0Nhj
+qQsozN2AfOCKW/+5nm7ie1sz8ulvpITxvQ0/W1m/MQu/Fp9T2MTQpgz7GajNK6iX
+rvNgjAnzcN1alxuymf6lGS0AIXAhl1s3WIE72+z62zyldkXEnXWwUQLZ+k+1ktFe
+4LJXMSkQIWeWo3U/88lzPQni3LzmwZvNfX0sxurYWQUpb3NMHoAFLC84NUkNu9Fw
+7mFeETi2XT/h5wPRv7KbJR2/ejJTQIiDug8CAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+cnQtcHJvZC1hcHAxMB0GA1UdDgQWBBQDQ3vqAmqYxZvUyCxxNQvRmduSszANBgkq
+hkiG9w0BAQUFAAOCAQEAKa4ueISKf1UxEnkxwBJ29DR9VQs2oObK/RAhwE+1Bcms
+tmg5aaEl79gqe6ON9Ht8H07e7g1S88bA+Toh2PgrgJgdNV+ZAfSA77D+FomLUGqi
+jmNDciIrVlX/74Z478cvtlMRH8VAoR8Zb+DcmT1s0ITOZdbVM/CIel/ElJXVGaBc
+wAvF+AGinxmeyTAyeibz2WeQaXJ4/OKx46CKS97cySuSisa+mjHZIhmox4AMemLI
+17pBJtxaN20kcp+s+JpHUl+BxppC5FzgkNgpLiQJsE3NrNKwWy9T+eEunHg/P+QV
+XEbH/MuUpwOLZWoRdNDdDwDbkWVjlDLsoUBphLqLfw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>rt-prod-app1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=rt-prod-app1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAKBIS5cDlLWNMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDHJ0LXByb2QtYXBwMTAeFw0xMDA4MzAxMTA2MDlaFw0yMDA4MjcxMTA2MDla
+MBcxFTATBgNVBAMTDHJ0LXByb2QtYXBwMTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAOw1y25D6e+K8IV5nk9FGd3fFOwQyMwE2ghr0PmG8/gzYB67MKKc
+qI0BmnJqU9mzeyBtFGsjWPZg4zNYPHg2Xtlr7pbjnJbs9xCDoTYmi0pogHgN0Nhj
+qQsozN2AfOCKW/+5nm7ie1sz8ulvpITxvQ0/W1m/MQu/Fp9T2MTQpgz7GajNK6iX
+rvNgjAnzcN1alxuymf6lGS0AIXAhl1s3WIE72+z62zyldkXEnXWwUQLZ+k+1ktFe
+4LJXMSkQIWeWo3U/88lzPQni3LzmwZvNfX0sxurYWQUpb3NMHoAFLC84NUkNu9Fw
+7mFeETi2XT/h5wPRv7KbJR2/ejJTQIiDug8CAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+cnQtcHJvZC1hcHAxMB0GA1UdDgQWBBQDQ3vqAmqYxZvUyCxxNQvRmduSszANBgkq
+hkiG9w0BAQUFAAOCAQEAKa4ueISKf1UxEnkxwBJ29DR9VQs2oObK/RAhwE+1Bcms
+tmg5aaEl79gqe6ON9Ht8H07e7g1S88bA+Toh2PgrgJgdNV+ZAfSA77D+FomLUGqi
+jmNDciIrVlX/74Z478cvtlMRH8VAoR8Zb+DcmT1s0ITOZdbVM/CIel/ElJXVGaBc
+wAvF+AGinxmeyTAyeibz2WeQaXJ4/OKx46CKS97cySuSisa+mjHZIhmox4AMemLI
+17pBJtxaN20kcp+s+JpHUl+BxppC5FzgkNgpLiQJsE3NrNKwWy9T+eEunHg/P+QV
+XEbH/MuUpwOLZWoRdNDdDwDbkWVjlDLsoUBphLqLfw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://rt.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://rt.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://rt.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rt.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rt.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://rt.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://rt.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rt.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rt.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://rt.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://rt.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://rt.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://rt.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://rt.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://rt.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://swamid.shh.se/idp/shibboleth" xml:base="swamid-1.0/swamid.shh.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">sophia.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+
+MIIDBDCCAeygAwIBAgIVAP7XXkV+TswNTiJKpzVkJIej7tfuMA0GCSqGSIb3DQEB
+BQUAMBExDzANBgNVBAMTBnNvcGhpYTAeFw0xMDA4MzExODM5NDFaFw0zMDA4MzEx
+ODM5NDFaMBExDzANBgNVBAMTBnNvcGhpYTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBALP8G2MyQhHuRBSiA1MKQ/4J+gagIazZejH7IfWs/0NOTSBxCpgF
+ccNQTQrUB/NulmNBfIWZK+PRyGByIr5qv0xTwYuR1lWAEJN4Gsm9nTeS1nfeF+2s
+1cyFMBztnydEfwTiNg9ItLoZG5xWfmIDEtfp86nQZe6JV4ABEs2fFrF+U3tonJUF
+1lbi8Eg0d6fXlyqsMdYrwBEc2+Tstu781kqTW2SO8zE7c2Vg+I5AVj7vnP5VgK9t
+O4A99f07xUDiJzZ2UyDrt6PhqShCduJ06lqxNFulKW0HQLshqVmNtwief679WsgG
+OV17QgZbACMzn7+HEHrS113/oDVthwYauRECAwEAAaNTMFEwMAYDVR0RBCkwJ4IG
+c29waGlhhh1odHRwczovL3NvcGhpYS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQU
+pFLAs0tDvPuUE1nZim0KeeqE+SIwDQYJKoZIhvcNAQEFBQADggEBAIpR+W0sqBmk
+uDy0b3sjmsKcozqBJ/axgpUaz2I96mb0melvHBVl6mSHT0M9hzvbR8BDjQcOqm7H
+tXpZI1Uc2FiPK7a2ISnB+Kw3GPoBO/SLRUAT1/bKYOTWxXeOaP6nkOxcQ9Y+Qtb6
+S2ZpDdLxPN4lThceMmYkyc9mAmcrMAEjFbAnaqGYWmLcySJk/O4Vv9I28QK0mNJi
+o9M4aT+5lSHGZoIDMV+69QMHKuXDMBHtniK+PdKl9pbLnfI2CW5/bh4JufrsxBPC
+GOv94FinTmMj7OUnqdHESZ1zpL6NB5KXFAtRXatuzFYE+g8gO1AQg83/kjlbNeM7
+1HVQr72uSGQ=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://swamid.shh.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://swamid.shh.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://swamid.shh.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://swamid.shh.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://swamid.shh.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://swamid.shh.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">sophia.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+
+MIIDBDCCAeygAwIBAgIVAP7XXkV+TswNTiJKpzVkJIej7tfuMA0GCSqGSIb3DQEB
+BQUAMBExDzANBgNVBAMTBnNvcGhpYTAeFw0xMDA4MzExODM5NDFaFw0zMDA4MzEx
+ODM5NDFaMBExDzANBgNVBAMTBnNvcGhpYTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBALP8G2MyQhHuRBSiA1MKQ/4J+gagIazZejH7IfWs/0NOTSBxCpgF
+ccNQTQrUB/NulmNBfIWZK+PRyGByIr5qv0xTwYuR1lWAEJN4Gsm9nTeS1nfeF+2s
+1cyFMBztnydEfwTiNg9ItLoZG5xWfmIDEtfp86nQZe6JV4ABEs2fFrF+U3tonJUF
+1lbi8Eg0d6fXlyqsMdYrwBEc2+Tstu781kqTW2SO8zE7c2Vg+I5AVj7vnP5VgK9t
+O4A99f07xUDiJzZ2UyDrt6PhqShCduJ06lqxNFulKW0HQLshqVmNtwief679WsgG
+OV17QgZbACMzn7+HEHrS113/oDVthwYauRECAwEAAaNTMFEwMAYDVR0RBCkwJ4IG
+c29waGlhhh1odHRwczovL3NvcGhpYS9pZHAvc2hpYmJvbGV0aDAdBgNVHQ4EFgQU
+pFLAs0tDvPuUE1nZim0KeeqE+SIwDQYJKoZIhvcNAQEFBQADggEBAIpR+W0sqBmk
+uDy0b3sjmsKcozqBJ/axgpUaz2I96mb0melvHBVl6mSHT0M9hzvbR8BDjQcOqm7H
+tXpZI1Uc2FiPK7a2ISnB+Kw3GPoBO/SLRUAT1/bKYOTWxXeOaP6nkOxcQ9Y+Qtb6
+S2ZpDdLxPN4lThceMmYkyc9mAmcrMAEjFbAnaqGYWmLcySJk/O4Vv9I28QK0mNJi
+o9M4aT+5lSHGZoIDMV+69QMHKuXDMBHtniK+PdKl9pbLnfI2CW5/bh4JufrsxBPC
+GOv94FinTmMj7OUnqdHESZ1zpL6NB5KXFAtRXatuzFYE+g8gO1AQg83/kjlbNeM7
+1HVQr72uSGQ=
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://swamid.shh.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://swamid.shh.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SOPHIA</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Sophiahemmets Högskola</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.sophia.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Sophiahemmets Högskola</Company>
+ <EmailAddress>ragnar.sethson@sophiahemmet.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://ilearn.dsv.su.se/shibboleth" xml:base="swamid-1.0/ilearn.dsv.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>pan.dsv.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pan.dsv.su.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=pan.dsv.su.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>13417180552340548855</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJALozZqAFiaz3MA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDXBhbi5kc3Yuc3Uuc2UwHhcNMTAwNjA0MDgwMDUzWhcNMjAwNjAxMDgwMDUz
+WjAYMRYwFAYDVQQDEw1wYW4uZHN2LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAv0jTLfuWDkerKBwzpSnFgaA5hwn4/HqbRlPFpS2uuCLGf4V+
+fuVNPITYSNQNRgtguX2jicL9H7epbVal5H8EqV1lnvhfBrtyc6VjYZmPGPg4mZKL
+tTdjXbFh+Ox7GAlv1VlddDCzt21Dpwcd/XwYLLiOl9rrrOfw7XdI3VTUvruqddid
+Ti9BB3Cz0H7dAXC0Ov3yHtTwxha7LYnfgU9IKpwLbatAnkb+cLqpR4p6s2oQdifs
+xB3qvamwfeJCgON/YLlMs39flPWBAj3S6IZf+Yoj8eJTcMl6vg7fwzJq57k9PytH
+zcp8RlmkhKnEsBhQzlMdaCgLGwdh+hz9DTeb8wIDAQABozswOTAYBgNVHREEETAP
+gg1wYW4uZHN2LnN1LnNlMB0GA1UdDgQWBBQnmOAsunBuQ8CYD5q2lBGvcS3F+TAN
+BgkqhkiG9w0BAQUFAAOCAQEAQ930qHYaweXcDHv0S83I6EPkSUztAhVh1uIUEbaQ
+a9ArOWNkw57SZgZnizzObYAB01RKVW/jLcvdLHaaZVWjrQr8Xfg/Z8D9cqPed9oc
+PcabZ3dJCvMWKa8x/HWcuGPngPfJs/qj0ISRPNjUTijKNrqSu7SzPC+ai05nYzv1
+UBxxfbelEckoB4Dow/dp0LQlNY3xmW/EYi/LEBGyHbflfqyOPzlVtbPH27SgGCYk
+OcpK5+wCC4cqL9AEJyAIhV+B5/BdGMcrFA7xaGxzO6fOM/9Ggkm3cXNm0TpVe/pG
+TBh7fImpEOudLS4QjaA5rtWj2ytVmBe/91pCYVUjqef5JA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>pan.dsv.su.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=pan.dsv.su.se</ds:X509SubjectName>
+ <ds:X509IssuerSerial>
+ <ds:X509IssuerName>CN=pan.dsv.su.se</ds:X509IssuerName>
+ <ds:X509SerialNumber>13417180552340548855</ds:X509SerialNumber>
+ </ds:X509IssuerSerial>
+ <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJALozZqAFiaz3MA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDXBhbi5kc3Yuc3Uuc2UwHhcNMTAwNjA0MDgwMDUzWhcNMjAwNjAxMDgwMDUz
+WjAYMRYwFAYDVQQDEw1wYW4uZHN2LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAv0jTLfuWDkerKBwzpSnFgaA5hwn4/HqbRlPFpS2uuCLGf4V+
+fuVNPITYSNQNRgtguX2jicL9H7epbVal5H8EqV1lnvhfBrtyc6VjYZmPGPg4mZKL
+tTdjXbFh+Ox7GAlv1VlddDCzt21Dpwcd/XwYLLiOl9rrrOfw7XdI3VTUvruqddid
+Ti9BB3Cz0H7dAXC0Ov3yHtTwxha7LYnfgU9IKpwLbatAnkb+cLqpR4p6s2oQdifs
+xB3qvamwfeJCgON/YLlMs39flPWBAj3S6IZf+Yoj8eJTcMl6vg7fwzJq57k9PytH
+zcp8RlmkhKnEsBhQzlMdaCgLGwdh+hz9DTeb8wIDAQABozswOTAYBgNVHREEETAP
+gg1wYW4uZHN2LnN1LnNlMB0GA1UdDgQWBBQnmOAsunBuQ8CYD5q2lBGvcS3F+TAN
+BgkqhkiG9w0BAQUFAAOCAQEAQ930qHYaweXcDHv0S83I6EPkSUztAhVh1uIUEbaQ
+a9ArOWNkw57SZgZnizzObYAB01RKVW/jLcvdLHaaZVWjrQr8Xfg/Z8D9cqPed9oc
+PcabZ3dJCvMWKa8x/HWcuGPngPfJs/qj0ISRPNjUTijKNrqSu7SzPC+ai05nYzv1
+UBxxfbelEckoB4Dow/dp0LQlNY3xmW/EYi/LEBGyHbflfqyOPzlVtbPH27SgGCYk
+OcpK5+wCC4cqL9AEJyAIhV+B5/BdGMcrFA7xaGxzO6fOM/9Ggkm3cXNm0TpVe/pG
+TBh7fImpEOudLS4QjaA5rtWj2ytVmBe/91pCYVUjqef5JA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ilearn.dsv.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ilearn.dsv.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilearn.dsv.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilearn.dsv.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ilearn.dsv.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.mah.se/idp/shibboleth" xml:base="swamid-1.0/idp.mah.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">mah.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFDCCAfygAwIBAgIVAPnyQUYFvhTnodaw9FJqcA/57Yh5MA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5tYWguc2UwHhcNMTAwOTI5MDczODU0WhcNMzAw
+OTI5MDczODU0WjAVMRMwEQYDVQQDEwppZHAubWFoLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAgaMWnEn2Fhn7xNG/PFpKOkACs3I9Rd2AspSE0NPD
+q3EuNx50kXrfeRxFsSntWy1PTQ8XYI1FONZx3l21CSmwsNSYa4coAsHC8U4yBN9b
+c1f/Q+7KQod+Q08cWJ75aiw0zvRl547bWfh0n5v1L21G+0fFUvY/6t5gN/HgHJZA
+9jZNZwVSzteivEmgooiJqXaUM7njWs15Ee1pTO6ib4w8eYj3AJuhWe58W3+Rc6xk
+5u5H/3LZiPMHiTnrqG2Ux+gFJStc5PXWO6NxiCOWtDufmJ6OcPrGkVMJ8LoZvQ1J
+OThRimq3OmaATe03wGqTRP3xHXqRSQPlXEIb86sSPnDU5wIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAubWFoLnNlhiFodHRwczovL2lkcC5tYWguc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFHwHbhAp4egiLmh0CawPk430y+D8MA0GCSqGSIb3DQEB
+BQUAA4IBAQA0Hxjvk2Muuzwgyv8Nhvmeb43+qwvqIa+rCSJxZpEpR5xGyMLTApLL
+oRYlPGQIQUj8u8HFtcdRVmc/OWG0NhyBe9OiwFjcGlsdINZiyYm+4whwRrbt6/dn
+ykhKvjQMhX2x/0SjyrA/LjifpZB3VMN6qdRrGY082I7X5tZmmqyoWk/rED4WxL3u
++j+6GUcWJOdPBAO4uBqUGzw9tvjXHE2nm5eQlKkk+138vFHkeb1fDrDthXuN9f03
+Ttm2GRc6B4kC8/rlYS5Li9yd8QY1yGPnbgLlW5lxOZbJQxdwiUcGCRDoUB1BC9NY
+dXq/XDc8QAGFHMyk/P0r1H6pT5HJQfH7
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.mah.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.mah.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.mah.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.mah.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.mah.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.mah.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">mah.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFDCCAfygAwIBAgIVAPnyQUYFvhTnodaw9FJqcA/57Yh5MA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5tYWguc2UwHhcNMTAwOTI5MDczODU0WhcNMzAw
+OTI5MDczODU0WjAVMRMwEQYDVQQDEwppZHAubWFoLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAgaMWnEn2Fhn7xNG/PFpKOkACs3I9Rd2AspSE0NPD
+q3EuNx50kXrfeRxFsSntWy1PTQ8XYI1FONZx3l21CSmwsNSYa4coAsHC8U4yBN9b
+c1f/Q+7KQod+Q08cWJ75aiw0zvRl547bWfh0n5v1L21G+0fFUvY/6t5gN/HgHJZA
+9jZNZwVSzteivEmgooiJqXaUM7njWs15Ee1pTO6ib4w8eYj3AJuhWe58W3+Rc6xk
+5u5H/3LZiPMHiTnrqG2Ux+gFJStc5PXWO6NxiCOWtDufmJ6OcPrGkVMJ8LoZvQ1J
+OThRimq3OmaATe03wGqTRP3xHXqRSQPlXEIb86sSPnDU5wIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAubWFoLnNlhiFodHRwczovL2lkcC5tYWguc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFHwHbhAp4egiLmh0CawPk430y+D8MA0GCSqGSIb3DQEB
+BQUAA4IBAQA0Hxjvk2Muuzwgyv8Nhvmeb43+qwvqIa+rCSJxZpEpR5xGyMLTApLL
+oRYlPGQIQUj8u8HFtcdRVmc/OWG0NhyBe9OiwFjcGlsdINZiyYm+4whwRrbt6/dn
+ykhKvjQMhX2x/0SjyrA/LjifpZB3VMN6qdRrGY082I7X5tZmmqyoWk/rED4WxL3u
++j+6GUcWJOdPBAO4uBqUGzw9tvjXHE2nm5eQlKkk+138vFHkeb1fDrDthXuN9f03
+Ttm2GRc6B4kC8/rlYS5Li9yd8QY1yGPnbgLlW5lxOZbJQxdwiUcGCRDoUB1BC9NY
+dXq/XDc8QAGFHMyk/P0r1H6pT5HJQfH7
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.mah.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.mah.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">MAH</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Malmö Högskola</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.mah.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Robert</GivenName>
+ <SurName>Faling</SurName>
+ <EmailAddress>robert.faling@mah.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://connect.uninett.no/shibboleth" xml:base="swamid-1.0/connect.uninett.no.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.uninett.no/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.uninett.no/Shibboleth.sso/DS/ds.sunet.se" index="2"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect.uninett.no/Shibboleth.sso/DS/kalmar2" index="3"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>connect.uninett.no</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=connect.uninett.no</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJANWZWC6gwE0uMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEmNvbm5lY3QudW5pbmV0dC5ubzAeFw0xMDA5MjIxNTEyNDhaFw0yMDA5MTkx
+NTEyNDhaMB0xGzAZBgNVBAMTEmNvbm5lY3QudW5pbmV0dC5ubzCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALIM0lNQWtE3FlIgrLpfToA8d1e76MsAngiz
+h0JVNK2mMRlnC1CJ1NccY+9Qx6plb99D/FFopE3DHMcFO3x22QAR78RF6qBnvblY
+K0z+kAgiQ2T7nT5SnKQHPfy1Ji+MEDLAuWJIDbFUaKrhm1MUa2qDB5X1mKDMifup
+bz+PCvzzGkOVUrNRFT9as6PL2hzl0wiNL5Y47aX+Bd/xgwHrIjB6WmYMFNG/GptI
+5sAlY4kh4+q1MS3y4ummGM17gRFI9hsTZ8XL0Vmah+llpXGI56qCom1S2u15/IiI
+4sEfUd137KsjnID24qhRBpx/yVt8VDMcSi2SI0ONTCDvyNUi8lECAwEAAaNAMD4w
+HQYDVR0RBBYwFIISY29ubmVjdC51bmluZXR0Lm5vMB0GA1UdDgQWBBQbibmqTOyh
+cscfToiKe/IbZYKwPDANBgkqhkiG9w0BAQUFAAOCAQEABMRM+2kFSrzMEW1BI7zX
++4Ef+6Q8Yk/KmVc7w6P7Z2x4UdxrEIiK7O9/toGFO8j3iOGCYQ+KEbGtZ/E+BbDX
+4mQL+i3B1oS3PG84WNrgV26gHG0PTHn9yAD9gkFKNRG7QIyIlg1wgbO8zdht02vK
+QTyM4x8uqziirHV4zzOWDwVR2pZbkIMQ0pJWxbcGViFo/ZtdSiKzt8/hwcWR1DyG
++Pi6oxtIm0md9BvlzGp9UxK6xDHFfZF4ZRQI4+nhT7bBCrBFW/8NGjlPCM9TIH7j
+ao7+7w52jMiiBR55pJftvE13MdhRq7Gb/AfWu08CuCSJ5Ge2DV13OMm0vtlLjkPC
+Jw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>connect.uninett.no</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=connect.uninett.no</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJANWZWC6gwE0uMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEmNvbm5lY3QudW5pbmV0dC5ubzAeFw0xMDA5MjIxNTEyNDhaFw0yMDA5MTkx
+NTEyNDhaMB0xGzAZBgNVBAMTEmNvbm5lY3QudW5pbmV0dC5ubzCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBALIM0lNQWtE3FlIgrLpfToA8d1e76MsAngiz
+h0JVNK2mMRlnC1CJ1NccY+9Qx6plb99D/FFopE3DHMcFO3x22QAR78RF6qBnvblY
+K0z+kAgiQ2T7nT5SnKQHPfy1Ji+MEDLAuWJIDbFUaKrhm1MUa2qDB5X1mKDMifup
+bz+PCvzzGkOVUrNRFT9as6PL2hzl0wiNL5Y47aX+Bd/xgwHrIjB6WmYMFNG/GptI
+5sAlY4kh4+q1MS3y4ummGM17gRFI9hsTZ8XL0Vmah+llpXGI56qCom1S2u15/IiI
+4sEfUd137KsjnID24qhRBpx/yVt8VDMcSi2SI0ONTCDvyNUi8lECAwEAAaNAMD4w
+HQYDVR0RBBYwFIISY29ubmVjdC51bmluZXR0Lm5vMB0GA1UdDgQWBBQbibmqTOyh
+cscfToiKe/IbZYKwPDANBgkqhkiG9w0BAQUFAAOCAQEABMRM+2kFSrzMEW1BI7zX
++4Ef+6Q8Yk/KmVc7w6P7Z2x4UdxrEIiK7O9/toGFO8j3iOGCYQ+KEbGtZ/E+BbDX
+4mQL+i3B1oS3PG84WNrgV26gHG0PTHn9yAD9gkFKNRG7QIyIlg1wgbO8zdht02vK
+QTyM4x8uqziirHV4zzOWDwVR2pZbkIMQ0pJWxbcGViFo/ZtdSiKzt8/hwcWR1DyG
++Pi6oxtIm0md9BvlzGp9UxK6xDHFfZF4ZRQI4+nhT7bBCrBFW/8NGjlPCM9TIH7j
+ao7+7w52jMiiBR55pJftvE13MdhRq7Gb/AfWu08CuCSJ5Ge2DV13OMm0vtlLjkPC
+Jw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.uninett.no/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.uninett.no/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect.uninett.no/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.uninett.no/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.uninett.no/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect.uninett.no/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect.uninett.no/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.uninett.no/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.uninett.no/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect.uninett.no/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://connect.uninett.no/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect.uninett.no/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://connect.uninett.no/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://connect.uninett.no/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://connect.uninett.no/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="en">UNINETT E-Meeting Service</md:ServiceName>
+ <md:ServiceDescription xml:lang="en">UNINETT E-Meeting Service (Adobe Connect Pro)</md:ServiceDescription>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:0.9.2342.19200300.100.1.3"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.42"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.4"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://nagios.dev.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/nagios.dev.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://nagios.dev.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://nagios.dev.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>nagios-dev-srv1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=nagios-dev-srv1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAKnYXsrhSwHBMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD25hZ2lvcy1kZXYtc3J2MTAeFw0xMDA4MzAxMDUyNDVaFw0yMDA4MjcxMDUy
+NDVaMBoxGDAWBgNVBAMTD25hZ2lvcy1kZXYtc3J2MTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANHbXJZ0VNMBs8zN1tZwkxHAJpxuSg/JPnOHOhuzCx0z
+xfkarAYJ4sY0QPecNo8i8kxcTSq6L36zyQom8cZKZFCYcFRnVAXuuceuQ6977gwA
+9WCbPzpSHK5qB80JO2YCIv1Va+cSNifxOQLEdvAjks9BGaDrN4xA5xW8P01BNN1S
+TZW8yj88nul0tyjQDI6Jgb4S3O0AjraiJBJxQE89evV4lq6bmmwoaTyomOMxnytQ
+IbI4kgAPPdwkyzBlodl0+NbJy2dKHbCc+UPTu3zw5Kzt21bgGvun2JU+rCCfDmuS
+Hyy2710uKDpTKPCfBwZONbiWry873xM7aKjNArgogt8CAwEAAaM9MDswGgYDVR0R
+BBMwEYIPbmFnaW9zLWRldi1zcnYxMB0GA1UdDgQWBBSVHHWbwLoIYFfcxKwLZKZo
+TYK9FTANBgkqhkiG9w0BAQUFAAOCAQEAPYN+TPc5YGPKYaoV1t6A+Bur2wAq4l/z
+ZAFZ+RpHIkqqf8GYzTYTwzSqCseA6sQ4+gWV6m4QZqDkDrBs3+bX8qKFMyPhHGF0
+B3Hv+NggykTQ91H+teU2S6HzdnzsZFKbGZPxUsxsAuLu3yC1pwbUD5z0zXmqQDL/
+Xl+dEJB7r1rZhxCqiEFltLGHy4W+FujwT6eY125zSPAcW5zRnEj/trlazPLy6xbL
+pu1WxSK20jmHhXLayahQbkim4P4KSiux7dwX1VFoG0zaBhPRFLxiCni+Jyuc8T3n
+52YI3OAimigmnolk/rjYbyszAgS+TTFzoc0yODkCWSEG0UVR1TRQow==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>nagios-dev-srv1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=nagios-dev-srv1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9DCCAdygAwIBAgIJAKnYXsrhSwHBMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD25hZ2lvcy1kZXYtc3J2MTAeFw0xMDA4MzAxMDUyNDVaFw0yMDA4MjcxMDUy
+NDVaMBoxGDAWBgNVBAMTD25hZ2lvcy1kZXYtc3J2MTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANHbXJZ0VNMBs8zN1tZwkxHAJpxuSg/JPnOHOhuzCx0z
+xfkarAYJ4sY0QPecNo8i8kxcTSq6L36zyQom8cZKZFCYcFRnVAXuuceuQ6977gwA
+9WCbPzpSHK5qB80JO2YCIv1Va+cSNifxOQLEdvAjks9BGaDrN4xA5xW8P01BNN1S
+TZW8yj88nul0tyjQDI6Jgb4S3O0AjraiJBJxQE89evV4lq6bmmwoaTyomOMxnytQ
+IbI4kgAPPdwkyzBlodl0+NbJy2dKHbCc+UPTu3zw5Kzt21bgGvun2JU+rCCfDmuS
+Hyy2710uKDpTKPCfBwZONbiWry873xM7aKjNArgogt8CAwEAAaM9MDswGgYDVR0R
+BBMwEYIPbmFnaW9zLWRldi1zcnYxMB0GA1UdDgQWBBSVHHWbwLoIYFfcxKwLZKZo
+TYK9FTANBgkqhkiG9w0BAQUFAAOCAQEAPYN+TPc5YGPKYaoV1t6A+Bur2wAq4l/z
+ZAFZ+RpHIkqqf8GYzTYTwzSqCseA6sQ4+gWV6m4QZqDkDrBs3+bX8qKFMyPhHGF0
+B3Hv+NggykTQ91H+teU2S6HzdnzsZFKbGZPxUsxsAuLu3yC1pwbUD5z0zXmqQDL/
+Xl+dEJB7r1rZhxCqiEFltLGHy4W+FujwT6eY125zSPAcW5zRnEj/trlazPLy6xbL
+pu1WxSK20jmHhXLayahQbkim4P4KSiux7dwX1VFoG0zaBhPRFLxiCni+Jyuc8T3n
+52YI3OAimigmnolk/rjYbyszAgS+TTFzoc0yODkCWSEG0UVR1TRQow==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nagios.dev.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://nagios.dev.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://nagios.dev.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nagios.dev.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nagios.dev.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://nagios.dev.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.studera.testb.antagning.se/shibboleth-sp" xml:base="swamid-1.0/www.studera.testb.antagning.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>https://www.studera.testb.antagning.se/shibboleth-sp</ds:KeyName>
+ <ds:KeyName>www.studera.testb.antagning.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.studera.testb.antagning.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDWTCCAkGgAwIBAgIJAIdL6478VUlNMA0GCSqGSIb3DQEBBQUAMCkxJzAlBgNV
+BAMTHnd3dy5zdHVkZXJhLnRlc3RiLmFudGFnbmluZy5zZTAeFw0xMDEwMDQxNjE0
+MTFaFw0xNTEwMDMxNjE0MTFaMCkxJzAlBgNVBAMTHnd3dy5zdHVkZXJhLnRlc3Ri
+LmFudGFnbmluZy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOHg
+aaFU9q3cVQWDQjh2MSvlqGQUorgeeZak3sctZvcyLVuk+2NiBgdhpbeEuGfz7sQU
+YgNdlOjn8ZW405+qxGbkdErfvO1IYXcV1EoPGIlGmOVp0wI2tVTiywuyde9UDkP7
+jMyB8NziSa1tep8eabKutChmfTL4thLLXd1kiS1re2cUVwfEQgf6twlmnNDaDgoD
+BC8KXG9pOZEXbLaG6h4IaV4utYJVQy3B+8rGh/xGHQgJjAmVnP39AQ2zPMt1vOXS
+Ys4oP0q0i74F3MosS053b+lJljzxBy/zGedLtcsTGKn3fbzG4qlh4UdGT1FYvlbH
+F6kdxwBmXsf4gPKryiMCAwEAAaOBgzCBgDBfBgNVHREEWDBWgh53d3cuc3R1ZGVy
+YS50ZXN0Yi5hbnRhZ25pbmcuc2WGNGh0dHBzOi8vd3d3LnN0dWRlcmEudGVzdGIu
+YW50YWduaW5nLnNlL3NoaWJib2xldGgtc3AwHQYDVR0OBBYEFDZPnNIS+CYoKL5A
+sefcGDrsU89QMA0GCSqGSIb3DQEBBQUAA4IBAQB5w2hhhMDeRJ01OsThQndggTh2
+jJ3MTBSNFKotvqvkxvAPRvvQr/yQfNXC/nzhOUOLpp48KKg3z3PEbADC3L20jWkU
+dqtvWBlS4VEcRV/zRWiMqYual1wyEViCP2DDbs3MumPh43jBVau3+68DY1ZagNwS
+Qjj9TWKjVQEoYfThufo+WaupwINVPn5bV50FAwTsPma5mD9ntNcpt5IaFFZ4xzdS
+EDBKNuKxJpxjNF8RSIAmzov7a2OkCjCKfn3JWGgRaKL8ZBzxmTXHAAhU9ygEs5UT
+Jts+WMokFPGmBI606RWPMu7mpWz7aaT0zh98ifV4tjNWS0GhrtWRAcKj+Kvu
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>https://www.studera.testb.antagning.se/shibboleth-sp</ds:KeyName>
+ <ds:KeyName>www.studera.testb.antagning.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.studera.testb.antagning.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDWTCCAkGgAwIBAgIJAIdL6478VUlNMA0GCSqGSIb3DQEBBQUAMCkxJzAlBgNV
+BAMTHnd3dy5zdHVkZXJhLnRlc3RiLmFudGFnbmluZy5zZTAeFw0xMDEwMDQxNjE0
+MTFaFw0xNTEwMDMxNjE0MTFaMCkxJzAlBgNVBAMTHnd3dy5zdHVkZXJhLnRlc3Ri
+LmFudGFnbmluZy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAOHg
+aaFU9q3cVQWDQjh2MSvlqGQUorgeeZak3sctZvcyLVuk+2NiBgdhpbeEuGfz7sQU
+YgNdlOjn8ZW405+qxGbkdErfvO1IYXcV1EoPGIlGmOVp0wI2tVTiywuyde9UDkP7
+jMyB8NziSa1tep8eabKutChmfTL4thLLXd1kiS1re2cUVwfEQgf6twlmnNDaDgoD
+BC8KXG9pOZEXbLaG6h4IaV4utYJVQy3B+8rGh/xGHQgJjAmVnP39AQ2zPMt1vOXS
+Ys4oP0q0i74F3MosS053b+lJljzxBy/zGedLtcsTGKn3fbzG4qlh4UdGT1FYvlbH
+F6kdxwBmXsf4gPKryiMCAwEAAaOBgzCBgDBfBgNVHREEWDBWgh53d3cuc3R1ZGVy
+YS50ZXN0Yi5hbnRhZ25pbmcuc2WGNGh0dHBzOi8vd3d3LnN0dWRlcmEudGVzdGIu
+YW50YWduaW5nLnNlL3NoaWJib2xldGgtc3AwHQYDVR0OBBYEFDZPnNIS+CYoKL5A
+sefcGDrsU89QMA0GCSqGSIb3DQEBBQUAA4IBAQB5w2hhhMDeRJ01OsThQndggTh2
+jJ3MTBSNFKotvqvkxvAPRvvQr/yQfNXC/nzhOUOLpp48KKg3z3PEbADC3L20jWkU
+dqtvWBlS4VEcRV/zRWiMqYual1wyEViCP2DDbs3MumPh43jBVau3+68DY1ZagNwS
+Qjj9TWKjVQEoYfThufo+WaupwINVPn5bV50FAwTsPma5mD9ntNcpt5IaFFZ4xzdS
+EDBKNuKxJpxjNF8RSIAmzov7a2OkCjCKfn3JWGgRaKL8ZBzxmTXHAAhU9ygEs5UT
+Jts+WMokFPGmBI606RWPMu7mpWz7aaT0zh98ifV4tjNWS0GhrtWRAcKj+Kvu
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.studera.testb.antagning.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp2.kau.se/idp/shibboleth" xml:base="swamid-1.0/idp2.kau.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">kau.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUUONxidNrozH1GiZ1VI/uwwgWM8cwDQYJKoZIhvcNAQEF
+BQAwFjEUMBIGA1UEAxMLaWRwMi5rYXUuc2UwHhcNMTAxMDEzMTM1MjM0WhcNMzAx
+MDEzMTM1MjM0WjAWMRQwEgYDVQQDEwtpZHAyLmthdS5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAILFxLkJloiLact4UjsWKH98lOkzm6VE2t9GQtUe
+DRYCY5prnaDRmsumqmMYLMZXT6DCT99oNLeeBeBfB+8JwqraYhDanGiRAENTrlbs
+jUTx4p5BYTBuo0rGpVZ8MBi++f8ainvxPI4LGVc02upuG7lhWnjaui2qpKQf9hFB
+mqnjgL2ohS/Jhzo7q5XiEtsTtoD4ssUMabbzK9Zc5x6/txxJVAaicOHhqgXhFkkD
+AfC86PbWim6S8BpX0f8ERcYYKAm58ES/tpgZeImVmIIyHAIHPukjUKXNzuDKh9qa
+3LXp5moCeQKI385mw1BnkwTTqdwZ0Y5QHdYIMfB59VuUPm0CAwEAAaNdMFswOgYD
+VR0RBDMwMYILaWRwMi5rYXUuc2WGImh0dHBzOi8vaWRwMi5rYXUuc2UvaWRwL3No
+aWJib2xldGgwHQYDVR0OBBYEFLywmXKV+OaPFHmRtKgA7vepw1CtMA0GCSqGSIb3
+DQEBBQUAA4IBAQBRG+Zr9oXM/S7WHGRlTuwcXLEqy1jETAre9e2JUJLCYeEQdUor
+W5fETZtgs1DwGvfuquLRFxvIGtnIgELy1Q9eDGszursIl+cY6kv72pl+wP+QvI0U
+GWysjsYepf78eRQ4sNKn/m+2p7ZBfLFixNdTn1nvIGSaPX+8SnOrYfrqLYXZVZuF
+HntH8R43Oh0amq0BYWSJOhhmT4nxpvwwQCETd+RTqyB0SDtXnjYKv7j505JEBltt
+GLzVTSRgddMNMJEIMmpc6L9XAwW1IObqe3HcLewUmWZgtGKnq1Dd1XPtTRjvQPg9
+7FShqSitkM9DR4N7PbfMlbcB71JnezGMtokE
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp2.kau.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp2.kau.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp2.kau.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp2.kau.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp2.kau.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp2.kau.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">kau.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUUONxidNrozH1GiZ1VI/uwwgWM8cwDQYJKoZIhvcNAQEF
+BQAwFjEUMBIGA1UEAxMLaWRwMi5rYXUuc2UwHhcNMTAxMDEzMTM1MjM0WhcNMzAx
+MDEzMTM1MjM0WjAWMRQwEgYDVQQDEwtpZHAyLmthdS5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAILFxLkJloiLact4UjsWKH98lOkzm6VE2t9GQtUe
+DRYCY5prnaDRmsumqmMYLMZXT6DCT99oNLeeBeBfB+8JwqraYhDanGiRAENTrlbs
+jUTx4p5BYTBuo0rGpVZ8MBi++f8ainvxPI4LGVc02upuG7lhWnjaui2qpKQf9hFB
+mqnjgL2ohS/Jhzo7q5XiEtsTtoD4ssUMabbzK9Zc5x6/txxJVAaicOHhqgXhFkkD
+AfC86PbWim6S8BpX0f8ERcYYKAm58ES/tpgZeImVmIIyHAIHPukjUKXNzuDKh9qa
+3LXp5moCeQKI385mw1BnkwTTqdwZ0Y5QHdYIMfB59VuUPm0CAwEAAaNdMFswOgYD
+VR0RBDMwMYILaWRwMi5rYXUuc2WGImh0dHBzOi8vaWRwMi5rYXUuc2UvaWRwL3No
+aWJib2xldGgwHQYDVR0OBBYEFLywmXKV+OaPFHmRtKgA7vepw1CtMA0GCSqGSIb3
+DQEBBQUAA4IBAQBRG+Zr9oXM/S7WHGRlTuwcXLEqy1jETAre9e2JUJLCYeEQdUor
+W5fETZtgs1DwGvfuquLRFxvIGtnIgELy1Q9eDGszursIl+cY6kv72pl+wP+QvI0U
+GWysjsYepf78eRQ4sNKn/m+2p7ZBfLFixNdTn1nvIGSaPX+8SnOrYfrqLYXZVZuF
+HntH8R43Oh0amq0BYWSJOhhmT4nxpvwwQCETd+RTqyB0SDtXnjYKv7j505JEBltt
+GLzVTSRgddMNMJEIMmpc6L9XAwW1IObqe3HcLewUmWZgtGKnq1Dd1XPtTRjvQPg9
+7FShqSitkM9DR4N7PbfMlbcB71JnezGMtokE
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp2.kau.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp2.kau.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+
+ <Organization>
+ <OrganizationName xml:lang="en">KAU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Karlstad University (SAML2)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kau.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Paul</GivenName>
+ <SurName>Scott</SurName>
+ <EmailAddress>paul.scott@kau.se</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Magnus</GivenName>
+ <SurName>Olsson</SurName>
+ <EmailAddress>magnus.olsson@kau.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.it.su.se/idp/shibboleth" xml:base="swamid-1.0/idp.it.su.se.xml">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">su.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAMGFkfoHjxyVMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDGlkcC5pdC5zdS5zZTAeFw0xMDExMDkwODIyMDFaFw0yMDExMDYwODIyMDFa
+MBcxFTATBgNVBAMTDGlkcC5pdC5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBALy4tcsCvWZi8mo07/AwkbbokGh9VLf9Nae6t8AXX+ul9AOfW6nT
+OJS4UsSafJ/fLhNJTjtMr1lXyl2Ah2zhhrhCsFpe0T7iYaX+rKlcZ8/V/BkgVbKm
+5obDh/CGW32dPGS6quDSTw2876X5sOl72IE4h038Z6t9XJCdQwDK9YNPgb5Zu+XH
+PHLJZD/kx+VwAPfx34YoKCpB2C/3U2Nj+KsojMtRcNTLeb+PJ5t0B9vEsGOcOlko
+7VT9EjEuSkyxRPEmssaekotHDlkKB9R3d/LS/OvWdHd4UjgQGJO8YIebTjIYQDk+
+HPs9HhL4mJBUqTYK7aKE/gelBwEKgm9myzkCAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+aWRwLml0LnN1LnNlMB0GA1UdDgQWBBQ3SkZT5Th4yF7H6i2+x0beJnXTEzANBgkq
+hkiG9w0BAQUFAAOCAQEAiatjbM0+PvK1enL0CCoVHoPSBwT45eq5e4YGVabqX2Vt
+kuuZpg3O/POnPI4VUENEPZqrsRQJwjvfVlptgU/0C1IdBdKZbQPdci2kTcNHPtj9
++AjFPs8D/rRAHufDCO/yUV7v6rDaLwVDlGA+Tof/2OISRubHA+qzWtsmkCij8epu
+zu+8YH3ao8Z9KwXE7lsiugc3fBzFPRLVt3i1Ub9CyHbSNt8zIeoQjdFXnRSFt1aF
+nqSwQqyaQMsQOyHiGNfFl0bcvK3if21MSob/uUwXHgE9wn6wD7fHHp8Ek8Pa7F1Y
+VK8ZglMA+M28yzdAONQ4W2FWoTbAfcBnW8NQSFzZdQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.it.su.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.it.su.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.it.su.se/idp/profile/Shibboleth/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.it.su.se/idp/profile/SAML2/POST/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.it.su.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.it.su.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">su.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAMGFkfoHjxyVMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDGlkcC5pdC5zdS5zZTAeFw0xMDExMDkwODIyMDFaFw0yMDExMDYwODIyMDFa
+MBcxFTATBgNVBAMTDGlkcC5pdC5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBALy4tcsCvWZi8mo07/AwkbbokGh9VLf9Nae6t8AXX+ul9AOfW6nT
+OJS4UsSafJ/fLhNJTjtMr1lXyl2Ah2zhhrhCsFpe0T7iYaX+rKlcZ8/V/BkgVbKm
+5obDh/CGW32dPGS6quDSTw2876X5sOl72IE4h038Z6t9XJCdQwDK9YNPgb5Zu+XH
+PHLJZD/kx+VwAPfx34YoKCpB2C/3U2Nj+KsojMtRcNTLeb+PJ5t0B9vEsGOcOlko
+7VT9EjEuSkyxRPEmssaekotHDlkKB9R3d/LS/OvWdHd4UjgQGJO8YIebTjIYQDk+
+HPs9HhL4mJBUqTYK7aKE/gelBwEKgm9myzkCAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+aWRwLml0LnN1LnNlMB0GA1UdDgQWBBQ3SkZT5Th4yF7H6i2+x0beJnXTEzANBgkq
+hkiG9w0BAQUFAAOCAQEAiatjbM0+PvK1enL0CCoVHoPSBwT45eq5e4YGVabqX2Vt
+kuuZpg3O/POnPI4VUENEPZqrsRQJwjvfVlptgU/0C1IdBdKZbQPdci2kTcNHPtj9
++AjFPs8D/rRAHufDCO/yUV7v6rDaLwVDlGA+Tof/2OISRubHA+qzWtsmkCij8epu
+zu+8YH3ao8Z9KwXE7lsiugc3fBzFPRLVt3i1Ub9CyHbSNt8zIeoQjdFXnRSFt1aF
+nqSwQqyaQMsQOyHiGNfFl0bcvK3if21MSob/uUwXHgE9wn6wD7fHHp8Ek8Pa7F1Y
+VK8ZglMA+M28yzdAONQ4W2FWoTbAfcBnW8NQSFzZdQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.it.su.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.it.su.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm University</Company>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://dev.lobber.se/shibboleth" xml:base="swamid-1.0/dev.lobber.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>dev.lobber.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=dev.lobber.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJAKINT3sa5ZpkMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDWRldi5sb2JiZXIuc2UwHhcNMTAxMDI4MTEyNDI0WhcNMjAxMDI1MTEyNDI0
+WjAYMRYwFAYDVQQDEw1kZXYubG9iYmVyLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAuekKnkVirTk0wu+y0EYnCQAbLGX7QJXkQHgS98TNs/UCygLM
+pI+Y05caeru2WDA8hYYCdULx6zHiOTW1+0evqJS1FgLoNJcIob/xfZs/Ie2ClQj+
+QyjvJ7DlsoeZnF+1IHH3qKtOgRGhdDPJkwtvM1YqT/ztg/ljjqpZiIl5ZDKl5hzP
+yqfpj8qygfdhOlhXG00+pX8YdAZT/EvVmYU6nPAt4SrW2WONv8D5RYv2DyW550JV
+UjTv5WI2uw5QG8EmjOYMaSWr36VSuYUydNJVJs+tl/gqt6dByLN6uCB/hocQH1xZ
+1tEg0wNZwZ+W3jHQxVfumQjZipZxhx0KpMnObwIDAQABozswOTAYBgNVHREEETAP
+gg1kZXYubG9iYmVyLnNlMB0GA1UdDgQWBBSpg+Gao6u/rM08SBPJlKKb9DFfJTAN
+BgkqhkiG9w0BAQUFAAOCAQEAANTCJlMnWje5vOHwz6n5koNkNo7glFE1vg3Q5vKS
+cIE1RDlJMmMaC0txi4Rz/LkYMHAf4w2E52/MRcATfjdXEYnxA5HtA7JLY3fS/Jkr
+TYGhWzeC73rIb9uJqvau7vW5yj/IIV7V3TiraMdwwH1aXce2r+VGFj62Y80HoDBM
+EyQVg0dtbf5cmo5u0LIyaUi+x6tfKcq7cdVDqfB4whDSB0buU7SsyU1w+oRgOOuc
+rmBs7EHePMu15nh8kZZlHt0XPi8FstIZ4gPwZPwM73DZ7XH5APB7kFkZNrNEIQCG
+Hmi0jDCgx97asTKIuyfGrHl3p3JNN2AJSdTtOSDntnuOYQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>dev.lobber.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=dev.lobber.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJAKINT3sa5ZpkMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDWRldi5sb2JiZXIuc2UwHhcNMTAxMDI4MTEyNDI0WhcNMjAxMDI1MTEyNDI0
+WjAYMRYwFAYDVQQDEw1kZXYubG9iYmVyLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAuekKnkVirTk0wu+y0EYnCQAbLGX7QJXkQHgS98TNs/UCygLM
+pI+Y05caeru2WDA8hYYCdULx6zHiOTW1+0evqJS1FgLoNJcIob/xfZs/Ie2ClQj+
+QyjvJ7DlsoeZnF+1IHH3qKtOgRGhdDPJkwtvM1YqT/ztg/ljjqpZiIl5ZDKl5hzP
+yqfpj8qygfdhOlhXG00+pX8YdAZT/EvVmYU6nPAt4SrW2WONv8D5RYv2DyW550JV
+UjTv5WI2uw5QG8EmjOYMaSWr36VSuYUydNJVJs+tl/gqt6dByLN6uCB/hocQH1xZ
+1tEg0wNZwZ+W3jHQxVfumQjZipZxhx0KpMnObwIDAQABozswOTAYBgNVHREEETAP
+gg1kZXYubG9iYmVyLnNlMB0GA1UdDgQWBBSpg+Gao6u/rM08SBPJlKKb9DFfJTAN
+BgkqhkiG9w0BAQUFAAOCAQEAANTCJlMnWje5vOHwz6n5koNkNo7glFE1vg3Q5vKS
+cIE1RDlJMmMaC0txi4Rz/LkYMHAf4w2E52/MRcATfjdXEYnxA5HtA7JLY3fS/Jkr
+TYGhWzeC73rIb9uJqvau7vW5yj/IIV7V3TiraMdwwH1aXce2r+VGFj62Y80HoDBM
+EyQVg0dtbf5cmo5u0LIyaUi+x6tfKcq7cdVDqfB4whDSB0buU7SsyU1w+oRgOOuc
+rmBs7EHePMu15nh8kZZlHt0XPi8FstIZ4gPwZPwM73DZ7XH5APB7kFkZNrNEIQCG
+Hmi0jDCgx97asTKIuyfGrHl3p3JNN2AJSdTtOSDntnuOYQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev.lobber.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev.lobber.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dev.lobber.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev.lobber.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev.lobber.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://dev.lobber.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://dev.lobber.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev.lobber.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev.lobber.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://dev.lobber.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://dev.lobber.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://dev.lobber.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://dev.lobber.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dev.lobber.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://dev.lobber.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://kiidp.ki.se/idp/shibboleth" xml:base="swamid-1.0/kiidp.ki.se.xml">
+
+ <md:IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <md:Extensions>
+ <shibmd:Scope regexp="false">ki.se</shibmd:Scope>
+ </md:Extensions>
+
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGDCCAgCgAwIBAgIVAM0PmHWir6jrdlS8z2iCpGvo0CqaMA0GCSqGSIb3DQEB
+BQUAMBYxFDASBgNVBAMTC2tpaWRwLmtpLnNlMB4XDTEwMTEwOTA4MTgwNloXDTMw
+MTEwOTA4MTgwNlowFjEUMBIGA1UEAxMLa2lpZHAua2kuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCGXvXTTL9jXqeUnjwuEuPctScCyn+hRZQOmWm7
+OrvAHMIi+MKQMeSboowpbj+apvYbaxQFY4PH4287fd4OhYJGAdfNk68E7h+S5Ryq
+BVrJVM9SSGcwGAViCSq5YfuSo/ZtvMCGtQJ8ef1uu4sg4VJ+UzXtSjfRvKNko9Jm
+r3lJ3qDUp3ltm+r9Yk7EQ+tKfJFIg41HiAEeFl9Zztlp6DqbOlwXleUjCVPklCZV
+4emEO9flD+uk3zxp9y9TlcOAtuFNp6EmzH5Xc2LvWOusDZITsuNtL6OfadIixkfb
+IctgW4hgD0GOnDi2chYu4Yq3vets8GsQVkD0BAIXNxhJ1HEjAgMBAAGjXTBbMDoG
+A1UdEQQzMDGCC2tpaWRwLmtpLnNlhiJodHRwczovL2tpaWRwLmtpLnNlL2lkcC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBSDaQ4ABwxargqbAwedMAvPxCvABjANBgkqhkiG
+9w0BAQUFAAOCAQEAhHhPDWxChQt/L74HjwWVQHPQghTRcxJaQcBefWKH2yiERNyd
+/PKXU5G3RIzOS3Y3fYGwOMxH+PidKd48txJ50n/3VDI75g2MJsB+KJjLi2iVVkan
+xTyNLauF4A6ueNbn9V/myyZTa7kiru+iDSOasFSlLMf2leQXQHX3qBkOyBmy5Nu8
+eGhJzMVovMnIaDofE1FXMI6yTuF3KG+Uep7moWj+WHY028TupWsiAE4LVs793dAn
+y4PHmY+q902WpZA1xeckJAdpSjS5rLc3fWOEHBNbmhBkOhDr/tarFUyjxi4mKEhm
+uKycjtOvYOwcvABc1u3WpxJ+CdtbbcHrnYCWXg==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://kiidp.ki.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kiidp.ki.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <md:NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+
+ <md:SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://kiidp.ki.se/idp/profile/Shibboleth/SSO"/>
+
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kiidp.ki.se/idp/profile/SAML2/POST/SSO"/>
+
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kiidp.ki.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kiidp.ki.se/idp/profile/SAML2/Redirect/SSO"/>
+ </md:IDPSSODescriptor>
+
+ <md:AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <md:Extensions>
+ <shibmd:Scope regexp="false">ki.se</shibmd:Scope>
+ </md:Extensions>
+
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGDCCAgCgAwIBAgIVAM0PmHWir6jrdlS8z2iCpGvo0CqaMA0GCSqGSIb3DQEB
+BQUAMBYxFDASBgNVBAMTC2tpaWRwLmtpLnNlMB4XDTEwMTEwOTA4MTgwNloXDTMw
+MTEwOTA4MTgwNlowFjEUMBIGA1UEAxMLa2lpZHAua2kuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCGXvXTTL9jXqeUnjwuEuPctScCyn+hRZQOmWm7
+OrvAHMIi+MKQMeSboowpbj+apvYbaxQFY4PH4287fd4OhYJGAdfNk68E7h+S5Ryq
+BVrJVM9SSGcwGAViCSq5YfuSo/ZtvMCGtQJ8ef1uu4sg4VJ+UzXtSjfRvKNko9Jm
+r3lJ3qDUp3ltm+r9Yk7EQ+tKfJFIg41HiAEeFl9Zztlp6DqbOlwXleUjCVPklCZV
+4emEO9flD+uk3zxp9y9TlcOAtuFNp6EmzH5Xc2LvWOusDZITsuNtL6OfadIixkfb
+IctgW4hgD0GOnDi2chYu4Yq3vets8GsQVkD0BAIXNxhJ1HEjAgMBAAGjXTBbMDoG
+A1UdEQQzMDGCC2tpaWRwLmtpLnNlhiJodHRwczovL2tpaWRwLmtpLnNlL2lkcC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBSDaQ4ABwxargqbAwedMAvPxCvABjANBgkqhkiG
+9w0BAQUFAAOCAQEAhHhPDWxChQt/L74HjwWVQHPQghTRcxJaQcBefWKH2yiERNyd
+/PKXU5G3RIzOS3Y3fYGwOMxH+PidKd48txJ50n/3VDI75g2MJsB+KJjLi2iVVkan
+xTyNLauF4A6ueNbn9V/myyZTa7kiru+iDSOasFSlLMf2leQXQHX3qBkOyBmy5Nu8
+eGhJzMVovMnIaDofE1FXMI6yTuF3KG+Uep7moWj+WHY028TupWsiAE4LVs793dAn
+y4PHmY+q902WpZA1xeckJAdpSjS5rLc3fWOEHBNbmhBkOhDr/tarFUyjxi4mKEhm
+uKycjtOvYOwcvABc1u3WpxJ+CdtbbcHrnYCWXg==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+
+ <md:AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://kiidp.ki.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <md:AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kiidp.ki.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <md:NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</md:NameIDFormat>
+ <md:NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</md:NameIDFormat>
+
+ </md:AttributeAuthorityDescriptor>
+
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">KI</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">Karolinska Institutet</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">http://www.ki.se</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:Company>Karolinska Institutet</md:Company>
+ <md:EmailAddress>it-support@ki.se</md:EmailAddress>
+ </md:ContactPerson>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://ws3.bmc.uu.se/shibboleth" xml:base="swamid-1.0/www.bmcmediatek.uu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>ws1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=ws1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC0DCCAbigAwIBAgIJAMcesvNWNm7sMA0GCSqGSIb3DQEBBQUAMA4xDDAKBgNV
+BAMTA3dzMTAeFw0xMDExMTYxMzEwNTJaFw0yMDExMTMxMzEwNTJaMA4xDDAKBgNV
+BAMTA3dzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALcJpa5zDKxA
+XbKsf/nLBHJnDVQC8yVIKtLEbDZowtv7F3FwQEpKWs3mIqHpHzMT4ErQxnQKCgKp
+lyq/Ow9LNnWYGQsJi1E2lBAD7Wg7wkz4CuGiRjIkdk3JWMqm/YD2rX5WMw2ThWZt
+HPZXtCFtQBVMwRFTCYAELI/Fjie7Da5BVx6DAmnBEImyfqAURh+frHTBX/SN8pDa
+EjXO0i/HWcOLcHNHKCqR3yPX0+XuRrL5/qEIfRgYqws57mx+7TlmHeGIJq3zviNh
+bp3waRhxcyy/yoYKqtU3LOWBCf33350Ez+E5RcBJQC82sKH0WNU+oP6QFIW+fcRv
+siAZ1PHmcCkCAwEAAaMxMC8wDgYDVR0RBAcwBYIDd3MxMB0GA1UdDgQWBBSMT2HM
+OkhcwrbObOFNrFtlCRF73DANBgkqhkiG9w0BAQUFAAOCAQEANi1KmPdYFKXjBHRU
+yJ2gKo54lRlrfJ5dQiyfN+GLnIXFG59yRCouGpD0igHxU4Sv3iLuTFWdWHa3m3J/
+q6AxpUl3tdIEy6HD5r/gI61oFKpyeYCPSt2q7wfYjGWCufk4M/RIpcnBGHDD5IIR
+ao5t+42NRWEtA0XLiwJPr+RXGGMLTdXXfcvyps7BVIV16Aj39apcOfMdhLQVTdPX
+O4qGdfgbjNKUd//RBFitxtPvmdDwkei9NX3Ed4TU3TxX4GeX84GCIH2JeOrdqNMF
+xsuqDz+Qlqfj741Xk0GEWhH5vc3xNubAAuBQF3rDDDya+RVunZkZ1OrwUWTyHETl
+x9hzjw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>ws1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=ws1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC0DCCAbigAwIBAgIJAMcesvNWNm7sMA0GCSqGSIb3DQEBBQUAMA4xDDAKBgNV
+BAMTA3dzMTAeFw0xMDExMTYxMzEwNTJaFw0yMDExMTMxMzEwNTJaMA4xDDAKBgNV
+BAMTA3dzMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALcJpa5zDKxA
+XbKsf/nLBHJnDVQC8yVIKtLEbDZowtv7F3FwQEpKWs3mIqHpHzMT4ErQxnQKCgKp
+lyq/Ow9LNnWYGQsJi1E2lBAD7Wg7wkz4CuGiRjIkdk3JWMqm/YD2rX5WMw2ThWZt
+HPZXtCFtQBVMwRFTCYAELI/Fjie7Da5BVx6DAmnBEImyfqAURh+frHTBX/SN8pDa
+EjXO0i/HWcOLcHNHKCqR3yPX0+XuRrL5/qEIfRgYqws57mx+7TlmHeGIJq3zviNh
+bp3waRhxcyy/yoYKqtU3LOWBCf33350Ez+E5RcBJQC82sKH0WNU+oP6QFIW+fcRv
+siAZ1PHmcCkCAwEAAaMxMC8wDgYDVR0RBAcwBYIDd3MxMB0GA1UdDgQWBBSMT2HM
+OkhcwrbObOFNrFtlCRF73DANBgkqhkiG9w0BAQUFAAOCAQEANi1KmPdYFKXjBHRU
+yJ2gKo54lRlrfJ5dQiyfN+GLnIXFG59yRCouGpD0igHxU4Sv3iLuTFWdWHa3m3J/
+q6AxpUl3tdIEy6HD5r/gI61oFKpyeYCPSt2q7wfYjGWCufk4M/RIpcnBGHDD5IIR
+ao5t+42NRWEtA0XLiwJPr+RXGGMLTdXXfcvyps7BVIV16Aj39apcOfMdhLQVTdPX
+O4qGdfgbjNKUd//RBFitxtPvmdDwkei9NX3Ed4TU3TxX4GeX84GCIH2JeOrdqNMF
+xsuqDz+Qlqfj741Xk0GEWhH5vc3xNubAAuBQF3rDDDya+RVunZkZ1OrwUWTyHETl
+x9hzjw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.bmcmediatek.uu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://saml-1.sys.kth.se/idp/shibboleth" xml:base="swamid-1.0/saml-1.sys.kth.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">kth.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMDCCAhigAwIBAgIVALx4XVtH3sOyM28YH834f5bbuHNlMA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXNhbWwtMS5zeXMua3RoLnNlMB4XDTEwMTExNzE1NTYz
+OFoXDTMwMTExNzE1NTYzOFowHDEaMBgGA1UEAxMRc2FtbC0xLnN5cy5rdGguc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCDxtJdcAOVTCIq6UQlCpqm
+XbagnXzhINClFn/+XS3+KH0mb5HnLLugIQ12hH0SFfD7KgVh3mRwBZsbs0Q8QJoZ
+YkOfTii/I5Buvw6l4N36m58VLZGv2W0fFAQLMk2IeRqHd32wGyaVro0DojCKj+Wi
+C7pyHkMRQdofNNgS5tV6/Ls/FJUhK4P45u2MYQwGZR00u84ngQaQ+uw1xEoLGbpt
+H1Ic0ZqGH/7E6EhRs82taWCHUBy/qbFNuTsXKzRDQDAvnKvtosrpBfFqZ3wvJdIW
+4Q63jUFk9d84+h5xWe1rJD46MXUti55PYWPzzweIeXUE0vpPnlCWt2C5BzOFqeCt
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXNhbWwtMS5zeXMua3RoLnNlhihodHRwczov
+L3NhbWwtMS5zeXMua3RoLnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBSHF1tH
+0Si0nenf53KeBzfw0JFKMTANBgkqhkiG9w0BAQUFAAOCAQEAfMDHG/jm+HsQo2t6
+if67Cs0iX2d0kridHeHE02BzAUTKSFQ0ywA+jXlJRmYnRXQqnl8qh1V4Qw6PmHKJ
+Im5rjNRUA72a9Vo42QBPXVy8UJOxTHMQhK6aFG0UXTofo5lzroz39YqaNGo6k5zx
+oBDagUCJ+Mfu4tOQ+j2ZbP1syTgCroX0XsRsdU/KXEdmPtQBAdEgWB0siCI31sOc
+JWNDZOy2Zm1yPdryCtJD56IwYEXRi9ACLDUYteoqypxq+Cjp4gkJNe+fsvyCjuCf
+jLJfoU/KdGJJcfuMirPEC2mfSdMWK3XDCvaxKU9Or2ZV6FjitQDPt9V2n/qNe5mu
+sdhdXg==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://saml-1.sys.kth.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://saml-1.sys.kth.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://saml-1.sys.kth.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://saml-1.sys.kth.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://saml-1.sys.kth.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://saml-1.sys.kth.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">kth.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDMDCCAhigAwIBAgIVALx4XVtH3sOyM28YH834f5bbuHNlMA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXNhbWwtMS5zeXMua3RoLnNlMB4XDTEwMTExNzE1NTYz
+OFoXDTMwMTExNzE1NTYzOFowHDEaMBgGA1UEAxMRc2FtbC0xLnN5cy5rdGguc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCDxtJdcAOVTCIq6UQlCpqm
+XbagnXzhINClFn/+XS3+KH0mb5HnLLugIQ12hH0SFfD7KgVh3mRwBZsbs0Q8QJoZ
+YkOfTii/I5Buvw6l4N36m58VLZGv2W0fFAQLMk2IeRqHd32wGyaVro0DojCKj+Wi
+C7pyHkMRQdofNNgS5tV6/Ls/FJUhK4P45u2MYQwGZR00u84ngQaQ+uw1xEoLGbpt
+H1Ic0ZqGH/7E6EhRs82taWCHUBy/qbFNuTsXKzRDQDAvnKvtosrpBfFqZ3wvJdIW
+4Q63jUFk9d84+h5xWe1rJD46MXUti55PYWPzzweIeXUE0vpPnlCWt2C5BzOFqeCt
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXNhbWwtMS5zeXMua3RoLnNlhihodHRwczov
+L3NhbWwtMS5zeXMua3RoLnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBSHF1tH
+0Si0nenf53KeBzfw0JFKMTANBgkqhkiG9w0BAQUFAAOCAQEAfMDHG/jm+HsQo2t6
+if67Cs0iX2d0kridHeHE02BzAUTKSFQ0ywA+jXlJRmYnRXQqnl8qh1V4Qw6PmHKJ
+Im5rjNRUA72a9Vo42QBPXVy8UJOxTHMQhK6aFG0UXTofo5lzroz39YqaNGo6k5zx
+oBDagUCJ+Mfu4tOQ+j2ZbP1syTgCroX0XsRsdU/KXEdmPtQBAdEgWB0siCI31sOc
+JWNDZOy2Zm1yPdryCtJD56IwYEXRi9ACLDUYteoqypxq+Cjp4gkJNe+fsvyCjuCf
+jLJfoU/KdGJJcfuMirPEC2mfSdMWK3XDCvaxKU9Or2ZV6FjitQDPt9V2n/qNe5mu
+sdhdXg==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://saml-1.sys.kth.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://saml-1.sys.kth.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+<Organization>
+ <OrganizationName xml:lang="en">KTH</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Kungliga Tekniska högskolan</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kth.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Royal Institute of Technology (KTH)</Company>
+ <EmailAddress>itesc@kth.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://sp-test.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/sp-test.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp-test.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>shib-test-sp1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=shib-test-sp1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJAMvj0WHMV86oMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDXNoaWItdGVzdC1zcDEwHhcNMTAxMDExMDkzMDE5WhcNMjAxMDA4MDkzMDE5
+WjAYMRYwFAYDVQQDEw1zaGliLXRlc3Qtc3AxMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAwY+eWytRTYPU10j0R+GjbKQzJ09YeYGgSuIzNZhLdH0zy6By
+YyEtIITGsTorlL5HBYUtpFugc3jjoBuTv+QZoVnAsNfpbO1KM17cB3iX31drfYyU
+XSY20OZEaOuDoaE9Zt7YawDJ39vkwOLKEyglaqVzSdhH6gZoHEPSd0GOE/O5pMsu
+igmKs/dWoUhjS/u9R83jen7lOS39NJXKW23ghyZ36lgmSieACWCz5hMOKJ9ZnPys
+Va85dCMsNbaSDC/vm++jP7qY2I9aDJJHZhOEso+jqQPbRFjhy+pNSQYx2Z99r6ns
+fn1tJEgfKv+xfon4QkrrJ0CEySGVPfcEJw2xgwIDAQABozswOTAYBgNVHREEETAP
+gg1zaGliLXRlc3Qtc3AxMB0GA1UdDgQWBBTctR7mjh7i3u2cHU+rm99Fte/SdDAN
+BgkqhkiG9w0BAQUFAAOCAQEAFX12BjrajUciwGg79uHajf+oL1hYalnydk5fBqJ3
+WOebDsv/4Z1mcHH1WlT/fHf8KkjETiaAr0uuiLyIvFsMY4WASxZaqa4MTcTtJzHA
+9JrpGAscSKg2fIO8T6cmpKCPuMnH+e05NjWTdmxnR0bJGyn87NQdNNdhw9bgmRD4
+B/md9BUYzkXna3WPi1biNcqSgIwevoSb7JRPMu9LhrlkJyK325uGyblVcg0WCeZ0
+ZZ++pFd6COZSWkvz3O0kbDXKOANgr4ZylWIxYz+Fj1y8i5PN5C85ojDAIvzZ93J5
+95GMOhu7uHgsRb4w5VyuXMlgrvHKh2S1C7zrtt86XKW2fw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>shib-test-sp1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=shib-test-sp1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC7jCCAdagAwIBAgIJAMvj0WHMV86oMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDXNoaWItdGVzdC1zcDEwHhcNMTAxMDExMDkzMDE5WhcNMjAxMDA4MDkzMDE5
+WjAYMRYwFAYDVQQDEw1zaGliLXRlc3Qtc3AxMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAwY+eWytRTYPU10j0R+GjbKQzJ09YeYGgSuIzNZhLdH0zy6By
+YyEtIITGsTorlL5HBYUtpFugc3jjoBuTv+QZoVnAsNfpbO1KM17cB3iX31drfYyU
+XSY20OZEaOuDoaE9Zt7YawDJ39vkwOLKEyglaqVzSdhH6gZoHEPSd0GOE/O5pMsu
+igmKs/dWoUhjS/u9R83jen7lOS39NJXKW23ghyZ36lgmSieACWCz5hMOKJ9ZnPys
+Va85dCMsNbaSDC/vm++jP7qY2I9aDJJHZhOEso+jqQPbRFjhy+pNSQYx2Z99r6ns
+fn1tJEgfKv+xfon4QkrrJ0CEySGVPfcEJw2xgwIDAQABozswOTAYBgNVHREEETAP
+gg1zaGliLXRlc3Qtc3AxMB0GA1UdDgQWBBTctR7mjh7i3u2cHU+rm99Fte/SdDAN
+BgkqhkiG9w0BAQUFAAOCAQEAFX12BjrajUciwGg79uHajf+oL1hYalnydk5fBqJ3
+WOebDsv/4Z1mcHH1WlT/fHf8KkjETiaAr0uuiLyIvFsMY4WASxZaqa4MTcTtJzHA
+9JrpGAscSKg2fIO8T6cmpKCPuMnH+e05NjWTdmxnR0bJGyn87NQdNNdhw9bgmRD4
+B/md9BUYzkXna3WPi1biNcqSgIwevoSb7JRPMu9LhrlkJyK325uGyblVcg0WCeZ0
+ZZ++pFd6COZSWkvz3O0kbDXKOANgr4ZylWIxYz+Fj1y8i5PN5C85ojDAIvzZ93J5
+95GMOhu7uHgsRb4w5VyuXMlgrvHKh2S1C7zrtt86XKW2fw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp-test.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp-test.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp-test.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp-test.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp-test.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp-test.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp-test.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp-test.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp-test.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp-test.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp-test.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp-test.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.studera.nu/shibboleth-sp" xml:base="swamid-1.0/www.studera.nu.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>https://www.studera.nu/shibboleth-sp</ds:KeyName>
+ <ds:KeyName>www.studera.nu</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.studera.nu</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDFzCCAf+gAwIBAgIJAIUfzx/N0lN8MA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDnd3dy5zdHVkZXJhLm51MB4XDTEwMTEyNDExNTI0MFoXDTE1MTEyMzExNTI0
+MFowGTEXMBUGA1UEAxMOd3d3LnN0dWRlcmEubnUwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCrF/v2Tcx6XNgANqYzUpibkBjhMjmpWAr67h4vQvpPUabI
+C2i/pxTykjPU7RPuako391Th4PR0pCDD21odCDShbcxEL6fy7CecWj2baI5antu7
+gx2bj6/y1k6V4c6c+it+VsU30usG3teYVNWaoAYk6FJuymS8zXSTvyihFlRr9l8P
+oV0Ap5IaBK7fj9sjESreefpv8a1/V0YXKvuJi9YdTAj7k3C0lj8/DiC/suXy+X/+
+/b9a6oEu1Gb8aPdxu7upq+C2A9RIebr2JtbqLwo5luQEIz2UMVUlR5SP1oGdo9jZ
+oo/rRNSNXsBKlkNgSUSBfKdnnDuKiBlgC6MwOvhbAgMBAAGjYjBgMD8GA1UdEQQ4
+MDaCDnd3dy5zdHVkZXJhLm51hiRodHRwczovL3d3dy5zdHVkZXJhLm51L3NoaWJi
+b2xldGgtc3AwHQYDVR0OBBYEFFtvzM/pgvj1lvMsm/h3rQZwmYMJMA0GCSqGSIb3
+DQEBBQUAA4IBAQCkQBRKL0sVMPL72omwGG6HI+Fv2Tyy2SrgODKvg5jjYBe70WfB
+s08Nmrl2ASDVvdsPEadmlyeQMqol7QfavTHK0+bu4j/2H0+ezhsNrADrTPs52k0k
+MpfZcKxrHEBzfVXA+MWl3yyGBoqCo9iXMU62UiNkxj71+1/ZGDOlttPUaZlYXi0f
+O/SLBF07IJZ2k+n5N4IpwIp8Yr5+vRMMqPEHDc7qVQ33Qp3VZN/vxFOj7DVUMAMt
+7K0x1uPKTp7929lYXfYsgLtQtV0FRrldiF/qN8y0qElNUyynhyQB38gJcTCbUzIX
+To0ucpLgYZwm1LIEXh4+VZuM2irCpX+guvFa
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>https://www.studera.nu/shibboleth-sp</ds:KeyName>
+ <ds:KeyName>www.studera.nu</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.studera.nu</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDFzCCAf+gAwIBAgIJAIUfzx/N0lN8MA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
+BAMTDnd3dy5zdHVkZXJhLm51MB4XDTEwMTEyNDExNTI0MFoXDTE1MTEyMzExNTI0
+MFowGTEXMBUGA1UEAxMOd3d3LnN0dWRlcmEubnUwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCrF/v2Tcx6XNgANqYzUpibkBjhMjmpWAr67h4vQvpPUabI
+C2i/pxTykjPU7RPuako391Th4PR0pCDD21odCDShbcxEL6fy7CecWj2baI5antu7
+gx2bj6/y1k6V4c6c+it+VsU30usG3teYVNWaoAYk6FJuymS8zXSTvyihFlRr9l8P
+oV0Ap5IaBK7fj9sjESreefpv8a1/V0YXKvuJi9YdTAj7k3C0lj8/DiC/suXy+X/+
+/b9a6oEu1Gb8aPdxu7upq+C2A9RIebr2JtbqLwo5luQEIz2UMVUlR5SP1oGdo9jZ
+oo/rRNSNXsBKlkNgSUSBfKdnnDuKiBlgC6MwOvhbAgMBAAGjYjBgMD8GA1UdEQQ4
+MDaCDnd3dy5zdHVkZXJhLm51hiRodHRwczovL3d3dy5zdHVkZXJhLm51L3NoaWJi
+b2xldGgtc3AwHQYDVR0OBBYEFFtvzM/pgvj1lvMsm/h3rQZwmYMJMA0GCSqGSIb3
+DQEBBQUAA4IBAQCkQBRKL0sVMPL72omwGG6HI+Fv2Tyy2SrgODKvg5jjYBe70WfB
+s08Nmrl2ASDVvdsPEadmlyeQMqol7QfavTHK0+bu4j/2H0+ezhsNrADrTPs52k0k
+MpfZcKxrHEBzfVXA+MWl3yyGBoqCo9iXMU62UiNkxj71+1/ZGDOlttPUaZlYXi0f
+O/SLBF07IJZ2k+n5N4IpwIp8Yr5+vRMMqPEHDc7qVQ33Qp3VZN/vxFOj7DVUMAMt
+7K0x1uPKTp7929lYXfYsgLtQtV0FRrldiF/qN8y0qElNUyynhyQB38gJcTCbUzIX
+To0ucpLgYZwm1LIEXh4+VZuM2irCpX+guvFa
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.studera.nu/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.studera.nu/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.nu/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.nu/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.studera.nu/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.studera.nu/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.nu/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.nu/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.nu/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.studera.nu/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.nu/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.studera.nu/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.studera.nu/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.studera.nu/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://smd-dev.nordu.net/shibboleth" xml:base="swamid-1.0/smd-dev.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>mps-dev.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mps-dev.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDTCCAfWgAwIBAgIJAL9sCPLq0RZZMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEW1wcy1kZXYubm9yZHUubmV0MB4XDTEwMTExMjEyNTMwN1oXDTgzMDkwODA2
+MDk1NVowHDEaMBgGA1UEAxMRbXBzLWRldi5ub3JkdS5uZXQwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDM2Gbfge/3nx0lyLDMdwLjXPQEN1eAvtRG4ZZR
+z32dHdYlKU0iCc65ol0PqvHi3M60blldHogF2lHy8fwWoToRCXeAb5y5tPil4KQk
+7vvEZ4EWR6mWt9oibTcVtcFshgj2D91MieneoQtU6RuKo824dCZodM5rInrUfmA3
+UJU/vcmloVyj1z3pdNGOO8ZqGOM8/LnKKVVFw4kg1+GQbDCb+oSTcKGU4jVVtWXx
+kWO9t3JjTyxrhGMgZCwqLrzoxo2NwWjKWe1Fnv0OjEIfs0utWkUso0OcboO5WXko
+wjXoDutiDictn5CJ2aCfpBKJYjVj3o80+q7zN5dhLwB3ZrWbAgMBAAGjUjBQMC8G
+A1UdEQQoMCaCEW1wcy1kZXYubm9yZHUubmV0hhFtcHMtZGV2Lm5vcmR1Lm5ldDAd
+BgNVHQ4EFgQUaQ6cwvIERJKvTggFCO+ouMeZHJkwDQYJKoZIhvcNAQEFBQADggEB
+AJB8eurNiXi59DIMd5DYfmvzbCEeZyDzZBtFwSmmJFguZNoFj782aLizKMYYvuQn
+jFabye07AzgDI1uZokgPnTIU0da0+Ro3BkcxDoXlEHXaTUk+I9GEvcQFiEEFG8Rm
+y0TiL/Ye53huEpRwmURFl8LmMk+KWeDteObj9EzjP/iM/fueYRT6jjErxPfGG05k
+u7WKlT+ELwwCYh7KEaE+oQlHcL+hx8hjH35VA/DP7KXSBnE739J4NeJkSsh+Dca7
+CG8fk3LxX/dkOERNAegBTI/bAvgP6KyjDDB5xfiGT98E8qzCcIYer6kb25o/4gWs
+MsJGKv1TOFEiCEt9POIDkms=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>mps-dev.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mps-dev.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDDTCCAfWgAwIBAgIJAL9sCPLq0RZZMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEW1wcy1kZXYubm9yZHUubmV0MB4XDTEwMTExMjEyNTMwN1oXDTgzMDkwODA2
+MDk1NVowHDEaMBgGA1UEAxMRbXBzLWRldi5ub3JkdS5uZXQwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDM2Gbfge/3nx0lyLDMdwLjXPQEN1eAvtRG4ZZR
+z32dHdYlKU0iCc65ol0PqvHi3M60blldHogF2lHy8fwWoToRCXeAb5y5tPil4KQk
+7vvEZ4EWR6mWt9oibTcVtcFshgj2D91MieneoQtU6RuKo824dCZodM5rInrUfmA3
+UJU/vcmloVyj1z3pdNGOO8ZqGOM8/LnKKVVFw4kg1+GQbDCb+oSTcKGU4jVVtWXx
+kWO9t3JjTyxrhGMgZCwqLrzoxo2NwWjKWe1Fnv0OjEIfs0utWkUso0OcboO5WXko
+wjXoDutiDictn5CJ2aCfpBKJYjVj3o80+q7zN5dhLwB3ZrWbAgMBAAGjUjBQMC8G
+A1UdEQQoMCaCEW1wcy1kZXYubm9yZHUubmV0hhFtcHMtZGV2Lm5vcmR1Lm5ldDAd
+BgNVHQ4EFgQUaQ6cwvIERJKvTggFCO+ouMeZHJkwDQYJKoZIhvcNAQEFBQADggEB
+AJB8eurNiXi59DIMd5DYfmvzbCEeZyDzZBtFwSmmJFguZNoFj782aLizKMYYvuQn
+jFabye07AzgDI1uZokgPnTIU0da0+Ro3BkcxDoXlEHXaTUk+I9GEvcQFiEEFG8Rm
+y0TiL/Ye53huEpRwmURFl8LmMk+KWeDteObj9EzjP/iM/fueYRT6jjErxPfGG05k
+u7WKlT+ELwwCYh7KEaE+oQlHcL+hx8hjH35VA/DP7KXSBnE739J4NeJkSsh+Dca7
+CG8fk3LxX/dkOERNAegBTI/bAvgP6KyjDDB5xfiGT98E8qzCcIYer6kb25o/4gWs
+MsJGKv1TOFEiCEt9POIDkms=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://smd-dev.nordu.net/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://smd-dev.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://smd-dev.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://smd-dev.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://smd-dev.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://smd-dev.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://smd-dev.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://smd-dev.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://smd-dev.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://smd-dev.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://smd-dev.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://smd-dev.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://smd-dev.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://smd-dev.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://smd-dev.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://vlab-chemsub.explizit.se/shibboleth" xml:base="swamid-1.0/vlab-chemsub.explizit.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>www.explizit.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=fredrik.bergqvist@explizit.se,CN=www.explizit.se,O=explizit,L=skelleftea,ST=vasterbotten,C=se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEqjCCA5KgAwIBAgIJAN6mS+uZRU41MA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
+VQQGEwJzZTEVMBMGA1UECBMMdmFzdGVyYm90dGVuMRMwEQYDVQQHEwpza2VsbGVm
+dGVhMREwDwYDVQQKEwhleHBsaXppdDEYMBYGA1UEAxMPd3d3LmV4cGxpeml0LnNl
+MSwwKgYJKoZIhvcNAQkBFh1mcmVkcmlrLmJlcmdxdmlzdEBleHBsaXppdC5zZTAe
+Fw0xMDExMTYxOTE1MjlaFw0xMTExMTYxOTE1MjlaMIGUMQswCQYDVQQGEwJzZTEV
+MBMGA1UECBMMdmFzdGVyYm90dGVuMRMwEQYDVQQHEwpza2VsbGVmdGVhMREwDwYD
+VQQKEwhleHBsaXppdDEYMBYGA1UEAxMPd3d3LmV4cGxpeml0LnNlMSwwKgYJKoZI
+hvcNAQkBFh1mcmVkcmlrLmJlcmdxdmlzdEBleHBsaXppdC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANX+SLcvpJ/NxWOqJE6zPJ9KTwJGkMKWtxoq
+0mNtBapZHoJISDHH4+j1ZylEkRzst2lEvmAfjGmSj3wN5WW/ul+YrHAu+bYkYJRi
+Ht1WwC5NKUD0gtTh9AvESrsvlL/YJx62YYJI9sTGMQOYfvF85TlY2ecOY1vl3dru
+6joF45lrftn9GC2WL3wRY6oRnwTaBTN/w1hDjuOLERlxu32I6df2doyLTw6Qvrvz
+6ZnHQ9L4Ulz+K0tsVJwjvboO7UoC+AzU8UHby00arGfWODUDOsQIsmCRMaJI0A1i
+iTsDdrjqXuxLA1kMRhGaDkeRRBPiLHrSHtoHUEW1pB61Yo3FMhMCAwEAAaOB/DCB
++TAdBgNVHQ4EFgQUV+ffRtxJ/B2a02nS5+osFl16QhQwgckGA1UdIwSBwTCBvoAU
+V+ffRtxJ/B2a02nS5+osFl16QhShgZqkgZcwgZQxCzAJBgNVBAYTAnNlMRUwEwYD
+VQQIEwx2YXN0ZXJib3R0ZW4xEzARBgNVBAcTCnNrZWxsZWZ0ZWExETAPBgNVBAoT
+CGV4cGxpeml0MRgwFgYDVQQDEw93d3cuZXhwbGl6aXQuc2UxLDAqBgkqhkiG9w0B
+CQEWHWZyZWRyaWsuYmVyZ3F2aXN0QGV4cGxpeml0LnNlggkA3qZL65lFTjUwDAYD
+VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAiDgwRGjIWirACtcocF0UFvP9
+I5vCeLeMy2ED4ueG8bIeLJsPlCdLqjK60chpGMq/L2A4T1aCOJsZIhrMllxAqEUv
+iAGo7DOLwdukDpLgns1l2UiEkhd+sbQy3cu5Rwn1KQTQPcr9rY2rXdJvWxmJsmOi
+qRNp//HTq6pRy3MufxqH60x1UIIe9MjMsHSPxyN7by6KC3p0GZqUOZsc6QX3T69A
+Bdl9r05UYKKJuoMtavur87wqk8OpunbdQgRjaioJ2EV/YjlBL5KdCS5TuBuAu584
+C619vYmdUbDbxVdkkAhza7RsUHau77TY9QaTxvvnzT5ANR78jkgdjNhO9Ono8Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>www.explizit.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=fredrik.bergqvist@explizit.se,CN=www.explizit.se,O=explizit,L=skelleftea,ST=vasterbotten,C=se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEqjCCA5KgAwIBAgIJAN6mS+uZRU41MA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD
+VQQGEwJzZTEVMBMGA1UECBMMdmFzdGVyYm90dGVuMRMwEQYDVQQHEwpza2VsbGVm
+dGVhMREwDwYDVQQKEwhleHBsaXppdDEYMBYGA1UEAxMPd3d3LmV4cGxpeml0LnNl
+MSwwKgYJKoZIhvcNAQkBFh1mcmVkcmlrLmJlcmdxdmlzdEBleHBsaXppdC5zZTAe
+Fw0xMDExMTYxOTE1MjlaFw0xMTExMTYxOTE1MjlaMIGUMQswCQYDVQQGEwJzZTEV
+MBMGA1UECBMMdmFzdGVyYm90dGVuMRMwEQYDVQQHEwpza2VsbGVmdGVhMREwDwYD
+VQQKEwhleHBsaXppdDEYMBYGA1UEAxMPd3d3LmV4cGxpeml0LnNlMSwwKgYJKoZI
+hvcNAQkBFh1mcmVkcmlrLmJlcmdxdmlzdEBleHBsaXppdC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBANX+SLcvpJ/NxWOqJE6zPJ9KTwJGkMKWtxoq
+0mNtBapZHoJISDHH4+j1ZylEkRzst2lEvmAfjGmSj3wN5WW/ul+YrHAu+bYkYJRi
+Ht1WwC5NKUD0gtTh9AvESrsvlL/YJx62YYJI9sTGMQOYfvF85TlY2ecOY1vl3dru
+6joF45lrftn9GC2WL3wRY6oRnwTaBTN/w1hDjuOLERlxu32I6df2doyLTw6Qvrvz
+6ZnHQ9L4Ulz+K0tsVJwjvboO7UoC+AzU8UHby00arGfWODUDOsQIsmCRMaJI0A1i
+iTsDdrjqXuxLA1kMRhGaDkeRRBPiLHrSHtoHUEW1pB61Yo3FMhMCAwEAAaOB/DCB
++TAdBgNVHQ4EFgQUV+ffRtxJ/B2a02nS5+osFl16QhQwgckGA1UdIwSBwTCBvoAU
+V+ffRtxJ/B2a02nS5+osFl16QhShgZqkgZcwgZQxCzAJBgNVBAYTAnNlMRUwEwYD
+VQQIEwx2YXN0ZXJib3R0ZW4xEzARBgNVBAcTCnNrZWxsZWZ0ZWExETAPBgNVBAoT
+CGV4cGxpeml0MRgwFgYDVQQDEw93d3cuZXhwbGl6aXQuc2UxLDAqBgkqhkiG9w0B
+CQEWHWZyZWRyaWsuYmVyZ3F2aXN0QGV4cGxpeml0LnNlggkA3qZL65lFTjUwDAYD
+VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAiDgwRGjIWirACtcocF0UFvP9
+I5vCeLeMy2ED4ueG8bIeLJsPlCdLqjK60chpGMq/L2A4T1aCOJsZIhrMllxAqEUv
+iAGo7DOLwdukDpLgns1l2UiEkhd+sbQy3cu5Rwn1KQTQPcr9rY2rXdJvWxmJsmOi
+qRNp//HTq6pRy3MufxqH60x1UIIe9MjMsHSPxyN7by6KC3p0GZqUOZsc6QX3T69A
+Bdl9r05UYKKJuoMtavur87wqk8OpunbdQgRjaioJ2EV/YjlBL5KdCS5TuBuAu584
+C619vYmdUbDbxVdkkAhza7RsUHau77TY9QaTxvvnzT5ANR78jkgdjNhO9Ono8Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://vlab-chemsub.explizit.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://sp.it.gu.se/shibboleth" xml:base="swamid-1.0/sp.it.gu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp.it.gu.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>sp.it.gu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sp.it.gu.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9TCCAd2gAwIBAgIJAPYrC72akwsZMA0GCSqGSIb3DQEBBQUAMBYxFDASBgNV
+BAMTC3NwLml0Lmd1LnNlMB4XDTEwMTIwMjE1MzkwOFoXDTE1MTIwMTE1MzkwOFow
+FjEUMBIGA1UEAxMLc3AuaXQuZ3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDZx2MH0AOUIZouNQyGwtj/+M8BFtvusld5mn7PoLiCaEmTU2p4LVmr
+hRwsWuGLkJtqqONNfLh8aAJI47Wj+pLHKsTCrQjnPQdttE8blSpfjjuaOEHsPIio
+LnsxL0fuoGrDx4kb3UyICGvLntNXUuq6mvFqPwgw/650ZVIsnS8aS3hiUrxJG8tt
+tBFDXf53aDJx+VQuuKvAZ79ZXUoOUEX4XkL2xq7Bz5ljjfJd7IUAEjuSWCHyz1yZ
+2KqjJ9uCyi2DeiSCoibLM6GcuQP0AY2vE3h1aidK9sr64jPa5hnhMnimtmsa29K+
+P0etzBGrjrzStwaVKjqIinSZU+PLf7sPAgMBAAGjRjBEMCMGA1UdEQQcMBqCC3Nw
+Lml0Lmd1LnNlhgtzcC5pdC5ndS5zZTAdBgNVHQ4EFgQU6/iWGhM8RnEGVjRFECtZ
+MsTWx/swDQYJKoZIhvcNAQEFBQADggEBAFvQ2wiEugd9cy2LG9sI88uINEMnLT+H
+bRroFbK0mOppXbDxVHmc+EWWVqQ9xc/JHdnd19cXSFuc6SmY7Lx5su0rIFv7/h8m
+HduwiIXFs3axucyl26ZKMltDOLpym9KK5u2NQXJYN7BpXq4sjtZlPLH2p9ShmoQ7
+s4wKEXrYSsBU/pTRFg60FNwo2OvJAuVRmPmESVn5YJ8AguUjeNWfiPAmUKhEofhK
+pMGOQDUYW5u9fPy/O+qRzF3xhMLSOejkdwCC2kKEDVKxo27wy6CLeedBAWTj3ERu
+Q9GZYzxeMEXXQg7nerDoFisoBc8c6+jlak7yEX8v5GIZSKV1XHui/yc=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>sp.it.gu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sp.it.gu.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9TCCAd2gAwIBAgIJAPYrC72akwsZMA0GCSqGSIb3DQEBBQUAMBYxFDASBgNV
+BAMTC3NwLml0Lmd1LnNlMB4XDTEwMTIwMjE1MzkwOFoXDTE1MTIwMTE1MzkwOFow
+FjEUMBIGA1UEAxMLc3AuaXQuZ3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw
+ggEKAoIBAQDZx2MH0AOUIZouNQyGwtj/+M8BFtvusld5mn7PoLiCaEmTU2p4LVmr
+hRwsWuGLkJtqqONNfLh8aAJI47Wj+pLHKsTCrQjnPQdttE8blSpfjjuaOEHsPIio
+LnsxL0fuoGrDx4kb3UyICGvLntNXUuq6mvFqPwgw/650ZVIsnS8aS3hiUrxJG8tt
+tBFDXf53aDJx+VQuuKvAZ79ZXUoOUEX4XkL2xq7Bz5ljjfJd7IUAEjuSWCHyz1yZ
+2KqjJ9uCyi2DeiSCoibLM6GcuQP0AY2vE3h1aidK9sr64jPa5hnhMnimtmsa29K+
+P0etzBGrjrzStwaVKjqIinSZU+PLf7sPAgMBAAGjRjBEMCMGA1UdEQQcMBqCC3Nw
+Lml0Lmd1LnNlhgtzcC5pdC5ndS5zZTAdBgNVHQ4EFgQU6/iWGhM8RnEGVjRFECtZ
+MsTWx/swDQYJKoZIhvcNAQEFBQADggEBAFvQ2wiEugd9cy2LG9sI88uINEMnLT+H
+bRroFbK0mOppXbDxVHmc+EWWVqQ9xc/JHdnd19cXSFuc6SmY7Lx5su0rIFv7/h8m
+HduwiIXFs3axucyl26ZKMltDOLpym9KK5u2NQXJYN7BpXq4sjtZlPLH2p9ShmoQ7
+s4wKEXrYSsBU/pTRFg60FNwo2OvJAuVRmPmESVn5YJ8AguUjeNWfiPAmUKhEofhK
+pMGOQDUYW5u9fPy/O+qRzF3xhMLSOejkdwCC2kKEDVKxo27wy6CLeedBAWTj3ERu
+Q9GZYzxeMEXXQg7nerDoFisoBc8c6+jlak7yEX8v5GIZSKV1XHui/yc=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.it.gu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.it.gu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.it.gu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.it.gu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.it.gu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp.it.gu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp.it.gu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.it.gu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.it.gu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp.it.gu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp.it.gu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp.it.gu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp.it.gu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.it.gu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp.it.gu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://monitor.it.su.se/Shibboleth.sso" xml:base="swamid-1.0/monitor.it.su.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://monitor.it.su.se/Shibboleth.sso/WAYF" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://monitor.it.su.se/Shibboleth.sso/WAYF/wavelan" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>nagios-prod-srv1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=nagios-prod-srv1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJAOjt6rzBfzawMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEG5hZ2lvcy1wcm9kLXNydjEwHhcNMTAxMDA4MTIxNjQ3WhcNMjAxMDA1MTIx
+NjQ3WjAbMRkwFwYDVQQDExBuYWdpb3MtcHJvZC1zcnYxMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAm0YI4BA9yAlw1OR1iEw+SWEfTyzg4U+5edMX/jUQ
+HznWGDU3RHHyG9lvOvHEmiRVUawG26j1hfpRTSyTAgzMPp5LQlAzHEqFXIWRly5Z
+8ev2ypkQLo5Jf5Y9j3Hs8X9JFQ+ArCUVszhhSwl3yzOmGhXPifD0o4Q//OI1ITew
+9fMlHKQzwcOgqqhu4Ouy4FElZ1GWxgskWFzOfnzGE/PbSdpgQhldI129qlNpnS70
+8DD12mP/OYP5pPmIfHSfNbydcKFWGup7fPNt8i2Qd4r6QmTFiGUI4u3wuPGFqgEQ
+mQma6hitoUjsnlXXlf9yeereaS1Rywvx7nECxEZEFSWMuwIDAQABoz4wPDAbBgNV
+HREEFDASghBuYWdpb3MtcHJvZC1zcnYxMB0GA1UdDgQWBBRj48nOGnAtBpcMK+w/
+DaOIPELzpDANBgkqhkiG9w0BAQUFAAOCAQEAFfJMTymD6HJtfAu6gvTyqRWU0P1T
+8CxgZn0kdErCTgUE4cH15D+38hZXZ6pTVxP05y+Hu/gxvzE/CUPy5aKdR9gVa3yh
+fEhPw06y7JDNxVVT7vcmWhmpI31mcIJmPwaWzh4BMC8uZPnBLJVSCgCrTJATZqj1
+zPyTGrXypLJNWErR2Rg5LOToWyItrWVOt2J9Lmt10lZG3O/q7UBWrdhqS9Yv5SUz
+PwDj/1Z21tcFe2iY5jrqJSbP4WURR4h9nPPgcbbExlKddAqm1bNV4CX4m+xjkGDX
+M1QL2iqLjZ5itEAcf2eT0T4jr1zPcprELLxcai13KiAIwOndIBfzhApcFw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>nagios-prod-srv1</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=nagios-prod-srv1</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJAOjt6rzBfzawMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEG5hZ2lvcy1wcm9kLXNydjEwHhcNMTAxMDA4MTIxNjQ3WhcNMjAxMDA1MTIx
+NjQ3WjAbMRkwFwYDVQQDExBuYWdpb3MtcHJvZC1zcnYxMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAm0YI4BA9yAlw1OR1iEw+SWEfTyzg4U+5edMX/jUQ
+HznWGDU3RHHyG9lvOvHEmiRVUawG26j1hfpRTSyTAgzMPp5LQlAzHEqFXIWRly5Z
+8ev2ypkQLo5Jf5Y9j3Hs8X9JFQ+ArCUVszhhSwl3yzOmGhXPifD0o4Q//OI1ITew
+9fMlHKQzwcOgqqhu4Ouy4FElZ1GWxgskWFzOfnzGE/PbSdpgQhldI129qlNpnS70
+8DD12mP/OYP5pPmIfHSfNbydcKFWGup7fPNt8i2Qd4r6QmTFiGUI4u3wuPGFqgEQ
+mQma6hitoUjsnlXXlf9yeereaS1Rywvx7nECxEZEFSWMuwIDAQABoz4wPDAbBgNV
+HREEFDASghBuYWdpb3MtcHJvZC1zcnYxMB0GA1UdDgQWBBRj48nOGnAtBpcMK+w/
+DaOIPELzpDANBgkqhkiG9w0BAQUFAAOCAQEAFfJMTymD6HJtfAu6gvTyqRWU0P1T
+8CxgZn0kdErCTgUE4cH15D+38hZXZ6pTVxP05y+Hu/gxvzE/CUPy5aKdR9gVa3yh
+fEhPw06y7JDNxVVT7vcmWhmpI31mcIJmPwaWzh4BMC8uZPnBLJVSCgCrTJATZqj1
+zPyTGrXypLJNWErR2Rg5LOToWyItrWVOt2J9Lmt10lZG3O/q7UBWrdhqS9Yv5SUz
+PwDj/1Z21tcFe2iY5jrqJSbP4WURR4h9nPPgcbbExlKddAqm1bNV4CX4m+xjkGDX
+M1QL2iqLjZ5itEAcf2eT0T4jr1zPcprELLxcai13KiAIwOndIBfzhApcFw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://monitor.it.su.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://monitor.it.su.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://monitor.it.su.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://monitor.it.su.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://monitor.it.su.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://monitor.it.su.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://monitor.it.su.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://monitor.it.su.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://monitor.it.su.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://monitor.it.su.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://monitor.it.su.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://monitor.it.su.se/Shibboleth.sso/SAML2/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://monitor.it.su.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://monitor.it.su.se/Shibboleth.sso/SAML2/Artifact" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://monitor.it.su.se/Shibboleth.sso/SAML2/ECP" index="10"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://coip-test.sunet.se/shibboleth" xml:base="swamid-1.0/coip-test.sunet.se-sp.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://coip-test.sunet.se/Shibboleth.sso/DS/ds.sunet.se" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>coip-test.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=coip-test.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJAMJwrBkmzHKJMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEmNvaXAtdGVzdC5zdW5ldC5zZTAeFw0xMDEyMDcwOTM0NTFaFw0yMDEyMDQw
+OTM0NTFaMB0xGzAZBgNVBAMTEmNvaXAtdGVzdC5zdW5ldC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMR4JETtaGG+7n5+NksVT/7LnmveeNwbGuPS
+CyW1GY+7yYBwjMnnsFnnprl2curgER/HeOXf3bBxnoxbSVFdaZILPRVStLngzhYJ
+7qGOGWHWdukDDzgCDfdOVEOwLAiV4TXhCoKzaRKaUV63Ul9pEG2ogkQHlsW7zTmX
+4DJNdpBgmB/ohjuAceY3xUrKj9TBZf9KPKYE1D8xoig5qCUhWUqWrltxBBbNubsa
+UIXun9Hf1zemgViLuPI2s5/RD5uY3x6FpkXeNGRHvPT7+LnKrPNi4g41m1FZ+wvj
+xPkNVXBLJgEIsHtYTKvY8dXaA+k1xyFvqjWf1RjuG8TYIlvHoDkCAwEAAaNAMD4w
+HQYDVR0RBBYwFIISY29pcC10ZXN0LnN1bmV0LnNlMB0GA1UdDgQWBBR/jp1zUgjw
+rKZimB05qmprVJvYEDANBgkqhkiG9w0BAQUFAAOCAQEAeAYegf9tMG2Lg7AW2tIq
+5bTbaMwRzLtFkB1KZrh17RUSneiF1FrRD5Qo4O1/rh0PrxO9+R1M9VpYXrcEg48u
+TLOo7EEaJaF7+Eh9Z/UaJjY5zL6hhQSW+nxHHtluuIRCJwH26oF04v9Ty9TC+4Ax
+g6NuvysrzRWhdeWh4voY1lBi1po+/MqUWufXS/uxrHBT9XNSb6dvqWTvUEe09Sj9
+UTHOU967H8PfFKB6w8/lIqCd66P3PnZrNQVmfbjDkrASkmvhUKEMc//Nn/+MS02T
+uXfFMclNeY0vwkDmtQCDB2o8DGQS8H3hpXb2MmJtFgu/81yZRqX/0uRC3kGBQXyd
+cA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>coip-test.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=coip-test.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJAMJwrBkmzHKJMA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNV
+BAMTEmNvaXAtdGVzdC5zdW5ldC5zZTAeFw0xMDEyMDcwOTM0NTFaFw0yMDEyMDQw
+OTM0NTFaMB0xGzAZBgNVBAMTEmNvaXAtdGVzdC5zdW5ldC5zZTCCASIwDQYJKoZI
+hvcNAQEBBQADggEPADCCAQoCggEBAMR4JETtaGG+7n5+NksVT/7LnmveeNwbGuPS
+CyW1GY+7yYBwjMnnsFnnprl2curgER/HeOXf3bBxnoxbSVFdaZILPRVStLngzhYJ
+7qGOGWHWdukDDzgCDfdOVEOwLAiV4TXhCoKzaRKaUV63Ul9pEG2ogkQHlsW7zTmX
+4DJNdpBgmB/ohjuAceY3xUrKj9TBZf9KPKYE1D8xoig5qCUhWUqWrltxBBbNubsa
+UIXun9Hf1zemgViLuPI2s5/RD5uY3x6FpkXeNGRHvPT7+LnKrPNi4g41m1FZ+wvj
+xPkNVXBLJgEIsHtYTKvY8dXaA+k1xyFvqjWf1RjuG8TYIlvHoDkCAwEAAaNAMD4w
+HQYDVR0RBBYwFIISY29pcC10ZXN0LnN1bmV0LnNlMB0GA1UdDgQWBBR/jp1zUgjw
+rKZimB05qmprVJvYEDANBgkqhkiG9w0BAQUFAAOCAQEAeAYegf9tMG2Lg7AW2tIq
+5bTbaMwRzLtFkB1KZrh17RUSneiF1FrRD5Qo4O1/rh0PrxO9+R1M9VpYXrcEg48u
+TLOo7EEaJaF7+Eh9Z/UaJjY5zL6hhQSW+nxHHtluuIRCJwH26oF04v9Ty9TC+4Ax
+g6NuvysrzRWhdeWh4voY1lBi1po+/MqUWufXS/uxrHBT9XNSb6dvqWTvUEe09Sj9
+UTHOU967H8PfFKB6w8/lIqCd66P3PnZrNQVmfbjDkrASkmvhUKEMc//Nn/+MS02T
+uXfFMclNeY0vwkDmtQCDB2o8DGQS8H3hpXb2MmJtFgu/81yZRqX/0uRC3kGBQXyd
+cA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://coip-test.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://coip-test.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://coip-test.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://coip-test.sunet.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://coip-test.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://coip-test.sunet.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://coip-test.sunet.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://coip-test.sunet.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://coip-test.sunet.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://coip-test.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.hkr.se/idp/shibboleth" xml:base="swamid-1.0/idp.hkr.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hkr.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+
+MIIDFDCCAfygAwIBAgIVAJFwJo5KjpvOv/slniklC/Nf19gKMA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5oa3Iuc2UwHhcNMTAxMjEwMTExMDM2WhcNMzAx
+MjEwMTExMDM2WjAVMRMwEQYDVQQDEwppZHAuaGtyLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAmLMMJQyBS/1Caas2d1zoAj1jlxYs9axLJPDujiP0
+fJ8F3gjMxtl/A7Y+eVFqnRFzHNuaEKaqZ8S+XGnRi8kw3AdPbPJZB4g+LTRPI8WB
+xDo49uubfZbpyi8zZUqoqOSLeNxMKFqgkq9bd0Yeh4bI7r/bjuvcx4tioOP3UnT4
+CBfTL6uxyCWFW8mP9TbmnQ4lZN5O4elIKrea+8XiumRa2q5qpXVtdqF5h9YI+jYK
+6zj9pMzUlPPvIyOzGFLxLSN0KRM7EgV3FRD65y9hCnTzuQtFrqwktBOVs5fwavyr
+bKht5KrIaVrozMBscr8STgQ8SKEDMCDqxu/hS0IqoweTyQIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAuaGtyLnNlhiFodHRwczovL2lkcC5oa3Iuc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFLIjYPKZGp/Bncfc+KnH8Pdf7FukMA0GCSqGSIb3DQEB
+BQUAA4IBAQCQ3m4eN6leAlXf9v8xcZjrzQhHCg4ceDnixMUINTsFfXktfYsSSonr
+Cdh/mhttMxnk/34Tu1XMfYn8ABPVxvvcaBZ9Brl21BBsvk3MOdbDNO6cB05GXdms
+exr3aJFvRwY6Vy0AWtUgDFXdYPiIVPUrpC7NA+X78fq3IVmPn0WFlQ9KpM8hXNz0
+HwlY06myFNjI7dvt8xjAqJy+ICilu06RTs7oCynE45nkrLaZjpploIn3xcYt0ceK
+qU1LY9aaqaEgKSsNHlPoCW9eH4oUP3f/X8h21pAtgGA8AIt2RegT6HfVqnZPAtUk
+kgLpO4NuqQRRqV5FxbnmTvt25NApGY5k
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hkr.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hkr.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.hkr.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.hkr.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.hkr.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.hkr.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hkr.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+
+MIIDFDCCAfygAwIBAgIVAJFwJo5KjpvOv/slniklC/Nf19gKMA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5oa3Iuc2UwHhcNMTAxMjEwMTExMDM2WhcNMzAx
+MjEwMTExMDM2WjAVMRMwEQYDVQQDEwppZHAuaGtyLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAmLMMJQyBS/1Caas2d1zoAj1jlxYs9axLJPDujiP0
+fJ8F3gjMxtl/A7Y+eVFqnRFzHNuaEKaqZ8S+XGnRi8kw3AdPbPJZB4g+LTRPI8WB
+xDo49uubfZbpyi8zZUqoqOSLeNxMKFqgkq9bd0Yeh4bI7r/bjuvcx4tioOP3UnT4
+CBfTL6uxyCWFW8mP9TbmnQ4lZN5O4elIKrea+8XiumRa2q5qpXVtdqF5h9YI+jYK
+6zj9pMzUlPPvIyOzGFLxLSN0KRM7EgV3FRD65y9hCnTzuQtFrqwktBOVs5fwavyr
+bKht5KrIaVrozMBscr8STgQ8SKEDMCDqxu/hS0IqoweTyQIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAuaGtyLnNlhiFodHRwczovL2lkcC5oa3Iuc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFLIjYPKZGp/Bncfc+KnH8Pdf7FukMA0GCSqGSIb3DQEB
+BQUAA4IBAQCQ3m4eN6leAlXf9v8xcZjrzQhHCg4ceDnixMUINTsFfXktfYsSSonr
+Cdh/mhttMxnk/34Tu1XMfYn8ABPVxvvcaBZ9Brl21BBsvk3MOdbDNO6cB05GXdms
+exr3aJFvRwY6Vy0AWtUgDFXdYPiIVPUrpC7NA+X78fq3IVmPn0WFlQ9KpM8hXNz0
+HwlY06myFNjI7dvt8xjAqJy+ICilu06RTs7oCynE45nkrLaZjpploIn3xcYt0ceK
+qU1LY9aaqaEgKSsNHlPoCW9eH4oUP3f/X8h21pAtgGA8AIt2RegT6HfVqnZPAtUk
+kgLpO4NuqQRRqV5FxbnmTvt25NApGY5k
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hkr.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.hkr.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">HKR</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan Kristianstad</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hkr.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan Kristianstad</Company>
+ <EmailAddress>roland.svedman@hkr.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://betafoo.nordu.net/shibboleth" xml:base="swamid-1.0/betafoo.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://betafoo.nordu.net/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>betafoo.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=betafoo.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJAJcnUckMzCEjMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWJldGFmb28ubm9yZHUubmV0MB4XDTExMDEzMTEwNDc0NloXDTIxMDEyODEw
+NDc0NlowHDEaMBgGA1UEAxMRYmV0YWZvby5ub3JkdS5uZXQwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDxkMjf4u1aGvGcgppjB/Ui0jgPSBgW9jfv5AEC
+1Jd5LFr9DrdwS7wypNHVi7oG/n8uZt8ir2fzyACvjPS5vR7Ot6FYLBqiqCUgmHx8
+PGfzRQSYgPK59TEJxDYr+t7TGo2SHrsm7cDLEuC4zEia47V2PYm7NyATiUaj9l6v
+7YV6Ug+KfNsDFoQZTzELfq51OkRFWKpcfGy+G+YJtkktyyq9ZraP8wh5bkY6pIhk
+418WsXrbLVLYpln39t4Im8BZ37VfZGTYWb3R6FZIuQvkQMG+lLVtEpXR7pAHd5z5
+Ty266oLLKk8DZ2f96FPhCqnTK43TIMEpWYv+lj/+a4jmHlTnAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEWJldGFmb28ubm9yZHUubmV0MB0GA1UdDgQWBBTnzBrWzC6oEOSr
+2hJJXHNMGPWjhzANBgkqhkiG9w0BAQUFAAOCAQEAb1Mb0qf5fZB2TwVFHX1Qo6ZI
+B5sBgoPG5XFCoizYB3jtV84BqI569tKX3uCOH5rei0hnzNmvLmgTkrGX0knEZ2DY
+Mrbtyu2KKHSNdEAI8ejaCLxmshH1TUYWqFcbutc/QN1a9PB6X31QiW+Vg3Efd28j
+aXb0pPsloSBzVa9wCG/9Nu9K9I0Y5mZ7coL8jr9nlPaozV+HuTFbe9Nmk1kW6c1F
+ULagtI+ZXDBGLeLxg+iO0mWco2PO+80oyOaroIVGlRwUxzfx/jGuJKn727B/9N2V
+GZGPT3vTvdtiWRSFXtRKzHR9LN6ZLEnVcXPKm6vWquMarXlNnQLdGVikISOjSA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>betafoo.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=betafoo.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJAJcnUckMzCEjMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWJldGFmb28ubm9yZHUubmV0MB4XDTExMDEzMTEwNDc0NloXDTIxMDEyODEw
+NDc0NlowHDEaMBgGA1UEAxMRYmV0YWZvby5ub3JkdS5uZXQwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQDxkMjf4u1aGvGcgppjB/Ui0jgPSBgW9jfv5AEC
+1Jd5LFr9DrdwS7wypNHVi7oG/n8uZt8ir2fzyACvjPS5vR7Ot6FYLBqiqCUgmHx8
+PGfzRQSYgPK59TEJxDYr+t7TGo2SHrsm7cDLEuC4zEia47V2PYm7NyATiUaj9l6v
+7YV6Ug+KfNsDFoQZTzELfq51OkRFWKpcfGy+G+YJtkktyyq9ZraP8wh5bkY6pIhk
+418WsXrbLVLYpln39t4Im8BZ37VfZGTYWb3R6FZIuQvkQMG+lLVtEpXR7pAHd5z5
+Ty266oLLKk8DZ2f96FPhCqnTK43TIMEpWYv+lj/+a4jmHlTnAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEWJldGFmb28ubm9yZHUubmV0MB0GA1UdDgQWBBTnzBrWzC6oEOSr
+2hJJXHNMGPWjhzANBgkqhkiG9w0BAQUFAAOCAQEAb1Mb0qf5fZB2TwVFHX1Qo6ZI
+B5sBgoPG5XFCoizYB3jtV84BqI569tKX3uCOH5rei0hnzNmvLmgTkrGX0knEZ2DY
+Mrbtyu2KKHSNdEAI8ejaCLxmshH1TUYWqFcbutc/QN1a9PB6X31QiW+Vg3Efd28j
+aXb0pPsloSBzVa9wCG/9Nu9K9I0Y5mZ7coL8jr9nlPaozV+HuTFbe9Nmk1kW6c1F
+ULagtI+ZXDBGLeLxg+iO0mWco2PO+80oyOaroIVGlRwUxzfx/jGuJKn727B/9N2V
+GZGPT3vTvdtiWRSFXtRKzHR9LN6ZLEnVcXPKm6vWquMarXlNnQLdGVikISOjSA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://betafoo.nordu.net/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://betafoo.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://betafoo.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://betafoo.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://betafoo.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://betafoo.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://betafoo.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://betafoo.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://betafoo.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://betafoo.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://betafoo.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://betafoo.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://betafoo.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://betafoo.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://betafoo.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="http://idp.chalmers.se/adfs/services/trust" xml:base="swamid-1.0/idp.chalmers.se.xml">
+ <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:ApplicationServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp.chalmers.se">
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC4DCCAcigAwIBAgIQEp9COrofZZtPkRgYPamoEDANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZHAuY2hhbG1lcnMuc2UwHhcNMTEwMTI3MTI1MzI0WhcNMTIwMTI3MTI1MzI0WjAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9XODqG7kiv2O8KUD4iXa4OX7+v3XkAE4oBkFJyAAS/kKeHEsCrD4dVZQlKL4QWbasgEx6dtxdTFNLcSKiJSEVHN7rgWApjK+1txMq/G8GNVKAT1Qh7wy/Owb9AUfx2JCZ+/G9PDhSiY33izug6YC5a0QD7UH4bO6a+wQeaRqhVN9fTiurBB3+clZZT98NZqgSnFVvBZdNV8Zfmg/+6ST/TTictUSxyqlMgi0tAhxoovoPOaSumrbSiCOe740qjJbfA0Ven+ot3kWn3duw1HRM5s0CZS3NqWnTIT3DOGWRh9hX7wy5cT7/4c+Fd/vSEqGAaVbNkQoS1h8GkRhDEMaxAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJm2+Nh5ERESFdZkGVaUF3aGeLGtCx6GpWt0khJ0knLwFNGgwuLBGboLFlwqQaWckplJBMzUAMwpMk4cW0JTcxn+r1i4+USpz9zIHyBpDtJM/F+ALzMjiZ/h4gjWiwhI1TRJ5HNVeKLII6i3OgfBx/A60Ea25pINnK6SlUaSiG4IJR93D87mxlcZRLOdlF5JOWfHrUY5RNJWn0VQ2VfS6mbqm1uRGiy4qXZUrQFqR4csFy96Kpsn80MeMg1bXI4VqR9XGm/F1+c++leSdetzwNyWid6WcG/h/mWWgAZ6+GdrdVmAOyiUS/6VSuDe4R0bwLCqmgEDtKudDFFpxdhd9yI=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <fed:ClaimTypesRequested>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
+ <auth:DisplayName>E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
+ <auth:DisplayName>Given Name</auth:DisplayName>
+ <auth:Description>The given name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
+ <auth:DisplayName>Name</auth:DisplayName>
+ <auth:Description>The unique name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
+ <auth:DisplayName>UPN</auth:DisplayName>
+ <auth:Description>The user principal name (UPN) of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
+ <auth:DisplayName>Common Name</auth:DisplayName>
+ <auth:Description>The common name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
+ <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
+ <auth:DisplayName>Group</auth:DisplayName>
+ <auth:Description>A group that the user is a member of</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
+ <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
+ <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
+ <auth:DisplayName>Role</auth:DisplayName>
+ <auth:Description>A role that the user has</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
+ <auth:DisplayName>Surname</auth:DisplayName>
+ <auth:Description>The surname of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
+ <auth:DisplayName>PPID</auth:DisplayName>
+ <auth:Description>The private identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
+ <auth:DisplayName>Name ID</auth:DisplayName>
+ <auth:Description>The SAML name identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
+ <auth:DisplayName>Authentication time stamp</auth:DisplayName>
+ <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
+ <auth:DisplayName>Authentication method</auth:DisplayName>
+ <auth:Description>The method used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
+ <auth:DisplayName>Deny only group SID</auth:DisplayName>
+ <auth:Description>The deny-only group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
+ <auth:DisplayName>Deny only primary SID</auth:DisplayName>
+ <auth:Description>The deny-only primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
+ <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
+ <auth:Description>The deny-only primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
+ <auth:DisplayName>Group SID</auth:DisplayName>
+ <auth:Description>The group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
+ <auth:DisplayName>Primary group SID</auth:DisplayName>
+ <auth:Description>The primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
+ <auth:DisplayName>Primary SID</auth:DisplayName>
+ <auth:Description>The primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
+ <auth:DisplayName>Windows account name</auth:DisplayName>
+ <auth:Description>The domain account name of the user in the form of &lt;domain&gt;\&lt;user&gt;</auth:Description>
+ </auth:ClaimType>
+ </fed:ClaimTypesRequested>
+ <fed:TargetScopes>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/services/trust/2005/issuedtokenmixedsymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/services/trust/13/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/services/trust/13/issuedtokenmixedsymmetricbasic256</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/ls/</Address>
+ </EndpointReference>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>http://idp.chalmers.se/adfs/services/trust</Address>
+ </EndpointReference>
+ </fed:TargetScopes>
+ <fed:ApplicationServiceEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/services/trust/2005/issuedtokenmixedasymmetricbasic256</Address>
+ </EndpointReference>
+ </fed:ApplicationServiceEndpoint>
+ <fed:PassiveRequestorEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/ls/</Address>
+ </EndpointReference>
+ </fed:PassiveRequestorEndpoint>
+ </RoleDescriptor>
+ <RoleDescriptor xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" xsi:type="fed:SecurityTokenServiceType" protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="idp.chalmers.se">
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC2jCCAcKgAwIBAgIQEXJmCBiBaLxDrNDUr+X/eDANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZHAuY2hhbG1lcnMuc2UwHhcNMTEwMTI3MTI1MzI0WhcNMTIwMTI3MTI1MzI0WjApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRtkkCmvoX3Eg7lZIZehi8/Kx1rsRvEeeeAjTqOZMJUNj9/fvlfiudNSqeOQwopwyKdz5MaJUxzzPLt0/SXhKMKDxVjMdVn0hbPhmsxaASFjbyd0K+O32JlaUi9Cqx17hwMS//+cQ1sf3lV1RNGR97pncYWaeAu7+HUvqb3kvtmh3g6YYN8BBlI5AegE9BHXxUuDoGUUl12XJJ1awgBBa/e+69KbtknmScC1bSx8lNli0iJpZ4wyHjVq+xqSbnpxIL+S94j+fj2MHwe+ML7cJJZkkhywCZQJaD61jVii3P+0XVYPH64KxWeJbQYEs8DCujum28zU91kz1Fd+SqEopFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJffudoM9hmPtWmQbvdc8ccaBToXmB80/d7w5nJaUpNuA7XOYN4Msv77pv5t7F6vgLCDEI0mbM2BiLez7KA5J5F365csIz5PQ9lWYphiwzEOLGImrDn79EbMp0AKvxdYeYGkWpMNVZhB+BdOW/q2/RnkaZdxasATCZNewNLLzlSMt2UFgEJ0N/BTN7DJm532U8aZftZlTaS2MHJ/2SwheiHy2gTs//59EDvY7A6IYeQ3ldVklmTvbcmyKp1s84AD0yf+QZX4tbLQphiJRR3fkPXd9TRccnMrDJI/qZzM2bxYcK/Grj08tWpsM38IbeMvlE1/f2a42S0XeTcCEy+lzbs=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <fed:TokenTypesOffered>
+ <fed:TokenType Uri="urn:oasis:names:tc:SAML:2.0:assertion"/>
+ <fed:TokenType Uri="urn:oasis:names:tc:SAML:1.0:assertion"/>
+ </fed:TokenTypesOffered>
+ <fed:ClaimTypesOffered>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="true">
+ <auth:DisplayName>E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="true">
+ <auth:DisplayName>Given Name</auth:DisplayName>
+ <auth:Description>The given name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" Optional="true">
+ <auth:DisplayName>Name</auth:DisplayName>
+ <auth:Description>The unique name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" Optional="true">
+ <auth:DisplayName>UPN</auth:DisplayName>
+ <auth:Description>The user principal name (UPN) of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/CommonName" Optional="true">
+ <auth:DisplayName>Common Name</auth:DisplayName>
+ <auth:Description>The common name of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/EmailAddress" Optional="true">
+ <auth:DisplayName>AD FS 1.x E-Mail Address</auth:DisplayName>
+ <auth:Description>The e-mail address of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/Group" Optional="true">
+ <auth:DisplayName>Group</auth:DisplayName>
+ <auth:Description>A group that the user is a member of</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/claims/UPN" Optional="true">
+ <auth:DisplayName>AD FS 1.x UPN</auth:DisplayName>
+ <auth:Description>The UPN of the user when interoperating with AD FS 1.1 or ADFS 1.0</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" Optional="true">
+ <auth:DisplayName>Role</auth:DisplayName>
+ <auth:Description>A role that the user has</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="true">
+ <auth:DisplayName>Surname</auth:DisplayName>
+ <auth:Description>The surname of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" Optional="true">
+ <auth:DisplayName>PPID</auth:DisplayName>
+ <auth:Description>The private identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="true">
+ <auth:DisplayName>Name ID</auth:DisplayName>
+ <auth:Description>The SAML name identifier of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" Optional="true">
+ <auth:DisplayName>Authentication time stamp</auth:DisplayName>
+ <auth:Description>Used to display the time and date that the user was authenticated</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" Optional="true">
+ <auth:DisplayName>Authentication method</auth:DisplayName>
+ <auth:Description>The method used to authenticate the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" Optional="true">
+ <auth:DisplayName>Deny only group SID</auth:DisplayName>
+ <auth:Description>The deny-only group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" Optional="true">
+ <auth:DisplayName>Deny only primary SID</auth:DisplayName>
+ <auth:Description>The deny-only primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" Optional="true">
+ <auth:DisplayName>Deny only primary group SID</auth:DisplayName>
+ <auth:Description>The deny-only primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" Optional="true">
+ <auth:DisplayName>Group SID</auth:DisplayName>
+ <auth:Description>The group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" Optional="true">
+ <auth:DisplayName>Primary group SID</auth:DisplayName>
+ <auth:Description>The primary group SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" Optional="true">
+ <auth:DisplayName>Primary SID</auth:DisplayName>
+ <auth:Description>The primary SID of the user</auth:Description>
+ </auth:ClaimType>
+ <auth:ClaimType xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" Uri="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" Optional="true">
+ <auth:DisplayName>Windows account name</auth:DisplayName>
+ <auth:Description>The domain account name of the user in the form of &lt;domain&gt;\&lt;user&gt;</auth:Description>
+ </auth:ClaimType>
+ </fed:ClaimTypesOffered>
+ <fed:SecurityTokenServiceEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/services/trust/2005/certificatemixed</Address>
+ <Metadata>
+ <Metadata xmlns="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex">
+ <wsx:MetadataSection xmlns="" Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
+ <wsx:MetadataReference>
+ <Address xmlns="http://www.w3.org/2005/08/addressing">https://idp.chalmers.se/adfs/services/trust/mex</Address>
+ </wsx:MetadataReference>
+ </wsx:MetadataSection>
+ </Metadata>
+ </Metadata>
+ </EndpointReference>
+ </fed:SecurityTokenServiceEndpoint>
+ <fed:PassiveRequestorEndpoint>
+ <EndpointReference xmlns="http://www.w3.org/2005/08/addressing">
+ <Address>https://idp.chalmers.se/adfs/ls/</Address>
+ </EndpointReference>
+ </fed:PassiveRequestorEndpoint>
+ </RoleDescriptor>
+ <SPSSODescriptor WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC4DCCAcigAwIBAgIQEp9COrofZZtPkRgYPamoEDANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZHAuY2hhbG1lcnMuc2UwHhcNMTEwMTI3MTI1MzI0WhcNMTIwMTI3MTI1MzI0WjAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9XODqG7kiv2O8KUD4iXa4OX7+v3XkAE4oBkFJyAAS/kKeHEsCrD4dVZQlKL4QWbasgEx6dtxdTFNLcSKiJSEVHN7rgWApjK+1txMq/G8GNVKAT1Qh7wy/Owb9AUfx2JCZ+/G9PDhSiY33izug6YC5a0QD7UH4bO6a+wQeaRqhVN9fTiurBB3+clZZT98NZqgSnFVvBZdNV8Zfmg/+6ST/TTictUSxyqlMgi0tAhxoovoPOaSumrbSiCOe740qjJbfA0Ven+ot3kWn3duw1HRM5s0CZS3NqWnTIT3DOGWRh9hX7wy5cT7/4c+Fd/vSEqGAaVbNkQoS1h8GkRhDEMaxAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJm2+Nh5ERESFdZkGVaUF3aGeLGtCx6GpWt0khJ0knLwFNGgwuLBGboLFlwqQaWckplJBMzUAMwpMk4cW0JTcxn+r1i4+USpz9zIHyBpDtJM/F+ALzMjiZ/h4gjWiwhI1TRJ5HNVeKLII6i3OgfBx/A60Ea25pINnK6SlUaSiG4IJR93D87mxlcZRLOdlF5JOWfHrUY5RNJWn0VQ2VfS6mbqm1uRGiy4qXZUrQFqR4csFy96Kpsn80MeMg1bXI4VqR9XGm/F1+c++leSdetzwNyWid6WcG/h/mWWgAZ6+GdrdVmAOyiUS/6VSuDe4R0bwLCqmgEDtKudDFFpxdhd9yI=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC2jCCAcKgAwIBAgIQEXJmCBiBaLxDrNDUr+X/eDANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZHAuY2hhbG1lcnMuc2UwHhcNMTEwMTI3MTI1MzI0WhcNMTIwMTI3MTI1MzI0WjApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRtkkCmvoX3Eg7lZIZehi8/Kx1rsRvEeeeAjTqOZMJUNj9/fvlfiudNSqeOQwopwyKdz5MaJUxzzPLt0/SXhKMKDxVjMdVn0hbPhmsxaASFjbyd0K+O32JlaUi9Cqx17hwMS//+cQ1sf3lV1RNGR97pncYWaeAu7+HUvqb3kvtmh3g6YYN8BBlI5AegE9BHXxUuDoGUUl12XJJ1awgBBa/e+69KbtknmScC1bSx8lNli0iJpZ4wyHjVq+xqSbnpxIL+S94j+fj2MHwe+ML7cJJZkkhywCZQJaD61jVii3P+0XVYPH64KxWeJbQYEs8DCujum28zU91kz1Fd+SqEopFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJffudoM9hmPtWmQbvdc8ccaBToXmB80/d7w5nJaUpNuA7XOYN4Msv77pv5t7F6vgLCDEI0mbM2BiLez7KA5J5F365csIz5PQ9lWYphiwzEOLGImrDn79EbMp0AKvxdYeYGkWpMNVZhB+BdOW/q2/RnkaZdxasATCZNewNLLzlSMt2UFgEJ0N/BTN7DJm532U8aZftZlTaS2MHJ/2SwheiHy2gTs//59EDvY7A6IYeQ3ldVklmTvbcmyKp1s84AD0yf+QZX4tbLQphiJRR3fkPXd9TRccnMrDJI/qZzM2bxYcK/Grj08tWpsM38IbeMvlE1/f2a42S0XeTcCEy+lzbs=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.chalmers.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.chalmers.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.chalmers.se/adfs/ls/" index="0" isDefault="true"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://idp.chalmers.se/adfs/ls/" index="1"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.chalmers.se/adfs/ls/" index="2"/>
+ </SPSSODescriptor>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <Extensions>
+ <shibmd:Scope regexp="false">chalmers.se</shibmd:Scope>
+ </Extensions>
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC4DCCAcigAwIBAgIQEp9COrofZZtPkRgYPamoEDANBgkqhkiG9w0BAQsFADAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZHAuY2hhbG1lcnMuc2UwHhcNMTEwMTI3MTI1MzI0WhcNMTIwMTI3MTI1MzI0WjAsMSowKAYDVQQDEyFBREZTIEVuY3J5cHRpb24gLSBpZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC9XODqG7kiv2O8KUD4iXa4OX7+v3XkAE4oBkFJyAAS/kKeHEsCrD4dVZQlKL4QWbasgEx6dtxdTFNLcSKiJSEVHN7rgWApjK+1txMq/G8GNVKAT1Qh7wy/Owb9AUfx2JCZ+/G9PDhSiY33izug6YC5a0QD7UH4bO6a+wQeaRqhVN9fTiurBB3+clZZT98NZqgSnFVvBZdNV8Zfmg/+6ST/TTictUSxyqlMgi0tAhxoovoPOaSumrbSiCOe740qjJbfA0Ven+ot3kWn3duw1HRM5s0CZS3NqWnTIT3DOGWRh9hX7wy5cT7/4c+Fd/vSEqGAaVbNkQoS1h8GkRhDEMaxAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJm2+Nh5ERESFdZkGVaUF3aGeLGtCx6GpWt0khJ0knLwFNGgwuLBGboLFlwqQaWckplJBMzUAMwpMk4cW0JTcxn+r1i4+USpz9zIHyBpDtJM/F+ALzMjiZ/h4gjWiwhI1TRJ5HNVeKLII6i3OgfBx/A60Ea25pINnK6SlUaSiG4IJR93D87mxlcZRLOdlF5JOWfHrUY5RNJWn0VQ2VfS6mbqm1uRGiy4qXZUrQFqR4csFy96Kpsn80MeMg1bXI4VqR9XGm/F1+c++leSdetzwNyWid6WcG/h/mWWgAZ6+GdrdVmAOyiUS/6VSuDe4R0bwLCqmgEDtKudDFFpxdhd9yI=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC2jCCAcKgAwIBAgIQEXJmCBiBaLxDrNDUr+X/eDANBgkqhkiG9w0BAQsFADApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZHAuY2hhbG1lcnMuc2UwHhcNMTEwMTI3MTI1MzI0WhcNMTIwMTI3MTI1MzI0WjApMScwJQYDVQQDEx5BREZTIFNpZ25pbmcgLSBpZHAuY2hhbG1lcnMuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDRtkkCmvoX3Eg7lZIZehi8/Kx1rsRvEeeeAjTqOZMJUNj9/fvlfiudNSqeOQwopwyKdz5MaJUxzzPLt0/SXhKMKDxVjMdVn0hbPhmsxaASFjbyd0K+O32JlaUi9Cqx17hwMS//+cQ1sf3lV1RNGR97pncYWaeAu7+HUvqb3kvtmh3g6YYN8BBlI5AegE9BHXxUuDoGUUl12XJJ1awgBBa/e+69KbtknmScC1bSx8lNli0iJpZ4wyHjVq+xqSbnpxIL+S94j+fj2MHwe+ML7cJJZkkhywCZQJaD61jVii3P+0XVYPH64KxWeJbQYEs8DCujum28zU91kz1Fd+SqEopFAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAJffudoM9hmPtWmQbvdc8ccaBToXmB80/d7w5nJaUpNuA7XOYN4Msv77pv5t7F6vgLCDEI0mbM2BiLez7KA5J5F365csIz5PQ9lWYphiwzEOLGImrDn79EbMp0AKvxdYeYGkWpMNVZhB+BdOW/q2/RnkaZdxasATCZNewNLLzlSMt2UFgEJ0N/BTN7DJm532U8aZftZlTaS2MHJ/2SwheiHy2gTs//59EDvY7A6IYeQ3ldVklmTvbcmyKp1s84AD0yf+QZX4tbLQphiJRR3fkPXd9TRccnMrDJI/qZzM2bxYcK/Grj08tWpsM38IbeMvlE1/f2a42S0XeTcCEy+lzbs=</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.chalmers.se/adfs/services/trust/artifactresolution" index="0"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.chalmers.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.chalmers.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.chalmers.se/adfs/ls/"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.chalmers.se/adfs/ls/"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">CHALMERS</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Chalmers</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.chalmers.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Chalmers</Company>
+ <EmailAddress>appro@chalmers.se</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <Company>Chalmers</Company>
+ <EmailAddress>nrq@chalmers.se</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <Company>Chalmers</Company>
+ <EmailAddress>biorn@chalmers.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://umdac-utv1.ad.umu.se/shibboleth" xml:base="swamid-1.0/umdac-utv1.ad.umu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/DS/ds.swamid.se"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>Tommy Larsson</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=tommy.larsson@adm.umu.se,CN=Tommy Larsson,OU=ITS,O=ITS,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEnjCCA4agAwIBAgIJAJEv/JM5LIg2MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD
+VQQGEwJTRTEVMBMGA1UECBMMVmFzdGVyYm90dGVuMQ0wCwYDVQQHEwRVbWVhMQww
+CgYDVQQKEwNJVFMxDDAKBgNVBAsTA0lUUzEWMBQGA1UEAxMNVG9tbXkgTGFyc3Nv
+bjEnMCUGCSqGSIb3DQEJARYYdG9tbXkubGFyc3NvbkBhZG0udW11LnNlMB4XDTEx
+MDEyNzA4NDcyOVoXDTEzMTIxMDA4NDcyOVowgZAxCzAJBgNVBAYTAlNFMRUwEwYD
+VQQIEwxWYXN0ZXJib3R0ZW4xDTALBgNVBAcTBFVtZWExDDAKBgNVBAoTA0lUUzEM
+MAoGA1UECxMDSVRTMRYwFAYDVQQDEw1Ub21teSBMYXJzc29uMScwJQYJKoZIhvcN
+AQkBFhh0b21teS5sYXJzc29uQGFkbS51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDsxGkZlSQiqzNG33NY9U+7skx7LQSXB/6tjjbkM/VjDqfa
+KNd1uWJuP6NWgoOD3vAlCljL3EuBWMKysyDiJBi8BS02/YT2IBRuXxQ7VK5tvE3/
+GwKH2j/nTPTlpevfcQuv+5Rpwde6fpMsm/rZmoaEWdBhLSuvzY4HJHRa+qGJlJoh
+ylaQsQjj8smh+6+pNgYNQH/g3FSuf7/xwSmpIdjy84HYtuV8Bi+bx6OU0/NC3oyH
+YaxZj0TTk96929pSO5jIgwQQ91Jws8rh5wxHy7ZAQrxSni8sxst6euqH0LCmFI6b
+jjxBclg6VvB1zCNsMRHakiUNJwNMDdpeWuhAcEVVAgMBAAGjgfgwgfUwHQYDVR0O
+BBYEFEBdLsnYxFEP+hBIqHEyx/8IDMIJMIHFBgNVHSMEgb0wgbqAFEBdLsnYxFEP
++hBIqHEyx/8IDMIJoYGWpIGTMIGQMQswCQYDVQQGEwJTRTEVMBMGA1UECBMMVmFz
+dGVyYm90dGVuMQ0wCwYDVQQHEwRVbWVhMQwwCgYDVQQKEwNJVFMxDDAKBgNVBAsT
+A0lUUzEWMBQGA1UEAxMNVG9tbXkgTGFyc3NvbjEnMCUGCSqGSIb3DQEJARYYdG9t
+bXkubGFyc3NvbkBhZG0udW11LnNlggkAkS/8kzksiDYwDAYDVR0TBAUwAwEB/zAN
+BgkqhkiG9w0BAQUFAAOCAQEAV7YyyId9u6p0X6EVdYYgJRw3YgPeT/7KQAXrM5Fd
++0ZloD6py7JKk6MjKSJKPh7dcfxubJZWpPpv4tvLlxVh5d8h1ke8B9Pll/SOkF7m
+T6an+GTWbWfB3C5w2LbiuwdHvydvJgM61f8437rF9s22MYeSStuhsnzT8KlUg6OV
+rzavOVnYMhei94uDmHesTRdB1GlO7Gut34C8V9L9CysEj6ezjPaeUTw/1+oP81SS
+wlEG2Ix+o0k2AGIkAww8dfmdCG6TSWJ7ovpvHeNgC9BoGrANqmLDG/tFlx6CZxtp
+NwnL2DNdxAIqK+BGt+Q0XVGJGEfnh/8XuYwTn2MNoJcxSQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://umdac-utv1.ad.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://umdac-utv2.ad.umu.se/shibboleth" xml:base="swamid-1.0/umdac-utv2.ad.umu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/DS/ds.swamid.se"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>Tommy Larsson</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=tommy.larsson@adm.umu.se,CN=Tommy Larsson,OU=ITS,O=ITS,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEnjCCA4agAwIBAgIJAIDYaU8/yyu2MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD
+VQQGEwJTRTEVMBMGA1UECBMMVmFzdGVyYm90dGVuMQ0wCwYDVQQHEwRVbWVhMQww
+CgYDVQQKEwNJVFMxDDAKBgNVBAsTA0lUUzEWMBQGA1UEAxMNVG9tbXkgTGFyc3Nv
+bjEnMCUGCSqGSIb3DQEJARYYdG9tbXkubGFyc3NvbkBhZG0udW11LnNlMB4XDTEx
+MDIwMzA4MzM0NloXDTEzMTIxNzA4MzM0NlowgZAxCzAJBgNVBAYTAlNFMRUwEwYD
+VQQIEwxWYXN0ZXJib3R0ZW4xDTALBgNVBAcTBFVtZWExDDAKBgNVBAoTA0lUUzEM
+MAoGA1UECxMDSVRTMRYwFAYDVQQDEw1Ub21teSBMYXJzc29uMScwJQYJKoZIhvcN
+AQkBFhh0b21teS5sYXJzc29uQGFkbS51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQCwJB8hLp6xfRSvszffewqylgUKoW2ToLuSiPeGlHgLdJ68
+4C3nq3eA8REZswiYewrCVAh4Hy8rHTFZY6l1RbmPcVGKM9v+VBv1zLZm0UO3m1N1
+K8I90TvLMw6L5uQqrLwWlNSTUY2ymWIuJ9ySIKVuDp8zrsMDCy1fd8q0fk+uNmJb
+b8cFxiyFZEBS1dzNyiJswo8Coz98qZWUKZKNUZbDFNCD/dts9bjDQF+RbT2sbr8I
+Di3iwVFN1w75T7yEmetfnQYaVZbMbJsLnpuAKGyZJP4rEHsSHxmwd7R162OcWGON
+dvXNTBQ+ktgbLO+GM2T3tOPdCwtFWRRxt4oKfHYLAgMBAAGjgfgwgfUwHQYDVR0O
+BBYEFHhciuUqHJCUY3mPFShUUaYl5wSBMIHFBgNVHSMEgb0wgbqAFHhciuUqHJCU
+Y3mPFShUUaYl5wSBoYGWpIGTMIGQMQswCQYDVQQGEwJTRTEVMBMGA1UECBMMVmFz
+dGVyYm90dGVuMQ0wCwYDVQQHEwRVbWVhMQwwCgYDVQQKEwNJVFMxDDAKBgNVBAsT
+A0lUUzEWMBQGA1UEAxMNVG9tbXkgTGFyc3NvbjEnMCUGCSqGSIb3DQEJARYYdG9t
+bXkubGFyc3NvbkBhZG0udW11LnNlggkAgNhpTz/LK7YwDAYDVR0TBAUwAwEB/zAN
+BgkqhkiG9w0BAQUFAAOCAQEApDIyfp40njKA2PkfcYFwgQ9D8inVeSoo+KoT1V5/
+G830v6ktogoFYZlFjNDw5fLLnHzR7ackx4Q9cqwwrh98Y1HNu9q2O9PjSfa8xlBx
+bKgEGLA2dfz16TwGrz5Iiuhc52dCM+ku3o5wnq1ErnEjistoyw4oaaM5GvbHjacr
+uChj7vnqXL6TWRUDNudQHxv2OrI0ackn0E0xJ0kFVC0F0bs3JqzJhXptJKxSwt4U
+IwcvNZ22AhW8bZD/RMUowQiX33v/36OxNsF+tkYhjgpFKVnVUBCzSjoHXG8hYRbi
+o8j07LCWpvQalz9EX/Vzzp3OYkp52mwu4bYgg//8pASD0A==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://umdac-utv2.ad.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp2.hig.se/idp/shibboleth" xml:base="swamid-1.0/idp2.hig.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hig.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUaqsj1o+jLwRHcAiw/jp5mMglxLUwDQYJKoZIhvcNAQEF
+BQAwFjEUMBIGA1UEAxMLaWRwMi5oaWcuc2UwHhcNMTEwMjA4MTUxOTIyWhcNMzEw
+MjA4MTUxOTIyWjAWMRQwEgYDVQQDEwtpZHAyLmhpZy5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJ4NMnKvGahwhiZDXxwLfT0oeF/rB72jAVBF9Um9
+ExFcSJ/8yb6o0knwpY/uQgFppiUgAvcDKeKN9rBZRq+//jL+8CowII7eOFuR5h+s
+yzAn6YIcPcSx8QBK3lDb+dIwJ7aEnXlgt5tEZneTL0IILXu2zquGRm3rH7YhCHIM
+9v51sjnjd8MXujpG0yIFre3DovnBs4i68ZhoDg7QtvxUz3w/2GTZN+AUB3BA0u12
+FNtJ1n2f/fZwxnJnBCPm2sENAYYKB7/43TJtZazf5ZYA80J9wdQWrdWyve5S+FSZ
+AdLdcdrMZB5c8g6lwPWBRluFjEAbMZMj3AlYpLf2Ybn9yKUCAwEAAaNdMFswOgYD
+VR0RBDMwMYILaWRwMi5oaWcuc2WGImh0dHBzOi8vaWRwMi5oaWcuc2UvaWRwL3No
+aWJib2xldGgwHQYDVR0OBBYEFCrv7yyvoIy+UhKGYDIB1kTI5T1eMA0GCSqGSIb3
+DQEBBQUAA4IBAQBEXm+ozOM0JC9Fx2QLbYwFbZ5gsBUm2liprjQ1cj65Z+z3w2fs
+hxouOOEyTGuP61J5O29nDDChcWNXMlUyv+HG1nndJ4vsPmhUEYsMNAZwZZ+JoD5g
+oEekdgF8avmF0KNfZc+qMOGUz4qrrmMZ6w4F21xba2fFdfSQrubk1F2D/U0ZKw6A
+NYTerCYAEcAVG7c8Eh/5fQXjpf1pZDV1mtPQPnIlF/R6jXgINXDmFOMd0Ei4/C2H
+FC8se9RzTAIwV0P7WorYzwt95Xa9K8DDeLxjheJ3inQR07CD2unOV67Sp5YEfM61
+aaB0gTNGMOhF/MSYfiM8SNzVxiYnaE8rwQZK
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp2.hig.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp2.hig.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp2.hig.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp2.hig.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp2.hig.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp2.hig.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">hig.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFzCCAf+gAwIBAgIUaqsj1o+jLwRHcAiw/jp5mMglxLUwDQYJKoZIhvcNAQEF
+BQAwFjEUMBIGA1UEAxMLaWRwMi5oaWcuc2UwHhcNMTEwMjA4MTUxOTIyWhcNMzEw
+MjA4MTUxOTIyWjAWMRQwEgYDVQQDEwtpZHAyLmhpZy5zZTCCASIwDQYJKoZIhvcN
+AQEBBQADggEPADCCAQoCggEBAJ4NMnKvGahwhiZDXxwLfT0oeF/rB72jAVBF9Um9
+ExFcSJ/8yb6o0knwpY/uQgFppiUgAvcDKeKN9rBZRq+//jL+8CowII7eOFuR5h+s
+yzAn6YIcPcSx8QBK3lDb+dIwJ7aEnXlgt5tEZneTL0IILXu2zquGRm3rH7YhCHIM
+9v51sjnjd8MXujpG0yIFre3DovnBs4i68ZhoDg7QtvxUz3w/2GTZN+AUB3BA0u12
+FNtJ1n2f/fZwxnJnBCPm2sENAYYKB7/43TJtZazf5ZYA80J9wdQWrdWyve5S+FSZ
+AdLdcdrMZB5c8g6lwPWBRluFjEAbMZMj3AlYpLf2Ybn9yKUCAwEAAaNdMFswOgYD
+VR0RBDMwMYILaWRwMi5oaWcuc2WGImh0dHBzOi8vaWRwMi5oaWcuc2UvaWRwL3No
+aWJib2xldGgwHQYDVR0OBBYEFCrv7yyvoIy+UhKGYDIB1kTI5T1eMA0GCSqGSIb3
+DQEBBQUAA4IBAQBEXm+ozOM0JC9Fx2QLbYwFbZ5gsBUm2liprjQ1cj65Z+z3w2fs
+hxouOOEyTGuP61J5O29nDDChcWNXMlUyv+HG1nndJ4vsPmhUEYsMNAZwZZ+JoD5g
+oEekdgF8avmF0KNfZc+qMOGUz4qrrmMZ6w4F21xba2fFdfSQrubk1F2D/U0ZKw6A
+NYTerCYAEcAVG7c8Eh/5fQXjpf1pZDV1mtPQPnIlF/R6jXgINXDmFOMd0Ei4/C2H
+FC8se9RzTAIwV0P7WorYzwt95Xa9K8DDeLxjheJ3inQR07CD2unOV67Sp5YEfM61
+aaB0gTNGMOhF/MSYfiM8SNzVxiYnaE8rwQZK
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp2.hig.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp2.hig.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">HIGALUMNI</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan i Gävle (Alumni)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hig.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan i Gävle</Company>
+ <EmailAddress>anders.lordal@hig.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://login.du.se/idp/shibboleth" xml:base="swamid-1.0/login.du.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">du.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGDCCAgCgAwIBAgIVAPJo+xMJRgt7yTXfyDqsZSyRFE0zMA0GCSqGSIb3DQEB
+BQUAMBYxFDASBgNVBAMTC2xvZ2luLmR1LnNlMB4XDTExMDIwNDEzMzg1MloXDTMx
+MDIwNDEzMzg1MlowFjEUMBIGA1UEAxMLbG9naW4uZHUuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCKFHqKqppmo8B66lFgTbIQDdDNqlBpsrhjZx4m
+l4ay7TR/Q9JhxJCpsg3fttFyYbG6pl4PViMMt6jagpYYMBlBBKGUDefAT95oAcBN
+eRlkTxXfXG4XCS1phIIc6H9Kt8HwFadqLIgx+9ICCuyTZicPIwnUBt+TS4A+hz6k
+8KA87QWvnhteMHpu4UjIL8YRUAdNbFbRV9AuOmaR9HP11yueQd3B+5XnTt8x+JaO
+yWgsbUvBeGKIXPtGm70UgXeBi32vr6LtP5s2ijtj4zORMh5dxAkrjE0hO96E3D6Y
+riLlccqVMGTYhweDuIE4HJA+sY8vFXxSTsL193erJ6ooBUWxAgMBAAGjXTBbMDoG
+A1UdEQQzMDGCC2xvZ2luLmR1LnNlhiJodHRwczovL2xvZ2luLmR1LnNlL2lkcC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBTYD58W7KLBxdd1F6vo5xlukwwdOTANBgkqhkiG
+9w0BAQUFAAOCAQEAXZRof2FZml44oPJ+2GkhIIK0U2t143xH4Z4J2iPbTjQyNfeo
+eusGj+AvLkdkHLisqz8HTQC93sSYwPrQ1PMrqwAmnJZkhcySTto15Rgi5yNWsUFU
+E5RfYEcGj1P2R+uxUpCZ3qf9usCpGf5ao5rCoOjxtxGyv3PqDFTBwkjheuASpsug
+KnPqLMWV0RL1gmJhfAoCbhm+rM8FZZLXloDuV+Xzb0OmjruPupqtTJpHVBkaQ3OI
+2FIPaCf07HjPPcy4s9mQJGq9TEBKJ+WWwoT5ZvhYErkO7m2iQNsXUqCk/dt2Tp7e
+GqI848rh0Iif5MpxnsYQ/mxwDirbsler7jpF0Q==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.du.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.du.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://login.du.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://login.du.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://login.du.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://login.du.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">du.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDGDCCAgCgAwIBAgIVAPJo+xMJRgt7yTXfyDqsZSyRFE0zMA0GCSqGSIb3DQEB
+BQUAMBYxFDASBgNVBAMTC2xvZ2luLmR1LnNlMB4XDTExMDIwNDEzMzg1MloXDTMx
+MDIwNDEzMzg1MlowFjEUMBIGA1UEAxMLbG9naW4uZHUuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQCKFHqKqppmo8B66lFgTbIQDdDNqlBpsrhjZx4m
+l4ay7TR/Q9JhxJCpsg3fttFyYbG6pl4PViMMt6jagpYYMBlBBKGUDefAT95oAcBN
+eRlkTxXfXG4XCS1phIIc6H9Kt8HwFadqLIgx+9ICCuyTZicPIwnUBt+TS4A+hz6k
+8KA87QWvnhteMHpu4UjIL8YRUAdNbFbRV9AuOmaR9HP11yueQd3B+5XnTt8x+JaO
+yWgsbUvBeGKIXPtGm70UgXeBi32vr6LtP5s2ijtj4zORMh5dxAkrjE0hO96E3D6Y
+riLlccqVMGTYhweDuIE4HJA+sY8vFXxSTsL193erJ6ooBUWxAgMBAAGjXTBbMDoG
+A1UdEQQzMDGCC2xvZ2luLmR1LnNlhiJodHRwczovL2xvZ2luLmR1LnNlL2lkcC9z
+aGliYm9sZXRoMB0GA1UdDgQWBBTYD58W7KLBxdd1F6vo5xlukwwdOTANBgkqhkiG
+9w0BAQUFAAOCAQEAXZRof2FZml44oPJ+2GkhIIK0U2t143xH4Z4J2iPbTjQyNfeo
+eusGj+AvLkdkHLisqz8HTQC93sSYwPrQ1PMrqwAmnJZkhcySTto15Rgi5yNWsUFU
+E5RfYEcGj1P2R+uxUpCZ3qf9usCpGf5ao5rCoOjxtxGyv3PqDFTBwkjheuASpsug
+KnPqLMWV0RL1gmJhfAoCbhm+rM8FZZLXloDuV+Xzb0OmjruPupqtTJpHVBkaQ3OI
+2FIPaCf07HjPPcy4s9mQJGq9TEBKJ+WWwoT5ZvhYErkO7m2iQNsXUqCk/dt2Tp7e
+GqI848rh0Iif5MpxnsYQ/mxwDirbsler7jpF0Q==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://login.du.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://login.du.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">DU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan Dalarna</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.du.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan Dalarna</Company>
+ <EmailAddress>dempa@du.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.antagning.se/ecs-sp" xml:base="nya-1.0/www.antagning.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>https://www.antagning.se/ecs-sp</ds:KeyName>
+ <ds:KeyName>www.antagning.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.antagning.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGDCCAgCgAwIBAgIJALH2RsMw05H0MA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHd3dy5hbnRhZ25pbmcuc2UwHhcNMTEwMTI3MTU0NTQzWhcNMjEwMTI0MTU0
+NTQzWjAbMRkwFwYDVQQDExB3d3cuYW50YWduaW5nLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAo0zS8/OY0J8MaPznZX+4vVWnGKTR1SDd4euzuQo/
+Kq+JDCb3T+r4/9JQ21kXSVeU15F9JimK1Le+RiTNw/S0j/7GME+74kUnvaVCCHof
+2wCwdu1opbHSnuubuvFpq/09vzrJx+BnJKCaAkTtFQWptaPgP8X8dl+uIfBk1XnP
+W8G2ks9kxBDLDgaeLsw9XVVmvx2agQ+DvyLCweV65EzkyE5Q0E3lNB3o/7bbFwks
+ylF0ck83sZs0xZmGZGSJA/3Nq0DY9WQqzuzzRN/EE8tMlzzBtBPFO+8UXfVcGNrE
+Ji05WLEotSz7J7isienC7ZGeFSgL4RUZ8yD3smzs3pywQwIDAQABo18wXTA8BgNV
+HREENTAzghB3d3cuYW50YWduaW5nLnNlhh9odHRwczovL3d3dy5hbnRhZ25pbmcu
+c2UvZWNzLXNwMB0GA1UdDgQWBBRcKrtBUd27dOJHOQu/XU22WJXa1TANBgkqhkiG
+9w0BAQUFAAOCAQEAnWdP39natg/Qa/8/3EKsPsriH3sUdX2gDFqUjPEOLX+eDhT8
+6TKl3q6nEhpe+Zgb+ER08TSEp+BrBtAR/SG+Du4Lni7Jo8d7sgJe4oUxvnQOuaPH
+GosRhbRqhfHL0Ww8w0x7V/KRQkupwcXNQ4gga9dy2uZQjg/UK45r3ii5XUogzfVJ
+EclAXOodZ846vzq972yn0Uwn2YsZo/3po42QF5aw2YRjxxN7XIaWshKrv9r82voj
+VJd+cPOTem5oBZpfu5nzSrDRGdKYqO2W0Y9kesTFue14NutKgjXaPLdUNFNhGB7b
+memQErWscT6OYxV3jxV31wEP2PzMsYzF5LXJEQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>https://www.antagning.se/ecs-sp</ds:KeyName>
+ <ds:KeyName>www.antagning.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.antagning.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDGDCCAgCgAwIBAgIJALH2RsMw05H0MA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEHd3dy5hbnRhZ25pbmcuc2UwHhcNMTEwMTI3MTU0NTQzWhcNMjEwMTI0MTU0
+NTQzWjAbMRkwFwYDVQQDExB3d3cuYW50YWduaW5nLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAo0zS8/OY0J8MaPznZX+4vVWnGKTR1SDd4euzuQo/
+Kq+JDCb3T+r4/9JQ21kXSVeU15F9JimK1Le+RiTNw/S0j/7GME+74kUnvaVCCHof
+2wCwdu1opbHSnuubuvFpq/09vzrJx+BnJKCaAkTtFQWptaPgP8X8dl+uIfBk1XnP
+W8G2ks9kxBDLDgaeLsw9XVVmvx2agQ+DvyLCweV65EzkyE5Q0E3lNB3o/7bbFwks
+ylF0ck83sZs0xZmGZGSJA/3Nq0DY9WQqzuzzRN/EE8tMlzzBtBPFO+8UXfVcGNrE
+Ji05WLEotSz7J7isienC7ZGeFSgL4RUZ8yD3smzs3pywQwIDAQABo18wXTA8BgNV
+HREENTAzghB3d3cuYW50YWduaW5nLnNlhh9odHRwczovL3d3dy5hbnRhZ25pbmcu
+c2UvZWNzLXNwMB0GA1UdDgQWBBRcKrtBUd27dOJHOQu/XU22WJXa1TANBgkqhkiG
+9w0BAQUFAAOCAQEAnWdP39natg/Qa/8/3EKsPsriH3sUdX2gDFqUjPEOLX+eDhT8
+6TKl3q6nEhpe+Zgb+ER08TSEp+BrBtAR/SG+Du4Lni7Jo8d7sgJe4oUxvnQOuaPH
+GosRhbRqhfHL0Ww8w0x7V/KRQkupwcXNQ4gga9dy2uZQjg/UK45r3ii5XUogzfVJ
+EclAXOodZ846vzq972yn0Uwn2YsZo/3po42QF5aw2YRjxxN7XIaWshKrv9r82voj
+VJd+cPOTem5oBZpfu5nzSrDRGdKYqO2W0Y9kesTFue14NutKgjXaPLdUNFNhGB7b
+memQErWscT6OYxV3jxV31wEP2PzMsYzF5LXJEQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.antagning.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.antagning.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.antagning.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.antagning.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.antagning.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.antagning.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.antagning.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.antagning.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.antagning.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.antagning.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.antagning.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.antagning.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.antagning.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.antagning.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.antagning.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.irf.se/idp/shibboleth" xml:base="swamid-1.0/idp.irf.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">irf.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFDCCAfygAwIBAgIVAPBjklkGoYOts1Thq2Tib2SW7KLrMA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5pcmYuc2UwHhcNMTEwMjE1MDgwODE2WhcNMTQw
+MjE1MDgwODE2WjAVMRMwEQYDVQQDEwppZHAuaXJmLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAjjNXbUusdmeG5NOtfesU+e9bWSNnjakDy738JFRd
+1gOEHC5WRiQDpD0PLBNotYz3yxrtq9mv/pJ5zc83JpO9C99sNpsehdhhAdUscl1c
+BaGpv9RuL/5IHttH2JPEP5Evj4Txp+Cxl9c1C47mUT2BVdDbu24aSrSd+x9tKVs/
+u2rmaRrBFshPe1n6h8pLedI3nEmPNIMh+qklkpG3TWS13KLYZkX5yDahCOcEGe1P
+IjTB75Z8CWUiKCOB3vk2YtcCS7y4bZ23KYcNPUF88Dfkmxjg6LsCfzBfaVKKWdTD
+cEeSmu8Q3SUA6s6NRdgl1TZzr7VUvG7SGqEZmwf+e/ZGVwIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAuaXJmLnNlhiFodHRwczovL2lkcC5pcmYuc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFFSIYI0CtNOkIx0HH4EyfiV5rQaTMA0GCSqGSIb3DQEB
+BQUAA4IBAQAEiYbUXCNu1kTFfRSYeD02223t1YYmBSUjzvOnKrpJQbyRKxl7hwTp
+baTmxKu4n8wawUSTzlD8tpZe2wKbAAoE7K2TO89uAKLwTUj3V/oh5qy40DVxNOm7
+9tjhkt0ZVOvFdlBxw+LA/mYTg0H6IcqIcpXEgBenVXK1/RDT5ZEyDT0K/1Badyii
+mYoOgJsxQc5+NrGhkqSnw4kSwH5seBEqs5eq/260BjFErYuMvWbElxnMkh/FUJ4T
+F84dF7JlnXcS7kJj9sVwzWyEzR4GlpZQLTuucQqAWabMtOe8VDBkTIAj5xdNJgZp
+dJt1/U0DjbFQsA/iA4d9R6U7wKQ6rbi2
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.irf.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.irf.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.irf.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.irf.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp.irf.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.irf.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">irf.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+MIIDFDCCAfygAwIBAgIVAPBjklkGoYOts1Thq2Tib2SW7KLrMA0GCSqGSIb3DQEB
+BQUAMBUxEzARBgNVBAMTCmlkcC5pcmYuc2UwHhcNMTEwMjE1MDgwODE2WhcNMTQw
+MjE1MDgwODE2WjAVMRMwEQYDVQQDEwppZHAuaXJmLnNlMIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAjjNXbUusdmeG5NOtfesU+e9bWSNnjakDy738JFRd
+1gOEHC5WRiQDpD0PLBNotYz3yxrtq9mv/pJ5zc83JpO9C99sNpsehdhhAdUscl1c
+BaGpv9RuL/5IHttH2JPEP5Evj4Txp+Cxl9c1C47mUT2BVdDbu24aSrSd+x9tKVs/
+u2rmaRrBFshPe1n6h8pLedI3nEmPNIMh+qklkpG3TWS13KLYZkX5yDahCOcEGe1P
+IjTB75Z8CWUiKCOB3vk2YtcCS7y4bZ23KYcNPUF88Dfkmxjg6LsCfzBfaVKKWdTD
+cEeSmu8Q3SUA6s6NRdgl1TZzr7VUvG7SGqEZmwf+e/ZGVwIDAQABo1swWTA4BgNV
+HREEMTAvggppZHAuaXJmLnNlhiFodHRwczovL2lkcC5pcmYuc2UvaWRwL3NoaWJi
+b2xldGgwHQYDVR0OBBYEFFSIYI0CtNOkIx0HH4EyfiV5rQaTMA0GCSqGSIb3DQEB
+BQUAA4IBAQAEiYbUXCNu1kTFfRSYeD02223t1YYmBSUjzvOnKrpJQbyRKxl7hwTp
+baTmxKu4n8wawUSTzlD8tpZe2wKbAAoE7K2TO89uAKLwTUj3V/oh5qy40DVxNOm7
+9tjhkt0ZVOvFdlBxw+LA/mYTg0H6IcqIcpXEgBenVXK1/RDT5ZEyDT0K/1Badyii
+mYoOgJsxQc5+NrGhkqSnw4kSwH5seBEqs5eq/260BjFErYuMvWbElxnMkh/FUJ4T
+F84dF7JlnXcS7kJj9sVwzWyEzR4GlpZQLTuucQqAWabMtOe8VDBkTIAj5xdNJgZp
+dJt1/U0DjbFQsA/iA4d9R6U7wKQ6rbi2
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.irf.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp.irf.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">IRF</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Institutet för Rymdfysik</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.irf.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>Mats</GivenName>
+ <SurName>Luspa</SurName>
+ <EmailAddress>matsl@irf.se</EmailAddress>
+ </ContactPerson>
+
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="http://crowdtest.nordu.net/shibboleth" xml:base="swamid-1.0/crowdtest.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://crowdtest.nordu.net/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://crowdtest.nordu.net/Shibboleth.sso/DS/nordu.net" index="2"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://crowdtest.nordu.net/Shibboleth.sso/DS/kalmar2" index="3"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>crowdtest.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=crowdtest.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJAKWJTGBj1S7LMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2Nyb3dkdGVzdC5ub3JkdS5uZXQwHhcNMTEwMjE1MTMyNzI4WhcNMjEwMjEy
+MTMyNzI4WjAeMRwwGgYDVQQDExNjcm93ZHRlc3Qubm9yZHUubmV0MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEs5rrhH2oKPjDmsh7moYJV2rI5rz4vg
+o4DaAAx4n9Ejw9SgmpNeu7D8EXn/7xf2yg/cuvmsJx1GpxSTy3N6d9YmbGwXT5B3
+5MIkHYsKEZx2uNJ1+pAOQIBIWErssnRlH5qkwKwFQBoQ9dbAi4DWdp43nHkZkdx7
+X4Sgy7Tm+oLjaF16gM4WOH4RYC1hYd/yhJD0v5Nun3FbVZ79GkJCkh+Szs8rMUWT
+YiNDO0xsLL2xtYObTtu22qbjFIU9VgQZzGuJJbLGVufr15R+cmArht2Dnsm6rmLb
+zQyFS8J+1q601uoq0s67narTLWwAzHcNW/tTLnnFHc08BIgfOR0inQIDAQABo0Ew
+PzAeBgNVHREEFzAVghNjcm93ZHRlc3Qubm9yZHUubmV0MB0GA1UdDgQWBBRp4YdO
+elj63vO7ZYFF+ovp3mNRQzANBgkqhkiG9w0BAQUFAAOCAQEALzd7eQ9U3yRB3b/0
+eBnG1DnaKAr48+EUx4anRziB41LTk3ZhmryWpJcuA737kzty3DjKjL2Trw1I3bfU
+zoaL8dYAdljdS5JAIN2m62haOrPJVublLgUw/N+72tVWVoPOBAvDvFy1WpSB8eeW
+hEEHS6yHI49FksKzRVruhdt6HeVkQ6h1y5p67AkaFoPOspI1+BCVk8fCYkHGzAkO
+6JIfKe9zwsG74AiO93x+bItRklp8d4uOXiuTOGGqwAt0Brdn/RJSUYbHfQLrVFHK
+VdA1Cg5KpGKZ7XitW5cDVgS72jJ0pb4GsYI5V0eA7/oUL9jV65LzVNGC87UjzhBA
+wOJ1sg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>crowdtest.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=crowdtest.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJAKWJTGBj1S7LMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2Nyb3dkdGVzdC5ub3JkdS5uZXQwHhcNMTEwMjE1MTMyNzI4WhcNMjEwMjEy
+MTMyNzI4WjAeMRwwGgYDVQQDExNjcm93ZHRlc3Qubm9yZHUubmV0MIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEs5rrhH2oKPjDmsh7moYJV2rI5rz4vg
+o4DaAAx4n9Ejw9SgmpNeu7D8EXn/7xf2yg/cuvmsJx1GpxSTy3N6d9YmbGwXT5B3
+5MIkHYsKEZx2uNJ1+pAOQIBIWErssnRlH5qkwKwFQBoQ9dbAi4DWdp43nHkZkdx7
+X4Sgy7Tm+oLjaF16gM4WOH4RYC1hYd/yhJD0v5Nun3FbVZ79GkJCkh+Szs8rMUWT
+YiNDO0xsLL2xtYObTtu22qbjFIU9VgQZzGuJJbLGVufr15R+cmArht2Dnsm6rmLb
+zQyFS8J+1q601uoq0s67narTLWwAzHcNW/tTLnnFHc08BIgfOR0inQIDAQABo0Ew
+PzAeBgNVHREEFzAVghNjcm93ZHRlc3Qubm9yZHUubmV0MB0GA1UdDgQWBBRp4YdO
+elj63vO7ZYFF+ovp3mNRQzANBgkqhkiG9w0BAQUFAAOCAQEALzd7eQ9U3yRB3b/0
+eBnG1DnaKAr48+EUx4anRziB41LTk3ZhmryWpJcuA737kzty3DjKjL2Trw1I3bfU
+zoaL8dYAdljdS5JAIN2m62haOrPJVublLgUw/N+72tVWVoPOBAvDvFy1WpSB8eeW
+hEEHS6yHI49FksKzRVruhdt6HeVkQ6h1y5p67AkaFoPOspI1+BCVk8fCYkHGzAkO
+6JIfKe9zwsG74AiO93x+bItRklp8d4uOXiuTOGGqwAt0Brdn/RJSUYbHfQLrVFHK
+VdA1Cg5KpGKZ7XitW5cDVgS72jJ0pb4GsYI5V0eA7/oUL9jV65LzVNGC87UjzhBA
+wOJ1sg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://crowdtest.nordu.net/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://crowdtest.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://crowdtest.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowdtest.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://crowdtest.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://crowdtest.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://crowdtest.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowdtest.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://crowdtest.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://crowdtest.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://crowdtest.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://crowdtest.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://crowdtest.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://crowdtest.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://crowdtest.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://idp.suni.se/adfs/services/trust" xml:base="swamid-1.0/idp.suni.se.xml">
+ <Extensions>
+ <shibmd:Scope regexp="false">suni.se</shibmd:Scope>
+ </Extensions>
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><Extensions><shibmd:Scope regexp="false">suni.se</shibmd:Scope></Extensions>
+ <KeyDescriptor use="encryption">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC2DCCAcCgAwIBAgIQKSxwshGTtbNJpQPxRideqzANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1BREZTIEVuY3J5cHRpb24gLSBpZHAuc3VuaS5zZTAeFw0xMTA1MDQwNzEwMjFaFw0xMjA1MDMwNzEwMjFaMCgxJjAkBgNVBAMTHUFERlMgRW5jcnlwdGlvbiAtIGlkcC5zdW5pLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAogDO6Zkij7LcRQvl3Hluje5XStr4/qOiJ9SzB3Mr0Kymrpa4kLf7nK7tn+j0CcJS8f8Fd7lwQrXieeBieFvP1IBQozK6v03+zcjLikV9fpAnTCBsKH0QxLI3E7XyjNq+bdGX/YmtlC0yEN6cxydNQucquRE7lHba5JN54Nc48PdO5Iv3K+3d95VIOaJu/vqDiQxxRVgJSWdaLGhNZHwO7dyA/B3iII3v//JjdlgNu5DL79x6/HKIBnMaleS6tkMupF9mrIifiXz6jVJcpNqeQnejQo8ZWh5te/4j+xMZrd8DYFVnA+Kn/qQ5jq1o5AV7FHLCyVzODf9pAZ8G4gWxPwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQBilygqDk0uwL3gTliBXtlhHglzxXL5j/I5QTgzd1iP0IrU0XU05f8OVgLPbf9S5dkC0Gms8vYfeXh4olbuUr78vsz7qZ8OtdqJR5D2pzUPB4jEM1IL/SLDZb6IWZN+8UToMb10HLV271R0ZrNyAml6BGflSj7Hcwyreqskhm3xJM7RJ1xQ2+DvzPjBET5wmz68PKgiKPQN2H7MVpuorNPmq7m+VtIvYEh1Xqa3UjbAwwumz2iIkgkpo6NO0LeDiP8hen/72zSMUwncCPopRmsqEMyEBBddUJzedscS2ZrOdlS2GRCV8p7WEg4PhVr+PPOBSh36qW8L0WVuFypeIK1k</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <KeyDescriptor use="signing">
+ <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
+ <X509Data>
+ <X509Certificate>MIIC0jCCAbqgAwIBAgIQbc63p71DgJtIcuMfcp6iCTANBgkqhkiG9w0BAQsFADAlMSMwIQYDVQQDExpBREZTIFNpZ25pbmcgLSBpZHAuc3VuaS5zZTAeFw0xMTA1MDQwNzEwMjFaFw0xMjA1MDMwNzEwMjFaMCUxIzAhBgNVBAMTGkFERlMgU2lnbmluZyAtIGlkcC5zdW5pLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqufdsp6p7BN3GyQnGjq0acqyqhPl+zIametzCLK91fmuP9pNmPhRBct7qzdlRJG4IdF7TXl5I5c4Cz06qus4GO1MxPq4jXilBz88I7nA+h5I1MgLvq9F4AMtKscObzgGFjtMHvZFYYz3Ff4L//djYhVzPlL4VSxRs7Agn+tpozj/M+EC5ryGXQiu2o8QIHRQUKceR0nH3nqrKuSPuBnkrDaKnEpaLIWaUZQ2prVLf3MXPcstQTX83K2tKZhHUXvxHYhBAoxYxH7cbR4BpCiVnjulMPVp9FYN00p1+C2ctY0bwVPoLVxV3Ys7ArqH3pQQdqPKe9h/hDOL0xWI28Sn6QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQCLylrR4j0sDrQIkKkcZq2g/bGiA72F9ZF2QZuRdaIMcwKaJoocPvqxh4I8U31O0mGhcAQKMMlS/tRqE9e5EJcGYmKvjNcgZlyUn9J4BPw0xQ0bDmY8Q5UT6wey80qVuPojuSzdMfx5Y40I3wRqffJ3+JYbpZbEDoy2b9m6Bo8cwDsfg4t9GBfrj3IFmqGHT1k0SIDxiwF3V/NT0EW4vmNvAn199NaQKH4cHGjw67TLiyy54DhOM9ksHTAwZPaa36aJxnS7qRPIsZxPFN/ntSuV3rhYHwHFrS+ACWjx25opdS5Q6mF9no6LlidZJnHHsBWzgeslNHJeA1CpwNn7ECWh</X509Certificate>
+ </X509Data>
+ </KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.suni.se/adfs/ls/"/>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.suni.se/adfs/ls/"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:persistent</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.suni.se/adfs/ls/"/>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.suni.se/adfs/ls/"/>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.suni.se/adfs/ls/"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Given Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/CommonName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Common Name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/EmailAddress" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x E-Mail Address"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/Group" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/UPN" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="AD FS 1.x UPN"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/role" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Role"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Surname"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="PPID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Name ID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationinstant" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication time stamp"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Authentication method"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/denyonlysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Deny only primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary group SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Primary SID"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="Windows account name"/>
+ <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" Name="http://schemas.xmlsoap.org/claims/eduPersonScopedAffiliation" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" FriendlyName="eduPersonScopedAffiliation"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="sv-SE">Södertörns högskola</OrganizationName>
+ <OrganizationDisplayName xml:lang="sv-SE">Södertörns högskola</OrganizationDisplayName>
+ <OrganizationURL xml:lang="sv-SE">http://www.sh.se/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>Tomas</GivenName>
+ <SurName>Legat</SurName>
+ <EmailAddress>server@sh.se</EmailAddress>
+ <TelephoneNumber>+46(0)86084000</TelephoneNumber>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://connect8.sunet.se/shibboleth" xml:base="swamid-1.0/connect8.sunet.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <EntityAttributes xmlns="urn:oasis:names:tc:SAML:metadata:attribute" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion">
+ <saml:Attribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:mace:swami.se:SAML:attribute-profile">
+ <saml:AttributeValue>collaboration</saml:AttributeValue>
+ </saml:Attribute>
+ </EntityAttributes>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect8.sunet.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect8.sunet.se/Shibboleth.sso/DS/ds.sunet.se" index="2"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://connect8.sunet.se/Shibboleth.sso/DS/kalmar2" index="3"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>connect8.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=connect8.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJALtpdDetd0+aMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWNvbm5lY3Q4LnN1bmV0LnNlMB4XDTExMDMxODA5MTkxNFoXDTIxMDMxNTA5
+MTkxNFowHDEaMBgGA1UEAxMRY29ubmVjdDguc3VuZXQuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQD1d3qbbBDMHcxOLMlEzLthit/PclHFQUivQjdl
+i/iWPBDdTXODRZfYzTcq+B+venAaDJBt99/UF0l+Zept5F/0U8dPmlKXNOHkQtCM
+fP56ssnuMNt56rgUMC7Bkvi0JBsschjzqXzELSn9zw5DO0gj7YU1GGJaYp4abBYg
+LHs403i9Dga6qZvma1nfuBfoSBNcfNPKDfL+LN1KhSyZDrwfupiVXzt4WCm4/B+7
+ypEZw66WK5VCXMJJ8nrzbcP0SV+W36qfkz1Vu1799c0msygmb5bfvlZbVvaH5bXR
+P67w5IWiOZNiJ4KP9SsNKT2u2SSJgFwBhs2m+AghWHW6+rcRAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEWNvbm5lY3Q4LnN1bmV0LnNlMB0GA1UdDgQWBBQnXN19r3XLQq+Z
+DWdMGahYti/oYzANBgkqhkiG9w0BAQUFAAOCAQEAMSB60ydAbZlRUOtKEvqoXu9q
+LQ6RD2PbX8BcB494lEANUftFBUPlH6Bssn+uuu+/OTDe0H4rrehGCzoLjziftfQh
+0/a5kfOp8Ws4CY0xEZdm+q0iIl+JTQQbR4AKsVK+2mGquHakkUnCg6fuS1XTsmex
+jDjaYIEYYx7XISnQY/01ZH0oOGCvJAVpW0cEtQzpXmi6a8UOm7xhg0FB0lk4z9v1
+8Yv3mZx1PhYzmXDUVEIfQta/+0SctZ978aj4Y7emDgL1QMdETPyN9OlC3XGNtSYI
+FV4q3nujmHDfDpzbO4vsmaumdoScXaR4CoL/mO9XM7dxx/0k8kMkde1eA1mZWQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>connect8.sunet.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=connect8.sunet.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJALtpdDetd0+aMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEWNvbm5lY3Q4LnN1bmV0LnNlMB4XDTExMDMxODA5MTkxNFoXDTIxMDMxNTA5
+MTkxNFowHDEaMBgGA1UEAxMRY29ubmVjdDguc3VuZXQuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQD1d3qbbBDMHcxOLMlEzLthit/PclHFQUivQjdl
+i/iWPBDdTXODRZfYzTcq+B+venAaDJBt99/UF0l+Zept5F/0U8dPmlKXNOHkQtCM
+fP56ssnuMNt56rgUMC7Bkvi0JBsschjzqXzELSn9zw5DO0gj7YU1GGJaYp4abBYg
+LHs403i9Dga6qZvma1nfuBfoSBNcfNPKDfL+LN1KhSyZDrwfupiVXzt4WCm4/B+7
+ypEZw66WK5VCXMJJ8nrzbcP0SV+W36qfkz1Vu1799c0msygmb5bfvlZbVvaH5bXR
+P67w5IWiOZNiJ4KP9SsNKT2u2SSJgFwBhs2m+AghWHW6+rcRAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEWNvbm5lY3Q4LnN1bmV0LnNlMB0GA1UdDgQWBBQnXN19r3XLQq+Z
+DWdMGahYti/oYzANBgkqhkiG9w0BAQUFAAOCAQEAMSB60ydAbZlRUOtKEvqoXu9q
+LQ6RD2PbX8BcB494lEANUftFBUPlH6Bssn+uuu+/OTDe0H4rrehGCzoLjziftfQh
+0/a5kfOp8Ws4CY0xEZdm+q0iIl+JTQQbR4AKsVK+2mGquHakkUnCg6fuS1XTsmex
+jDjaYIEYYx7XISnQY/01ZH0oOGCvJAVpW0cEtQzpXmi6a8UOm7xhg0FB0lk4z9v1
+8Yv3mZx1PhYzmXDUVEIfQta/+0SctZ978aj4Y7emDgL1QMdETPyN9OlC3XGNtSYI
+FV4q3nujmHDfDpzbO4vsmaumdoScXaR4CoL/mO9XM7dxx/0k8kMkde1eA1mZWQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect8.sunet.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect8.sunet.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect8.sunet.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect8.sunet.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect8.sunet.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://connect8.sunet.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://connect8.sunet.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect8.sunet.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect8.sunet.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://connect8.sunet.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://connect8.sunet.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://connect8.sunet.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://connect8.sunet.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://connect8.sunet.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://connect8.sunet.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AttributeConsumingService index="0">
+ <md:ServiceName xml:lang="en">SUNET E-Meeting Service (v8)</md:ServiceName>
+ <md:ServiceDescription xml:lang="en">SUNET E-Meeting Service (Adobe Connect 8)</md:ServiceDescription>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.6"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:0.9.2342.19200300.100.1.3"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.42"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:2.5.4.4"/>
+ <md:RequestedAttribute NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" Name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9"/>
+ </md:AttributeConsumingService>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://sp-test.swamid.se/shibboleth" xml:base="swamid-1.0/sp-test.swamid.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp-test.swamid.se/Shibboleth.sso/DS" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://sp-test.swamid.se/Shibboleth.sso/DS/ds.sunet.se" index="2"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>sp-test.swamid.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sp-test.swamid.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJAO0UNmz1orzrMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEXNwLXRlc3Quc3dhbWlkLnNlMB4XDTA5MTAyNzE0NTkzOFoXDTE5MTAyNTE0
+NTkzOFowHDEaMBgGA1UEAxMRc3AtdGVzdC5zd2FtaWQuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQC9292zBRgCYnJeviTmWQ9gDjqjtQwnvzTpZMVa
+o2gmEb8NQOPwGqDAZ8kHhhjsqXd37VjOcQc5KyfxdKnwS8zzb0GFqTyVXtJ1wjZb
+WPkOgRw1c0u7RuRgzn/vWMDLIRtymm2stX2hu1E2qctQ2zSEhiNrWdMNNArh/IKP
++MNT1a1w5QR3fbv7/Q+7T3VF2vyzFMo44FDId9kApN3/TSnJRaQ0tQQBgnZtrIAk
+vjR6B/R9qowuwK/0QIifM1KrVT9OYHA0GP708IAdEzzuzLU5vyJuAzDhBNirPtFv
+QcAKI8RfYBiwdJ29QkMAWHlNW3oP8KpUJzJ3r3KOcIHMwfSbAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEXNwLXRlc3Quc3dhbWlkLnNlMB0GA1UdDgQWBBS0j9yIqP5DvTEl
+YHt7Ugh3BTVX/TANBgkqhkiG9w0BAQUFAAOCAQEANL4WmGSMJws0XzNxcodD3TVV
+yvLOLmFy8cNhB7cmz3rqoZebUqN9yWaCmZjCOMQ8Ghw++ITk/Ol0uXuCf7vKvXpW
+7AEPL12mGVfH82PhyxYnY9BZNpfAsGWpM1Nvfz7AOkngD/G8Ws2+Bf4xS4PVHzgm
+yEth2XQtHlSquOj2abA/wjguZvN0PGFUJl+ZxXxZ5mkyFmjQ+wnvF1BUlMD7qBF8
+WUA9TiYEiXgsASTgW/F038f4VNecqrBpJHU4TILmEtioGEFVLipU8huAzbcBCPYb
+0z3axBqiW0bRmgvql97lV3HRRkwGKLV1T8oiau31qQU2zzBt6jC2AQgXWjjvSg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>sp-test.swamid.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=sp-test.swamid.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC+jCCAeKgAwIBAgIJAO0UNmz1orzrMA0GCSqGSIb3DQEBBQUAMBwxGjAYBgNV
+BAMTEXNwLXRlc3Quc3dhbWlkLnNlMB4XDTA5MTAyNzE0NTkzOFoXDTE5MTAyNTE0
+NTkzOFowHDEaMBgGA1UEAxMRc3AtdGVzdC5zd2FtaWQuc2UwggEiMA0GCSqGSIb3
+DQEBAQUAA4IBDwAwggEKAoIBAQC9292zBRgCYnJeviTmWQ9gDjqjtQwnvzTpZMVa
+o2gmEb8NQOPwGqDAZ8kHhhjsqXd37VjOcQc5KyfxdKnwS8zzb0GFqTyVXtJ1wjZb
+WPkOgRw1c0u7RuRgzn/vWMDLIRtymm2stX2hu1E2qctQ2zSEhiNrWdMNNArh/IKP
++MNT1a1w5QR3fbv7/Q+7T3VF2vyzFMo44FDId9kApN3/TSnJRaQ0tQQBgnZtrIAk
+vjR6B/R9qowuwK/0QIifM1KrVT9OYHA0GP708IAdEzzuzLU5vyJuAzDhBNirPtFv
+QcAKI8RfYBiwdJ29QkMAWHlNW3oP8KpUJzJ3r3KOcIHMwfSbAgMBAAGjPzA9MBwG
+A1UdEQQVMBOCEXNwLXRlc3Quc3dhbWlkLnNlMB0GA1UdDgQWBBS0j9yIqP5DvTEl
+YHt7Ugh3BTVX/TANBgkqhkiG9w0BAQUFAAOCAQEANL4WmGSMJws0XzNxcodD3TVV
+yvLOLmFy8cNhB7cmz3rqoZebUqN9yWaCmZjCOMQ8Ghw++ITk/Ol0uXuCf7vKvXpW
+7AEPL12mGVfH82PhyxYnY9BZNpfAsGWpM1Nvfz7AOkngD/G8Ws2+Bf4xS4PVHzgm
+yEth2XQtHlSquOj2abA/wjguZvN0PGFUJl+ZxXxZ5mkyFmjQ+wnvF1BUlMD7qBF8
+WUA9TiYEiXgsASTgW/F038f4VNecqrBpJHU4TILmEtioGEFVLipU8huAzbcBCPYb
+0z3axBqiW0bRmgvql97lV3HRRkwGKLV1T8oiau31qQU2zzBt6jC2AQgXWjjvSg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp-test.swamid.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp-test.swamid.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp-test.swamid.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test.swamid.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp-test.swamid.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://sp-test.swamid.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://sp-test.swamid.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test.swamid.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp-test.swamid.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://sp-test.swamid.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://sp-test.swamid.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://sp-test.swamid.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://sp-test.swamid.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp-test.swamid.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://sp-test.swamid.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" entityID="https://shibboleth.vhs.se/idp/shibboleth" xml:base="swamid-1.0/shibboleth.vhs.se.xml">
+
+ <IDPSSODescriptor protocolSupportEnumeration="urn:mace:shibboleth:1.0 urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">vhs.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+
+MIIDMDCCAhigAwIBAgIVALknzq5mPQ+XhezCaVjhkaQW2ACvMA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXNoaWJib2xldGgudmhzLnNlMB4XDTExMDEyODE1MTA1
+MVoXDTMxMDEyODE1MTA1MVowHDEaMBgGA1UEAxMRc2hpYmJvbGV0aC52aHMuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSamx+o+kgrpexxaV3XO0B
+1XPIlbIQCPlcGjRanLat7Tcymm9AWWlY6ol1vshhgzHG2GNs83sW2QRcrjVELRHq
+7W3cl7oBS6lygE8nG443urcewcqMjZwGzzAwl9heR5dytE9GVLVKoycvfZAiaU9O
+QhjrIthv67EScN1BRX7sRtPG5EoVxux3aVV/rhjBc1i7WApibYKc5qd/nr8EhK/q
+dUrGxFL69k3gHw/HQpvYJD3vk0sa1DViDyVWjL0COywxDLOcbSzGAugg8HGZNpmz
+5FnlDFtREU5RlH+uC0abMSG2e/upKDUw7z5Ha3QfLVrorR4uradqbPP8Gyf63Puz
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXNoaWJib2xldGgudmhzLnNlhihodHRwczov
+L3NoaWJib2xldGgudmhzLnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRkD6AB
+uGhxJokB4+cmmvefttIlAzANBgkqhkiG9w0BAQUFAAOCAQEAFMG5D1BB6DGYCSU7
+2A3RUSyWSox1TzpBDihHM5O8rnZCMk54/hIgeWFPdZ2ab/ILX05G2UiUlow45mbi
+9WvHXFuzdX7OvsqDO1CxShyLN+TfQGrKOG3aqaMksuz51Xv0XOkzkFxe4BFFX5/w
+cutKMtSUcpsNkhhNkbCmqRv+YcVen6MVcOvEIqfq/9q3qw5vlTGKkvZqd/+7iBcn
+XmU+xtJuKTmec5Jws9A9/pmcLpd9s/XVW1TNItcx4y6hwJ6DvcJ6VL+vujVcU3Zt
+D+gPxV4Sz5H2eUsE6KZ7B77Elq/RA/fAxNIAWBpEnC80KGiXK189dGNp+exhNDPK
+FRFEGQ==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.vhs.se:8443/idp/profile/SAML1/SOAP/ArtifactResolution" index="1"/>
+
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.vhs.se:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.vhs.se/idp/profile/Shibboleth/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://shibboleth.vhs.se/idp/profile/SAML2/POST/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://shibboleth.vhs.se/idp/profile/SAML2/POST-SimpleSign/SSO"/>
+
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://shibboleth.vhs.se/idp/profile/SAML2/Redirect/SSO"/>
+ </IDPSSODescriptor>
+
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:2.0:protocol">
+
+ <Extensions>
+ <shibmd:Scope regexp="false">vhs.se</shibmd:Scope>
+ </Extensions>
+
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>
+
+MIIDMDCCAhigAwIBAgIVALknzq5mPQ+XhezCaVjhkaQW2ACvMA0GCSqGSIb3DQEB
+BQUAMBwxGjAYBgNVBAMTEXNoaWJib2xldGgudmhzLnNlMB4XDTExMDEyODE1MTA1
+MVoXDTMxMDEyODE1MTA1MVowHDEaMBgGA1UEAxMRc2hpYmJvbGV0aC52aHMuc2Uw
+ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSamx+o+kgrpexxaV3XO0B
+1XPIlbIQCPlcGjRanLat7Tcymm9AWWlY6ol1vshhgzHG2GNs83sW2QRcrjVELRHq
+7W3cl7oBS6lygE8nG443urcewcqMjZwGzzAwl9heR5dytE9GVLVKoycvfZAiaU9O
+QhjrIthv67EScN1BRX7sRtPG5EoVxux3aVV/rhjBc1i7WApibYKc5qd/nr8EhK/q
+dUrGxFL69k3gHw/HQpvYJD3vk0sa1DViDyVWjL0COywxDLOcbSzGAugg8HGZNpmz
+5FnlDFtREU5RlH+uC0abMSG2e/upKDUw7z5Ha3QfLVrorR4uradqbPP8Gyf63Puz
+AgMBAAGjaTBnMEYGA1UdEQQ/MD2CEXNoaWJib2xldGgudmhzLnNlhihodHRwczov
+L3NoaWJib2xldGgudmhzLnNlL2lkcC9zaGliYm9sZXRoMB0GA1UdDgQWBBRkD6AB
+uGhxJokB4+cmmvefttIlAzANBgkqhkiG9w0BAQUFAAOCAQEAFMG5D1BB6DGYCSU7
+2A3RUSyWSox1TzpBDihHM5O8rnZCMk54/hIgeWFPdZ2ab/ILX05G2UiUlow45mbi
+9WvHXFuzdX7OvsqDO1CxShyLN+TfQGrKOG3aqaMksuz51Xv0XOkzkFxe4BFFX5/w
+cutKMtSUcpsNkhhNkbCmqRv+YcVen6MVcOvEIqfq/9q3qw5vlTGKkvZqd/+7iBcn
+XmU+xtJuKTmec5Jws9A9/pmcLpd9s/XVW1TNItcx4y6hwJ6DvcJ6VL+vujVcU3Zt
+D+gPxV4Sz5H2eUsE6KZ7B77Elq/RA/fAxNIAWBpEnC80KGiXK189dGNp+exhNDPK
+FRFEGQ==
+
+ </ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.vhs.se:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
+
+ <AttributeService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://shibboleth.vhs.se:8443/idp/profile/SAML2/SOAP/AttributeQuery"/>
+
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+
+ </AttributeAuthorityDescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">VHS</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Verket för Högskoleservice</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.vhs.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>VHS</Company>
+ <EmailAddress>bjorn.soderstedt@vhs.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.studera.testa.antagning.se/aws-sp" xml:base="nya-1.0/www.studera.testa.antagning.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>https://www.studera.testa.antagning.se/aws-sp</ds:KeyName>
+ <ds:KeyName>www.studera.testa.antagning.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.studera.testa.antagning.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDUDCCAjigAwIBAgIJAOSJE0YAKvduMA0GCSqGSIb3DQEBBQUAMCkxJzAlBgNV
+BAMTHnd3dy5zdHVkZXJhLnRlc3RhLmFudGFnbmluZy5zZTAeFw0xMDExMTUxMzQx
+MThaFw0yMDExMTIxMzQxMThaMCkxJzAlBgNVBAMTHnd3dy5zdHVkZXJhLnRlc3Rh
+LmFudGFnbmluZy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALsi
+77tAMYxX9DawhaCLplmUnVn2k9/piSk4VQ3OPe8QcgBovA7J587jAcHPCo9cpJ/a
+ZyJaVD8eJHeXAaQGQyaiPHUgvMHayX77QOWtLpkeZBTjaw5SPsBX/kZQNtoTJrJY
+AV4+s0YMmlOy5OiD9li3DmsrBY4/qi1l2qXhf15um13TpjgUezUTPud0Sl9RdCRs
+JlF3KyusK00kVcJzhWfeKDgWEzUU9JTB4y3zI52ikBc0+F8WJyfewbnG/+zwpZ0w
+MOLQjOU/s3y2poXELmT6LCC9KYF3Wzk5XAC8JzncxFoof2v8049APoGfoOFZSrnR
+hfTtKss/DbvflCZNvGkCAwEAAaN7MHkwWAYDVR0RBFEwT4Ied3d3LnN0dWRlcmEu
+dGVzdGEuYW50YWduaW5nLnNlhi1odHRwczovL3d3dy5zdHVkZXJhLnRlc3RhLmFu
+dGFnbmluZy5zZS9hd3Mtc3AwHQYDVR0OBBYEFFTp0IGafYcfkLdZT7V95qQP3kGs
+MA0GCSqGSIb3DQEBBQUAA4IBAQCICR8wZkdUMpmjhBdYEJIgwqfk83pyw1FJTwMW
+TmthDPWG1mfpV2ptdEtxf5S4ZJI+xfgLGmAEBJ2Lt8Cig5fL+gK9/h6wI8A9HBDd
+zACYugcg+0rBt9H2u70PkgxByntYNU8bWIC5evH8X+pstmYxxpqhfebycRctOlJg
+ATUacbqy1qCc+4Gm8KZPy7CE22vErDqGiKBw5hiSXkYcSXWd+Txmwu6R+5VANsfp
+B4TXrBvXvMdI2VCiyK0dWnHicw4nyT2e7MNGiXfGlvagxlTzfm+898g0+tGVgVle
+RjgZQIDGhisNo2gnk7rDXoas4t/uGKzbzpxI9jjGdlgvJF8L
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>https://www.studera.testa.antagning.se/aws-sp</ds:KeyName>
+ <ds:KeyName>www.studera.testa.antagning.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.studera.testa.antagning.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDUDCCAjigAwIBAgIJAOSJE0YAKvduMA0GCSqGSIb3DQEBBQUAMCkxJzAlBgNV
+BAMTHnd3dy5zdHVkZXJhLnRlc3RhLmFudGFnbmluZy5zZTAeFw0xMDExMTUxMzQx
+MThaFw0yMDExMTIxMzQxMThaMCkxJzAlBgNVBAMTHnd3dy5zdHVkZXJhLnRlc3Rh
+LmFudGFnbmluZy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALsi
+77tAMYxX9DawhaCLplmUnVn2k9/piSk4VQ3OPe8QcgBovA7J587jAcHPCo9cpJ/a
+ZyJaVD8eJHeXAaQGQyaiPHUgvMHayX77QOWtLpkeZBTjaw5SPsBX/kZQNtoTJrJY
+AV4+s0YMmlOy5OiD9li3DmsrBY4/qi1l2qXhf15um13TpjgUezUTPud0Sl9RdCRs
+JlF3KyusK00kVcJzhWfeKDgWEzUU9JTB4y3zI52ikBc0+F8WJyfewbnG/+zwpZ0w
+MOLQjOU/s3y2poXELmT6LCC9KYF3Wzk5XAC8JzncxFoof2v8049APoGfoOFZSrnR
+hfTtKss/DbvflCZNvGkCAwEAAaN7MHkwWAYDVR0RBFEwT4Ied3d3LnN0dWRlcmEu
+dGVzdGEuYW50YWduaW5nLnNlhi1odHRwczovL3d3dy5zdHVkZXJhLnRlc3RhLmFu
+dGFnbmluZy5zZS9hd3Mtc3AwHQYDVR0OBBYEFFTp0IGafYcfkLdZT7V95qQP3kGs
+MA0GCSqGSIb3DQEBBQUAA4IBAQCICR8wZkdUMpmjhBdYEJIgwqfk83pyw1FJTwMW
+TmthDPWG1mfpV2ptdEtxf5S4ZJI+xfgLGmAEBJ2Lt8Cig5fL+gK9/h6wI8A9HBDd
+zACYugcg+0rBt9H2u70PkgxByntYNU8bWIC5evH8X+pstmYxxpqhfebycRctOlJg
+ATUacbqy1qCc+4Gm8KZPy7CE22vErDqGiKBw5hiSXkYcSXWd+Txmwu6R+5VANsfp
+B4TXrBvXvMdI2VCiyK0dWnHicw4nyT2e7MNGiXfGlvagxlTzfm+898g0+tGVgVle
+RjgZQIDGhisNo2gnk7rDXoas4t/uGKzbzpxI9jjGdlgvJF8L
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.studera.testa.antagning.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="http://lingon.ladok.umu.se:8087/sp.xml" xml:base="swamid-1.0/lingon.ladok.umu.se.xml">
+ <md:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIC8jCCAlugAwIBAgIJAJHg2V5J31I8MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+BAYTAlNFMQ0wCwYDVQQHEwRVbWVhMRgwFgYDVQQKEw9VbWVhIFVuaXZlcnNpdHkx
+EDAOBgNVBAsTB0lUIFVuaXQxEDAOBgNVBAMTB1Rlc3QgU1AwHhcNMDkxMDI2MTMz
+MTE1WhcNMTAxMDI2MTMzMTE1WjBaMQswCQYDVQQGEwJTRTENMAsGA1UEBxMEVW1l
+YTEYMBYGA1UEChMPVW1lYSBVbml2ZXJzaXR5MRAwDgYDVQQLEwdJVCBVbml0MRAw
+DgYDVQQDEwdUZXN0IFNQMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkJWP7
+bwOxtH+E15VTaulNzVQ/0cSbM5G7abqeqSNSs0l0veHr6/ROgW96ZeQ57fzVy2MC
+FiQRw2fzBs0n7leEmDJyVVtBTavYlhAVXDNa3stgvh43qCfLx+clUlOvtnsoMiiR
+mo7qf0BoPKTj7c0uLKpDpEbAHQT4OF1HRYVxMwIDAQABo4G/MIG8MB0GA1UdDgQW
+BBQ7RgbMJFDGRBu9o3tDQDuSoBy7JjCBjAYDVR0jBIGEMIGBgBQ7RgbMJFDGRBu9
+o3tDQDuSoBy7JqFepFwwWjELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGDAW
+BgNVBAoTD1VtZWEgVW5pdmVyc2l0eTEQMA4GA1UECxMHSVQgVW5pdDEQMA4GA1UE
+AxMHVGVzdCBTUIIJAJHg2V5J31I8MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
+BQADgYEAMuRwwXRnsiyWzmRikpwinnhTmbooKm5TINPE7A7gSQ710RxioQePPhZO
+zkM27NnHTrCe2rBVg0EGz7QTd1JIwLPvgoj4VTi/fSha/tXrYUaqc9AqU1kWI4WN
++vffBGQ09mo+6CffuFTZYeOhzP/2stAPwCTU4kxEoiy0KpZMANI=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://lingon.ladok.umu.se:8087/" index="1"/>
+ </md:SPSSODescriptor>
+ <md:Organization>
+ <md:OrganizationName xml:lang="en">The GEMbus registry</md:OrganizationName>
+ <md:OrganizationDisplayName xml:lang="en">The GEMbus registry</md:OrganizationDisplayName>
+ <md:OrganizationURL xml:lang="en">http://lingon.ladok.umu.se:8087/gembus.html</md:OrganizationURL>
+ </md:Organization>
+ <md:ContactPerson contactType="technical">
+ <md:GivenName>Roland</md:GivenName>
+ <md:SurName>Hedberg</md:SurName>
+ </md:ContactPerson>
+ </md:EntityDescriptor>
+ <md:EntityDescriptor ID="_262dbc75a47eb0c4a624d8a36da4a1cb" entityID="https://ni.nordu.net/shibboleth" xml:base="swamid-1.0/ni.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ni.nordu.net/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ni.nordu.net/Shibboleth.sso/DS/nordu.net" index="2"/>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ni.nordu.net/Shibboleth.sso/DS/kalmar2" index="3"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>ni.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=ni.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJANlBBCgOgwlrMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDG5pLm5vcmR1Lm5ldDAeFw0xMTA0MTQwODI3NTVaFw0yMTA0MTEwODI3NTVa
+MBcxFTATBgNVBAMTDG5pLm5vcmR1Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL3yI93uBoodiAVYq3LgjDjxoLPqiUdD96LtCFqsHA1FSBk0oNwL
+Ds26j97qJ0xf9zN5BcZJ7skEybGgzOJviSjfwjhEyKjtBuZAnTVlj/p5w4WwBP98
+quEstH2kUOE2h+y4ZcUhIVO+isTC3D8aUKCdToYgirBd0l6vrvu/jOzjcwStPlZD
+RMNji2G8X3+0DJReGZE/Q71z+3PW5YGxs5XwyISOy+5ImVATVbSNuhAy7IL2HnjJ
+nCvsTcCxIJULA0XRkgkR4TBY6PLfrCks6ocaSxG1N/iseWa/BtJUl10VsbFnf+J8
+u4bUsUXFaWn/kTCFSrINgPedjjSPgDDNfKMCAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+bmkubm9yZHUubmV0MB0GA1UdDgQWBBR977QeQ6awdBrt4qPsFwhwWvg3tzANBgkq
+hkiG9w0BAQUFAAOCAQEAdUD+WtILbxxXQ5W4ulCsoZa3UtqI5muH9o2mE00btQh9
+R8OWlj9qJ9AydqgyCOSGHoEjqHNLroF7FfAuOb3MpbBEiErgVSN3UEmdSywIKEiW
+gyqNK2iFvtFdaZcO2nnuScdiaoRkmBhpw9oZwHq3rHU89SJtWl3PL9EEosj1lsRa
+eYppZPKEQBdp0EwzEX19XOvt8CJa3kOytBP4B/VgRLyEMIEGTIwYSjRdKapQ1Pt9
++PzGf18iwZX9g40T7HG/1x6tWRaN6Uo28suG0ZJ7DlNIN7XREiookNmDgbokPFRe
+gr3luWR80XE/BadEH5ou361kFDqBeuskbdr357QtCw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>ni.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=ni.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJANlBBCgOgwlrMA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDG5pLm5vcmR1Lm5ldDAeFw0xMTA0MTQwODI3NTVaFw0yMTA0MTEwODI3NTVa
+MBcxFTATBgNVBAMTDG5pLm5vcmR1Lm5ldDCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAL3yI93uBoodiAVYq3LgjDjxoLPqiUdD96LtCFqsHA1FSBk0oNwL
+Ds26j97qJ0xf9zN5BcZJ7skEybGgzOJviSjfwjhEyKjtBuZAnTVlj/p5w4WwBP98
+quEstH2kUOE2h+y4ZcUhIVO+isTC3D8aUKCdToYgirBd0l6vrvu/jOzjcwStPlZD
+RMNji2G8X3+0DJReGZE/Q71z+3PW5YGxs5XwyISOy+5ImVATVbSNuhAy7IL2HnjJ
+nCvsTcCxIJULA0XRkgkR4TBY6PLfrCks6ocaSxG1N/iseWa/BtJUl10VsbFnf+J8
+u4bUsUXFaWn/kTCFSrINgPedjjSPgDDNfKMCAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+bmkubm9yZHUubmV0MB0GA1UdDgQWBBR977QeQ6awdBrt4qPsFwhwWvg3tzANBgkq
+hkiG9w0BAQUFAAOCAQEAdUD+WtILbxxXQ5W4ulCsoZa3UtqI5muH9o2mE00btQh9
+R8OWlj9qJ9AydqgyCOSGHoEjqHNLroF7FfAuOb3MpbBEiErgVSN3UEmdSywIKEiW
+gyqNK2iFvtFdaZcO2nnuScdiaoRkmBhpw9oZwHq3rHU89SJtWl3PL9EEosj1lsRa
+eYppZPKEQBdp0EwzEX19XOvt8CJa3kOytBP4B/VgRLyEMIEGTIwYSjRdKapQ1Pt9
++PzGf18iwZX9g40T7HG/1x6tWRaN6Uo28suG0ZJ7DlNIN7XREiookNmDgbokPFRe
+gr3luWR80XE/BadEH5ou361kFDqBeuskbdr357QtCw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ni.nordu.net/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ni.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ni.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ni.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ni.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ni.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ni.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ni.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ni.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ni.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ni.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ni.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ni.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ni.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ni.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://jabber.nordu.net/shibboleth" xml:base="swamid-1.0/jabber.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>jabber.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=jabber.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJAMdBcIFfKqNcMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEGphYmJlci5ub3JkdS5uZXQwHhcNMTEwNDE1MDkxNDQ2WhcNMjEwNDEyMDkx
+NDQ2WjAbMRkwFwYDVQQDExBqYWJiZXIubm9yZHUubmV0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAuf/UhI1cEEWM1EVJNLJLxNQAjgcU1Ed4rWubB9iu
+ZPmmpDnXMPJ/PiTAoi58iqzs28M6CN3mVqwP/PlMyt/N1toIu0VSd9R9czXyEmII
+JgBiEJ4CWbLdbhaLoCGeBEyKCob4ZdpHnV/+9o3Vx2kFo6frFg/SY4ryi1hXomcp
+hR5iTpo4H5pYDqFquvlJ0fxPmPBhqZpCeLhJBPGjTrS6rrEnkUYh3iKOywboOMIN
+yVdNhUcV5PPSM3+e0McIquAfRumRacVfhe+qvofEuTlWbTSPQLQymBfBMaDUDYjH
+WK6+jGjLAHB8Y9PPvwM/ecRSb6vckKfpu/Y/+arsn/7ihwIDAQABoz4wPDAbBgNV
+HREEFDASghBqYWJiZXIubm9yZHUubmV0MB0GA1UdDgQWBBTpbrmNDAbzimHpvfgR
+Xi9+6vC1GDANBgkqhkiG9w0BAQUFAAOCAQEAFa/NGDqdgxvqkqss0m4SLCa2omxV
+opoYV2zwA7wjPqlPPi4M20i2LysFyqwrPHmOKH0wcAWiB4+d8XN8UmsLrVODmrJN
+BD07pGaDP6jamTtHOr4Enj25pJ/0Fe5hZeLJ3ppFebgq6TfrTd41qIwmC0KMClay
+K0rTtqshk+nKb89Re3xutEU9D7r+EaoHIa9rw1bTz6UmkFZ5ovjfV3htogb8xNt9
+2kQbxgdjl0QkFTf2sURB+4El0oUnXdOZiqQS5hqjEtZDJ6NlDvtW7OtH/SE2PAyn
+zvTzeciRKJ9UNf9ibAJGF7jz/GP5r+yUgizdV0wyikyUa8VNyrSeExBUVg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>jabber.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=jabber.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC9zCCAd+gAwIBAgIJAMdBcIFfKqNcMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNV
+BAMTEGphYmJlci5ub3JkdS5uZXQwHhcNMTEwNDE1MDkxNDQ2WhcNMjEwNDEyMDkx
+NDQ2WjAbMRkwFwYDVQQDExBqYWJiZXIubm9yZHUubmV0MIIBIjANBgkqhkiG9w0B
+AQEFAAOCAQ8AMIIBCgKCAQEAuf/UhI1cEEWM1EVJNLJLxNQAjgcU1Ed4rWubB9iu
+ZPmmpDnXMPJ/PiTAoi58iqzs28M6CN3mVqwP/PlMyt/N1toIu0VSd9R9czXyEmII
+JgBiEJ4CWbLdbhaLoCGeBEyKCob4ZdpHnV/+9o3Vx2kFo6frFg/SY4ryi1hXomcp
+hR5iTpo4H5pYDqFquvlJ0fxPmPBhqZpCeLhJBPGjTrS6rrEnkUYh3iKOywboOMIN
+yVdNhUcV5PPSM3+e0McIquAfRumRacVfhe+qvofEuTlWbTSPQLQymBfBMaDUDYjH
+WK6+jGjLAHB8Y9PPvwM/ecRSb6vckKfpu/Y/+arsn/7ihwIDAQABoz4wPDAbBgNV
+HREEFDASghBqYWJiZXIubm9yZHUubmV0MB0GA1UdDgQWBBTpbrmNDAbzimHpvfgR
+Xi9+6vC1GDANBgkqhkiG9w0BAQUFAAOCAQEAFa/NGDqdgxvqkqss0m4SLCa2omxV
+opoYV2zwA7wjPqlPPi4M20i2LysFyqwrPHmOKH0wcAWiB4+d8XN8UmsLrVODmrJN
+BD07pGaDP6jamTtHOr4Enj25pJ/0Fe5hZeLJ3ppFebgq6TfrTd41qIwmC0KMClay
+K0rTtqshk+nKb89Re3xutEU9D7r+EaoHIa9rw1bTz6UmkFZ5ovjfV3htogb8xNt9
+2kQbxgdjl0QkFTf2sURB+4El0oUnXdOZiqQS5hqjEtZDJ6NlDvtW7OtH/SE2PAyn
+zvTzeciRKJ9UNf9ibAJGF7jz/GP5r+yUgizdV0wyikyUa8VNyrSeExBUVg==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jabber.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://jabber.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jabber.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jabber.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://jabber.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://jabber.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jabber.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jabber.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://jabber.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://jabber.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://jabber.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://jabber.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://jabber.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://jabber.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor ID="_32fd284fd4be55f0be4b0a2aec84f00a" entityID="https://epc.ub.uu.se/shibboleth" xml:base="swamid-1.0/epc.ub.uu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://epc.ub.uu.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>epc.ub.uu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=epc.ub.uu.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAPfL+CYfRXf3MA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDGVwYy51Yi51dS5zZTAeFw0xMTA0MjgwNjI1NDdaFw0yMTA0MjUwNjI1NDda
+MBcxFTATBgNVBAMTDGVwYy51Yi51dS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAMUEG0sMm1hQ/cU6c91BMeTgJq5G4HqmmNOMIwkBaLKgVd6X8nyB
+lMbd6KP+X3EzMT6W/uZRG++yYlYtLAbeA0juXrB7FvB2RN2gAMxFSveNz+MO28k/
+XXJ0qTEl0GDL7QCNGUojJ7HOoZ8716mBXKZw3gmAnyfRIWR4X/tnZ8tIKH+r6Jr1
+wWGHzw1uPzEIGeS3l3kfdYhYFncObWgns0Ptic6zmFXcVShfU64rzlurME5eHC5G
+iNKT8UmbZjLGmgzpGxQfS1zhRG9zs9ALM1d/lyF+UFLHDMejFqQYfPKkrS+JU/Bw
+tLFhkhhgQ3DRv1k93j9DhE1bq1XldbCnFQUCAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+ZXBjLnViLnV1LnNlMB0GA1UdDgQWBBQJPhqH0Pdo2v0HzpSCFTtL3SXY8zANBgkq
+hkiG9w0BAQUFAAOCAQEAYn86jjAEVTBoIFoAMl18OgX95pMBV2J9NUIQ4uZIjp3Z
+Up7z5yfrnVH9BCs0LAbCdQCLrh+87rslBxY3FA8ozuBPMO3mMzemGlT9PNeofGY7
+vTC+5XAybhuqhiHfw5ZYpMzL4fyVNz0bC5vTTCF11RUK/IXD0ZfISvheSUgdGoP/
+iv/0CV0q978vNja0BjZ6qESVEOr3xFKLUJvsGOPrtoW32eVoaJ7idR53Rc4LdZIx
+0o7hTAzFGzSIdxc0SoBbJ32KqeZSWgmN1d6AvBiID4USZsfQXwBdrUQZSEgGYRwf
+LUklHC4ncWzgxrI1yRQeU2gF0WMmCBF4UOX5e1J5JA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>epc.ub.uu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=epc.ub.uu.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC6zCCAdOgAwIBAgIJAPfL+CYfRXf3MA0GCSqGSIb3DQEBBQUAMBcxFTATBgNV
+BAMTDGVwYy51Yi51dS5zZTAeFw0xMTA0MjgwNjI1NDdaFw0yMTA0MjUwNjI1NDda
+MBcxFTATBgNVBAMTDGVwYy51Yi51dS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAMUEG0sMm1hQ/cU6c91BMeTgJq5G4HqmmNOMIwkBaLKgVd6X8nyB
+lMbd6KP+X3EzMT6W/uZRG++yYlYtLAbeA0juXrB7FvB2RN2gAMxFSveNz+MO28k/
+XXJ0qTEl0GDL7QCNGUojJ7HOoZ8716mBXKZw3gmAnyfRIWR4X/tnZ8tIKH+r6Jr1
+wWGHzw1uPzEIGeS3l3kfdYhYFncObWgns0Ptic6zmFXcVShfU64rzlurME5eHC5G
+iNKT8UmbZjLGmgzpGxQfS1zhRG9zs9ALM1d/lyF+UFLHDMejFqQYfPKkrS+JU/Bw
+tLFhkhhgQ3DRv1k93j9DhE1bq1XldbCnFQUCAwEAAaM6MDgwFwYDVR0RBBAwDoIM
+ZXBjLnViLnV1LnNlMB0GA1UdDgQWBBQJPhqH0Pdo2v0HzpSCFTtL3SXY8zANBgkq
+hkiG9w0BAQUFAAOCAQEAYn86jjAEVTBoIFoAMl18OgX95pMBV2J9NUIQ4uZIjp3Z
+Up7z5yfrnVH9BCs0LAbCdQCLrh+87rslBxY3FA8ozuBPMO3mMzemGlT9PNeofGY7
+vTC+5XAybhuqhiHfw5ZYpMzL4fyVNz0bC5vTTCF11RUK/IXD0ZfISvheSUgdGoP/
+iv/0CV0q978vNja0BjZ6qESVEOr3xFKLUJvsGOPrtoW32eVoaJ7idR53Rc4LdZIx
+0o7hTAzFGzSIdxc0SoBbJ32KqeZSWgmN1d6AvBiID4USZsfQXwBdrUQZSEgGYRwf
+LUklHC4ncWzgxrI1yRQeU2gF0WMmCBF4UOX5e1J5JA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://epc.ub.uu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://epc.ub.uu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://epc.ub.uu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://epc.ub.uu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://epc.ub.uu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://epc.ub.uu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://epc.ub.uu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://epc.ub.uu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://epc.ub.uu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://epc.ub.uu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://epc.ub.uu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://epc.ub.uu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://epc.ub.uu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://epc.ub.uu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://epc.ub.uu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://expert.antagning.se/ecs-sp" xml:base="swamid-1.0/expert.antagning.se.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>expert.antagning.se</ds:KeyName>
+ <ds:KeyName>https://expert.antagning.se/ecs-sp</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=expert.antagning.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDJDCCAgygAwIBAgIJANSBcY8AW9T/MA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2V4cGVydC5hbnRhZ25pbmcuc2UwHhcNMTEwNTA5MTc0MTQ3WhcNMjEwNTA2
+MTc0MTQ3WjAeMRwwGgYDVQQDExNleHBlcnQuYW50YWduaW5nLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtylQ0TngqqfQUnyBdtd1+WfFCBaFa1MY
+Twc7L/toQr6WJ1QfQyFZgWTEM48PySKVxt+NByyY9VXmcIhADPiP+QiPccME4ink
+x+/xmU532IW6IW1lg3QOLh2tG5fplJZvbmW5ni/tv5Rw/bSDFmagw3AyasIM1OpK
+vbDzJXM80KYR77nNHlS6498D3KcCjJ8gyuzk8XpvDZhCHJ/B3Vz+FvK05w/ljaBF
+F0qpQCDoOKK2+fJhV97wVy5jkzTMS/bMCYxiq3/LjxLmEwTBAiNF3MDEV7yW0TZc
+jmyrvL6jOrTTO6ayOI4N8tHTy6lWBKwNkTryZXhlWarL9r2o1R+9bQIDAQABo2Uw
+YzBCBgNVHREEOzA5ghNleHBlcnQuYW50YWduaW5nLnNlhiJodHRwczovL2V4cGVy
+dC5hbnRhZ25pbmcuc2UvZWNzLXNwMB0GA1UdDgQWBBQa1efPa+KRN4VdbtmNatIz
+E2xf2DANBgkqhkiG9w0BAQUFAAOCAQEAexJmaW4Kn8/Toc2VB0XxUTxFhVPl1Yvx
+mTNQw/gFEeguL4bQeHTJQ5UIB43vTCR7Z4ZEWpZjdCm7AI88HoxtMF5ktm9YBAIk
+o1ANyEWZ+vjviRUncnudPoutH8xoM+WzyCXLsEHPTfMu5KLb8U80Wgn8/0qDSEwt
+iD+vjf5QaeVmd8i7HUeWg2R6e1EmRNeJssg7wAMeoWD76oOY4s55kmRG3GOY+iVV
+Pi755TKRrhgKLRu6X2ohz0/H8QNDkVpo/0u/zlW4iNVOyLeSzPuQhDl0xy4LTKo7
+hMvkdB9ux/vPq93rCzcdDnW+zoZmsj1EXtqjDSSEgb/6zJ+ExbZ29Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>expert.antagning.se</ds:KeyName>
+ <ds:KeyName>https://expert.antagning.se/ecs-sp</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=expert.antagning.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDJDCCAgygAwIBAgIJANSBcY8AW9T/MA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2V4cGVydC5hbnRhZ25pbmcuc2UwHhcNMTEwNTA5MTc0MTQ3WhcNMjEwNTA2
+MTc0MTQ3WjAeMRwwGgYDVQQDExNleHBlcnQuYW50YWduaW5nLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtylQ0TngqqfQUnyBdtd1+WfFCBaFa1MY
+Twc7L/toQr6WJ1QfQyFZgWTEM48PySKVxt+NByyY9VXmcIhADPiP+QiPccME4ink
+x+/xmU532IW6IW1lg3QOLh2tG5fplJZvbmW5ni/tv5Rw/bSDFmagw3AyasIM1OpK
+vbDzJXM80KYR77nNHlS6498D3KcCjJ8gyuzk8XpvDZhCHJ/B3Vz+FvK05w/ljaBF
+F0qpQCDoOKK2+fJhV97wVy5jkzTMS/bMCYxiq3/LjxLmEwTBAiNF3MDEV7yW0TZc
+jmyrvL6jOrTTO6ayOI4N8tHTy6lWBKwNkTryZXhlWarL9r2o1R+9bQIDAQABo2Uw
+YzBCBgNVHREEOzA5ghNleHBlcnQuYW50YWduaW5nLnNlhiJodHRwczovL2V4cGVy
+dC5hbnRhZ25pbmcuc2UvZWNzLXNwMB0GA1UdDgQWBBQa1efPa+KRN4VdbtmNatIz
+E2xf2DANBgkqhkiG9w0BAQUFAAOCAQEAexJmaW4Kn8/Toc2VB0XxUTxFhVPl1Yvx
+mTNQw/gFEeguL4bQeHTJQ5UIB43vTCR7Z4ZEWpZjdCm7AI88HoxtMF5ktm9YBAIk
+o1ANyEWZ+vjviRUncnudPoutH8xoM+WzyCXLsEHPTfMu5KLb8U80Wgn8/0qDSEwt
+iD+vjf5QaeVmd8i7HUeWg2R6e1EmRNeJssg7wAMeoWD76oOY4s55kmRG3GOY+iVV
+Pi755TKRrhgKLRu6X2ohz0/H8QNDkVpo/0u/zlW4iNVOyLeSzPuQhDl0xy4LTKo7
+hMvkdB9ux/vPq93rCzcdDnW+zoZmsj1EXtqjDSSEgb/6zJ+ExbZ29Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://expert.antagning.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://expert.antagning.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://expert.antagning.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://expert.antagning.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://expert.antagning.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://expert.antagning.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://expert.antagning.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://expert.antagning.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://expert.antagning.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://expert.antagning.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://expert.antagning.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://expert.antagning.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://expert.antagning.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://expert.antagning.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://expert.antagning.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://ITS-PD0001.ad.umu.se/shibboleth" xml:base="swamid-1.0/its-pd0001.ad.umu.se.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/DS/ds.swamid.se"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SU"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/KI"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>its-pd0001.ad.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=tommy.larsson@adm.umu.se,CN=its-pd0001.ad.umu.se,OU=ITS,O=ITS,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEAzCCAuugAwIBAgIJAODAFUWnpMJcMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYD
+VQQGEwJTRTEVMBMGA1UECAwMVmFzdGVyYm90dGVuMQ0wCwYDVQQHDARVbWVhMQww
+CgYDVQQKDANJVFMxDDAKBgNVBAsMA0lUUzEdMBsGA1UEAwwUaXRzLXBkMDAwMS5h
+ZC51bXUuc2UxJzAlBgkqhkiG9w0BCQEWGHRvbW15LmxhcnNzb25AYWRtLnVtdS5z
+ZTAeFw0xMTA1MTkwNTM1MzhaFw0xNDA0MDEwNTM1MzhaMIGXMQswCQYDVQQGEwJT
+RTEVMBMGA1UECAwMVmFzdGVyYm90dGVuMQ0wCwYDVQQHDARVbWVhMQwwCgYDVQQK
+DANJVFMxDDAKBgNVBAsMA0lUUzEdMBsGA1UEAwwUaXRzLXBkMDAwMS5hZC51bXUu
+c2UxJzAlBgkqhkiG9w0BCQEWGHRvbW15LmxhcnNzb25AYWRtLnVtdS5zZTCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMYWYajF/EyJpqcdlhitNq358A4W
+iq6/wvKwfaoKSAZXFbM/mez01bOBa0woZf/xeGVbjjBPCOui8pqL90O5ThFcAAnM
+k1inJMGNYuzKoRSLlYpQ4zNBY4hm8fq3cT71AzaO6V6IiCeUfdV8dYmBONiiqHTc
+dvFc6NSebRbkpnGZlfq/HUhltQccLTjhvGf6vFA6HpKSbPfM5Q7/KIh0486zgJb7
+JJt/J2J616Mb9t/qStcXkGUnDup6oIrTfxBUGTt7trjh4RIyJvSWqJbNb/Vlr88l
++P8vdc49WTVSF3wWFHymJLqg+zl33foHjdaOBoqATxbHX8YfrQzqgLfI2SUCAwEA
+AaNQME4wHQYDVR0OBBYEFCiF/Tc1nNgp4QPU8LKYLT0lYbfCMB8GA1UdIwQYMBaA
+FCiF/Tc1nNgp4QPU8LKYLT0lYbfCMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
+BQADggEBAHr0cb7fhCxXshy/ELi5rWVViwg9T5mdQbhNIyKmkgb7vJXXfx8kexPb
+y+DU2BR2JgGUdjrJkbU4zNPUFNF08NiC3g3GPFqFKKTxJ0mH9rJHRekhzmZriMLN
+9PtSqDuwYmnATLT15TGV57aBUypcu/SutdJAWGnK0toSsTXYy+zKDiBhOyqiVsqs
+2nRkodiGJA16Ig+q2WykUYEGRvxNjzgfKWvCsoSaaNCoZ+UAnnKv9DysN6FSg78h
+R5wJLs1ZiquE/l6Iq4DutimBvoNc6TNnTwGYWJIo4LTrJGLTxa/ZQl0uEYPS/SWP
+qo9cBPEaTnL1Lr1ecg2/SlL0KYppyWk=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://ITS-PD0001.ad.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.servicedesk.its.umu.se/shibboleth" xml:base="swamid-1.0/www.servicedesk.its.umu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>www.servicedesk.its.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=tommy.larsson@adm.umu.se,CN=www.servicedesk.its.umu.se,OU=ITS,O=ITS,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEDzCCAvegAwIBAgIJAK1n6INIIuwWMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD
+VQQGEwJTRTEVMBMGA1UECAwMVmFzdGVyYm90dGVuMQ0wCwYDVQQHDARVbWVhMQww
+CgYDVQQKDANJVFMxDDAKBgNVBAsMA0lUUzEjMCEGA1UEAwwad3d3LnNlcnZpY2Vk
+ZXNrLml0cy51bXUuc2UxJzAlBgkqhkiG9w0BCQEWGHRvbW15LmxhcnNzb25AYWRt
+LnVtdS5zZTAeFw0xMTA1MTYwNjM4NTBaFw0xNDAzMjkwNjM4NTBaMIGdMQswCQYD
+VQQGEwJTRTEVMBMGA1UECAwMVmFzdGVyYm90dGVuMQ0wCwYDVQQHDARVbWVhMQww
+CgYDVQQKDANJVFMxDDAKBgNVBAsMA0lUUzEjMCEGA1UEAwwad3d3LnNlcnZpY2Vk
+ZXNrLml0cy51bXUuc2UxJzAlBgkqhkiG9w0BCQEWGHRvbW15LmxhcnNzb25AYWRt
+LnVtdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANJEvTU6sPUf
++QdTlHhSzEHHBraAqXnmBAtCH4PrpYZt5UBMnrDCfWMWI6rDQ0m5t/foWGMG/Eat
+EycsYbySEyDgiK7AK9ahC0Bpd6CyT1gYGOfBIdMDNOgCahr2GnnvNp78/sUaC7pU
+qDXOdMsB4iPiLtEYCa6XTJi/KVB487utrIMud4UpGojtXORSFHpPC45QHgZicj8R
+0jIL7VPCTgJBKWwqeMoOUtDl5iFgMXTkafXVKR+rrh8UFS4LmNNid0PbxofI/azG
+vc7CF0E59O184V6UnLHJwcLqaJkVzIdq1z5dUKxskPnm6xX1xZNC+DVW7ALEEfD8
+MZeVe3PJn9cCAwEAAaNQME4wHQYDVR0OBBYEFO3UOhgEKHKE36Id4OB/zbb73ZmK
+MB8GA1UdIwQYMBaAFO3UOhgEKHKE36Id4OB/zbb73ZmKMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQEFBQADggEBABQZkJyN0sgb+pGxw+sSeYSLhZxdLOySKZSr7LV4
+GinxtO41dwXNmGFPavO4sYExqo2FWUo2RItwUorOHCtlpypfWf+xBThD2uRR44+a
+tb0wNbW7y/hGwCCe1as2lewrvPOzWVG51I4Xxw5hiNpz+7ayNRX+icYgONP1ZSN+
+jrymeKjpHE9w443OiAkezSm2tXADbEugC+DhowF9PXnX2Gn8BfXrD1LPP1ze200S
+4tHrNMcpgz8mndg+eAvBnGxe/OdC+DuDO/33E559DYGi7Iw5GzGbCPLCuUsWvstm
+Ak0+kMSVOzv6UoGDUEbEh2o5K1iQnOzUKyTJrfW1if1I8Wg=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>www.servicedesk.its.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=tommy.larsson@adm.umu.se,CN=www.servicedesk.its.umu.se,OU=ITS,O=ITS,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEDzCCAvegAwIBAgIJAK1n6INIIuwWMA0GCSqGSIb3DQEBBQUAMIGdMQswCQYD
+VQQGEwJTRTEVMBMGA1UECAwMVmFzdGVyYm90dGVuMQ0wCwYDVQQHDARVbWVhMQww
+CgYDVQQKDANJVFMxDDAKBgNVBAsMA0lUUzEjMCEGA1UEAwwad3d3LnNlcnZpY2Vk
+ZXNrLml0cy51bXUuc2UxJzAlBgkqhkiG9w0BCQEWGHRvbW15LmxhcnNzb25AYWRt
+LnVtdS5zZTAeFw0xMTA1MTYwNjM4NTBaFw0xNDAzMjkwNjM4NTBaMIGdMQswCQYD
+VQQGEwJTRTEVMBMGA1UECAwMVmFzdGVyYm90dGVuMQ0wCwYDVQQHDARVbWVhMQww
+CgYDVQQKDANJVFMxDDAKBgNVBAsMA0lUUzEjMCEGA1UEAwwad3d3LnNlcnZpY2Vk
+ZXNrLml0cy51bXUuc2UxJzAlBgkqhkiG9w0BCQEWGHRvbW15LmxhcnNzb25AYWRt
+LnVtdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBANJEvTU6sPUf
++QdTlHhSzEHHBraAqXnmBAtCH4PrpYZt5UBMnrDCfWMWI6rDQ0m5t/foWGMG/Eat
+EycsYbySEyDgiK7AK9ahC0Bpd6CyT1gYGOfBIdMDNOgCahr2GnnvNp78/sUaC7pU
+qDXOdMsB4iPiLtEYCa6XTJi/KVB487utrIMud4UpGojtXORSFHpPC45QHgZicj8R
+0jIL7VPCTgJBKWwqeMoOUtDl5iFgMXTkafXVKR+rrh8UFS4LmNNid0PbxofI/azG
+vc7CF0E59O184V6UnLHJwcLqaJkVzIdq1z5dUKxskPnm6xX1xZNC+DVW7ALEEfD8
+MZeVe3PJn9cCAwEAAaNQME4wHQYDVR0OBBYEFO3UOhgEKHKE36Id4OB/zbb73ZmK
+MB8GA1UdIwQYMBaAFO3UOhgEKHKE36Id4OB/zbb73ZmKMAwGA1UdEwQFMAMBAf8w
+DQYJKoZIhvcNAQEFBQADggEBABQZkJyN0sgb+pGxw+sSeYSLhZxdLOySKZSr7LV4
+GinxtO41dwXNmGFPavO4sYExqo2FWUo2RItwUorOHCtlpypfWf+xBThD2uRR44+a
+tb0wNbW7y/hGwCCe1as2lewrvPOzWVG51I4Xxw5hiNpz+7ayNRX+icYgONP1ZSN+
+jrymeKjpHE9w443OiAkezSm2tXADbEugC+DhowF9PXnX2Gn8BfXrD1LPP1ze200S
+4tHrNMcpgz8mndg+eAvBnGxe/OdC+DuDO/33E559DYGi7Iw5GzGbCPLCuUsWvstm
+Ak0+kMSVOzv6UoGDUEbEh2o5K1iQnOzUKyTJrfW1if1I8Wg=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SAML/POST" index="7"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SAML2/Artifact" index="8"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SAML2/ECP" index="9"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SAML2/POST" index="10"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.servicedesk.its.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="11"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://umdac-olho0001.ad.umu.se/shibboleth" xml:base="swamid-1.0/umdac-olho0001.ad.umu.se.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/DS/ds.swamid.se"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SU"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/KI"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/Loginy"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/Loginx"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>umdac-olho0001.ad.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=olov.hoglund@adm.umu.se,CN=umdac-olho0001.ad.umu.se,OU=ITS,O=ITS,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIECTCCAvGgAwIBAgIJAK3Ixi4wEKOLMA0GCSqGSIb3DQEBBQUAMIGaMQswCQYD
+VQQGEwJTRTEVMBMGA1UECAwMVmFzdGVyYm90dGVuMQ0wCwYDVQQHDARVbWVhMQww
+CgYDVQQKDANJVFMxDDAKBgNVBAsMA0lUUzEhMB8GA1UEAwwYdW1kYWMtb2xobzAw
+MDEuYWQudW11LnNlMSYwJAYJKoZIhvcNAQkBFhdvbG92LmhvZ2x1bmRAYWRtLnVt
+dS5zZTAeFw0xMTA1MTkwODQzMTNaFw0xNDA0MDEwODQzMTNaMIGaMQswCQYDVQQG
+EwJTRTEVMBMGA1UECAwMVmFzdGVyYm90dGVuMQ0wCwYDVQQHDARVbWVhMQwwCgYD
+VQQKDANJVFMxDDAKBgNVBAsMA0lUUzEhMB8GA1UEAwwYdW1kYWMtb2xobzAwMDEu
+YWQudW11LnNlMSYwJAYJKoZIhvcNAQkBFhdvbG92LmhvZ2x1bmRAYWRtLnVtdS5z
+ZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM/WaqpHa41juTzDaZs4
+3FZXOXqSTtZWoI2h4/1xr619liNbZ2eJ+Dlwpjde0hyqiQ+xbMxVvMbn/6LF5Zsp
+JoNofugOMUXieKj/OiP8S35QjuOQaNIUIW102NoRsx1pqdQUYjaqg4UG/c5gyZRu
+iDff6F6lnSsnKUpWkDHDcLdknQ0pTdNlhmlR2YSoy8D2twr/SdQfih0IVbL6WLw9
+bB7T05+jxEuiAsAeDFPGnT8hHowQgHlMmRGjQ/cRRBbuMFxxfH8rB5PHe63TBxMl
+sGzQgGgqqbxn/lRiVGUcFSDbPrO5G4ndkKrz5bwwDoqCE8tJkfbEwmzfvlb6Lvcz
+BMMCAwEAAaNQME4wHQYDVR0OBBYEFLXDc99280S72ej+9ADMJPXy/HkqMB8GA1Ud
+IwQYMBaAFLXDc99280S72ej+9ADMJPXy/HkqMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBALFQR+c3B/yoY0RSvcGW3GV4clryvVjDQehTsg8BrnSafuU3
+v86B38Gqrf75rm8Zrs/cm/rpcmibdTDi7EObUUrHMlRBFaaoSxwqDRNGlYhVLx6t
+iEm749FD8yau5/85er7//3a+LFEsaid4G/3jCjyVO2bmZPERrqlk2QaHhpJwmVnL
+QiOVXEI5kZcLh82asMMKOOWkm/mEaguFOXWksUSOmk1bOUxZPkY0eTtIdqyHPuBv
+3BjkPojMH6Ixwv0vluO26w1ZwOYqw6plU5n7D1tJ9YdJ6DAQjeDUXmdrgqS8Dpw9
+yJ87d7WXKCfNlolR2zh8rlXP5N2pv2MV8UsBuPY=
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://umdac-olho0001.ad.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.wisum.its.umu.se/shibboleth" xml:base="swamid-1.0/www.wisum.its.umu.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://www.wisum.its.umu.se/Shibboleth.sso/DS/ds.swamid.se"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://www.wisum.its.umu.se/Shibboleth.sso/DS/ds.swamid.se" index="1"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SU"/>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://www.wisum.its.umu.se/Shibboleth.sso/KI"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>www.wisum.its.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>emailAddress=mats.larsson@adm.umu.se,CN=www.wisum.its.umu.se,OU=ITS,O=ITS,L=Umea,ST=Vasterbotten,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEsDCCA5igAwIBAgIJAPSljFRXQ/2WMA0GCSqGSIb3DQEBBQUAMIGWMQswCQYD
+VQQGEwJTRTEVMBMGA1UECBMMVmFzdGVyYm90dGVuMQ0wCwYDVQQHEwRVbWVhMQww
+CgYDVQQKEwNJVFMxDDAKBgNVBAsTA0lUUzEdMBsGA1UEAxMUd3d3Lndpc3VtLml0
+cy51bXUuc2UxJjAkBgkqhkiG9w0BCQEWF21hdHMubGFyc3NvbkBhZG0udW11LnNl
+MB4XDTExMDMyOTA0NTYwN1oXDTE0MDIwOTA0NTYwN1owgZYxCzAJBgNVBAYTAlNF
+MRUwEwYDVQQIEwxWYXN0ZXJib3R0ZW4xDTALBgNVBAcTBFVtZWExDDAKBgNVBAoT
+A0lUUzEMMAoGA1UECxMDSVRTMR0wGwYDVQQDExR3d3cud2lzdW0uaXRzLnVtdS5z
+ZTEmMCQGCSqGSIb3DQEJARYXbWF0cy5sYXJzc29uQGFkbS51bXUuc2UwggEiMA0G
+CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDMoMQ5OKrObHhxztzsddelykKBWYrH
+IrQOTUROELgi8UvMhupoePJsxLEGtursJ34cUCJQbb+5z0llFpUHJVshCKnU1YYd
+V+3qIZJLTVStq7R2XkTD7+0OqP0+KqRtqMzaPUlb5QCZlhkGAvuH1s+5/T9ASzvw
+5bTX8aJ9Vcb7cceCxaY7meqCVP/6dd1uQErGgRK8o/+8M2+IwkPv9IzfQKfPchxq
+nKKU1q70ES1C60T0PgZiv4U0PFQcUKihXZPKNmijyHCk4uM092HbuQi9/xiLDFrq
+cVjz2rUd0hmzDN4KGrIAmBhgI3qGwJ/dGnXDI5E/Nm5IGQy76GREiZdVAgMBAAGj
+gf4wgfswHQYDVR0OBBYEFArY6dz4n9LgrjqUv/Kj7qQeCGlWMIHLBgNVHSMEgcMw
+gcCAFArY6dz4n9LgrjqUv/Kj7qQeCGlWoYGcpIGZMIGWMQswCQYDVQQGEwJTRTEV
+MBMGA1UECBMMVmFzdGVyYm90dGVuMQ0wCwYDVQQHEwRVbWVhMQwwCgYDVQQKEwNJ
+VFMxDDAKBgNVBAsTA0lUUzEdMBsGA1UEAxMUd3d3Lndpc3VtLml0cy51bXUuc2Ux
+JjAkBgkqhkiG9w0BCQEWF21hdHMubGFyc3NvbkBhZG0udW11LnNlggkA9KWMVFdD
+/ZYwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAo7v8NM28YrhtT0Nu
+KV/DloFrVfhytyLNvqqununPPcbyLECvGDnT3OyqhbBdleXonFqa9wzacDUmFcms
+FRh6wVGgDy/w1sxmswdqZtXl7tKTjYmPAAoHScTkgSUAoQTOM+wJfhp9QhcbiYJT
+OcDpjfKHDLFsBPpZe+UjlqC/cNWZzLC4/hd1DnVldzZGeaVZxYv2IXFsXk1Kn5YL
+9Ly23JSd+CZxMhwnDbq07Lxr427ynvNezKoQj1befUeWNqODzIgudrCJ9ePHjTI9
++y00LlpUhPJThokksq20YglJ6cnbKm206AQIZotZTkWDfZqrBXMkpd/T83v/RFrb
+9XlNvw==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.wisum.its.umu.se/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.wisum.its.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.wisum.its.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.wisum.its.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.wisum.its.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.wisum.its.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor ID="_48c96d8e33d70912920fa299b42898e5" entityID="https://mds.nordu.net/shibboleth" xml:base="swamid-1.0/mds.nordu.net.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>mds.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mds.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJAJy9CoSTSBHgMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDW1kcy5ub3JkdS5uZXQwHhcNMTEwNTI0MDkwMTI0WhcNMjEwNTIxMDkwMTI0
+WjAYMRYwFAYDVQQDEw1tZHMubm9yZHUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAzkiKNCOy4RX7t46Fc5fiBR3EazSIHiRLzULrrTqFE/h2j0PZ
+l+m5Zz7YVvVIrgegLYe3P2EbIymYuf+N7j/nxcoQiDneaywPP9tGX6D0YrSLHSLH
+MgnTGjjmugJxM5a7rFCjebeCI8KwI3LJlJ0vSp6m1KcPPibq9W478SsmQCipJ1dS
+sIiqoGdoD0g75BI0hrxVRr0ubgSycH3glW1UMGBMbhSe7cACrolSfuoTgpftYi90
+t6GyXeTCJYRw5W5rkBwsow9YIGqpldQfyfn/huNBS3cmRaa9nG0L9qhfKZhIMMGb
+cwTPkHYN7hmrQXBbdkwCRxT6LZXDXCafhUHoSQIDAQABo0owSDAnBgNVHREEIDAe
+gg1tZHMubm9yZHUubmV0hg1tZHMubm9yZHUubmV0MB0GA1UdDgQWBBQqK2psdO9L
+AT8fQvZM/1wQJAwxUjANBgkqhkiG9w0BAQUFAAOCAQEAXz5EvWeoUgb5Oy8myyHF
+SPDpXwWzZ/uNSnE40a3bPvjor1hH2AkEgMZ/GZ5HYT5hFVH6yEOGpBD576jYFmJ2
+K1EgSmb6j4dhPlBW6cRl6aIBqGJZFuS/D5KmkxEWABzorFQmxMJASAAZcb29x1Ee
+hvgLC2m2a3sNAKshsBbCVDSCoe5RK0J1YxqgsrkGTZmqH1czvZBxqVX09ISQCtWC
+ll3e7SVwC69BgwlZifZeO/QxSzyd+UIGXTq5O7oVr2LvnAweOtkgVpLPzBiIXNuR
+LE6cjSR4yr9//oZ1hMf6gdD0KWrfKSNt9LRzh1sodYAlXh+M36RGS3zvuxGuZ6qj
+RQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>mds.nordu.net</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=mds.nordu.net</ds:X509SubjectName>
+ <ds:X509Certificate>MIIC/TCCAeWgAwIBAgIJAJy9CoSTSBHgMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNV
+BAMTDW1kcy5ub3JkdS5uZXQwHhcNMTEwNTI0MDkwMTI0WhcNMjEwNTIxMDkwMTI0
+WjAYMRYwFAYDVQQDEw1tZHMubm9yZHUubmV0MIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAzkiKNCOy4RX7t46Fc5fiBR3EazSIHiRLzULrrTqFE/h2j0PZ
+l+m5Zz7YVvVIrgegLYe3P2EbIymYuf+N7j/nxcoQiDneaywPP9tGX6D0YrSLHSLH
+MgnTGjjmugJxM5a7rFCjebeCI8KwI3LJlJ0vSp6m1KcPPibq9W478SsmQCipJ1dS
+sIiqoGdoD0g75BI0hrxVRr0ubgSycH3glW1UMGBMbhSe7cACrolSfuoTgpftYi90
+t6GyXeTCJYRw5W5rkBwsow9YIGqpldQfyfn/huNBS3cmRaa9nG0L9qhfKZhIMMGb
+cwTPkHYN7hmrQXBbdkwCRxT6LZXDXCafhUHoSQIDAQABo0owSDAnBgNVHREEIDAe
+gg1tZHMubm9yZHUubmV0hg1tZHMubm9yZHUubmV0MB0GA1UdDgQWBBQqK2psdO9L
+AT8fQvZM/1wQJAwxUjANBgkqhkiG9w0BAQUFAAOCAQEAXz5EvWeoUgb5Oy8myyHF
+SPDpXwWzZ/uNSnE40a3bPvjor1hH2AkEgMZ/GZ5HYT5hFVH6yEOGpBD576jYFmJ2
+K1EgSmb6j4dhPlBW6cRl6aIBqGJZFuS/D5KmkxEWABzorFQmxMJASAAZcb29x1Ee
+hvgLC2m2a3sNAKshsBbCVDSCoe5RK0J1YxqgsrkGTZmqH1czvZBxqVX09ISQCtWC
+ll3e7SVwC69BgwlZifZeO/QxSzyd+UIGXTq5O7oVr2LvnAweOtkgVpLPzBiIXNuR
+LE6cjSR4yr9//oZ1hMf6gdD0KWrfKSNt9LRzh1sodYAlXh+M36RGS3zvuxGuZ6qj
+RQ==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mds.nordu.net/Shibboleth.sso/Artifact/SOAP" index="1"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mds.nordu.net/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mds.nordu.net/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mds.nordu.net/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mds.nordu.net/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://mds.nordu.net/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://mds.nordu.net/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mds.nordu.net/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mds.nordu.net/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://mds.nordu.net/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://mds.nordu.net/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://mds.nordu.net/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://mds.nordu.net/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mds.nordu.net/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://mds.nordu.net/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor ID="_d974ba18012cb7934fc29d76548fcbb96cdd84ee" entityID="https://kiladokdev.it.ki.se/shibboleth" xml:base="swamid-1.0/kiladokdev.it.ki.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/Login"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/Login" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>kiladokdev.it.ki.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=kiladokdev.it.ki.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDADCCAeigAwIBAgIJAMp62nwgYW3jMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNV
+BAMTE2tpbGFkb2tkZXYuaXQua2kuc2UwHhcNMTEwNTA2MDk0MzI0WhcNMjEwNTAz
+MDk0MzI0WjAeMRwwGgYDVQQDExNraWxhZG9rZGV2Lml0LmtpLnNlMIIBIjANBgkq
+hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxM8SLReq15M/D/J0ETBYZvMTVMpeno0B
+5d/ax2AOsJPn/4rzzVTTtIMroxr8yXKZ0RIxg+WsBqsNzhTEvzHa850rs0fZ9vkn
+mYWzBR13XFI0e6bS3jmqw5qFLQP6AsQ4Nfnw+BJILpRZSAVa9dTdfuAMGWT5t3VO
+6BgSvoxFgnvewR1yHuwZwnyHd3wqQIXlL7AibGSf+yoeCmatDueEn563ScU/62E6
+EBFcQFPC0vLC8w6XVwD4wVKyZXeTGG5fR4TUPeg6DaNc+jod59A9x6L0SZSMRqpe
+oaAy2xTIY1aVYi6KAnDI2Zo+Aqazi9S8v+V7Euzhkq81M4s8fZDvgwIDAQABo0Ew
+PzAeBgNVHREEFzAVghNraWxhZG9rZGV2Lml0LmtpLnNlMB0GA1UdDgQWBBTNYLed
+xgm2UWlp89Kv854gx1F84TANBgkqhkiG9w0BAQUFAAOCAQEAqnJVmyJnj6/6C5uC
+2K7FhlIyNm4sgzh+OzirRbGg+5P/hCUzv9AbjVyichts8L1BGdRrDTd6alWAe8jo
+molQUIizH5+reZIql9bjGCOkbrhTVLmzx8Tv4jCa202nXdrAazzBpbYf8JYGGSep
+D68STfoiiCfJrq2tiHPLhyaRthmHIP+kpG3QLNnWfg5T6f+gfDy6/EKnFDAD+oSq
+T3KdvO0Zx0+2keQLPgImrfPgNtMK9mcLeYwjopvXGfABSJ77OKER8alPcW1NVQM9
+1ykeP8ZFUW1tLe1vSfWMX7xVAPRLKPHDVHcANNvpncnz+Qb/RyXRAyEXnpNNurRQ
+9c/C1Q==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/Artifact/SOAP" index="0"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SAML2/POST" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SAML2/Artifact" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SAML2/ECP" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SAML/POST" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kiladokdev.it.ki.se/Shibboleth.sso/SAML/Artifact" index="5"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+ <md:EntityDescriptor ID="_2beddddd53032a0e87bd8101c100c1bd84b413d0" entityID="https://kiladoktest.it.ki.se/shibboleth" xml:base="swamid-1.0/kiladoktest.it.ki.se.xml">
+
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <init:RequestInitiator xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Binding="urn:oasis:names:tc:SAML:profiles:SSO:request-init" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/Login"/>
+ <idpdisc:DiscoveryResponse xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/Login" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>kiladoktest01.it.ki.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=kiladoktest01.it.ki.se</ds:X509SubjectName>
+ <ds:X509Certificate>MIIDCTCCAfGgAwIBAgIJAMJ9LjHSUsvoMA0GCSqGSIb3DQEBBQUAMCExHzAdBgNV
+BAMTFmtpbGFkb2t0ZXN0MDEuaXQua2kuc2UwHhcNMTEwNTI2MTMyNTMzWhcNMjEw
+NTIzMTMyNTMzWjAhMR8wHQYDVQQDExZraWxhZG9rdGVzdDAxLml0LmtpLnNlMIIB
+IjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqOUmjHK3EDwdhiUDbm9oW/u8
+n/ksrSapvbz+TTMQ70a01QHdcU1d48Dq2rjOVUpiZvV+SVjrSsSaqoTW6X0jUwgO
+nzQZayVMGia9x5Y0zphksK0RIXrcZhN34zamHyg+ioVqumZWVfaXbfkDUphfJ25E
++HzioYe9pzr+dWeS0bTMQ6kcgI+KZqVfpKYeNn/6c5zgfYFUy8lp7pYr5yRr7HKM
+xbezT7PTdMIXwqI291G4VaTed/jDFOtYInMI3nGcg1U75TjMxbJIjDl24hWMxb3t
+WP1vAQvQDhTYuAPaQZq/FPCYWBbbKmHUG2RcquSWYullHwvWgRnzXi04/8luwQID
+AQABo0QwQjAhBgNVHREEGjAYghZraWxhZG9rdGVzdDAxLml0LmtpLnNlMB0GA1Ud
+DgQWBBTm4IeB4clBD5Xy65Su9mR25oz94DANBgkqhkiG9w0BAQUFAAOCAQEApjAT
+ZMzYK0b21AfhOC4ELmXzRIG7tjEqpG1S2KGjTML3OPQ3iqY0+6NH5ihcG7L5U+Ot
+S3HswID9RV4fRkvB2HJ1cBDSH8DbCCi6LyYydJPfJloYJ/AdrumlJQDVJRNyYD6T
+53on7zeJaKv3n9eJrhqdnoEy0ofJtTAydbEx+F3AT3tW+jjpo5biuyuOa6W0wv0J
+DICtfX5UbSz96NxJbSCjoD23hMXqMOcUT3Pllk1MuPeK18rxZWy8qwxVk+E/haLr
+OaQPhM+ucEz0I/gHI37mAyzAz8w9PSTjwN+GKKngB+8IcdOQcUVRIhhTtu+ukBjR
+e01/KT+BtiGpAdoAUA==
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/Artifact/SOAP" index="0"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SAML2/POST" index="0"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SAML2/Artifact" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SAML2/ECP" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SAML/POST" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://kiladoktest.it.ki.se/Shibboleth.sso/SAML/Artifact" index="5"/>
+ </md:SPSSODescriptor>
+
+</md:EntityDescriptor>
+</md:EntitiesDescriptor>
diff --git a/tests/test.key b/tests/test.key
new file mode 100644
index 00000000..e3c5c324
--- /dev/null
+++ b/tests/test.key
@@ -0,0 +1,15 @@
+-----BEGIN RSA PRIVATE KEY-----
+MIICXgIBAAKBgQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8v
+QdzkihscQMXy3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2Pd
+TZcvDBKGbiaNefiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQAB
+AoGBAKD2emW6ssmyhfQ9ztYFuJ4FlwiJf5icKuf7L4BsMRgjoHawUvt/k69l9aPK
+xZNrB7BycV+7lOqU57FaOf1MWGeWzsU5bYUVpFzOVwsY4umtsO78QGKLZe+91Z+k
+tOlmL3scAymAgE88Jmr0g8FC46Vv4Sam7zMCtmOvA9fYog1ZAkEA8lAe+XihSuZI
+6IZcdRdB6QJ5cgAJoZdWKKtUovb5Ah2w4D/ebkfpsQJK44aSR5GbnrnqSaMeLJMR
+z++Td0edHwJBANTlUBzoo3ihcBOZ0VzGYgDIG8foCTEf3jDBYNYaY9RH/c4P50Gk
+Da4PBqtf1f+VORwAsC2NTeY6HUEWMpvfXyUCQQChQ3FZ1k6B6oDbP5CI3NGgoWTx
+2dSPFojgyCWrz3IpVllA5UDDZFjC1SPCCO2Rc/Z9zH2ARG7we3B/UpJx79dBAkEA
+iPc6sk6NFQevpjyYcDqFRIF5NgQ3Ha6l8PIITdZOkXz7cX3Txuw3jNrH7KtMbxDe
+3AApWDUHf+21cnFIf/WWLQJAeG0KKBfZw1iRu9vlcYakGWRUSga78QDy08uHDtxQ
+LXxOfSvm/y8N1KrEsXf/cJzHUGQJrqk8nLzR5mTRqnAZWA==
+-----END RSA PRIVATE KEY-----
diff --git a/tests/test.pem b/tests/test.pem
new file mode 100644
index 00000000..c43fd852
--- /dev/null
+++ b/tests/test.pem
@@ -0,0 +1,17 @@
+-----BEGIN CERTIFICATE-----
+MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+-----END CERTIFICATE-----
diff --git a/tests/test_00_xmldsig.py b/tests/test_00_xmldsig.py
new file mode 100644
index 00000000..9760ad8c
--- /dev/null
+++ b/tests/test_00_xmldsig.py
@@ -0,0 +1,661 @@
+#!/usr/bin/env python
+#
+# Copyright (C) 2007 SIOS Technology, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Tests for xmldsig"""
+
+__author__ = 'tmatsuo@example.com (Takashi MATSUO)'
+
+import unittest
+try:
+ from xml.etree import ElementTree
+except ImportError:
+ from elementtree import ElementTree
+import ds_data
+import xmldsig as ds
+
+class TestObject:
+
+ def setup_class(self):
+ self.object = ds.Object()
+
+ def testAccessors(self):
+ """Test for Object accessors"""
+ self.object.id = "object_id"
+ self.object.mime_type = "test/plain; charset=UTF-8"
+ self.object.encoding = ds.ENCODING_BASE64
+ new_object = ds.object_from_string(self.object.to_string())
+ assert new_object.id == "object_id"
+ assert new_object.mime_type == "test/plain; charset=UTF-8"
+ assert new_object.encoding == ds.ENCODING_BASE64
+
+ def testUsingTestData(self):
+ """Test for object_from_string() using test data"""
+ new_object = ds.object_from_string(ds_data.TEST_OBJECT)
+ assert new_object.id == "object_id"
+ assert new_object.encoding == ds.ENCODING_BASE64
+ assert new_object.text.strip() == \
+ "V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo"
+
+
+class TestMgmtData:
+
+ def setup_class(self):
+ self.mgmt_data = ds.MgmtData()
+
+ def testAccessors(self):
+ """Test for MgmtData accessors"""
+ self.mgmt_data.text = "mgmt data"
+ new_mgmt_data = ds.mgmt_data_from_string(self.mgmt_data.to_string())
+ assert new_mgmt_data.text.strip() == "mgmt data"
+
+ def testUsingTestData(self):
+ """Test for mgmt_data_from_string() using test data"""
+ new_mgmt_data = ds.mgmt_data_from_string(ds_data.TEST_MGMT_DATA)
+ assert new_mgmt_data.text.strip() == "mgmt data"
+
+
+class TestSPKISexp:
+
+ def setup_class(self):
+ self.spki_sexp = ds.SPKIDataType_SPKISexp()
+
+ def testAccessors(self):
+ """Test for SPKISexp accessors"""
+ self.spki_sexp.text = "spki sexp"
+ new_spki_sexp = ds.spki_data_type__spki_sexp_from_string(self.spki_sexp.to_string())
+ assert new_spki_sexp.text.strip() == "spki sexp"
+
+ def testUsingTestData(self):
+ """Test for spki_sexp_from_string() using test data"""
+ new_spki_sexp = ds.spki_data_type__spki_sexp_from_string(ds_data.TEST_SPKI_SEXP)
+ assert new_spki_sexp.text.strip() == "spki sexp"
+
+
+class TestSPKIData:
+
+ def setup_class(self):
+ self.spki_data = ds.SPKIData()
+
+ def testAccessors(self):
+ """Test for SPKIData accessors"""
+ self.spki_data.spki_sexp.append(
+ ds.spki_data_type__spki_sexp_from_string(ds_data.TEST_SPKI_SEXP))
+ new_spki_data = ds.spki_data_from_string(self.spki_data.to_string())
+ assert new_spki_data.spki_sexp[0].text.strip() == "spki sexp"
+
+ def testUsingTestData(self):
+ """Test for spki_data_from_string() using test data"""
+ new_spki_data = ds.spki_data_from_string(ds_data.TEST_SPKI_DATA)
+ print new_spki_data
+ assert new_spki_data.spki_sexp[0].text.strip() == "spki sexp"
+ assert new_spki_data.spki_sexp[1].text.strip() == "spki sexp2"
+
+
+class TestPGPData:
+
+ def setup_class(self):
+ self.pgp_data = ds.PGPData()
+
+ def testAccessors(self):
+ """Test for PGPData accessors"""
+ self.pgp_data.pgp_key_id = ds.PGPDataType_PGPKeyID(text="pgp key id")
+ self.pgp_data.pgp_key_packet = ds.PGPDataType_PGPKeyPacket(text="pgp key packet")
+ new_pgp_data = ds.pgp_data_from_string(self.pgp_data.to_string())
+ assert isinstance(new_pgp_data.pgp_key_id, ds.PGPDataType_PGPKeyID)
+ assert isinstance(new_pgp_data.pgp_key_packet, ds.PGPDataType_PGPKeyPacket)
+ assert new_pgp_data.pgp_key_id.text.strip() == "pgp key id"
+ assert new_pgp_data.pgp_key_packet.text.strip() == "pgp key packet"
+
+ def testUsingTestData(self):
+ """Test for pgp_data_from_string() using test data"""
+ new_pgp_data = ds.pgp_data_from_string(ds_data.TEST_PGP_DATA)
+ assert isinstance(new_pgp_data.pgp_key_id, ds.PGPDataType_PGPKeyID)
+ assert isinstance(new_pgp_data.pgp_key_packet, ds.PGPDataType_PGPKeyPacket)
+ assert new_pgp_data.pgp_key_id.text.strip() == "pgp key id"
+ assert new_pgp_data.pgp_key_packet.text.strip() == "pgp key packet"
+
+
+class TestX509IssuerSerial:
+
+ def setup_class(self):
+ self.x509_issuer_serial = ds.X509IssuerSerialType_()
+
+ def testAccessors(self):
+ """Test for X509SerialNumber accessors"""
+ self.x509_issuer_serial.x509_issuer_name = ds.X509IssuerSerialType_X509IssuerName(
+ text="issuer name")
+ self.x509_issuer_serial.x509_serial_number = ds.X509IssuerSerialType_X509SerialNumber(text="1")
+ new_x509_issuer_serial = ds.x509_issuer_serial_type__from_string(
+ self.x509_issuer_serial.to_string())
+ assert new_x509_issuer_serial.x509_issuer_name.text.strip() == \
+ "issuer name"
+ assert new_x509_issuer_serial.x509_serial_number.text.strip() == "1"
+
+ def testUsingTestData(self):
+ """Test for x509_issuer_serial_from_string() using test data"""
+ new_x509_issuer_serial = ds.x509_data_type__x509_issuer_serial_from_string(
+ ds_data.TEST_X509_ISSUER_SERIAL)
+ assert new_x509_issuer_serial.x509_issuer_name.text.strip() == \
+ "issuer name"
+ assert new_x509_issuer_serial.x509_serial_number.text.strip() == "1"
+
+
+class TestX509Data:
+
+ def setup_class(self):
+ self.x509_data = ds.X509Data()
+
+ def testAccessors(self):
+ """Test for X509Data accessors"""
+ st = ds.x509_data_type__x509_issuer_serial_from_string(ds_data.TEST_X509_ISSUER_SERIAL)
+ print st
+ self.x509_data.x509_issuer_serial= st
+ self.x509_data.x509_ski = ds.X509DataType_X509SKI(text="x509 ski")
+ self.x509_data.x509_subject_name = ds.X509DataType_X509SubjectName(
+ text="x509 subject name")
+ self.x509_data.x509_certificate = ds.X509DataType_X509Certificate(
+ text="x509 certificate")
+ self.x509_data.x509_crl = ds.X509DataType_X509CRL(text="x509 crl")
+
+ new_x509_data = ds.x509_data_from_string(self.x509_data.to_string())
+ print new_x509_data.keyswv()
+ print new_x509_data.__dict__.keys()
+ assert new_x509_data.x509_issuer_serial
+ assert isinstance(new_x509_data.x509_issuer_serial,
+ ds.X509DataType_X509IssuerSerial)
+ assert new_x509_data.x509_ski.text.strip() == "x509 ski"
+ assert isinstance(new_x509_data.x509_ski, ds.X509DataType_X509SKI)
+ assert new_x509_data.x509_subject_name.text.strip() == \
+ "x509 subject name"
+ assert isinstance(new_x509_data.x509_subject_name,
+ ds.X509DataType_X509SubjectName)
+ assert new_x509_data.x509_certificate.text.strip() == \
+ "x509 certificate"
+ assert isinstance(new_x509_data.x509_certificate,
+ ds.X509DataType_X509Certificate)
+ assert new_x509_data.x509_crl.text.strip() == "x509 crl"
+ assert isinstance(new_x509_data.x509_crl,ds.X509DataType_X509CRL)
+
+ def testUsingTestData(self):
+ """Test for x509_data_from_string() using test data"""
+ new_x509_data = ds.x509_data_from_string(ds_data.TEST_X509_DATA)
+ assert isinstance(new_x509_data.x509_issuer_serial,
+ ds.X509DataType_X509IssuerSerial)
+ assert new_x509_data.x509_ski.text.strip() == "x509 ski"
+ assert isinstance(new_x509_data.x509_ski, ds.X509DataType_X509SKI)
+ assert new_x509_data.x509_subject_name.text.strip() == \
+ "x509 subject name"
+ assert isinstance(new_x509_data.x509_subject_name,
+ ds.X509DataType_X509SubjectName)
+ assert new_x509_data.x509_certificate.text.strip() == \
+ "x509 certificate"
+ assert isinstance(new_x509_data.x509_certificate,
+ ds.X509DataType_X509Certificate)
+ assert new_x509_data.x509_crl.text.strip() == "x509 crl"
+ assert isinstance(new_x509_data.x509_crl,ds.X509DataType_X509CRL)
+
+
+class TestTransform:
+
+ def setup_class(self):
+ self.transform = ds.Transform()
+
+ def testAccessors(self):
+ """Test for Transform accessors"""
+ self.transform.x_path.append(ds.TransformType_XPath(text="xpath"))
+ self.transform.algorithm = ds.TRANSFORM_ENVELOPED
+ new_transform = ds.transform_from_string(self.transform.to_string())
+ assert isinstance(new_transform.x_path[0], ds.TransformType_XPath)
+ assert new_transform.x_path[0].text.strip() == "xpath"
+ assert new_transform.algorithm == ds.TRANSFORM_ENVELOPED
+
+ def testUsingTestData(self):
+ """Test for transform_from_string() using test data"""
+ new_transform = ds.transform_from_string(ds_data.TEST_TRANSFORM)
+ assert isinstance(new_transform.x_path[0], ds.TransformType_XPath)
+ assert new_transform.x_path[0].text.strip() == "xpath"
+ assert new_transform.algorithm == ds.TRANSFORM_ENVELOPED
+
+
+class TestTransforms:
+
+ def setup_class(self):
+ self.transforms = ds.Transforms()
+
+ def testAccessors(self):
+ """Test for Transforms accessors"""
+ self.transforms.transform.append(
+ ds.transform_from_string(ds_data.TEST_TRANSFORM))
+ self.transforms.transform.append(
+ ds.transform_from_string(ds_data.TEST_TRANSFORM))
+ new_transforms = ds.transforms_from_string(self.transforms.to_string())
+ assert isinstance(new_transforms.transform[0], ds.Transform)
+ assert isinstance(new_transforms.transform[1], ds.Transform)
+ assert new_transforms.transform[0].algorithm == \
+ ds.TRANSFORM_ENVELOPED
+ assert new_transforms.transform[1].algorithm == \
+ ds.TRANSFORM_ENVELOPED
+ assert new_transforms.transform[0].x_path[0].text.strip() == "xpath"
+ assert new_transforms.transform[1].x_path[0].text.strip() == "xpath"
+
+ def testUsingTestData(self):
+ """Test for transform_from_string() using test data"""
+ new_transforms = ds.transforms_from_string(ds_data.TEST_TRANSFORMS)
+ assert isinstance(new_transforms.transform[0], ds.Transform)
+ assert isinstance(new_transforms.transform[1], ds.Transform)
+ assert new_transforms.transform[0].algorithm == \
+ ds.TRANSFORM_ENVELOPED
+ assert new_transforms.transform[1].algorithm == \
+ ds.TRANSFORM_ENVELOPED
+ assert new_transforms.transform[0].x_path[0].text.strip() == "xpath"
+ assert new_transforms.transform[1].x_path[0].text.strip() == "xpath"
+
+
+class TestRetrievalMethod:
+
+ def setup_class(self):
+ self.retrieval_method = ds.RetrievalMethod()
+
+ def testAccessors(self):
+ """Test for RetrievalMethod accessors"""
+ self.retrieval_method.uri = "http://www.example.com/URI"
+ self.retrieval_method.type = "http://www.example.com/Type"
+ self.retrieval_method.transforms = ds.transforms_from_string(
+ ds_data.TEST_TRANSFORMS)
+ new_retrieval_method = ds.retrieval_method_from_string(
+ self.retrieval_method.to_string())
+ assert new_retrieval_method.uri == "http://www.example.com/URI"
+ assert new_retrieval_method.type == "http://www.example.com/Type"
+ assert isinstance(new_retrieval_method.transforms, ds.Transforms)
+
+ def testUsingTestData(self):
+ """Test for retrieval_method_from_string() using test data"""
+ new_retrieval_method = ds.retrieval_method_from_string(
+ ds_data.TEST_RETRIEVAL_METHOD)
+ assert new_retrieval_method.uri == "http://www.example.com/URI"
+ assert new_retrieval_method.type == "http://www.example.com/Type"
+ assert isinstance(new_retrieval_method.transforms, ds.Transforms)
+
+
+class TestRSAKeyValue:
+
+ def setup_class(self):
+ self.rsa_key_value = ds.RSAKeyValue()
+
+ def testAccessors(self):
+ """Test for RSAKeyValue accessors"""
+ self.rsa_key_value.modulus = ds.RSAKeyValueType_Modulus(text="modulus")
+ self.rsa_key_value.exponent = ds.RSAKeyValueType_Exponent(text="exponent")
+ new_rsa_key_value = ds.rsa_key_value_from_string(self.rsa_key_value.to_string())
+ assert isinstance(new_rsa_key_value.modulus, ds.RSAKeyValueType_Modulus)
+ assert isinstance(new_rsa_key_value.exponent, ds.RSAKeyValueType_Exponent)
+ assert new_rsa_key_value.modulus.text.strip() == "modulus"
+ assert new_rsa_key_value.exponent.text.strip() == "exponent"
+
+ def testUsingTestData(self):
+ """Test for rsa_key_value_from_string() using test data"""
+ new_rsa_key_value = ds.rsa_key_value_from_string(
+ ds_data.TEST_RSA_KEY_VALUE)
+ assert isinstance(new_rsa_key_value.modulus, ds.RSAKeyValueType_Modulus)
+ assert isinstance(new_rsa_key_value.exponent, ds.RSAKeyValueType_Exponent)
+ assert new_rsa_key_value.modulus.text.strip() == "modulus"
+ assert new_rsa_key_value.exponent.text.strip() == "exponent"
+
+
+class TestDSAKeyValue:
+
+ def setup_class(self):
+ self.dsa_key_value = ds.DSAKeyValue()
+
+ def testAccessors(self):
+ """Test for DSAKeyValue accessors"""
+ self.dsa_key_value.p = ds.DSAKeyValueType_P(text="p")
+ self.dsa_key_value.q = ds.DSAKeyValueType_Q(text="q")
+ self.dsa_key_value.g = ds.DSAKeyValueType_G(text="g")
+ self.dsa_key_value.y = ds.DSAKeyValueType_Y(text="y")
+ self.dsa_key_value.j = ds.DSAKeyValueType_J(text="j")
+ self.dsa_key_value.seed = ds.DSAKeyValueType_Seed(text="seed")
+ self.dsa_key_value.pgen_counter = ds.DSAKeyValueType_PgenCounter(text="pgen counter")
+ new_dsa_key_value = ds.dsa_key_value_from_string(self.dsa_key_value.to_string())
+ assert isinstance(new_dsa_key_value.p, ds.DSAKeyValueType_P)
+ assert isinstance(new_dsa_key_value.q, ds.DSAKeyValueType_Q)
+ assert isinstance(new_dsa_key_value.g, ds.DSAKeyValueType_G)
+ assert isinstance(new_dsa_key_value.y, ds.DSAKeyValueType_Y)
+ assert isinstance(new_dsa_key_value.j, ds.DSAKeyValueType_J)
+ assert isinstance(new_dsa_key_value.seed, ds.DSAKeyValueType_Seed)
+ assert isinstance(new_dsa_key_value.pgen_counter, ds.DSAKeyValueType_PgenCounter)
+ assert new_dsa_key_value.p.text.strip() == "p"
+ assert new_dsa_key_value.q.text.strip() == "q"
+ assert new_dsa_key_value.g.text.strip() == "g"
+ assert new_dsa_key_value.y.text.strip() == "y"
+ assert new_dsa_key_value.j.text.strip() == "j"
+ assert new_dsa_key_value.seed.text.strip() == "seed"
+ assert new_dsa_key_value.pgen_counter.text.strip() == "pgen counter"
+
+ def testUsingTestData(self):
+ """Test for dsa_key_value_from_string() using test data"""
+ new_dsa_key_value = ds.dsa_key_value_from_string(
+ ds_data.TEST_DSA_KEY_VALUE)
+ assert isinstance(new_dsa_key_value.p, ds.DSAKeyValueType_P)
+ assert isinstance(new_dsa_key_value.q, ds.DSAKeyValueType_Q)
+ assert isinstance(new_dsa_key_value.g, ds.DSAKeyValueType_G)
+ assert isinstance(new_dsa_key_value.y, ds.DSAKeyValueType_Y)
+ assert isinstance(new_dsa_key_value.j, ds.DSAKeyValueType_J)
+ assert isinstance(new_dsa_key_value.seed, ds.DSAKeyValueType_Seed)
+ assert isinstance(new_dsa_key_value.pgen_counter, ds.DSAKeyValueType_PgenCounter)
+ assert new_dsa_key_value.p.text.strip() == "p"
+ assert new_dsa_key_value.q.text.strip() == "q"
+ assert new_dsa_key_value.g.text.strip() == "g"
+ assert new_dsa_key_value.y.text.strip() == "y"
+ assert new_dsa_key_value.j.text.strip() == "j"
+ assert new_dsa_key_value.seed.text.strip() == "seed"
+ assert new_dsa_key_value.pgen_counter.text.strip() == "pgen counter"
+
+
+class TestKeyValue:
+
+ def setup_class(self):
+ self.key_value = ds.KeyValue()
+
+ def testAccessors(self):
+ """Test for KeyValue accessors"""
+ self.key_value.dsa_key_value = ds.dsa_key_value_from_string(
+ ds_data.TEST_DSA_KEY_VALUE)
+ new_key_value = ds.key_value_from_string(self.key_value.to_string())
+ assert isinstance(new_key_value.dsa_key_value, ds.DSAKeyValue)
+ self.key_value.dsa_key_value = None
+ self.key_value.rsa_key_value = ds.rsa_key_value_from_string(
+ ds_data.TEST_RSA_KEY_VALUE)
+ new_key_value = ds.key_value_from_string(self.key_value.to_string())
+ assert isinstance(new_key_value.rsa_key_value, ds.RSAKeyValue)
+
+ def testUsingTestData(self):
+ """Test for key_value_from_string() using test data"""
+ new_key_value = ds.key_value_from_string(ds_data.TEST_KEY_VALUE1)
+ assert isinstance(new_key_value.dsa_key_value, ds.DSAKeyValue)
+ self.key_value.dsa_key_value = None
+ self.key_value.rsa_key_value = ds.rsa_key_value_from_string(
+ ds_data.TEST_RSA_KEY_VALUE)
+ new_key_value = ds.key_value_from_string(ds_data.TEST_KEY_VALUE2)
+ assert isinstance(new_key_value.rsa_key_value, ds.RSAKeyValue)
+
+
+class TestKeyName:
+
+ def setup_class(self):
+ self.key_name = ds.KeyName()
+
+ def testAccessors(self):
+ """Test for KeyName accessors"""
+ self.key_name.text = "key name"
+ new_key_name = ds.key_name_from_string(self.key_name.to_string())
+ assert new_key_name.text.strip() == "key name"
+
+ def testUsingTestData(self):
+ """Test for key_name_from_string() using test data"""
+ new_key_name = ds.key_name_from_string(ds_data.TEST_KEY_NAME)
+ assert new_key_name.text.strip() == "key name"
+
+
+class TestKeyInfo:
+ def setup_class(self):
+ self.key_info = ds.KeyInfo()
+
+ def testAccessors(self):
+ """Test for KeyInfo accessors"""
+ self.key_info.key_name.append(
+ ds.key_name_from_string(ds_data.TEST_KEY_NAME))
+ self.key_info.key_value.append(
+ ds.key_value_from_string(ds_data.TEST_KEY_VALUE1))
+ self.key_info.retrieval_method.append(
+ ds.retrieval_method_from_string(ds_data.TEST_RETRIEVAL_METHOD))
+ self.key_info.x509_data.append(
+ ds.x509_data_from_string(ds_data.TEST_X509_DATA))
+ self.key_info.pgp_data.append(
+ ds.pgp_data_from_string(ds_data.TEST_PGP_DATA))
+ self.key_info.spki_data.append(
+ ds.spki_data_from_string(ds_data.TEST_SPKI_DATA))
+ self.key_info.mgmt_data.append(
+ ds.mgmt_data_from_string(ds_data.TEST_MGMT_DATA))
+ self.key_info.id = "id"
+ new_key_info = ds.key_info_from_string(self.key_info.to_string())
+
+ assert isinstance(new_key_info.key_name[0], ds.KeyName)
+ assert isinstance(new_key_info.key_value[0], ds.KeyValue)
+ assert isinstance(new_key_info.retrieval_method[0],
+ ds.RetrievalMethod)
+ assert isinstance(new_key_info.x509_data[0], ds.X509Data)
+ assert isinstance(new_key_info.pgp_data[0], ds.PGPData)
+ assert isinstance(new_key_info.spki_data[0], ds.SPKIData)
+ assert isinstance(new_key_info.mgmt_data[0], ds.MgmtData)
+ assert new_key_info.id == "id"
+
+ def testUsingTestData(self):
+ """Test for key_info_from_string() using test data"""
+ new_key_info = ds.key_info_from_string(ds_data.TEST_KEY_INFO)
+ assert isinstance(new_key_info.key_name[0], ds.KeyName)
+ assert isinstance(new_key_info.key_value[0], ds.KeyValue)
+ assert isinstance(new_key_info.retrieval_method[0],
+ ds.RetrievalMethod)
+ assert isinstance(new_key_info.x509_data[0], ds.X509Data)
+ assert isinstance(new_key_info.pgp_data[0], ds.PGPData)
+ assert isinstance(new_key_info.spki_data[0], ds.SPKIData)
+ assert isinstance(new_key_info.mgmt_data[0], ds.MgmtData)
+ assert new_key_info.id == "id"
+
+
+class TestDigestValue:
+
+ def setup_class(self):
+ self.digest_value = ds.DigestValue()
+
+ def testAccessors(self):
+ """Test for DigestValue accessors"""
+ self.digest_value.text = "digest value"
+ new_digest_value = ds.digest_value_from_string(self.digest_value.to_string())
+ assert new_digest_value.text.strip() == "digest value"
+
+ def testUsingTestData(self):
+ """Test for digest_value_from_string() using test data"""
+ new_digest_value = ds.digest_value_from_string(ds_data.TEST_DIGEST_VALUE)
+ assert new_digest_value.text.strip() == "digest value"
+
+
+class TestDigestMethod:
+
+ def setup_class(self):
+ self.digest_method = ds.DigestMethod()
+
+ def testAccessors(self):
+ """Test for DigestMethod accessors"""
+ self.digest_method.algorithm = ds.DIGEST_SHA1
+ new_digest_method = ds.digest_method_from_string(
+ self.digest_method.to_string())
+ assert new_digest_method.algorithm == ds.DIGEST_SHA1
+
+ def testUsingTestData(self):
+ """Test for digest_method_from_string() using test data"""
+ new_digest_method = ds.digest_method_from_string(
+ ds_data.TEST_DIGEST_METHOD)
+ assert new_digest_method.algorithm == ds.DIGEST_SHA1
+
+
+class TestReference:
+
+ def setup_class(self):
+ self.reference = ds.Reference()
+
+ def testAccessors(self):
+ """Test for Reference accessors"""
+ self.reference.transforms = ds.transforms_from_string(
+ ds_data.TEST_TRANSFORMS)
+ self.reference.digest_method = ds.digest_method_from_string(
+ ds_data.TEST_DIGEST_METHOD)
+ self.reference.digest_value = ds.digest_value_from_string(
+ ds_data.TEST_DIGEST_VALUE)
+ self.reference.id = "id"
+ self.reference.uri = "http://www.example.com/URI"
+ self.reference.type = "http://www.example.com/Type"
+ new_reference = ds.reference_from_string(self.reference.to_string())
+ assert isinstance(new_reference.transforms, ds.Transforms)
+ assert isinstance(new_reference.digest_method, ds.DigestMethod)
+ assert isinstance(new_reference.digest_value, ds.DigestValue)
+ assert new_reference.id == "id"
+ assert new_reference.uri == "http://www.example.com/URI"
+ assert new_reference.type == "http://www.example.com/Type"
+
+ def testUsingTestData(self):
+ """Test for reference_from_string() using test data"""
+ new_reference = ds.reference_from_string(ds_data.TEST_REFERENCE)
+ assert isinstance(new_reference.transforms, ds.Transforms)
+ assert isinstance(new_reference.digest_method, ds.DigestMethod)
+ assert isinstance(new_reference.digest_value, ds.DigestValue)
+ assert new_reference.id == "id"
+ assert new_reference.uri == "http://www.example.com/URI"
+ assert new_reference.type == "http://www.example.com/Type"
+
+
+class TestSignatureMethod:
+
+ def setup_class(self):
+ self.signature_method = ds.SignatureMethod()
+
+ def testAccessors(self):
+ """Test for SignatureMethod accessors"""
+ self.signature_method.algorithm = ds.SIG_RSA_SHA1
+ self.signature_method.hmac_output_length = ds.SignatureMethodType_HMACOutputLength(text="8")
+ new_signature_method = ds.signature_method_from_string(
+ self.signature_method.to_string())
+ assert isinstance(new_signature_method.hmac_output_length,
+ ds.SignatureMethodType_HMACOutputLength)
+ assert new_signature_method.hmac_output_length.text.strip() == "8"
+ assert new_signature_method.algorithm == ds.SIG_RSA_SHA1
+
+ def testUsingTestData(self):
+ """Test for signature_method_from_string() using test data"""
+ new_signature_method = ds.signature_method_from_string(
+ ds_data.TEST_SIGNATURE_METHOD)
+ assert isinstance(new_signature_method.hmac_output_length,
+ ds.SignatureMethodType_HMACOutputLength)
+ assert new_signature_method.hmac_output_length.text.strip() == "8"
+ assert new_signature_method.algorithm == ds.SIG_RSA_SHA1
+
+
+class TestCanonicalizationMethod:
+
+ def setup_class(self):
+ self.canonicalization_method = ds.CanonicalizationMethod()
+
+ def testAccessors(self):
+ """Test for CanonicalizationMethod accessors"""
+ self.canonicalization_method.algorithm = ds.C14N_WITH_C
+ new_canonicalization_method = ds.canonicalization_method_from_string(
+ self.canonicalization_method.to_string())
+ assert new_canonicalization_method.algorithm == ds.C14N_WITH_C
+
+ def testUsingTestData(self):
+ """Test for canonicalization_method_from_string() using test data"""
+ new_canonicalization_method = ds.canonicalization_method_from_string(
+ ds_data.TEST_CANONICALIZATION_METHOD)
+ assert new_canonicalization_method.algorithm == ds.C14N_WITH_C
+
+
+class TestSignedInfo:
+
+ def setup_class(self):
+ self.si = ds.SignedInfo()
+
+ def testAccessors(self):
+ """Test for SignedInfo accessors"""
+ self.si.id = "id"
+ self.si.canonicalization_method = ds.canonicalization_method_from_string(
+ ds_data.TEST_CANONICALIZATION_METHOD)
+ self.si.signature_method = ds.signature_method_from_string(
+ ds_data.TEST_SIGNATURE_METHOD)
+ self.si.reference.append(ds.reference_from_string(
+ ds_data.TEST_REFERENCE))
+ new_si = ds.signed_info_from_string(self.si.to_string())
+ assert new_si.id == "id"
+ assert isinstance(new_si.canonicalization_method,
+ ds.CanonicalizationMethod)
+ assert isinstance(new_si.signature_method, ds.SignatureMethod)
+ assert isinstance(new_si.reference[0], ds.Reference)
+
+ def testUsingTestData(self):
+ """Test for signed_info_from_string() using test data"""
+ new_si = ds.signed_info_from_string(ds_data.TEST_SIGNED_INFO)
+ assert new_si.id == "id"
+ assert isinstance(new_si.canonicalization_method,
+ ds.CanonicalizationMethod)
+ assert isinstance(new_si.signature_method, ds.SignatureMethod)
+ assert isinstance(new_si.reference[0], ds.Reference)
+
+class TestSignatureValue:
+
+ def setup_class(self):
+ self.signature_value = ds.SignatureValue()
+
+ def testAccessors(self):
+ """Test for SignatureValue accessors"""
+ self.signature_value.id = "id"
+ self.signature_value.text = "signature value"
+ new_signature_value = ds.signature_value_from_string(
+ self.signature_value.to_string())
+ assert new_signature_value.id == "id"
+ assert new_signature_value.text.strip() == "signature value"
+
+ def testUsingTestData(self):
+ """Test for signature_value_from_string() using test data"""
+ new_signature_value = ds.signature_value_from_string(
+ ds_data.TEST_SIGNATURE_VALUE)
+ assert new_signature_value.id == "id"
+ assert new_signature_value.text.strip() == "signature value"
+
+
+class TestSignature:
+
+ def setup_class(self):
+ self.signature = ds.Signature()
+
+ def testAccessors(self):
+ """Test for Signature accessors"""
+ self.signature.id = "id"
+ self.signature.signed_info = ds.signed_info_from_string(
+ ds_data.TEST_SIGNED_INFO)
+ self.signature.signature_value = ds.signature_value_from_string(
+ ds_data.TEST_SIGNATURE_VALUE)
+ self.signature.key_info = ds.key_info_from_string(ds_data.TEST_KEY_INFO)
+ self.signature.object.append(ds.object_from_string(ds_data.TEST_OBJECT))
+
+ new_signature = ds.signature_from_string(self.signature.to_string())
+ assert new_signature.id == "id"
+ assert isinstance(new_signature.signed_info, ds.SignedInfo)
+ assert isinstance(new_signature.signature_value, ds.SignatureValue)
+ assert isinstance(new_signature.key_info, ds.KeyInfo)
+ assert isinstance(new_signature.object[0], ds.Object)
+
+ def testUsingTestData(self):
+ """Test for signature_value_from_string() using test data"""
+ new_signature = ds.signature_from_string(ds_data.TEST_SIGNATURE)
+ assert new_signature.id == "id"
+ assert isinstance(new_signature.signed_info, ds.SignedInfo)
+ assert isinstance(new_signature.signature_value, ds.SignatureValue)
+ assert isinstance(new_signature.key_info, ds.KeyInfo)
+ assert isinstance(new_signature.object[0], ds.Object)
+
+
+if __name__ == '__main__':
+ unittest.main()
diff --git a/tests/test_01_xmlenc.py b/tests/test_01_xmlenc.py
new file mode 100644
index 00000000..b07d276f
--- /dev/null
+++ b/tests/test_01_xmlenc.py
@@ -0,0 +1,209 @@
+import saml2
+import xmlenc as xenc
+import xmldsig
+
+data1 = """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EncryptedData MimeType="text/xml" xmlns:ns0="http://www.w3.org/2001/04/xmlenc#">
+ <ns0:CipherData>
+ <ns0:CipherValue>A23B45C56</ns0:CipherValue>
+ </ns0:CipherData>
+</ns0:EncryptedData>"""
+
+
+def test_1():
+ ed = xenc.encrypted_data_from_string(data1)
+ assert ed
+ assert ed.mime_type == "text/xml"
+ assert ed.cipher_data is not None
+ cd = ed.cipher_data
+ assert cd.cipher_value is not None
+ assert cd.cipher_value.text == "A23B45C56"
+
+data2 = """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EncryptedData
+ Type="http://www.w3.org/2001/04/xmlenc#Element"
+ xmlns:ns0="http://www.w3.org/2001/04/xmlenc#">
+ <ns0:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" />
+ <ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#">
+ <ns1:KeyName>John Smith</ns1:KeyName>
+ </ns1:KeyInfo>
+ <ns0:CipherData>
+ <ns0:CipherValue>DEADBEEF</ns0:CipherValue>
+ </ns0:CipherData>
+</ns0:EncryptedData>"""
+
+# data2 = """<EncryptedData xmlns='http://www.w3.org/2001/04/xmlenc#'
+# Type='http://www.w3.org/2001/04/xmlenc#Element'>
+# <EncryptionMethod
+# Algorithm='http://www.w3.org/2001/04/xmlenc#tripledes-cbc'/>
+# <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
+# <ds:KeyName>John Smith</ds:KeyName>
+# </ds:KeyInfo>
+# <CipherData><CipherValue>DEADBEEF</CipherValue></CipherData>
+# </EncryptedData>"""
+
+def test_2():
+ ed = xenc.encrypted_data_from_string(data2)
+ assert ed
+ print ed
+ assert ed.type == "http://www.w3.org/2001/04/xmlenc#Element"
+ assert ed.encryption_method is not None
+ em = ed.encryption_method
+ assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'
+ assert ed.key_info is not None
+ ki = ed.key_info
+ assert ki.key_name[0].text == "John Smith"
+ assert ed.cipher_data is not None
+ cd = ed.cipher_data
+ assert cd.cipher_value is not None
+ assert cd.cipher_value.text == "DEADBEEF"
+
+data3 = """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EncryptedData
+ Id="ED"
+ xmlns:ns0="http://www.w3.org/2001/04/xmlenc#">
+ <ns0:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
+ <ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#">
+ <ns1:RetrievalMethod URI='#EK'
+ Type="http://www.w3.org/2001/04/xmlenc#EncryptedKey"/>
+ <ns1:KeyName>Sally Doe</ns1:KeyName>
+ </ns1:KeyInfo>
+ <ns0:CipherData>
+ <ns0:CipherValue>DEADBEEF</ns0:CipherValue>
+ </ns0:CipherData>
+</ns0:EncryptedData>"""
+
+def test_3():
+ ed = xenc.encrypted_data_from_string(data3)
+ assert ed
+ print ed
+ assert ed.encryption_method != None
+ em = ed.encryption_method
+ assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'
+ assert ed.key_info != None
+ ki = ed.key_info
+ assert ki.key_name[0].text == "Sally Doe"
+ assert len(ki.retrieval_method) == 1
+ rm = ki.retrieval_method[0]
+ assert rm.uri == "#EK"
+ assert rm.type == "http://www.w3.org/2001/04/xmlenc#EncryptedKey"
+ assert ed.cipher_data != None
+ cd = ed.cipher_data
+ assert cd.cipher_value != None
+ assert cd.cipher_value.text == "DEADBEEF"
+
+data4 = """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EncryptedKey
+ Id="EK"
+ xmlns:ns0="http://www.w3.org/2001/04/xmlenc#">
+ <ns0:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
+ <ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#">
+ <ns1:KeyName>John Smith</ns1:KeyName>
+ </ns1:KeyInfo>
+ <ns0:CipherData>
+ <ns0:CipherValue>xyzabc</ns0:CipherValue>
+ </ns0:CipherData>
+ <ns0:ReferenceList>
+ <ns0:DataReference URI='#ED'/>
+ </ns0:ReferenceList>
+ <ns0:CarriedKeyName>Sally Doe</ns0:CarriedKeyName>
+</ns0:EncryptedKey>"""
+
+
+# data4 = """<EncryptedKey Id='EK' xmlns='http://www.w3.org/2001/04/xmlenc#'>
+# <EncryptionMethod
+# Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
+# <ds:KeyInfo xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
+# <ds:KeyName>John Smith</ds:KeyName>
+# </ds:KeyInfo>
+# <CipherData><CipherValue>xyzabc</CipherValue></CipherData>
+# <ReferenceList>
+# <DataReference URI='#ED'/>
+# </ReferenceList>
+# <CarriedKeyName>Sally Doe</CarriedKeyName>
+# </EncryptedKey>"""
+
+def test_4():
+ ek = xenc.encrypted_key_from_string(data4)
+ assert ek
+ print ek
+ assert ek.encryption_method != None
+ em = ek.encryption_method
+ assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#rsa-1_5'
+ assert ek.key_info != None
+ ki = ek.key_info
+ assert ki.key_name[0].text == "John Smith"
+ assert ek.reference_list != None
+ rl = ek.reference_list
+ assert len(rl.data_reference)
+ dr = rl.data_reference[0]
+ assert dr.uri == "#ED"
+ assert ek.cipher_data != None
+ cd = ek.cipher_data
+ assert cd.cipher_value != None
+ assert cd.cipher_value.text == "xyzabc"
+
+data5 = """<CipherReference URI="http://www.example.com/CipherValues.xml"
+ xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <Transforms xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
+ <ds:Transform
+ Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <ds:XPath xmlns:rep="http://www.example.org/repository">
+ self::text()[parent::rep:CipherValue[@Id="example1"]]
+ </ds:XPath>
+ </ds:Transform>
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64"/>
+ </Transforms>
+</CipherReference>"""
+
+def test_5():
+ cr = xenc.cipher_reference_from_string(data5)
+ assert cr
+ print cr
+ print cr.keyswv()
+ trs = cr.transforms
+ assert len(trs.transform) == 2
+ tr = trs.transform[0]
+ assert tr.algorithm in ["http://www.w3.org/TR/1999/REC-xpath-19991116",
+ "http://www.w3.org/2000/09/xmldsig#base64"]
+ if tr.algorithm == "http://www.w3.org/2000/09/xmldsig#base64":
+ pass
+ elif tr.algorithm == "http://www.w3.org/TR/1999/REC-xpath-19991116":
+ assert len(tr.x_path) == 1
+ xp = tr.x_path[0]
+ assert xp.text.strip() == """self::text()[parent::rep:CipherValue[@Id="example1"]]"""
+
+
+data6 = """<ReferenceList xmlns="http://www.w3.org/2001/04/xmlenc#">
+ <DataReference URI="#invoice34">
+ <ds:Transforms xmlns:ds='http://www.w3.org/2000/09/xmldsig#'>
+ <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <ds:XPath xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
+ self::xenc:EncryptedData[@Id="example1"]
+ </ds:XPath>
+ </ds:Transform>
+ </ds:Transforms>
+ </DataReference>
+</ReferenceList>"""
+
+def test_6():
+ rl = xenc.reference_list_from_string(data6)
+ assert rl
+ print rl
+ assert len(rl.data_reference) == 1
+ dr = rl.data_reference[0]
+ assert dr.uri == "#invoice34"
+ assert len(dr.extension_elements) == 1
+ ee = dr.extension_elements[0]
+ assert ee.tag == "Transforms"
+ assert ee.namespace == "http://www.w3.org/2000/09/xmldsig#"
+ trs = saml2.extension_element_to_element(ee, xmldsig.ELEMENT_FROM_STRING,
+ namespace=xmldsig.NAMESPACE)
+
+ assert trs
+ assert len(trs.transform) == 1
+ tr = trs.transform[0]
+ assert tr.algorithm == "http://www.w3.org/TR/1999/REC-xpath-19991116"
+ assert len(tr.x_path) == 1
+ assert tr.x_path[0].text.strip() == """self::xenc:EncryptedData[@Id="example1"]"""
+ \ No newline at end of file
diff --git a/tests/test_02_saml.py b/tests/test_02_saml.py
new file mode 100644
index 00000000..90d7b21f
--- /dev/null
+++ b/tests/test_02_saml.py
@@ -0,0 +1,1225 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+# Copyright (C) 2010 Umeå University.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Tests for saml2.saml"""
+
+__author__ = 'roland.hedberg@adm.umu.se (Roland Hedberg)'
+
+try:
+ from xml.etree import ElementTree
+except ImportError:
+ from elementtree import ElementTree
+
+import saml2
+import saml2_data, ds_data
+
+import xmldsig as ds
+
+from saml2 import saml
+
+from py.test import raises
+
+from saml2.saml import Issuer
+from saml2.saml import Attribute
+from saml2.saml import AttributeValue
+from saml2.saml import NAMEID_FORMAT_EMAILADDRESS
+
+
+class TestExtensionElement:
+ def test_loadd(self):
+ ava = {
+ "attributes": {"attr":"loa", "info":"source"},
+ "tag": "tag",
+ "namespace": "urn:mace:example.com",
+ "text": "free text"
+ }
+
+ ee = saml2.ExtensionElement(ava["tag"])
+ ee.loadd(ava)
+
+ del ava["tag"]
+ print ava
+ ee = saml2.ExtensionElement("")
+
+ raises(KeyError, "ee.loadd(ava)")
+
+ ava["tag"] = "foo"
+ del ava["namespace"]
+
+ ee = saml2.ExtensionElement("")
+ raises(KeyError, "ee.loadd(ava)")
+
+ def test_find_children(self):
+ ava = {
+ "attributes": {"attr":"loa", "info":"source"},
+ "tag": "tag",
+ "namespace": "urn:mace:example.com",
+ "text": "free text",
+ "children": [{
+ "attributes": {"foo":"bar","special":"app"},
+ "tag": "tag2",
+ "namespace": "urn:mace:example.com",
+ "text": "Just a line"
+ },
+ {
+ "attributes": {"static":"attribute","dynamic":"orgname"},
+ "tag": "tag3",
+ "namespace": "urn:mace:example.com",
+ "text": "Another line of text",
+ "children": [{
+ "tag": "subtag",
+ "namespace": "urn:mace:example.org",
+ "text": "grandchild"
+ }]
+ },
+ {
+ "attributes": {"entitlement":"xyz"},
+ "tag": "tag4",
+ "namespace": "urn:mace:example.org",
+ "text": "A comment"
+ }
+ ]
+ }
+
+ ee = saml2.ExtensionElement(ava["tag"])
+ ee.loadd(ava)
+
+ c = ee.find_children(tag="tag")
+ assert len(c) == 0
+ c = ee.find_children(tag="tag2")
+ assert len(c) == 1
+ c = ee.find_children(tag="tag3")
+ assert len(c) == 1
+ # Grandchild
+ gc = c[0].find_children(tag="subtag")
+ assert len(gc) == 1
+ # only do immediate children
+ gc = ee.find_children(tag="subtag")
+ assert len(gc) == 0
+
+ c = ee.find_children(tag="tag2", namespace="urn:mace:example.com")
+ assert len(c) == 1
+ c = ee.find_children(tag="tag2", namespace="urn:mace:example.org")
+ assert len(c) == 0
+ c = ee.find_children(tag="subtag", namespace="urn:mace:example.org")
+ assert len(c) == 0
+
+ c = ee.find_children(namespace="urn:mace:example.com")
+ assert len(c) == 2
+ c = ee.find_children(namespace="urn:mace:example.org")
+ assert len(c) == 1
+
+ c = ee.find_children()
+ assert len(c) == 3
+
+class TestExtensionContainer:
+ def test_find_extensions(self):
+ avas = [{
+ "attributes": {"foo":"bar","special":"app"},
+ "tag": "tag2",
+ "namespace": "urn:mace:example.com",
+ "text": "Just a line"
+ },
+ {
+ "attributes": {"static":"attribute","dynamic":"orgname"},
+ "tag": "tag3",
+ "namespace": "urn:mace:example.com",
+ "text": "Another line of text",
+ "children": [{
+ "tag": "subtag",
+ "namespace": "urn:mace:example.org",
+ "text": "grandchild"
+ }]
+ },
+ {
+ "attributes": {"entitlement":"xyz"},
+ "tag": "tag4",
+ "namespace": "urn:mace:example.org",
+ "text": "A comment"
+ }]
+
+ ees = [saml2.ExtensionElement("").loadd(a) for a in avas]
+ print ees
+ ec = saml2.ExtensionContainer(extension_elements=ees)
+ esl = ec.find_extensions(tag="tag2")
+ assert len(esl) == 1
+ esl = ec.find_extensions(tag="tag3")
+ assert len(esl) == 1
+ esl = ec.find_extensions(tag="tag4")
+ assert len(esl) == 1
+ esl = ec.find_extensions(tag="tag2", namespace="urn:mace:example.com")
+ assert len(esl) == 1
+ esl = ec.find_extensions(tag="tag2", namespace="urn:mace:example.org")
+ assert len(esl) == 0
+ esl = ec.find_extensions(namespace="urn:mace:example.com")
+ assert len(esl) == 2
+ esl = ec.find_extensions(namespace="urn:mace:example.org")
+ assert len(esl) == 1
+ esl = ec.find_extensions()
+ assert len(esl) == 3
+
+ def test_add_extension_elements(self):
+ items = [saml.NameID(sp_name_qualifier="sp0", text="foo"),
+ saml.NameID(sp_name_qualifier="sp1", text="bar"),
+ saml.Audience(text="http://example.org")]
+
+ ec = saml2.ExtensionContainer()
+ ec.add_extension_elements(items)
+ esl = ec.find_extensions(tag="NameID")
+ assert len(esl) == 2
+ esl = ec.find_extensions(tag="Audience")
+ assert len(esl) == 1
+ esl = ec.find_extensions(namespace=saml.NAMESPACE)
+ assert len(esl) == 3
+ esl = ec.find_extensions()
+ assert len(esl) == 3
+
+ def test_add_extension_attribute(self):
+ ec = saml2.ExtensionContainer()
+ ec.add_extension_attribute("foo", "bar")
+ assert len(ec.extension_attributes) == 1
+ assert ec.extension_attributes.keys()[0] == "foo"
+
+class TestSAMLBase:
+ def test_make_vals_dict(self):
+ ava = {
+ "sp_name_qualifier": "loa",
+ "format": NAMEID_FORMAT_EMAILADDRESS,
+ "text": "free text"
+ }
+
+ foo = saml2.make_vals(ava, Issuer, part=True)
+ print foo
+ assert foo.format == NAMEID_FORMAT_EMAILADDRESS
+ assert foo.sp_name_qualifier == "loa"
+ assert foo.text == "free text"
+
+ def test_make_vals_str(self):
+ ava = "free text"
+
+ foo = saml2.make_vals(ava, Issuer, part=True)
+ print foo
+ assert foo.keyswv() == ["text"]
+ assert foo.text == "free text"
+
+ def test_make_vals_multi_dict(self):
+ ava = ["foo", "bar", "lions", "saints"]
+
+ raises(Exception,
+ "saml2.make_vals(ava, AttributeValue, Attribute(), part=True)")
+
+ attr = Attribute()
+ saml2.make_vals(ava, AttributeValue, attr, prop="attribute_value")
+ assert attr.keyswv() == ["attribute_value"]
+ assert len(attr.attribute_value) == 4
+
+ def test_to_string_nspair(self):
+ foo = saml2.make_vals("lions", AttributeValue, part=True)
+ str = foo.to_string()
+ nsstr = foo.to_string({"saml":saml.NAMESPACE})
+ assert nsstr != str
+ print str
+ print nsstr
+ assert "saml:AttributeValue" in nsstr
+ assert "saml:AttributeValue" not in str
+
+ def test_set_text(self):
+ av = AttributeValue()
+ av.set_text(True)
+ assert av.text == "true"
+ av.set_text(False)
+ assert av.text == "false"
+ av.set_text(491)
+ assert av.text == "491"
+
+ av = AttributeValue()
+ av.set_text(None)
+ assert av.text == ""
+
+ def test_make_vals_div(self):
+ foo = saml2.make_vals(666, AttributeValue, part=True)
+ assert foo.text == "666"
+
+ foo = saml2.make_vals(True, AttributeValue, part=True)
+ assert foo.text == "true"
+
+ foo = saml2.make_vals(False, AttributeValue, part=True)
+ assert foo.text == "false"
+
+class TestNameID:
+
+ def setup_class(self):
+ self.name_id = saml.NameID()
+
+ def testEmptyExtensionsList(self):
+ """Test if NameID has empty extensions list"""
+ assert isinstance(self.name_id.extension_elements, list)
+ assert len(self.name_id.extension_elements) == 0
+
+ def testFormatAttribute(self):
+ """Test for Format attribute accessors"""
+ self.name_id.format = saml.NAMEID_FORMAT_EMAILADDRESS
+ assert self.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS
+ assert len(self.name_id.extension_elements) == 0
+ new_name_id = saml.name_id_from_string(self.name_id.to_string())
+ assert len(new_name_id.extension_elements) == 0
+
+ self.name_id.extension_elements.append(saml2.ExtensionElement(
+ 'foo', text='bar'))
+ assert len(self.name_id.extension_elements) == 1
+ assert self.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS
+
+ def testNameIDText(self):
+ """Test text value of NameID element"""
+ self.name_id.text = "tmatsuo@example.com"
+ assert self.name_id.text == "tmatsuo@example.com"
+
+ def testSPProvidedID(self):
+ """Test for SPProvidedID attribute accessors"""
+ self.name_id.sp_provided_id = "provided id"
+ assert self.name_id.sp_provided_id == "provided id"
+
+ def testEmptyNameIDToAndFromStringMatch(self):
+ """Test name_id_from_string() with empty NameID"""
+ string_from_name_id = self.name_id.to_string()
+ new_name_id = saml.name_id_from_string(string_from_name_id)
+ string_from_new_name_id = new_name_id.to_string()
+ assert string_from_name_id == string_from_new_name_id
+
+ def testNameIDToAndFromStringMatch(self):
+ """Test name_id_from_string() with data"""
+ self.name_id.format = saml.NAMEID_FORMAT_EMAILADDRESS
+ self.name_id.text = "tmatsuo@example.com"
+ self.name_id.name_qualifier = "name_qualifier"
+ self.name_id.sp_name_qualifier = "sp_name_qualifier"
+ string_from_name_id = self.name_id.to_string()
+ new_name_id = saml.name_id_from_string(string_from_name_id)
+ assert new_name_id.name_qualifier == "name_qualifier"
+ assert new_name_id.sp_name_qualifier == "sp_name_qualifier"
+ string_from_new_name_id = new_name_id.to_string()
+ assert string_from_name_id == string_from_new_name_id
+
+ def testExtensionAttributes(self):
+ """Test extension attributes"""
+ self.name_id.extension_attributes['hoge'] = 'fuga'
+ self.name_id.extension_attributes['moge'] = 'muga'
+ assert self.name_id.extension_attributes['hoge'] == 'fuga'
+ assert self.name_id.extension_attributes['moge'] == 'muga'
+ new_name_id = saml.name_id_from_string(self.name_id.to_string())
+ assert new_name_id.extension_attributes['hoge'] == 'fuga'
+ assert new_name_id.extension_attributes['moge'] == 'muga'
+
+ def testname_id_from_string(self):
+ """Test name_id_from_string() using test data"""
+ name_id = saml.name_id_from_string(saml2_data.TEST_NAME_ID)
+ assert name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS
+ assert name_id.text.strip() == "tmatsuo@example.com"
+ assert name_id.sp_provided_id == "sp provided id"
+
+
+class TestIssuer:
+
+ def setup_class(self):
+ self.issuer = saml.Issuer()
+
+ def testIssuerToAndFromString(self):
+ """Test issuer_from_string()"""
+ self.issuer.text = "http://www.example.com/test"
+ self.issuer.name_qualifier = "name_qualifier"
+ self.issuer.sp_name_qualifier = "sp_name_qualifier"
+ new_issuer = saml.issuer_from_string(self.issuer.to_string())
+ assert self.issuer.text == new_issuer.text
+ assert self.issuer.name_qualifier == new_issuer.name_qualifier
+ assert self.issuer.sp_name_qualifier == new_issuer.sp_name_qualifier
+ assert self.issuer.extension_elements == new_issuer.extension_elements
+
+ def testUsingTestData(self):
+ """Test issuer_from_string() using test data"""
+ issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER)
+ assert issuer.text.strip() == "http://www.example.com/test"
+ new_issuer = saml.issuer_from_string(issuer.to_string())
+ assert issuer.text == new_issuer.text
+ assert issuer.extension_elements == new_issuer.extension_elements
+
+
+class TestSubjectLocality:
+
+ def setup_class(self):
+ self.subject_locality = saml.SubjectLocality()
+
+ def testAccessors(self):
+ """Test for SubjectLocality accessors"""
+ self.subject_locality.address = "127.0.0.1"
+ self.subject_locality.dns_name = "localhost"
+ assert self.subject_locality.address == "127.0.0.1"
+ assert self.subject_locality.dns_name == "localhost"
+ new_subject_locality = saml.subject_locality_from_string(
+ self.subject_locality.to_string())
+ assert new_subject_locality.address == "127.0.0.1"
+ assert new_subject_locality.dns_name == "localhost"
+
+ def testUsingTestData(self):
+ """Test SubjectLocalityFromString() using test data"""
+
+ subject_locality = saml.subject_locality_from_string(
+ saml2_data.TEST_SUBJECT_LOCALITY)
+ assert subject_locality.address == "127.0.0.1"
+ assert subject_locality.dns_name == "localhost"
+
+ new_subject_locality = saml.subject_locality_from_string(
+ subject_locality.to_string())
+ assert new_subject_locality.address == "127.0.0.1"
+ assert new_subject_locality.dns_name == "localhost"
+ assert subject_locality.to_string() == new_subject_locality.to_string()
+
+
+class TestAuthnContextClassRef:
+
+ def setup_class(self):
+ self.authn_context_class_ref = saml.AuthnContextClassRef()
+ self.text = "http://www.example.com/authnContextClassRef"
+
+ def testAccessors(self):
+ """Test for AuthnContextClassRef accessors"""
+ self.authn_context_class_ref.text = self.text
+ assert self.authn_context_class_ref.text == self.text
+ new_authn_context_class_ref = saml.authn_context_class_ref_from_string(
+ self.authn_context_class_ref.to_string())
+ assert new_authn_context_class_ref.text == self.text
+ assert self.authn_context_class_ref.to_string() == \
+ new_authn_context_class_ref.to_string()
+
+ def testUsingTestData(self):
+ """Test authn_context_class_ref_from_string() using test data"""
+ authn_context_class_ref = saml.authn_context_class_ref_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF)
+ assert authn_context_class_ref.text.strip() == self.text
+
+
+class TestAuthnContextDeclRef:
+
+ def setup_class(self):
+ self.authn_context_decl_ref = saml.AuthnContextDeclRef()
+ self.ref = "http://www.example.com/authnContextDeclRef"
+
+ def testAccessors(self):
+ """Test for AuthnContextDeclRef accessors"""
+ self.authn_context_decl_ref.text = self.ref
+ assert self.authn_context_decl_ref.text == self.ref
+ new_authn_context_decl_ref = saml.authn_context_decl_ref_from_string(
+ self.authn_context_decl_ref.to_string())
+ assert new_authn_context_decl_ref.text == self.ref
+ assert self.authn_context_decl_ref.to_string() == \
+ new_authn_context_decl_ref.to_string()
+
+ def testUsingTestData(self):
+ """Test authn_context_decl_ref_from_string() using test data"""
+ authn_context_decl_ref = saml.authn_context_decl_ref_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_DECL_REF)
+ assert authn_context_decl_ref.text.strip() == self.ref
+
+
+class TestAuthnContextDecl:
+
+ def setup_class(self):
+ self.authn_context_decl = saml.AuthnContextDecl()
+ self.text = "http://www.example.com/authnContextDecl"
+
+ def testAccessors(self):
+ """Test for AuthnContextDecl accessors"""
+ self.authn_context_decl.text = self.text
+ assert self.authn_context_decl.text == self.text
+ new_authn_context_decl = saml.authn_context_decl_from_string(
+ self.authn_context_decl.to_string())
+ assert new_authn_context_decl.text == self.text
+ assert self.authn_context_decl.to_string() == \
+ new_authn_context_decl.to_string()
+
+ def testUsingTestData(self):
+ """Test authn_context_decl_from_string() using test data"""
+ authn_context_decl = saml.authn_context_decl_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_DECL)
+ assert authn_context_decl.text.strip() == self.text
+
+
+class TestAuthenticatingAuthority:
+
+ def setup_class(self):
+ self.authenticating_authority = saml.AuthenticatingAuthority()
+ self.text = "http://www.example.com/authenticatingAuthority"
+
+ def testAccessors(self):
+ """Test for AuthenticatingAuthority accessors"""
+ self.authenticating_authority.text = self.text
+ assert self.authenticating_authority.text == self.text
+ new_authenticating_authority = saml.authenticating_authority_from_string(
+ self.authenticating_authority.to_string())
+ assert new_authenticating_authority.text == self.text
+ assert self.authenticating_authority.to_string() == \
+ new_authenticating_authority.to_string()
+
+ def testUsingTestData(self):
+ """Test authenticating_authority_from_string() using test data"""
+ authenticating_authority = saml.authenticating_authority_from_string(
+ saml2_data.TEST_AUTHENTICATING_AUTHORITY)
+ assert authenticating_authority.text.strip() == self.text
+
+class TestAuthnContext:
+
+ def setup_class(self):
+ self.authn_context = saml.AuthnContext()
+
+ def testAccessors(self):
+ """Test for AuthnContext accessors"""
+ self.authn_context.authn_context_class_ref = \
+ saml.authn_context_class_ref_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF)
+ self.authn_context.authn_context_decl_ref = \
+ saml.authn_context_decl_ref_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_DECL_REF)
+ self.authn_context.authn_context_decl = \
+ saml.authn_context_decl_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_DECL)
+ self.authn_context.authenticating_authority.append(
+ saml.authenticating_authority_from_string(
+ saml2_data.TEST_AUTHENTICATING_AUTHORITY))
+ assert self.authn_context.authn_context_class_ref.text.strip() == \
+ "http://www.example.com/authnContextClassRef"
+ assert self.authn_context.authn_context_decl_ref.text.strip() == \
+ "http://www.example.com/authnContextDeclRef"
+ assert self.authn_context.authn_context_decl.text.strip() == \
+ "http://www.example.com/authnContextDecl"
+ assert self.authn_context.authenticating_authority[0].text.strip() == \
+ "http://www.example.com/authenticatingAuthority"
+ new_authn_context = saml.authn_context_from_string(
+ self.authn_context.to_string())
+ assert self.authn_context.to_string() == new_authn_context.to_string()
+
+ def testUsingTestData(self):
+ """Test authn_context_from_string() using test data"""
+ authn_context = saml.authn_context_from_string(saml2_data.TEST_AUTHN_CONTEXT)
+ assert authn_context.authn_context_class_ref.text.strip() == \
+ saml.AUTHN_PASSWORD
+
+
+class TestAuthnStatement:
+
+ def setup_class(self):
+ self.authn_statem = saml.AuthnStatement()
+
+ def testAccessors(self):
+ """Test for AuthnStatement accessors"""
+ self.authn_statem.authn_instant = "2007-08-31T01:05:02Z"
+ self.authn_statem.session_not_on_or_after = "2007-09-14T01:05:02Z"
+ self.authn_statem.session_index = "sessionindex"
+ self.authn_statem.authn_context = saml.AuthnContext()
+ self.authn_statem.authn_context.authn_context_class_ref = \
+ saml.authn_context_class_ref_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF)
+ self.authn_statem.authn_context.authn_context_decl_ref = \
+ saml.authn_context_decl_ref_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_DECL_REF)
+ self.authn_statem.authn_context.authn_context_decl = \
+ saml.authn_context_decl_from_string(
+ saml2_data.TEST_AUTHN_CONTEXT_DECL)
+ self.authn_statem.authn_context.authenticating_authority.append(
+ saml.authenticating_authority_from_string(
+ saml2_data.TEST_AUTHENTICATING_AUTHORITY))
+
+ new_as = saml.authn_statement_from_string(self.authn_statem.to_string())
+ assert new_as.authn_instant == "2007-08-31T01:05:02Z"
+ assert new_as.session_index == "sessionindex"
+ assert new_as.session_not_on_or_after == "2007-09-14T01:05:02Z"
+ assert new_as.authn_context.authn_context_class_ref.text.strip() == \
+ "http://www.example.com/authnContextClassRef"
+ assert new_as.authn_context.authn_context_decl_ref.text.strip() == \
+ "http://www.example.com/authnContextDeclRef"
+ assert new_as.authn_context.authn_context_decl.text.strip() == \
+ "http://www.example.com/authnContextDecl"
+ assert new_as.authn_context.authenticating_authority[0].text.strip() \
+ == "http://www.example.com/authenticatingAuthority"
+ assert self.authn_statem.to_string() == new_as.to_string()
+
+ def testUsingTestData(self):
+ """Test authn_statement_from_string() using test data"""
+ authn_statem = saml.authn_statement_from_string(saml2_data.TEST_AUTHN_STATEMENT)
+ assert authn_statem.authn_instant == "2007-08-31T01:05:02Z"
+ assert authn_statem.session_not_on_or_after == "2007-09-14T01:05:02Z"
+ assert authn_statem.authn_context.authn_context_class_ref.text.strip() == \
+ saml.AUTHN_PASSWORD
+
+
+class TestAttributeValue:
+
+ def setup_class(self):
+ self.attribute_value = saml.AttributeValue()
+ self.text = "value for test attribute"
+
+ def testAccessors(self):
+ """Test for AttributeValue accessors"""
+
+ self.attribute_value.text = self.text
+ new_attribute_value = saml.attribute_value_from_string(
+ self.attribute_value.to_string())
+ assert new_attribute_value.text.strip() == self.text
+
+ def testUsingTestData(self):
+ """Test attribute_value_from_string() using test data"""
+
+ attribute_value = saml.attribute_value_from_string(
+ saml2_data.TEST_ATTRIBUTE_VALUE)
+ assert attribute_value.text.strip() == self.text
+
+BASIC_STR_AV = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+Name="FirstName">
+<AttributeValue xsi:type="xs:string">By-Tor</AttributeValue>
+</Attribute>"""
+
+BASIC_INT_AV = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+Name="age">
+<AttributeValue xsi:type="xs:int">23</AttributeValue>
+</Attribute>"""
+
+BASIC_NOT_INT_AV = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+Name="age">
+<AttributeValue xsi:type="xs:int">foo</AttributeValue>
+</Attribute>"""
+
+BASIC_BOOLEAN_TRUE_AV = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+Name="on-off">
+<AttributeValue xsi:type="xs:boolean">true</AttributeValue>
+</Attribute>"""
+
+BASIC_BOOLEAN_FALSE_AV = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+Name="on-off">
+<AttributeValue xsi:type="xs:boolean">false</AttributeValue>
+</Attribute>"""
+
+BASIC_BASE64_AV = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
+Name="FirstName">
+<AttributeValue
+xsi:type="xs:base64Binary">VU5JTkVUVA==</AttributeValue>
+</Attribute>"""
+
+X500_AV = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+xmlns:x500="urn:oasis:names:tc:SAML:2.0:profiles:attribute:X500"
+NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+Name="urn:oid:2.5.4.42" FriendlyName="givenName">
+<AttributeValue xsi:type="xs:string" x500:Encoding="LDAP">Steven
+</AttributeValue>
+</Attribute>"""
+
+UUID_AV = """<?xml version="1.0" encoding="utf-8"?>
+<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+Name="urn:uuid:6c9d0ec8-dd2d-11cc-abdd-080009353559"
+FriendlyName="pre_auth_req">
+<AttributeValue xsi:type="xs:integer">1</AttributeValue>
+</Attribute>"""
+
+class TestAttribute:
+
+ def setup_class(self):
+ self.attribute = saml.Attribute()
+ self.text = ["value of test attribute",
+ "value1 of test attribute",
+ "value2 of test attribute"]
+
+ def testAccessors(self):
+ """Test for Attribute accessors"""
+ self.attribute.name = "testAttribute"
+ self.attribute.name_format = saml.NAME_FORMAT_URI
+ self.attribute.friendly_name = "test attribute"
+ self.attribute.attribute_value.append(saml.AttributeValue())
+ self.attribute.attribute_value[0].text = self.text[0]
+
+ new_attribute = saml.attribute_from_string(self.attribute.to_string())
+ assert new_attribute.name == "testAttribute"
+ assert new_attribute.name_format == saml.NAME_FORMAT_URI
+ assert new_attribute.friendly_name == "test attribute"
+ assert new_attribute.attribute_value[0].text.strip() == self.text[0]
+
+ def testUsingTestData(self):
+ """Test attribute_from_string() using test data"""
+ attribute = saml.attribute_from_string(saml2_data.TEST_ATTRIBUTE)
+ assert attribute.name == "testAttribute"
+ assert attribute.name_format == saml.NAME_FORMAT_UNSPECIFIED
+ assert attribute.friendly_name == "test attribute"
+ assert attribute.attribute_value[0].text.strip() == self.text[1]
+ assert attribute.attribute_value[1].text.strip() == self.text[2]
+ # test again
+ attribute = saml.attribute_from_string(attribute.to_string())
+ assert attribute.name == "testAttribute"
+ assert attribute.name_format == saml.NAME_FORMAT_UNSPECIFIED
+ assert attribute.friendly_name == "test attribute"
+ assert attribute.attribute_value[0].text.strip() == self.text[1]
+ assert attribute.attribute_value[1].text.strip() == self.text[2]
+
+ def test_basic_str(self):
+ attribute = saml.attribute_from_string(BASIC_STR_AV)
+ print attribute
+ assert attribute.attribute_value[0].text.strip() == "By-Tor"
+
+ def test_basic_int(self):
+ attribute = saml.attribute_from_string(BASIC_INT_AV)
+ print attribute
+ assert attribute.attribute_value[0].text == "23"
+
+ def test_basic_not_int(self):
+ # attr = saml.attribute_from_string(BASIC_NOT_INT_AV)
+ # print attr.__dict__.keys()
+ # print attr.attribute_value[0].__dict__.keys()
+ # print attr.attribute_value[0].type
+ # print attr.attribute_value[0].extension_attributes
+ # print attr
+ raises(ValueError, "saml.attribute_from_string(BASIC_NOT_INT_AV)")
+
+ def test_basic_base64(self):
+ attribute = saml.attribute_from_string(BASIC_BASE64_AV)
+ print attribute
+ assert attribute.attribute_value[0].text == "VU5JTkVUVA=="
+ assert attribute.attribute_value[0].get_type() == "xs:base64Binary"
+
+ def test_basic_boolean_true(self):
+ attribute = saml.attribute_from_string(BASIC_BOOLEAN_TRUE_AV)
+ print attribute
+ assert attribute.attribute_value[0].text.lower() == "true"
+
+ def test_basic_boolean_false(self):
+ attribute = saml.attribute_from_string(BASIC_BOOLEAN_FALSE_AV)
+ print attribute
+ assert attribute.attribute_value[0].text.lower() == "false"
+
+class TestAttributeStatement:
+
+ def setup_class(self):
+ self.attr_statem = saml.AttributeStatement()
+ self.text = ["value of test attribute",
+ "value1 of test attribute",
+ "value2 of test attribute",
+ "value1 of test attribute2",
+ "value2 of test attribute2",]
+
+ def testAccessors(self):
+ """Test for Attribute accessors"""
+ self.attr_statem.attribute.append(saml.Attribute())
+ self.attr_statem.attribute.append(saml.Attribute())
+ self.attr_statem.attribute[0].name = "testAttribute"
+ self.attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI
+ self.attr_statem.attribute[0].friendly_name = "test attribute"
+ self.attr_statem.attribute[0].attribute_value.append(saml.AttributeValue())
+ self.attr_statem.attribute[0].attribute_value[0].text = self.text[0]
+
+ self.attr_statem.attribute[1].name = "testAttribute2"
+ self.attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED
+ self.attr_statem.attribute[1].friendly_name = self.text[2]
+ self.attr_statem.attribute[1].attribute_value.append(saml.AttributeValue())
+ self.attr_statem.attribute[1].attribute_value[0].text = self.text[2]
+
+ new_as = saml.attribute_statement_from_string(self.attr_statem.to_string())
+ assert new_as.attribute[0].name == "testAttribute"
+ assert new_as.attribute[0].name_format == saml.NAME_FORMAT_URI
+ assert new_as.attribute[0].friendly_name == "test attribute"
+ assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[0]
+ assert new_as.attribute[1].name == "testAttribute2"
+ assert new_as.attribute[1].name_format == saml.NAME_FORMAT_UNSPECIFIED
+ assert new_as.attribute[1].friendly_name == "value2 of test attribute"
+ assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[2]
+
+ def testUsingTestData(self):
+ """Test attribute_statement_from_string() using test data"""
+ attr_statem = saml.attribute_statement_from_string( \
+ saml2_data.TEST_ATTRIBUTE_STATEMENT)
+ assert attr_statem.attribute[0].name == "testAttribute"
+ assert attr_statem.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED
+ assert attr_statem.attribute[0].friendly_name == "test attribute"
+ assert attr_statem.attribute[0].attribute_value[0].text.strip() == self.text[1]
+ assert attr_statem.attribute[0].attribute_value[1].text.strip() == self.text[2]
+ assert attr_statem.attribute[1].name == "http://www.example.com/testAttribute2"
+ assert attr_statem.attribute[1].name_format == saml.NAME_FORMAT_URI
+ assert attr_statem.attribute[1].friendly_name == "test attribute2"
+ assert attr_statem.attribute[1].attribute_value[0].text.strip() == self.text[3]
+ assert attr_statem.attribute[1].attribute_value[1].text.strip() == self.text[4]
+
+ # test again
+ attr_statem2 = saml.attribute_statement_from_string(attr_statem.to_string())
+ assert attr_statem2.attribute[0].name == "testAttribute"
+ assert attr_statem2.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED
+ assert attr_statem2.attribute[0].friendly_name == "test attribute"
+ assert attr_statem2.attribute[0].attribute_value[0].text.strip() == self.text[1]
+ assert attr_statem2.attribute[0].attribute_value[1].text.strip() == self.text[2]
+ assert attr_statem2.attribute[1].name == "http://www.example.com/testAttribute2"
+ assert attr_statem2.attribute[1].name_format == saml.NAME_FORMAT_URI
+ assert attr_statem2.attribute[1].friendly_name == "test attribute2"
+ assert attr_statem2.attribute[1].attribute_value[0].text.strip() == self.text[3]
+ assert attr_statem2.attribute[1].attribute_value[1].text.strip() == self.text[4]
+
+
+class TestSubjectConfirmationData:
+
+ def setup_class(self):
+ self.scd = saml.SubjectConfirmationData()
+
+ def testAccessors(self):
+ """Test for SubjectConfirmationData accessors"""
+
+ self.scd.not_before = "2007-08-31T01:05:02Z"
+ self.scd.not_on_or_after = "2007-09-14T01:05:02Z"
+ self.scd.recipient = "recipient"
+ self.scd.in_response_to = "responseID"
+ self.scd.address = "127.0.0.1"
+ new_scd = saml.subject_confirmation_data_from_string(self.scd.to_string())
+ assert new_scd.not_before == "2007-08-31T01:05:02Z"
+ assert new_scd.not_on_or_after == "2007-09-14T01:05:02Z"
+ assert new_scd.recipient == "recipient"
+ assert new_scd.in_response_to == "responseID"
+ assert new_scd.address == "127.0.0.1"
+
+ def testUsingTestData(self):
+ """Test subject_confirmation_data_from_string() using test data"""
+
+ scd = saml.subject_confirmation_data_from_string(
+ saml2_data.TEST_SUBJECT_CONFIRMATION_DATA)
+ assert scd.not_before == "2007-08-31T01:05:02Z"
+ assert scd.not_on_or_after == "2007-09-14T01:05:02Z"
+ assert scd.recipient == "recipient"
+ assert scd.in_response_to == "responseID"
+ assert scd.address == "127.0.0.1"
+
+
+class TestSubjectConfirmation:
+
+ def setup_class(self):
+ self.sc = saml.SubjectConfirmation()
+
+ def testAccessors(self):
+ """Test for SubjectConfirmation accessors"""
+ self.sc.name_id = saml.name_id_from_string(saml2_data.TEST_NAME_ID)
+ self.sc.method = saml.SUBJECT_CONFIRMATION_METHOD_BEARER
+ self.sc.subject_confirmation_data = saml.subject_confirmation_data_from_string(
+ saml2_data.TEST_SUBJECT_CONFIRMATION_DATA)
+ new_sc = saml.subject_confirmation_from_string(self.sc.to_string())
+ assert new_sc.name_id.sp_provided_id == "sp provided id"
+ assert new_sc.method == saml.SUBJECT_CONFIRMATION_METHOD_BEARER
+ assert new_sc.subject_confirmation_data.not_before == \
+ "2007-08-31T01:05:02Z"
+ assert new_sc.subject_confirmation_data.not_on_or_after == \
+ "2007-09-14T01:05:02Z"
+ assert new_sc.subject_confirmation_data.recipient == "recipient"
+ assert new_sc.subject_confirmation_data.in_response_to == "responseID"
+ assert new_sc.subject_confirmation_data.address == "127.0.0.1"
+
+ def testUsingTestData(self):
+ """Test subject_confirmation_from_string() using test data"""
+
+ sc = saml.subject_confirmation_from_string(
+ saml2_data.TEST_SUBJECT_CONFIRMATION)
+ assert sc.name_id.sp_provided_id == "sp provided id"
+ assert sc.method == saml.SUBJECT_CONFIRMATION_METHOD_BEARER
+ assert sc.subject_confirmation_data.not_before == "2007-08-31T01:05:02Z"
+ assert sc.subject_confirmation_data.not_on_or_after == "2007-09-14T01:05:02Z"
+ assert sc.subject_confirmation_data.recipient == "recipient"
+ assert sc.subject_confirmation_data.in_response_to == "responseID"
+ assert sc.subject_confirmation_data.address == "127.0.0.1"
+
+
+class TestSubject:
+
+ def setup_class(self):
+ self.subject = saml.Subject()
+
+ def testAccessors(self):
+ """Test for Subject accessors"""
+ self.subject.name_id = saml.name_id_from_string(saml2_data.TEST_NAME_ID)
+ self.subject.subject_confirmation.append(
+ saml.subject_confirmation_from_string(
+ saml2_data.TEST_SUBJECT_CONFIRMATION))
+ new_subject = saml.subject_from_string(self.subject.to_string())
+ assert new_subject.name_id.sp_provided_id == "sp provided id"
+ assert new_subject.name_id.text.strip() == "tmatsuo@example.com"
+ assert new_subject.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS
+ assert isinstance(new_subject.subject_confirmation[0],
+ saml.SubjectConfirmation)
+
+ def testUsingTestData(self):
+ """Test for subject_from_string() using test data."""
+
+ subject = saml.subject_from_string(saml2_data.TEST_SUBJECT)
+ assert subject.name_id.sp_provided_id == "sp provided id"
+ assert subject.name_id.text.strip() == "tmatsuo@example.com"
+ assert subject.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS
+ assert isinstance(subject.subject_confirmation[0],
+ saml.SubjectConfirmation)
+
+
+class TestCondition:
+
+ def setup_class(self):
+ self.condition = saml.Condition()
+ self.name = "{%s}type" % saml.XSI_NAMESPACE
+
+ def testAccessors(self):
+ """Test for Condition accessors."""
+ self.condition.extension_attributes[self.name] = "test"
+ self.condition.extension_attributes['ExtendedAttribute'] = "value"
+ new_condition = saml.condition_from_string(self.condition.to_string())
+ assert new_condition.extension_attributes[self.name] == "test"
+ assert new_condition.extension_attributes["ExtendedAttribute"] == "value"
+
+ def testUsingTestData(self):
+ """Test for condition_from_string() using test data."""
+ condition = saml.condition_from_string(saml2_data.TEST_CONDITION)
+ assert condition.extension_attributes[self.name] == "test"
+ assert condition.extension_attributes["ExtendedAttribute"] == "value"
+
+
+class TestAudience:
+
+ def setup_class(self):
+ self.audience = saml.Audience()
+
+ def testAccessors(self):
+ """Test for Audience accessors"""
+
+ self.audience.text = "http://www.example.com/Audience"
+ new_audience = saml.audience_from_string(self.audience.to_string())
+ assert new_audience.text.strip() == "http://www.example.com/Audience"
+
+ def testUsingTestData(self):
+ """Test audience_from_string using test data"""
+
+ audience = saml.audience_from_string(saml2_data.TEST_AUDIENCE)
+ assert audience.text.strip() == "http://www.example.com/Audience"
+
+
+class TestAudienceRestriction:
+ def setup_class(self):
+ self.audience_restriction = saml.AudienceRestriction()
+
+ def testAccessors(self):
+ """Test for AudienceRestriction accessors"""
+
+ self.audience_restriction.audience = \
+ saml.audience_from_string(saml2_data.TEST_AUDIENCE)
+ new_audience = saml.audience_restriction_from_string(
+ self.audience_restriction.to_string())
+ assert self.audience_restriction.audience.text.strip() == \
+ "http://www.example.com/Audience"
+
+ def testUsingTestData(self):
+ """Test audience_restriction_from_string using test data"""
+
+ audience_restriction = saml.audience_restriction_from_string(
+ saml2_data.TEST_AUDIENCE_RESTRICTION)
+ assert audience_restriction.audience[0].text.strip() == \
+ "http://www.example.com/Audience"
+
+
+class TestOneTimeUse:
+
+ def setup_class(self):
+ self.one_time_use = saml.OneTimeUse()
+
+ def testAccessors(self):
+ """Test for OneTimeUse accessors"""
+ assert isinstance(self.one_time_use, saml.OneTimeUse)
+ assert isinstance(self.one_time_use, saml.ConditionAbstractType_)
+
+ def testUsingTestData(self):
+ """Test one_time_use_from_string() using test data"""
+ one_time_use = saml.one_time_use_from_string(saml2_data.TEST_ONE_TIME_USE)
+ assert isinstance(one_time_use, saml.OneTimeUse)
+ assert isinstance(one_time_use, saml.ConditionAbstractType_)
+
+
+class TestProxyRestriction:
+
+ def setup_class(self):
+ self.proxy_restriction = saml.ProxyRestriction()
+
+ def testAccessors(self):
+ """Test for ProxyRestriction accessors"""
+
+ assert isinstance(self.proxy_restriction, saml.ConditionAbstractType_)
+ self.proxy_restriction.count = "2"
+ self.proxy_restriction.audience.append(saml.audience_from_string(
+ saml2_data.TEST_AUDIENCE))
+ new_proxy_restriction = saml.proxy_restriction_from_string(
+ self.proxy_restriction.to_string())
+ assert new_proxy_restriction.count == "2"
+ assert new_proxy_restriction.audience[0].text.strip() == \
+ "http://www.example.com/Audience"
+
+ def testUsingTestData(self):
+ """Test proxy_restriction_from_string() using test data"""
+
+ proxy_restriction = saml.proxy_restriction_from_string(
+ saml2_data.TEST_PROXY_RESTRICTION)
+ assert proxy_restriction.count == "2"
+ assert proxy_restriction.audience[0].text.strip() == \
+ "http://www.example.com/Audience"
+
+class TestConditions:
+
+ def setup_class(self):
+ self.conditions = saml.Conditions()
+
+ def testAccessors(self):
+ """Test for Conditions accessors"""
+ self.conditions.not_before = "2007-08-31T01:05:02Z"
+ self.conditions.not_on_or_after = "2007-09-14T01:05:02Z"
+ self.conditions.condition.append(saml.Condition())
+ self.conditions.audience_restriction.append(saml.AudienceRestriction())
+ self.conditions.one_time_use.append(saml.OneTimeUse())
+ self.conditions.proxy_restriction.append(saml.ProxyRestriction())
+ new_conditions = saml.conditions_from_string(self.conditions.to_string())
+ assert new_conditions.not_before == "2007-08-31T01:05:02Z"
+ assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z"
+ assert isinstance(new_conditions.condition[0], saml.Condition)
+ assert isinstance(new_conditions.audience_restriction[0],
+ saml.AudienceRestriction)
+ assert isinstance(new_conditions.one_time_use[0],
+ saml.OneTimeUse)
+ assert isinstance(new_conditions.proxy_restriction[0],
+ saml.ProxyRestriction)
+
+ def testUsingTestData(self):
+ """Test conditions_from_string() using test data"""
+ new_conditions = saml.conditions_from_string(saml2_data.TEST_CONDITIONS)
+ assert new_conditions.not_before == "2007-08-31T01:05:02Z"
+ assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z"
+ assert isinstance(new_conditions.condition[0], saml.Condition)
+ assert isinstance(new_conditions.audience_restriction[0],
+ saml.AudienceRestriction)
+ assert isinstance(new_conditions.one_time_use[0],
+ saml.OneTimeUse)
+ assert isinstance(new_conditions.proxy_restriction[0],
+ saml.ProxyRestriction)
+
+class TestAssertionIDRef:
+
+ def setup_class(self):
+ self.assertion_id_ref = saml.AssertionIDRef()
+
+ def testAccessors(self):
+ """Test for AssertionIDRef accessors"""
+ self.assertion_id_ref.text = "zzlieajngjbkjggjldmgindkckkolcblndbghlhm"
+ new_assertion_id_ref = saml.assertion_id_ref_from_string(
+ self.assertion_id_ref.to_string())
+ assert new_assertion_id_ref.text == \
+ "zzlieajngjbkjggjldmgindkckkolcblndbghlhm"
+
+ def testUsingTestData(self):
+ """Test assertion_id_ref_from_string() using test data"""
+ new_assertion_id_ref = saml.assertion_id_ref_from_string(
+ saml2_data.TEST_ASSERTION_ID_REF)
+ assert new_assertion_id_ref.text.strip() == \
+ "zzlieajngjbkjggjldmgindkckkolcblndbghlhm"
+
+
+class TestAssertionURIRef:
+
+ def setup_class(self):
+ self.assertion_uri_ref = saml.AssertionURIRef()
+
+ def testAccessors(self):
+ """Test for AssertionURIRef accessors"""
+ self.assertion_uri_ref.text = "http://www.example.com/AssertionURIRef"
+ new_assertion_uri_ref = saml.assertion_uri_ref_from_string(
+ self.assertion_uri_ref.to_string())
+ assert new_assertion_uri_ref.text == \
+ "http://www.example.com/AssertionURIRef"
+
+ def testUsingTestData(self):
+ """Test assertion_uri_ref_from_string() using test data"""
+ new_assertion_uri_ref = saml.assertion_uri_ref_from_string(
+ saml2_data.TEST_ASSERTION_URI_REF)
+ assert new_assertion_uri_ref.text.strip() == \
+ "http://www.example.com/AssertionURIRef"
+
+
+class TestAction:
+
+ def setup_class(self):
+ self.action = saml.Action()
+
+ def testAccessors(self):
+ """Test for Action accessors"""
+ self.action.namespace = "http://www.example.com/Namespace"
+ new_action = saml.action_from_string(self.action.to_string())
+ assert new_action.namespace == "http://www.example.com/Namespace"
+
+ def testUsingTestData(self):
+ """Test action_from_string() using test data"""
+ new_action = saml.action_from_string(saml2_data.TEST_ACTION)
+ assert new_action.namespace == "http://www.example.com/Namespace"
+
+
+class TestEvidence:
+
+ def setup_class(self):
+ self.evidence = saml.Evidence()
+
+ def testAccessors(self):
+ """Test for Evidence accessors"""
+ self.evidence.assertion_id_ref.append(saml.AssertionIDRef())
+ self.evidence.assertion_uri_ref.append(saml.AssertionURIRef())
+ self.evidence.assertion.append(saml.Assertion())
+ self.evidence.encrypted_assertion.append(saml.EncryptedAssertion())
+ new_evidence = saml.evidence_from_string(self.evidence.to_string())
+ print new_evidence
+ assert self.evidence.to_string() == new_evidence.to_string()
+ assert isinstance(new_evidence.assertion_id_ref[0],
+ saml.AssertionIDRef)
+ assert isinstance(new_evidence.assertion_uri_ref[0],
+ saml.AssertionURIRef)
+ assert len(new_evidence.assertion) == 1
+ assert isinstance(new_evidence.assertion[0], saml.Assertion)
+ assert len(new_evidence.encrypted_assertion) == 1
+ assert isinstance(new_evidence.encrypted_assertion[0],
+ saml.EncryptedAssertion)
+
+ def testUsingTestData(self):
+ """Test evidence_from_string() using test data"""
+ # TODO:
+ pass
+
+
+class TestAuthzDecisionStatement:
+
+ def setup_class(self):
+ self.authz_decision_statement = saml.AuthzDecisionStatement()
+
+ def testAccessors(self):
+ """Test for AuthzDecisionStatement accessors"""
+ self.authz_decision_statement.resource = "http://www.example.com/Resource"
+ self.authz_decision_statement.decision = saml.DECISION_TYPE_PERMIT
+ self.authz_decision_statement.action.append(saml.Action())
+ self.authz_decision_statement.evidence = saml.Evidence()
+ new_authz_decision_statement = saml.authz_decision_statement_from_string(
+ self.authz_decision_statement.to_string())
+ assert self.authz_decision_statement.to_string() == \
+ new_authz_decision_statement.to_string()
+ assert new_authz_decision_statement.resource == \
+ "http://www.example.com/Resource"
+ assert new_authz_decision_statement.decision == \
+ saml.DECISION_TYPE_PERMIT
+ assert isinstance(new_authz_decision_statement.action[0],
+ saml.Action)
+ assert isinstance(new_authz_decision_statement.evidence,
+ saml.Evidence)
+
+
+ def testUsingTestData(self):
+ """Test authz_decision_statement_from_string() using test data"""
+ # TODO:
+ pass
+
+class TestAdvice:
+
+ def setup_class(self):
+ self.advice = saml.Advice()
+
+ def testAccessors(self):
+ """Test for Advice accessors"""
+ self.advice.assertion_id_ref.append(saml.AssertionIDRef())
+ self.advice.assertion_uri_ref.append(saml.AssertionURIRef())
+ self.advice.assertion.append(saml.Assertion())
+ self.advice.encrypted_assertion.append(saml.EncryptedAssertion())
+ new_advice = saml.advice_from_string(self.advice.to_string())
+ assert self.advice.to_string() == new_advice.to_string()
+ assert isinstance(new_advice.assertion_id_ref[0],
+ saml.AssertionIDRef)
+ assert isinstance(new_advice.assertion_uri_ref[0],
+ saml.AssertionURIRef)
+ assert isinstance(new_advice.assertion[0], saml.Assertion)
+ assert isinstance(new_advice.encrypted_assertion[0],
+ saml.EncryptedAssertion)
+
+ def testUsingTestData(self):
+ """Test advice_from_string() using test data"""
+ # TODO:
+ pass
+
+
+class TestAssertion:
+
+ def setup_class(self):
+ self.assertion = saml.Assertion()
+
+ def testAccessors(self):
+ """Test for Assertion accessors"""
+ self.assertion.id = "assertion id"
+ self.assertion.version = saml2.VERSION
+ self.assertion.issue_instant = "2007-08-31T01:05:02Z"
+ self.assertion.issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER)
+ self.assertion.signature = ds.signature_from_string(
+ ds_data.TEST_SIGNATURE)
+ self.assertion.subject = saml.subject_from_string(saml2_data.TEST_SUBJECT)
+ self.assertion.conditions = saml.conditions_from_string(
+ saml2_data.TEST_CONDITIONS)
+ self.assertion.advice = saml.Advice()
+ self.assertion.statement.append(saml.Statement())
+ self.assertion.authn_statement.append(saml.authn_statement_from_string(
+ saml2_data.TEST_AUTHN_STATEMENT))
+ self.assertion.authz_decision_statement.append(
+ saml.AuthzDecisionStatement())
+ self.assertion.attribute_statement.append(
+ saml.attribute_statement_from_string(
+ saml2_data.TEST_ATTRIBUTE_STATEMENT))
+
+ new_assertion = saml.assertion_from_string(self.assertion.to_string())
+ assert new_assertion.id == "assertion id"
+ assert new_assertion.version == saml2.VERSION
+ assert new_assertion.issue_instant == "2007-08-31T01:05:02Z"
+ assert isinstance(new_assertion.issuer, saml.Issuer)
+ assert isinstance(new_assertion.signature, ds.Signature)
+ assert isinstance(new_assertion.subject, saml.Subject)
+ assert isinstance(new_assertion.conditions, saml.Conditions)
+ assert isinstance(new_assertion.advice, saml.Advice)
+ assert isinstance(new_assertion.statement[0], saml.Statement)
+ assert isinstance(new_assertion.authn_statement[0],
+ saml.AuthnStatement)
+ assert isinstance(new_assertion.authz_decision_statement[0],
+ saml.AuthzDecisionStatement)
+ assert isinstance(new_assertion.attribute_statement[0],
+ saml.AttributeStatement)
+
+
+ def testUsingTestData(self):
+ """Test assertion_from_string() using test data"""
+ # TODO
+ pass
diff --git a/tests/test_03_saml2.py b/tests/test_03_saml2.py
new file mode 100644
index 00000000..ebac945e
--- /dev/null
+++ b/tests/test_03_saml2.py
@@ -0,0 +1,524 @@
+#!/usr/bin/env python
+
+import saml2
+
+from saml2 import create_class_from_xml_string, class_name, make_vals, md
+from saml2.saml import NameID, Issuer, SubjectLocality, AuthnContextClassRef
+from saml2.saml import SubjectConfirmationData, SubjectConfirmation
+from saml2.saml import Attribute
+
+from py.test import raises
+import saml2_data
+
+try:
+ from xml.etree import cElementTree as ElementTree
+except ImportError:
+ try:
+ import cElementTree as ElementTree
+ except ImportError:
+ from elementtree import ElementTree
+
+ITEMS = {
+ NameID:["""<?xml version="1.0" encoding="utf-8"?>
+<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id">
+ roland@example.com
+</NameID>
+""", """<?xml version="1.0" encoding="utf-8"?>
+<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ SPNameQualifier="https://foo.example.com/sp"
+ Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">_1632879f09d08ea5ede2dc667cbed7e429ebc4335c</NameID>
+""", """<?xml version="1.0" encoding="utf-8"?>
+<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+NameQualifier="http://authentic.example.com/saml/metadata"
+SPNameQualifier="http://auth.example.com/saml/metadata">test
+</NameID>"""],
+ Issuer:"""<?xml version="1.0" encoding="utf-8"?>
+<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
+ http://www.example.com/test
+</Issuer>
+""",
+ SubjectLocality: """<?xml version="1.0" encoding="utf-8"?>
+<SubjectLocality xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ Address="127.0.0.1" DNSName="localhost"/>
+""",
+ SubjectConfirmationData:
+"""<?xml version="1.0" encoding="utf-8"?>
+<SubjectConfirmationData xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+InResponseTo="_1683146e27983964fbe7bf8f08961108d166a652e5"
+NotOnOrAfter="2010-02-18T13:52:13.959Z"
+NotBefore="2010-01-16T12:00:00Z"
+Recipient="http://192.168.0.10/saml/sp" />""",
+ SubjectConfirmation:
+ """<?xml version="1.0" encoding="utf-8"?>
+<SubjectConfirmation xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><NameID
+Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+NameQualifier="http://authentic.example.com/saml/metadata">test@example.com
+</NameID>
+<SubjectConfirmationData
+NotOnOrAfter="2010-02-17T17:02:38Z"
+Recipient="http://auth.example.com/saml/proxySingleSignOnRedirect"
+InResponseTo="_59B3A01B03334032C31E434C63F89E3E"/></SubjectConfirmation>"""
+}
+
+#def pytest_generate_tests(metafunc):
+# if "target_class" in metafunc.funcargnames:
+# for tcl,xml in ITEMS.items():
+# metafunc.addcall(funcargs={"target_class":tcl,"xml_string":xml})
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+def test_create_class_from_xml_string_nameid():
+ kl = create_class_from_xml_string(NameID, ITEMS[NameID][0])
+ assert kl != None
+ assert kl.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ assert kl.sp_provided_id == "sp provided id"
+ assert kl.text.strip() == "roland@example.com"
+ assert _eq(kl.keyswv(), ['sp_provided_id', 'format', 'text'])
+ assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
+ assert _eq(kl.keys(), ['sp_provided_id', 'sp_name_qualifier',
+ 'name_qualifier', 'format', 'text'])
+
+ kl = create_class_from_xml_string(NameID, ITEMS[NameID][1])
+ assert kl != None
+ assert kl.format == "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
+ assert kl.sp_name_qualifier == "https://foo.example.com/sp"
+ assert kl.text.strip() == "_1632879f09d08ea5ede2dc667cbed7e429ebc4335c"
+ assert _eq(kl.keyswv(), ['sp_name_qualifier', 'format', 'text'])
+ assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
+
+ kl = create_class_from_xml_string(NameID, ITEMS[NameID][2])
+ assert kl != None
+ assert kl.format == "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
+ assert kl.name_qualifier == "http://authentic.example.com/saml/metadata"
+ assert kl.sp_name_qualifier == "http://auth.example.com/saml/metadata"
+ assert kl.text.strip() == "test"
+ assert _eq(kl.keyswv(), ['sp_name_qualifier', 'format', 'name_qualifier',
+ 'text'])
+ assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
+
+def test_create_class_from_xml_string_issuer():
+ kl = create_class_from_xml_string(Issuer, ITEMS[Issuer])
+ assert kl != None
+ assert kl.text.strip() == "http://www.example.com/test"
+ assert _eq(kl.keyswv(), ['text'])
+ assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:Issuer"
+
+def test_create_class_from_xml_string_subject_locality():
+ kl = create_class_from_xml_string(SubjectLocality, ITEMS[SubjectLocality])
+ assert kl != None
+ assert _eq(kl.keyswv(), ['address', "dns_name"])
+ assert kl.address == "127.0.0.1"
+ assert kl.dns_name == "localhost"
+ assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality"
+
+def test_create_class_from_xml_string_subject_confirmation_data():
+ kl = create_class_from_xml_string(SubjectConfirmationData,
+ ITEMS[SubjectConfirmationData])
+ assert kl != None
+ assert _eq(kl.keyswv(), ['in_response_to', 'not_on_or_after',
+ 'not_before', 'recipient'])
+ assert kl.in_response_to == "_1683146e27983964fbe7bf8f08961108d166a652e5"
+ assert kl.not_on_or_after == "2010-02-18T13:52:13.959Z"
+ assert kl.not_before == "2010-01-16T12:00:00Z"
+ assert kl.recipient == "http://192.168.0.10/saml/sp"
+ assert class_name(kl) == \
+ "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData"
+
+def test_create_class_from_xml_string_subject_confirmation():
+ kl = create_class_from_xml_string(SubjectConfirmation,
+ ITEMS[SubjectConfirmation])
+ assert kl != None
+ assert _eq(kl.keyswv(), ['method', 'name_id',
+ 'subject_confirmation_data'])
+ assert kl.method == "urn:oasis:names:tc:SAML:2.0:cm:bearer"
+ name_id = kl.name_id
+ assert _eq(name_id.keyswv(), ['format', 'name_qualifier', 'text'])
+ assert name_id.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ assert name_id.name_qualifier == "http://authentic.example.com/saml/metadata"
+ assert name_id.text.strip() == "test@example.com"
+ subject_confirmation_data = kl.subject_confirmation_data
+ assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
+ 'recipient', 'in_response_to'])
+ assert subject_confirmation_data.recipient == \
+ "http://auth.example.com/saml/proxySingleSignOnRedirect"
+ assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z"
+ assert subject_confirmation_data.in_response_to == \
+ "_59B3A01B03334032C31E434C63F89E3E"
+ assert class_name(kl) == \
+ "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation"
+
+def test_create_class_from_xml_string_wrong_class_spec():
+ kl = create_class_from_xml_string(SubjectConfirmationData,
+ ITEMS[SubjectConfirmation])
+ assert kl == None
+
+def test_ee_1():
+ ee = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?><foo>bar</foo>""")
+ assert ee != None
+ print ee.__dict__
+ assert ee.attributes == {}
+ assert ee.tag == "foo"
+ assert ee.namespace == None
+ assert ee.children == []
+ assert ee.text == "bar"
+
+def test_ee_2():
+ ee = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?><foo id="xyz">bar</foo>""")
+ assert ee != None
+ print ee.__dict__
+ assert ee.attributes == {"id":"xyz"}
+ assert ee.tag == "foo"
+ assert ee.namespace == None
+ assert ee.children == []
+ assert ee.text == "bar"
+
+def test_ee_3():
+ ee = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?>
+ <foo xmlns="urn:mace:example.com:saml:ns"
+ id="xyz">bar</foo>""")
+ assert ee != None
+ print ee.__dict__
+ assert ee.attributes == {"id":"xyz"}
+ assert ee.tag == "foo"
+ assert ee.namespace == "urn:mace:example.com:saml:ns"
+ assert ee.children == []
+ assert ee.text == "bar"
+
+def test_ee_4():
+ ee = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?>
+ <foo xmlns="urn:mace:example.com:saml:ns">
+ <id>xyz</id><bar>tre</bar></foo>""")
+ assert ee != None
+ print ee.__dict__
+ assert ee.attributes == {}
+ assert ee.tag == "foo"
+ assert ee.namespace == "urn:mace:example.com:saml:ns"
+ assert len(ee.children) == 2
+ assert ee.text.strip() == ""
+ id = ee.find_children("id", "urn:mace:example.com:saml:namespace")
+ assert id == []
+ ids = ee.find_children("id", "urn:mace:example.com:saml:ns")
+ assert ids != []
+ id = ids[0]
+ print id.__dict__
+ assert id.attributes == {}
+ assert id.tag == "id"
+ assert id.namespace == "urn:mace:example.com:saml:ns"
+ assert id.children == []
+ assert id.text.strip() == "xyz"
+
+def test_ee_5():
+ ee = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?>
+ <foo xmlns="urn:mace:example.com:saml:ns">bar</foo>""")
+
+ ce = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?>
+ <educause xmlns="urn:mace:example.com:saml:cu">rev</educause>""")
+
+ ee.children.append(ce)
+
+ assert ee != None
+ print ee.__dict__
+ assert ee.attributes == {}
+ assert ee.tag == "foo"
+ assert ee.namespace == "urn:mace:example.com:saml:ns"
+ assert len(ee.children) == 1
+ assert ee.text.strip() == "bar"
+
+ c = ee.children[0]
+ print c.__dict__
+
+ child = ee.find_children(namespace="urn:mace:example.com:saml:cu")
+ assert len(child) == 1
+ child = ee.find_children(namespace="urn:mace:example.com:saml:ns")
+ assert len(child) == 0
+ child = ee.find_children("educause","urn:mace:example.com:saml:cu")
+ assert len(child) == 1
+ child = ee.find_children("edugain","urn:mace:example.com:saml:cu")
+ assert len(child) == 0
+ print ee.to_string()
+
+def test_ee_6():
+ ee = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?>
+ <foo xmlns="urn:mace:example.com:saml:ns">bar</foo>""")
+
+ ce = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?>
+ <educause xmlns="urn:mace:example.com:saml:cu">rev</educause>""")
+
+ et = ee.transfer_to_element_tree()
+ ce.become_child_element_of(et)
+
+ pee = saml2._extension_element_from_element_tree(et)
+
+ assert pee != None
+ print pee.__dict__
+ assert pee.attributes == {}
+ assert pee.tag == "foo"
+ assert pee.namespace == "urn:mace:example.com:saml:ns"
+ assert len(pee.children) == 1
+ assert pee.text.strip() == "bar"
+
+ c = pee.children[0]
+ print c.__dict__
+
+ child = pee.find_children(namespace="urn:mace:example.com:saml:cu")
+ assert len(child) == 1
+ child = pee.find_children(namespace="urn:mace:example.com:saml:ns")
+ assert len(child) == 0
+ child = pee.find_children("educause","urn:mace:example.com:saml:cu")
+ assert len(child) == 1
+ child = pee.find_children("edugain","urn:mace:example.com:saml:cu")
+ assert len(child) == 0
+ print pee.to_string()
+
+
+NAMEID_WITH_ATTRIBUTE_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
+<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:local="urn:mace:example.com:saml:assertion"
+ Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ SPProvidedID="sp provided id"
+ local:Foo="BAR">
+ roland@example.com
+</NameID>
+"""
+
+def test_nameid_with_extension():
+ kl = create_class_from_xml_string(NameID, NAMEID_WITH_ATTRIBUTE_EXTENSION)
+ assert kl != None
+ print kl.__dict__
+ assert kl.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ assert kl.sp_provided_id == "sp provided id"
+ assert kl.text.strip() == "roland@example.com"
+ assert _eq(kl.keyswv(), ['sp_provided_id', 'format',
+ 'extension_attributes', 'text'])
+ assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
+ assert _eq(kl.keys(), ['sp_provided_id', 'sp_name_qualifier',
+ 'name_qualifier', 'format', 'text'])
+ assert kl.extension_attributes == {
+ '{urn:mace:example.com:saml:assertion}Foo': 'BAR'}
+
+SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
+<SubjectConfirmation xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
+Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+<NameID
+Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+NameQualifier="http://authentic.example.com/saml/metadata">test@example.com
+</NameID>
+<SubjectConfirmationData
+NotOnOrAfter="2010-02-17T17:02:38Z"
+Recipient="http://auth.example.com/saml/proxySingleSignOnRedirect"
+InResponseTo="_59B3A01B03334032C31E434C63F89E3E"/>
+<local:Trustlevel xmlns:local="urn:mace:example.com:saml:assertion">
+Excellent
+</local:Trustlevel>
+</SubjectConfirmation>"""
+
+def test_subject_confirmation_with_extension():
+ kl = create_class_from_xml_string(SubjectConfirmation,
+ SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
+ assert kl != None
+ print kl.__dict__
+ assert kl.extension_attributes == {}
+ assert kl.method == "urn:oasis:names:tc:SAML:2.0:cm:bearer"
+ name_id = kl.name_id
+ assert _eq(name_id.keyswv(), ['format', 'name_qualifier', 'text'])
+ assert name_id.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
+ assert name_id.name_qualifier == "http://authentic.example.com/saml/metadata"
+ assert name_id.text.strip() == "test@example.com"
+ subject_confirmation_data = kl.subject_confirmation_data
+ assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
+ 'recipient', 'in_response_to'])
+ assert subject_confirmation_data.recipient == \
+ "http://auth.example.com/saml/proxySingleSignOnRedirect"
+ assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z"
+ assert subject_confirmation_data.in_response_to == \
+ "_59B3A01B03334032C31E434C63F89E3E"
+ assert len(kl.extension_elements) == 1
+ ee = kl.extension_elements[0]
+ assert ee.tag == "Trustlevel"
+ assert ee.namespace == "urn:mace:example.com:saml:assertion"
+ assert ee.text.strip() == "Excellent"
+
+def test_to_fro_string_1():
+ kl = create_class_from_xml_string(SubjectConfirmation,
+ SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
+ str = kl.to_string()
+ cpy = create_class_from_xml_string(SubjectConfirmation, str)
+
+ print kl.__dict__
+ print cpy.__dict__
+
+ assert kl.text.strip() == cpy.text.strip()
+ assert _eq(kl.keyswv(), cpy.keyswv())
+ assert len(kl.extension_elements) == len(cpy.extension_elements)
+ klee = kl.extension_elements[0]
+ cpyee = cpy.extension_elements[0]
+ assert klee.text.strip() == cpyee.text.strip()
+ assert klee.tag == cpyee.tag
+ assert klee.namespace == cpyee.namespace
+
+
+def test_make_vals_str():
+ kl = make_vals("Jeter",md.GivenName, part=True)
+ assert isinstance(kl, md.GivenName)
+ assert kl.text == "Jeter"
+
+def test_make_vals_list_of_strs():
+ cp = md.ContactPerson()
+ make_vals(["Derek","Sanderson"], md.GivenName, cp, "given_name")
+ assert len(cp.given_name) == 2
+ assert _eq([i.text for i in cp.given_name],["Sanderson","Derek"])
+
+def test_attribute_element_to_extension_element():
+ attr = create_class_from_xml_string(Attribute, saml2_data.TEST_ATTRIBUTE)
+ ee = saml2.element_to_extension_element(attr)
+ print ee.__dict__
+ assert ee.tag == "Attribute"
+ assert ee.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion'
+ assert _eq(ee.attributes.keys(),['FriendlyName', 'Name', 'NameFormat'])
+ assert ee.attributes["FriendlyName"] == 'test attribute'
+ assert ee.attributes["Name"] == "testAttribute"
+ assert ee.attributes["NameFormat"] == \
+ 'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'
+ assert len(ee.children) == 2
+ for child in ee.children:
+ # children are also extension element instances
+ assert child.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion'
+ assert child.tag == "AttributeValue"
+
+def test_ee_7():
+ ee = saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?>
+ <ExternalEntityAttributeAuthority
+ xmlns="urn:oasis:names:tc:SAML:metadata:dynamicsaml">
+ <AssertingEntity>
+ <NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">
+ http://federationX.org
+ </NameID>
+ </AssertingEntity>
+ <RetrievalEndpoint>
+ https://federationX.org/?ID=a87s76a5765da76576a57as
+ </RetrievalEndpoint>
+ </ExternalEntityAttributeAuthority>
+""")
+
+ print ee.__dict__
+ assert len(ee.children) == 2
+ for child in ee.children:
+ assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
+ assert _eq(["AssertingEntity","RetrievalEndpoint"],
+ [c.tag for c in ee.children])
+ aes = [c for c in ee.children if c.tag == "AssertingEntity"]
+ assert len(aes) == 1
+ assert len(aes[0].children) == 1
+ assert _eq(aes[0].attributes.keys(),[])
+ nid = aes[0].children[0]
+ assert nid.tag == "NameID"
+ assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
+ assert len(nid.children) == 0
+ assert _eq(nid.attributes.keys(),["Format"])
+ assert nid.text.strip() == "http://federationX.org"
+
+
+def test_extension_element_loadd():
+ ava = {'attributes': {},
+ 'tag': 'ExternalEntityAttributeAuthority',
+ 'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml',
+ 'children': [{
+ "tag": "AssertingEntity",
+ "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
+ "children": [{
+ "tag":"NameID",
+ "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
+ "text": "http://federationX.org",
+ "attributes":{
+ "Format":"urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
+ },
+ }]
+ }, {
+ "tag":"RetrievalEndpoint",
+ "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
+ "text":"https://federationX.org/?ID=a87s76a5765da76576a57as",
+ }],
+ }
+
+ ee = saml2.ExtensionElement(ava["tag"]).loadd(ava)
+ print ee.__dict__
+ assert len(ee.children) == 2
+ for child in ee.children:
+ assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
+ assert _eq(["AssertingEntity","RetrievalEndpoint"],
+ [c.tag for c in ee.children])
+ aes = [c for c in ee.children if c.tag == "AssertingEntity"]
+ assert len(aes) == 1
+ assert len(aes[0].children) == 1
+ assert _eq(aes[0].attributes.keys(),[])
+ nid = aes[0].children[0]
+ assert nid.tag == "NameID"
+ assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
+ assert len(nid.children) == 0
+ assert _eq(nid.attributes.keys(),["Format"])
+ assert nid.text.strip() == "http://federationX.org"
+
+def test_extensions_loadd():
+ ava = {"extension_elements":[{'attributes': {},
+ 'tag': 'ExternalEntityAttributeAuthority',
+ 'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml',
+ 'children': [{
+ "tag": "AssertingEntity",
+ "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
+ "children": [{
+ "tag":"NameID",
+ "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
+ "text": "http://federationX.org",
+ "attributes":{
+ "Format":"urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
+ },
+ }]
+ }, {
+ "tag":"RetrievalEndpoint",
+ "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
+ "text":"https://federationX.org/?ID=a87s76a5765da76576a57as",
+ }],
+ }],
+ "extension_attributes": {
+ "foo":"bar",
+ }
+ }
+
+ extension = saml2.SamlBase()
+ extension.loadd(ava)
+
+ print extension.__dict__
+ assert len(extension.extension_elements) == 1
+ ee = extension.extension_elements[0]
+ assert len(ee.children) == 2
+ for child in ee.children:
+ assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
+ assert _eq(["AssertingEntity","RetrievalEndpoint"],
+ [c.tag for c in ee.children])
+ aes = [c for c in ee.children if c.tag == "AssertingEntity"]
+ assert len(aes) == 1
+ assert len(aes[0].children) == 1
+ assert _eq(aes[0].attributes.keys(),[])
+ nid = aes[0].children[0]
+ assert nid.tag == "NameID"
+ assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
+ assert len(nid.children) == 0
+ assert _eq(nid.attributes.keys(),["Format"])
+ assert nid.text.strip() == "http://federationX.org"
+
+ assert extension.extension_attributes.keys() == ["foo"]
+ assert extension.extension_attributes["foo"] == "bar"
diff --git a/tests/test_04_samlp.py b/tests/test_04_samlp.py
new file mode 100644
index 00000000..2cfd59b7
--- /dev/null
+++ b/tests/test_04_samlp.py
@@ -0,0 +1,538 @@
+#!/usr/bin/env pythony
+# -*- coding: utf-8 -*-
+#
+# Copyright (C) 2009 Umeå University.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Tests for saml2.samlp"""
+
+__author__ = 'roland.hedberg@adm.umu.se (Roland Hedberg)'
+
+import unittest
+try:
+ from xml.etree import ElementTree
+except ImportError:
+ from elementtree import ElementTree
+import saml2
+
+import saml2_data, ds_data, samlp_data
+
+from saml2 import saml
+from saml2 import samlp
+import xmldsig as ds
+
+
+# class TestRequestAbstractType:
+#
+# def setup_class(self):
+# self.ar = samlp.RequestAbstractType_()
+#
+# def testAccessors(self):
+# """Test for RequestAbstractType accessors"""
+# self.ar.id = "request id"
+# self.ar.version = saml2.VERSION
+# self.ar.issue_instant = "2007-09-14T01:05:02Z"
+# self.ar.destination = "http://www.example.com/Destination"
+# self.ar.consent = saml.CONSENT_UNSPECIFIED
+# self.ar.issuer = saml.Issuer()
+# self.ar.signature = ds.Signature()
+# self.ar.extensions = samlp.Extensions()
+#
+# new_ar = samlp.request_abstract_type__from_string(self.ar.to_string())
+# assert new_ar.id == "request id"
+# assert new_ar.version == saml2.VERSION
+# assert new_ar.issue_instant == "2007-09-14T01:05:02Z"
+# assert new_ar.destination == "http://www.example.com/Destination"
+# assert new_ar.consent == saml.CONSENT_UNSPECIFIED
+# assert isinstance(new_ar.issuer, saml.Issuer)
+# assert isinstance(new_ar.signature, ds.Signature)
+# assert isinstance(new_ar.extensions, samlp.Extensions)
+#
+# def testUsingTestData(self):
+# """Test for request_abstract_type_from_string() using test data"""
+# # TODO:
+# pass
+
+class TestStatusDetail:
+
+ def setup_class(self):
+ self.status_detail = samlp.StatusDetail()
+
+ def testAccessors(self):
+ """Test for StatusDetail accessors"""
+ # TODO:
+ pass
+
+
+class TestStatusMessage:
+
+ def setup_class(self):
+ self.status_message = samlp.StatusMessage()
+
+ def testAccessors(self):
+ """Test for StatusMessage accessors"""
+ # TODO:
+ pass
+
+
+class TestStatusCode:
+
+ def setup_class(self):
+ self.status_code = samlp.StatusCode()
+
+ def testAccessors(self):
+ """Test for StatusCode accessors"""
+ self.status_code.value = samlp.STATUS_RESPONDER
+ self.status_code.status_code = samlp.StatusCode(
+ value=samlp.STATUS_REQUEST_DENIED)
+ print self.status_code.__dict__
+ new_status_code = samlp.status_code_from_string(self.status_code.to_string())
+ assert new_status_code.value == samlp.STATUS_RESPONDER
+ assert new_status_code.status_code.value == \
+ samlp.STATUS_REQUEST_DENIED
+
+ def testUsingTestData(self):
+ """Test for status_code_from_string() using test data"""
+ new_status_code = samlp.status_code_from_string(
+ samlp_data.TEST_STATUS_CODE)
+ assert new_status_code.value == samlp.STATUS_RESPONDER
+ assert new_status_code.status_code.value == \
+ samlp.STATUS_REQUEST_DENIED
+
+
+class TestStatus:
+
+ def setup_class(self):
+ self.status = samlp.Status()
+
+ def testAccessors(self):
+ """Test for Status accessors"""
+ self.status.status_code = samlp.StatusCode()
+ self.status.status_message = samlp.StatusMessage()
+ self.status.status_detail = samlp.StatusDetail()
+ new_status = samlp.status_from_string(self.status.to_string())
+ assert isinstance(new_status.status_code, samlp.StatusCode)
+ assert isinstance(new_status.status_message, samlp.StatusMessage)
+ assert isinstance(new_status.status_detail, samlp.StatusDetail)
+
+ def testUsingTestData(self):
+ """Test for status_from_string using test data"""
+ new_status = samlp.status_from_string(samlp_data.TEST_STATUS)
+ assert isinstance(new_status.status_code, samlp.StatusCode)
+ assert isinstance(new_status.status_code.status_code,
+ samlp.StatusCode)
+ assert isinstance(new_status.status_message, samlp.StatusMessage)
+ assert isinstance(new_status.status_detail, samlp.StatusDetail)
+
+# class TestStatusResponseType:
+#
+# def setup_class(self):
+# self.sr = samlp.StatusResponseType()
+#
+# def testAccessors(self):
+# """Test for StatusResponseType accessors"""
+# self.sr.id = "response id"
+# self.sr.in_response_to = "request id"
+# self.sr.version = saml2.VERSION
+# self.sr.issue_instant = "2007-09-14T01:05:02Z"
+# self.sr.destination = "http://www.example.com/Destination"
+# self.sr.consent = saml.CONSENT_UNSPECIFIED
+# self.sr.issuer = saml.Issuer()
+# self.sr.signature = ds.Signature()
+# self.sr.extensions = samlp.Extensions()
+# self.sr.status = samlp.Status()
+#
+# new_sr = samlp.status_response_type_from_string(self.sr.to_string())
+# assert new_sr.id == "response id"
+# assert new_sr.in_response_to == "request id"
+# assert new_sr.version == saml2.VERSION
+# assert new_sr.issue_instant == "2007-09-14T01:05:02Z"
+# assert new_sr.destination == "http://www.example.com/Destination"
+# assert new_sr.consent == saml.CONSENT_UNSPECIFIED
+# assert isinstance(new_sr.issuer, saml.Issuer)
+# assert isinstance(new_sr.signature, ds.Signature)
+# assert isinstance(new_sr.extensions, samlp.Extensions)
+# assert isinstance(new_sr.status, samlp.Status)
+#
+# def testUsingTestData(self):
+# """Test for status_response_from_string() using test data"""
+# # TODO:
+# pass
+
+
+class TestResponse:
+
+ def setup_class(self):
+ self.response = samlp.Response()
+
+ def testAccessors(self):
+ """Test for Response accessors"""
+ self.response.id = "response id"
+ self.response.in_response_to = "request id"
+ self.response.version = saml2.VERSION
+ self.response.issue_instant = "2007-09-14T01:05:02Z"
+ self.response.destination = "http://www.example.com/Destination"
+ self.response.consent = saml.CONSENT_UNSPECIFIED
+ self.response.issuer = saml.Issuer()
+ self.response.signature = ds.Signature()
+ self.response.extensions = samlp.Extensions()
+ self.response.status = samlp.Status()
+ self.response.assertion.append(saml.Assertion())
+ self.response.encrypted_assertion.append(saml.EncryptedAssertion())
+
+ new_response = samlp.response_from_string(self.response.to_string())
+ assert new_response.id == "response id"
+ assert new_response.in_response_to == "request id"
+ assert new_response.version == saml2.VERSION
+ assert new_response.issue_instant == "2007-09-14T01:05:02Z"
+ assert new_response.destination == "http://www.example.com/Destination"
+ assert new_response.consent == saml.CONSENT_UNSPECIFIED
+ assert isinstance(new_response.issuer, saml.Issuer)
+ assert isinstance(new_response.signature, ds.Signature)
+ assert isinstance(new_response.extensions, samlp.Extensions)
+ assert isinstance(new_response.status, samlp.Status)
+
+ assert isinstance(new_response.assertion[0], saml.Assertion)
+ assert isinstance(new_response.encrypted_assertion[0],
+ saml.EncryptedAssertion)
+
+ def testUsingTestData(self):
+ """Test for response_from_string() using test data"""
+ # TODO:
+ pass
+
+class TestNameIDPolicy:
+
+ def setup_class(self):
+ self.name_id_policy = samlp.NameIDPolicy()
+
+ def testAccessors(self):
+ """Test for NameIDPolicy accessors"""
+ self.name_id_policy.format = saml.NAMEID_FORMAT_EMAILADDRESS
+ self.name_id_policy.sp_name_qualifier = saml.NAMEID_FORMAT_PERSISTENT
+ self.name_id_policy.allow_create = 'false'
+
+ new_name_id_policy = samlp.name_id_policy_from_string(
+ self.name_id_policy.to_string())
+
+ assert new_name_id_policy.format == saml.NAMEID_FORMAT_EMAILADDRESS
+ assert new_name_id_policy.sp_name_qualifier == \
+ saml.NAMEID_FORMAT_PERSISTENT
+ assert new_name_id_policy.allow_create == 'false'
+
+ def testUsingTestData(self):
+ """Test for name_id_policy_from_string() using test data"""
+ new_name_id_policy = samlp.name_id_policy_from_string(
+ samlp_data.TEST_NAME_ID_POLICY)
+
+ assert new_name_id_policy.format == saml.NAMEID_FORMAT_EMAILADDRESS
+ assert new_name_id_policy.sp_name_qualifier == \
+ saml.NAMEID_FORMAT_PERSISTENT
+ assert new_name_id_policy.allow_create == 'false'
+
+
+class TestIDPEntry:
+
+ def setup_class(self):
+ self.idp_entry = samlp.IDPEntry()
+
+ def testAccessors(self):
+ """Test for IDPEntry accessors"""
+ self.idp_entry.provider_id = "http://www.example.com/provider"
+ self.idp_entry.name = "the provider"
+ self.idp_entry.loc = "http://www.example.com/Loc"
+
+ new_idp_entry = samlp.idp_entry_from_string(self.idp_entry.to_string())
+ assert new_idp_entry.provider_id == "http://www.example.com/provider"
+ assert new_idp_entry.name == "the provider"
+ assert new_idp_entry.loc == "http://www.example.com/Loc"
+
+ def testUsingTestData(self):
+ """Test for idp_entry_from_string() using test data"""
+ new_idp_entry = samlp.idp_entry_from_string(samlp_data.TEST_IDP_ENTRY)
+ assert new_idp_entry.provider_id == "http://www.example.com/provider"
+ assert new_idp_entry.name == "the provider"
+ assert new_idp_entry.loc == "http://www.example.com/Loc"
+
+
+class TestIDPList:
+
+ def setup_class(self):
+ self.idp_list = samlp.IDPList()
+
+ def testAccessors(self):
+ """Test for IDPList accessors"""
+ self.idp_list.idp_entry.append(samlp.idp_entry_from_string(
+ samlp_data.TEST_IDP_ENTRY))
+ self.idp_list.get_complete = samlp.GetComplete(
+ text="http://www.example.com/GetComplete")
+ new_idp_list = samlp.idp_list_from_string(self.idp_list.to_string())
+ assert isinstance(new_idp_list.idp_entry[0], samlp.IDPEntry)
+ assert new_idp_list.get_complete.text.strip() == \
+ "http://www.example.com/GetComplete"
+
+ def testUsingTestData(self):
+ """Test for idp_list_from_string() using test data"""
+ new_idp_list = samlp.idp_list_from_string(samlp_data.TEST_IDP_LIST)
+ assert isinstance(new_idp_list.idp_entry[0], samlp.IDPEntry)
+ assert new_idp_list.get_complete.text.strip() == \
+ "http://www.example.com/GetComplete"
+
+
+class TestScoping:
+
+ def setup_class(self):
+ self.scoping = samlp.Scoping()
+
+ def testAccessors(self):
+ """Test for Scoping accessors"""
+
+ self.scoping.proxy_count = "1"
+ self.scoping.idp_list = samlp.IDPList()
+ self.scoping.requester_id.append(samlp.RequesterID())
+
+ new_scoping = samlp.scoping_from_string(self.scoping.to_string())
+
+ assert new_scoping.proxy_count == "1"
+ assert isinstance(new_scoping.idp_list, samlp.IDPList)
+ assert isinstance(new_scoping.requester_id[0], samlp.RequesterID)
+
+ def testUsingTestData(self):
+ """Test for scoping_from_string() using test data"""
+ new_scoping = samlp.scoping_from_string(samlp_data.TEST_SCOPING)
+
+ assert new_scoping.proxy_count == "1"
+ assert isinstance(new_scoping.idp_list, samlp.IDPList)
+ assert isinstance(new_scoping.requester_id[0], samlp.RequesterID)
+
+
+class TestRequestedAuthnContext:
+
+ def setup_class(self):
+ self.context = samlp.RequestedAuthnContext()
+
+ def testAccessors(self):
+ """Test for RequestedAuthnContext accessors"""
+
+ self.context.authn_context_class_ref.append(saml.AuthnContextClassRef())
+ self.context.authn_context_decl_ref.append(saml.AuthnContextDeclRef())
+ self.context.comparison = "exact"
+
+ new_context = samlp.requested_authn_context_from_string(
+ self.context.to_string())
+
+ assert isinstance(new_context.authn_context_class_ref[0],
+ saml.AuthnContextClassRef)
+ assert isinstance(new_context.authn_context_decl_ref[0],
+ saml.AuthnContextDeclRef)
+ assert new_context.comparison == "exact"
+
+ def testUsingTestData(self):
+ """Test for requested_authn_context_from_string() using test data"""
+ new_context = samlp.requested_authn_context_from_string(
+ samlp_data.TEST_REQUESTED_AUTHN_CONTEXT)
+
+ assert isinstance(new_context.authn_context_class_ref[0],
+ saml.AuthnContextClassRef)
+ assert isinstance(new_context.authn_context_decl_ref[0],
+ saml.AuthnContextDeclRef)
+ assert new_context.comparison == "exact"
+
+
+class TestAuthnRequest:
+
+ def setup_class(self):
+ self.ar = samlp.AuthnRequest()
+
+ def testAccessors(self):
+ """Test for AuthnRequest accessors"""
+ self.ar.id = "request id"
+ self.ar.version = saml2.VERSION
+ self.ar.issue_instant = "2007-09-14T01:05:02Z"
+ self.ar.destination = "http://www.example.com/Destination"
+ self.ar.consent = saml.CONSENT_UNSPECIFIED
+ self.ar.issuer = saml.Issuer()
+ self.ar.signature = ds.Signature()
+ self.ar.extensions = samlp.Extensions()
+
+ self.ar.subject = saml.Subject()
+ self.ar.name_id_policy = samlp.NameIDPolicy()
+ self.ar.conditions = saml.Conditions()
+ self.ar.requested_authn_context = samlp.RequestedAuthnContext()
+ self.ar.scoping = samlp.Scoping()
+ self.ar.force_authn = 'true'
+ self.ar.is_passive = 'true'
+ self.ar.assertion_consumer_service_index = "1"
+ self.ar.assertion_consumer_service_url = "http://www.example.com/acs"
+ self.ar.protocol_binding = saml2.BINDING_HTTP_POST
+ self.ar.attribute_consuming_service_index = "2"
+ self.ar.provider_name = "provider name"
+
+ new_ar = samlp.authn_request_from_string(self.ar.to_string())
+ assert new_ar.id == "request id"
+ assert new_ar.version == saml2.VERSION
+ assert new_ar.issue_instant == "2007-09-14T01:05:02Z"
+ assert new_ar.destination == "http://www.example.com/Destination"
+ assert new_ar.consent == saml.CONSENT_UNSPECIFIED
+ assert isinstance(new_ar.issuer, saml.Issuer)
+ assert isinstance(new_ar.signature, ds.Signature)
+ assert isinstance(new_ar.extensions, samlp.Extensions)
+
+ assert isinstance(new_ar.subject, saml.Subject)
+ assert isinstance(new_ar.name_id_policy, samlp.NameIDPolicy)
+ assert isinstance(new_ar.conditions, saml.Conditions)
+ assert isinstance(new_ar.requested_authn_context,
+ samlp.RequestedAuthnContext)
+ assert isinstance(new_ar.scoping, samlp.Scoping)
+ assert new_ar.force_authn == 'true'
+ assert new_ar.is_passive == 'true'
+ assert new_ar.assertion_consumer_service_index == '1'
+ assert new_ar.assertion_consumer_service_url == \
+ 'http://www.example.com/acs'
+ assert new_ar.protocol_binding == saml2.BINDING_HTTP_POST
+ assert new_ar.attribute_consuming_service_index == '2'
+ assert new_ar.provider_name == "provider name"
+
+ def testUsingTestData(self):
+ """Test for authn_request_from_string() using test data"""
+ new_ar = samlp.authn_request_from_string(samlp_data.TEST_AUTHN_REQUEST)
+ assert new_ar.id == "request id"
+ assert new_ar.version == saml2.VERSION
+ assert new_ar.issue_instant == "2007-09-14T01:05:02Z"
+ assert new_ar.destination == "http://www.example.com/Destination"
+ assert new_ar.consent == saml.CONSENT_UNSPECIFIED
+ assert isinstance(new_ar.issuer, saml.Issuer)
+ assert isinstance(new_ar.signature, ds.Signature)
+ assert isinstance(new_ar.extensions, samlp.Extensions)
+
+ assert isinstance(new_ar.subject, saml.Subject)
+ assert isinstance(new_ar.name_id_policy, samlp.NameIDPolicy)
+ assert isinstance(new_ar.conditions, saml.Conditions)
+ assert isinstance(new_ar.requested_authn_context,
+ samlp.RequestedAuthnContext)
+ assert isinstance(new_ar.scoping, samlp.Scoping)
+ assert new_ar.force_authn == 'true'
+ assert new_ar.is_passive == 'true'
+ assert new_ar.assertion_consumer_service_index == '1'
+ assert new_ar.assertion_consumer_service_url == \
+ 'http://www.example.com/acs'
+ assert new_ar.protocol_binding == saml2.BINDING_HTTP_POST
+ assert new_ar.attribute_consuming_service_index == '2'
+ assert new_ar.provider_name == "provider name"
+
+
+class TestLogoutRequest:
+
+ def setup_class(self):
+ self.lr = samlp.LogoutRequest()
+
+ def testAccessors(self):
+ """Test for LogoutRequest accessors"""
+ self.lr.id = "request id"
+ self.lr.version = saml2.VERSION
+ self.lr.issue_instant = "2007-09-14T01:05:02Z"
+ self.lr.destination = "http://www.example.com/Destination"
+ self.lr.consent = saml.CONSENT_UNSPECIFIED
+ self.lr.issuer = saml.Issuer()
+ self.lr.signature = ds.Signature()
+ self.lr.extensions = samlp.Extensions()
+
+ self.lr.not_on_or_after = "2007-10-14T01:05:02Z"
+ self.lr.reason = "http://www.example.com/Reason"
+ self.lr.base_id = saml.BaseID()
+ self.lr.name_id = saml.NameID()
+ self.lr.encrypted_id = saml.EncryptedID()
+ self.lr.session_index = samlp.SessionIndex()
+
+ new_lr = samlp.logout_request_from_string(self.lr.to_string())
+ assert new_lr.id == "request id"
+ assert new_lr.version == saml2.VERSION
+ assert new_lr.issue_instant == "2007-09-14T01:05:02Z"
+ assert new_lr.destination == "http://www.example.com/Destination"
+ assert new_lr.consent == saml.CONSENT_UNSPECIFIED
+ assert isinstance(new_lr.issuer, saml.Issuer)
+ assert isinstance(new_lr.signature, ds.Signature)
+ assert isinstance(new_lr.extensions, samlp.Extensions)
+ assert new_lr.not_on_or_after == "2007-10-14T01:05:02Z"
+ assert new_lr.reason == "http://www.example.com/Reason"
+ assert isinstance(new_lr.base_id, saml.BaseID)
+ assert isinstance(new_lr.name_id, saml.NameID)
+ assert isinstance(new_lr.encrypted_id, saml.EncryptedID)
+ assert isinstance(new_lr.session_index[0], samlp.SessionIndex)
+
+ def testUsingTestData(self):
+ """Test for logout_request_from_string() using test data"""
+ new_lr = samlp.logout_request_from_string(samlp_data.TEST_LOGOUT_REQUEST)
+ assert new_lr.id == "request id"
+ assert new_lr.version == saml2.VERSION
+ assert new_lr.issue_instant == "2007-09-14T01:05:02Z"
+ assert new_lr.destination == "http://www.example.com/Destination"
+ assert new_lr.consent == saml.CONSENT_UNSPECIFIED
+ assert isinstance(new_lr.issuer, saml.Issuer)
+ assert isinstance(new_lr.signature, ds.Signature)
+ assert isinstance(new_lr.extensions, samlp.Extensions)
+ assert new_lr.not_on_or_after == "2007-10-14T01:05:02Z"
+ assert new_lr.reason == "http://www.example.com/Reason"
+ assert isinstance(new_lr.base_id, saml.BaseID)
+ assert isinstance(new_lr.name_id, saml.NameID)
+ assert isinstance(new_lr.encrypted_id, saml.EncryptedID)
+ assert isinstance(new_lr.session_index[0], samlp.SessionIndex)
+ assert new_lr.session_index[0].text.strip() == "session index"
+
+
+class TestLogoutResponse:
+
+ def setup_class(self):
+ self.lr = samlp.LogoutResponse()
+
+ def testAccessors(self):
+ """Test for LogoutResponse accessors"""
+ self.lr.id = "response id"
+ self.lr.in_response_to = "request id"
+ self.lr.version = saml2.VERSION
+ self.lr.issue_instant = "2007-09-14T01:05:02Z"
+ self.lr.destination = "http://www.example.com/Destination"
+ self.lr.consent = saml.CONSENT_UNSPECIFIED
+ self.lr.issuer = saml.Issuer()
+ self.lr.signature = ds.Signature()
+ self.lr.extensions = samlp.Extensions()
+ self.lr.status = samlp.Status()
+
+ new_lr = samlp.logout_response_from_string(self.lr.to_string())
+ assert new_lr.id == "response id"
+ assert new_lr.in_response_to == "request id"
+ assert new_lr.version == saml2.VERSION
+ assert new_lr.issue_instant == "2007-09-14T01:05:02Z"
+ assert new_lr.destination == "http://www.example.com/Destination"
+ assert new_lr.consent == saml.CONSENT_UNSPECIFIED
+ assert isinstance(new_lr.issuer, saml.Issuer)
+ assert isinstance(new_lr.signature, ds.Signature)
+ assert isinstance(new_lr.extensions, samlp.Extensions)
+ assert isinstance(new_lr.status, samlp.Status)
+
+ def testUsingTestData(self):
+ """Test for logout_response_from_string() using test data"""
+ new_lr = samlp.logout_response_from_string(
+ samlp_data.TEST_LOGOUT_RESPONSE)
+ assert new_lr.id == "response id"
+ assert new_lr.in_response_to == "request id"
+ assert new_lr.version == saml2.VERSION
+ assert new_lr.issue_instant == "2007-09-14T01:05:02Z"
+ assert new_lr.destination == "http://www.example.com/Destination"
+ assert new_lr.consent == saml.CONSENT_UNSPECIFIED
+ assert isinstance(new_lr.issuer, saml.Issuer)
+ assert isinstance(new_lr.signature, ds.Signature)
+ assert isinstance(new_lr.extensions, samlp.Extensions)
+ assert isinstance(new_lr.status, samlp.Status)
+
diff --git a/tests/test_05_md.py b/tests/test_05_md.py
new file mode 100644
index 00000000..f0a8ef03
--- /dev/null
+++ b/tests/test_05_md.py
@@ -0,0 +1,1161 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+#
+# Copyright (C) 2009 Umeå University.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+"""Tests for saml2.md"""
+
+__author__ = 'roland.hedberg@umu.se (Roland Hedberg)'
+
+import unittest
+try:
+ from xml.etree import ElementTree
+except ImportError:
+ from elementtree import ElementTree
+
+import saml2
+import xmldsig as ds
+
+from saml2 import saml
+from saml2 import samlp
+from saml2 import md
+from saml2.extension import idpdisc
+from saml2.extension import shibmd
+
+from saml2 import extension_element_to_element
+import md_data, ds_data
+
+class TestEndpointType:
+
+ def setup_class(self):
+ self.endpoint = md.EndpointType_()
+
+ def testAccessors(self):
+ """Test for EndpointType accessors"""
+ self.endpoint.binding = saml2.BINDING_HTTP_POST
+ self.endpoint.location = "http://www.example.com/endpoint"
+ self.endpoint.response_location = "http://www.example.com/response"
+ print self.endpoint.__class__.c_attributes.items()
+ new_endpoint = md.endpoint_type__from_string(self.endpoint.to_string())
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+ def testUsingTestData(self):
+ """Test for endpoint_type_from_string() using test data."""
+ new_endpoint = md.endpoint_type__from_string(md_data.TEST_ENDPOINT)
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+
+class TestIndexedEndpointType:
+
+ def setup_class(self):
+ self.i_e = md.IndexedEndpointType_()
+
+ def testAccessors(self):
+ """Test for IndexedEndpointType accessors"""
+ self.i_e.binding = saml2.BINDING_HTTP_POST
+ self.i_e.location = "http://www.example.com/endpoint"
+ self.i_e.response_location = "http://www.example.com/response"
+ self.i_e.index = "1"
+ self.i_e.is_default = "false"
+ new_i_e = md.indexed_endpoint_type__from_string(self.i_e.to_string())
+ assert new_i_e.binding == saml2.BINDING_HTTP_POST
+ assert new_i_e.location == "http://www.example.com/endpoint"
+ assert new_i_e.response_location == "http://www.example.com/response"
+ assert new_i_e.index == "1"
+ assert new_i_e.is_default == "false"
+
+ def testUsingTestData(self):
+ """Test for indexed_endpoint_type_from_string() using test data."""
+ new_i_e = md.indexed_endpoint_type__from_string(md_data.TEST_INDEXED_ENDPOINT)
+ assert new_i_e.binding == saml2.BINDING_HTTP_POST
+ assert new_i_e.location == "http://www.example.com/endpoint"
+ assert new_i_e.response_location == "http://www.example.com/response"
+ assert new_i_e.index == "1"
+ assert new_i_e.is_default == "false"
+
+
+class TestExtensions:
+
+ def setup_class(self):
+ self.extensions = md.Extensions()
+
+ def testAccessors(self):
+ """Test for Extensions accessors"""
+ self.extensions.extension_elements.append(
+ saml2.extension_element_from_string(
+ """<?xml version='1.0' encoding='UTF-8'?>
+ <hoge>fuga</hoge>
+ """))
+ new_extensions = md.extensions_from_string(self.extensions.to_string())
+ assert new_extensions.extension_elements[0].tag == "hoge"
+ assert new_extensions.extension_elements[0].text.strip() == "fuga"
+
+
+class TestOrganizationName:
+
+ def setup_class(self):
+ self.organization_name = md.OrganizationName()
+
+ def testAccessors(self):
+ """Test for OrganizationName accessors"""
+ self.organization_name.lang = "en"
+ self.organization_name.text = "SIOS Technology, Inc."
+ new_organization_name = md.organization_name_from_string(
+ self.organization_name.to_string())
+ assert new_organization_name.lang == "en"
+ assert new_organization_name.text.strip() == "SIOS Technology, Inc."
+
+ def testUsingTestData(self):
+ """Test for organization_name_from_string() using test data."""
+ new_organization_name = md.organization_name_from_string(
+ md_data.TEST_ORGANIZATION_NAME)
+ print new_organization_name.keyswv()
+ assert new_organization_name.lang == "se"
+ assert new_organization_name.text.strip() == "Catalogix"
+
+
+class TestOrganizationDisplayName:
+
+ def setup_class(self):
+ self.od_name = md.OrganizationDisplayName()
+
+ def testAccessors(self):
+ """Test for OrganizationDisplayName accessors"""
+ self.od_name.lang = "en"
+ self.od_name.text = "SIOS"
+ new_od_name = md.organization_display_name_from_string(
+ self.od_name.to_string())
+ assert new_od_name.lang == "en"
+ assert new_od_name.text.strip() == "SIOS"
+
+ def testUsingTestData(self):
+ """Test for organization_display_name_from_string() using test data."""
+ new_od_name = md.organization_display_name_from_string(
+ md_data.TEST_ORGANIZATION_DISPLAY_NAME)
+ assert new_od_name.lang == "se"
+ assert new_od_name.text.strip() == "Catalogix"
+
+
+class TestOrganizationURL:
+
+ def setup_class(self):
+ self.organization_url = md.OrganizationURL()
+
+ def testAccessors(self):
+ """Test for OrganizationURL accessors"""
+ self.organization_url.lang = "ja"
+ self.organization_url.text = "http://www.example.com/"
+ print self.organization_url.to_string()
+ new_organization_url = md.organization_url_from_string(
+ self.organization_url.to_string())
+ assert new_organization_url.lang == "ja"
+ assert new_organization_url.text.strip() == "http://www.example.com/"
+
+ def testUsingTestData(self):
+ """Test for organization_url_from_string() using test data."""
+ new_organization_url = md.organization_url_from_string(
+ md_data.TEST_ORGANIZATION_URL)
+ assert new_organization_url.lang == "no"
+ assert new_organization_url.text.strip() == "http://www.example.com/"
+
+
+class TestOrganization:
+
+ def setup_class(self):
+ self.organization = md.Organization()
+
+ def testAccessors(self):
+ """Test for Organization accessors"""
+ self.organization.extensions = md.Extensions()
+ self.organization.organization_name.append(
+ md.organization_name_from_string(md_data.TEST_ORGANIZATION_NAME))
+ self.organization.organization_display_name.append(
+ md.organization_display_name_from_string(
+ md_data.TEST_ORGANIZATION_DISPLAY_NAME))
+ self.organization.organization_url.append(
+ md.organization_url_from_string(md_data.TEST_ORGANIZATION_URL))
+ new_organization = md.organization_from_string(self.organization.to_string())
+ assert isinstance(new_organization.extensions, md.Extensions)
+ assert isinstance(new_organization.organization_name[0],
+ md.OrganizationName)
+ assert isinstance(new_organization.organization_display_name[0],
+ md.OrganizationDisplayName)
+ assert isinstance(new_organization.organization_url[0],
+ md.OrganizationURL)
+ assert new_organization.organization_name[0].text.strip() == "Catalogix"
+ assert new_organization.organization_name[0].lang == "se"
+ assert new_organization.organization_display_name[0].text.strip() == "Catalogix"
+ assert new_organization.organization_display_name[0].lang == "se"
+ assert new_organization.organization_url[0].text.strip() == "http://www.example.com/"
+ assert new_organization.organization_url[0].lang == "no"
+
+
+ def testUsingTestData(self):
+ """Test for organization_from_string() using test data."""
+ new_organization = md.organization_from_string(
+ md_data.TEST_ORGANIZATION)
+ assert isinstance(new_organization.extensions, md.Extensions)
+ assert isinstance(new_organization.organization_name[0],
+ md.OrganizationName)
+ assert isinstance(new_organization.organization_display_name[0],
+ md.OrganizationDisplayName)
+ assert isinstance(new_organization.organization_url[0],
+ md.OrganizationURL)
+ assert new_organization.organization_name[0].text.strip() == "Catalogix AB"
+ assert new_organization.organization_name[0].lang == "se"
+ assert new_organization.organization_display_name[0].text.strip() == "Catalogix AS"
+ assert new_organization.organization_display_name[0].lang == "no"
+ assert new_organization.organization_url[0].text.strip() == "http://www.example.com/"
+ assert new_organization.organization_url[0].lang == "en"
+
+
+class TestContactPerson:
+
+ def setup_class(self):
+ self.contact_person = md.ContactPerson()
+
+ def testAccessors(self):
+ """Test for ContactPerson accessors"""
+ self.contact_person.contact_type = "technical"
+ self.contact_person.extensions = md.Extensions()
+ self.contact_person.company = md.Company(text="SIOS Technology, Inc.")
+ self.contact_person.given_name = md.GivenName(text="Takashi")
+ self.contact_person.sur_name = md.SurName(text="Matsuo")
+ self.contact_person.email_address.append(
+ md.EmailAddress(text="tmatsuo@example.com"))
+ self.contact_person.email_address.append(
+ md.EmailAddress(text="tmatsuo@shehas.net"))
+ self.contact_person.telephone_number.append(
+ md.TelephoneNumber(text="00-0000-0000"))
+ new_contact_person = md.contact_person_from_string(
+ self.contact_person.to_string())
+ assert new_contact_person.contact_type == "technical"
+ assert isinstance(new_contact_person.extensions, md.Extensions)
+ assert new_contact_person.company.text.strip() == "SIOS Technology, Inc."
+ assert new_contact_person.given_name.text.strip() == "Takashi"
+ assert new_contact_person.sur_name.text.strip() == "Matsuo"
+ assert new_contact_person.email_address[0].text.strip() == "tmatsuo@example.com"
+ assert new_contact_person.email_address[1].text.strip() == "tmatsuo@shehas.net"
+ assert new_contact_person.telephone_number[0].text.strip() == "00-0000-0000"
+
+ def testUsingTestData(self):
+ """Test for contact_person_from_string() using test data."""
+ new_contact_person = md.contact_person_from_string(
+ md_data.TEST_CONTACT_PERSON)
+ assert new_contact_person.contact_type == "technical"
+ assert isinstance(new_contact_person.extensions, md.Extensions)
+ assert new_contact_person.company.text.strip() == "SIOS Technology, Inc."
+ assert new_contact_person.given_name.text.strip() == "Takashi"
+ assert new_contact_person.sur_name.text.strip() == "Matsuo"
+ assert new_contact_person.email_address[0].text.strip() == "tmatsuo@example.com"
+ assert new_contact_person.email_address[1].text.strip() == "tmatsuo@shehas.net"
+ assert new_contact_person.telephone_number[0].text.strip() == "00-0000-0000"
+
+class TestAdditionalMetadataLocation:
+
+ def setup_class(self):
+ self.additional_metadata_location = md.AdditionalMetadataLocation()
+
+ def testAccessors(self):
+ """Test for AdditionalMetadataLocation accessors"""
+ self.additional_metadata_location.namespace = (
+ "http://www.example.com/namespace")
+ self.additional_metadata_location.text = (
+ "http://www.example.com/AdditionalMetadataLocation")
+ new_additional_metadata_location = md.additional_metadata_location_from_string(
+ self.additional_metadata_location.to_string())
+ assert new_additional_metadata_location.namespace == "http://www.example.com/namespace"
+ assert new_additional_metadata_location.text.strip() == "http://www.example.com/AdditionalMetadataLocation"
+
+ def testUsingTestData(self):
+ """Test for additional_metadata_location_from_string() using test data."""
+ new_additional_metadata_location = md.additional_metadata_location_from_string(
+ md_data.TEST_ADDITIONAL_METADATA_LOCATION)
+ assert new_additional_metadata_location.namespace == "http://www.example.com/namespace"
+ assert new_additional_metadata_location.text.strip() == "http://www.example.com/AdditionalMetadataLocation"
+
+# class TestKeySize:
+#
+# def setup_class(self):
+# self.key_size = md.KeySize()
+#
+# def testAccessors(self):
+# """Test for KeySize accessors"""
+# self.key_size.text = "128"
+# new_key_size = md.key_size_from_string(self.key_size.to_string())
+# assert new_key_size.text.strip() == "128"
+#
+# def testUsingTestData(self):
+# """Test for key_size_from_string() using test data."""
+# new_key_size = md.key_size_from_string(md_data.TEST_KEY_SIZE)
+# assert new_key_size.text.strip() == "128"
+
+
+# class TestOAEPparams:
+#
+# def setup_class(self):
+# self.oaep_params = md.OAEPparams()
+#
+# def testAccessors(self):
+# """Test for OAEPparams accessors"""
+# self.oaep_params.text = "9lWu3Q=="
+# new_oaep_params = md.oae_pparams_from_string(self.oaep_params.to_string())
+# assert new_oaep_params.text.strip() == "9lWu3Q=="
+#
+# def testUsingTestData(self):
+# """Test for oae_pparams_from_string() using test data."""
+# new_oaep_params = md.oae_pparams_from_string(md_data.TEST_OAEP_PARAMS)
+# assert new_oaep_params.text.strip() == "9lWu3Q=="
+
+
+class TestEncryptionMethod:
+
+ def setup_class(self):
+ self.encryption_method = md.EncryptionMethod()
+
+ def testAccessors(self):
+ """Test for EncryptionMethod accessors"""
+ self.encryption_method.algorithm = (
+ "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p")
+ new_encryption_method = md.encryption_method_from_string(
+ self.encryption_method.to_string())
+ assert new_encryption_method.algorithm == "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+
+ def testUsingTestData(self):
+ """Test for encryption_method_from_string() using test data."""
+ new_encryption_method = md.encryption_method_from_string(
+ md_data.TEST_ENCRYPTION_METHOD)
+ assert new_encryption_method.algorithm == "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"
+ assert new_encryption_method.oae_pparams.text.strip() == "9lWu3Q=="
+
+
+class TestKeyDescriptor:
+
+ def setup_class(self):
+ self.key_descriptor = md.KeyDescriptor()
+
+ def testAccessors(self):
+ """Test for KeyDescriptor accessors"""
+
+ self.key_descriptor.use = "signing"
+ self.key_descriptor.key_info = ds.key_info_from_string(
+ ds_data.TEST_KEY_INFO)
+ self.key_descriptor.encryption_method.append(md.encryption_method_from_string(
+ md_data.TEST_ENCRYPTION_METHOD))
+ new_key_descriptor = md.key_descriptor_from_string(
+ self.key_descriptor.to_string())
+ assert new_key_descriptor.use == "signing"
+ assert isinstance(new_key_descriptor.key_info, ds.KeyInfo)
+ assert isinstance(new_key_descriptor.encryption_method[0],
+ md.EncryptionMethod)
+
+ def testUsingTestData(self):
+ """Test for key_descriptor_from_string() using test data."""
+ new_key_descriptor = md.key_descriptor_from_string(
+ md_data.TEST_KEY_DESCRIPTOR)
+ assert new_key_descriptor.use == "signing"
+ assert isinstance(new_key_descriptor.key_info, ds.KeyInfo)
+ assert isinstance(new_key_descriptor.encryption_method[0],
+ md.EncryptionMethod)
+
+
+class TestRoleDescriptor:
+ def setup_class(self):
+ self.role_descriptor = md.RoleDescriptor()
+
+ def testAccessors(self):
+ """Test for RoleDescriptor accessors"""
+ self.role_descriptor.id = "ID"
+ self.role_descriptor.valid_until = "2008-09-14T01:05:02Z"
+ self.role_descriptor.cache_duration = "10:00:00:00"
+ self.role_descriptor.protocol_support_enumeration = samlp.NAMESPACE
+ self.role_descriptor.error_url = "http://www.example.com/errorURL"
+ self.role_descriptor.signature = ds.Signature()
+ self.role_descriptor.extensions = md.Extensions()
+ self.role_descriptor.key_descriptor.append(md.key_descriptor_from_string(
+ md_data.TEST_KEY_DESCRIPTOR))
+ self.role_descriptor.organization = md.Organization()
+ self.role_descriptor.contact_person.append(md.ContactPerson())
+
+ new_role_descriptor = md.role_descriptor_from_string(
+ self.role_descriptor.to_string())
+ assert new_role_descriptor.id == "ID"
+ assert new_role_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_role_descriptor.cache_duration == "10:00:00:00"
+ assert new_role_descriptor.protocol_support_enumeration == samlp.NAMESPACE
+ assert new_role_descriptor.error_url == "http://www.example.com/errorURL"
+ assert isinstance(new_role_descriptor.signature, ds.Signature)
+ assert isinstance(new_role_descriptor.extensions, md.Extensions)
+ assert isinstance(new_role_descriptor.key_descriptor[0],
+ md.KeyDescriptor)
+ assert isinstance(new_role_descriptor.organization, md.Organization)
+ assert isinstance(new_role_descriptor.contact_person[0],
+ md.ContactPerson)
+
+ def testUsingTestData(self):
+ """Test for role_descriptor_from_string() using test data."""
+ new_role_descriptor = md.role_descriptor_from_string(
+ md_data.TEST_ROLE_DESCRIPTOR)
+ assert new_role_descriptor.id == "ID"
+ assert new_role_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_role_descriptor.cache_duration == "10:00:00:00"
+ assert new_role_descriptor.protocol_support_enumeration == samlp.NAMESPACE
+ assert new_role_descriptor.error_url == "http://www.example.com/errorURL"
+ assert isinstance(new_role_descriptor.signature, ds.Signature)
+ assert isinstance(new_role_descriptor.extensions, md.Extensions)
+ assert isinstance(new_role_descriptor.key_descriptor[0],
+ md.KeyDescriptor)
+ assert isinstance(new_role_descriptor.organization, md.Organization)
+ assert isinstance(new_role_descriptor.contact_person[0],
+ md.ContactPerson)
+
+# class TestSSODescriptor:
+# def setup_class(self):
+# self.sso_descriptor = md.SSODescriptorType_()
+#
+# def testAccessors(self):
+# """Test for SSODescriptorType accessors"""
+# self.sso_descriptor.id = "ID"
+# self.sso_descriptor.valid_until = "2008-09-14T01:05:02Z"
+# self.sso_descriptor.cache_duration = "10:00:00:00"
+# self.sso_descriptor.protocol_support_enumeration = samlp.NAMESPACE
+# self.sso_descriptor.error_url = "http://www.example.com/errorURL"
+# self.sso_descriptor.signature = ds.Signature()
+# self.sso_descriptor.extensions = md.Extensions()
+# self.sso_descriptor.key_descriptor.append(md.key_descriptor_from_string(
+# md_data.TEST_KEY_DESCRIPTOR))
+# self.sso_descriptor.organization = md.Organization()
+# self.sso_descriptor.contact_person.append(md.ContactPerson())
+# self.sso_descriptor.artifact_resolution_service.append(
+# md.ArtifactResolutionService())
+# self.sso_descriptor.single_logout_service.append(
+# md.SingleLogoutService())
+# self.sso_descriptor.manage_name_id_service.append(
+# md.ManageNameIDService())
+# self.sso_descriptor.name_id_format.append(
+# md.NameIDFormat())
+#
+# new_sso_descriptor = md.sso_descriptor_type__from_string(
+# self.sso_descriptor.to_string())
+# assert new_sso_descriptor.id == "ID"
+# assert new_sso_descriptor.valid_until == "2008-09-14T01:05:02Z"
+# assert new_sso_descriptor.cache_duration == "10:00:00:00"
+# assert new_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE
+# assert new_sso_descriptor.error_url == "http://www.example.com/errorURL"
+# assert isinstance(new_sso_descriptor.signature, ds.Signature)
+# assert isinstance(new_sso_descriptor.extensions, md.Extensions)
+# assert isinstance(new_sso_descriptor.key_descriptor[0],
+# md.KeyDescriptor)
+# assert isinstance(new_sso_descriptor.organization, md.Organization)
+# assert isinstance(new_sso_descriptor.contact_person[0],
+# md.ContactPerson)
+# assert isinstance(new_sso_descriptor.artifact_resolution_service[0],
+# md.ArtifactResolutionService)
+# assert isinstance(new_sso_descriptor.single_logout_service[0],
+# md.SingleLogoutService)
+# assert isinstance(new_sso_descriptor.manage_name_id_service[0],
+# md.ManageNameIDService)
+# assert isinstance(new_sso_descriptor.name_id_format[0],
+# md.NameIDFormat)
+#
+
+class TestArtifactResolutionService:
+
+ def setup_class(self):
+ self.i_e = md.ArtifactResolutionService()
+
+ def testAccessors(self):
+ """Test for ArtifactResolutionService accessors"""
+ self.i_e.binding = saml2.BINDING_HTTP_POST
+ self.i_e.location = "http://www.example.com/endpoint"
+ self.i_e.response_location = "http://www.example.com/response"
+ self.i_e.index = "1"
+ self.i_e.is_default = "false"
+ new_i_e = md.artifact_resolution_service_from_string(self.i_e.to_string())
+ assert new_i_e.binding == saml2.BINDING_HTTP_POST
+ assert new_i_e.location == "http://www.example.com/endpoint"
+ assert new_i_e.response_location == "http://www.example.com/response"
+ assert new_i_e.index == "1"
+ assert new_i_e.is_default == "false"
+
+ def testUsingTestData(self):
+ """Test for artifact_resolution_service_from_string() using test data."""
+ new_i_e = md.artifact_resolution_service_from_string(
+ md_data.TEST_ARTIFACT_RESOLUTION_SERVICE)
+ assert new_i_e.binding == saml2.BINDING_HTTP_POST
+ assert new_i_e.location == "http://www.example.com/endpoint"
+ assert new_i_e.response_location == "http://www.example.com/response"
+ assert new_i_e.index == "1"
+ assert new_i_e.is_default == "false"
+
+
+class TestSingleLogout:
+
+ def setup_class(self):
+ self.endpoint = md.SingleLogoutService()
+
+ def testAccessors(self):
+ """Test for SingleLogoutService accessors"""
+ self.endpoint.binding = saml2.BINDING_HTTP_POST
+ self.endpoint.location = "http://www.example.com/endpoint"
+ self.endpoint.response_location = "http://www.example.com/response"
+ new_endpoint = md.single_logout_service_from_string(self.endpoint.to_string())
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+ def testUsingTestData(self):
+ """Test for single_logout_service_from_string() using test data."""
+ new_endpoint = md.single_logout_service_from_string(
+ md_data.TEST_SINGLE_LOGOUT_SERVICE)
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+
+class TestManageNameIDService:
+
+ def setup_class(self):
+ self.endpoint = md.ManageNameIDService()
+
+ def testAccessors(self):
+ """Test for ManageNameIDService accessors"""
+ self.endpoint.binding = saml2.BINDING_HTTP_POST
+ self.endpoint.location = "http://www.example.com/endpoint"
+ self.endpoint.response_location = "http://www.example.com/response"
+ new_endpoint = md.manage_name_id_service_from_string(self.endpoint.to_string())
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+ def testUsingTestData(self):
+ """Test for manage_name_id_service_from_string() using test data."""
+ new_endpoint = md.manage_name_id_service_from_string(
+ md_data.TEST_MANAGE_NAMEID_SERVICE)
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+
+class TestNameIDFormat:
+
+ def setup_class(self):
+ self.name_id_format = md.NameIDFormat()
+
+ def testAccessors(self):
+ """Test for NameIDFormat accessors"""
+ self.name_id_format.text = saml.NAMEID_FORMAT_EMAILADDRESS
+ new_name_id_format = md.name_id_format_from_string(
+ self.name_id_format.to_string())
+ assert new_name_id_format.text.strip() == saml.NAMEID_FORMAT_EMAILADDRESS
+
+ def testUsingTestData(self):
+ """Test for name_id_format_from_string() using test data."""
+ new_name_id_format = md.name_id_format_from_string(
+ md_data.TEST_NAME_ID_FORMAT)
+ assert new_name_id_format.text.strip() == saml.NAMEID_FORMAT_EMAILADDRESS
+
+
+class TestSingleSignOnService:
+
+ def setup_class(self):
+ self.endpoint = md.SingleSignOnService()
+
+ def testAccessors(self):
+ """Test for SingelSignOnService accessors"""
+ self.endpoint.binding = saml2.BINDING_HTTP_POST
+ self.endpoint.location = "http://www.example.com/endpoint"
+ self.endpoint.response_location = "http://www.example.com/response"
+ new_endpoint = md.single_sign_on_service_from_string(self.endpoint.to_string())
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+ def testUsingTestData(self):
+ """Test for SingelSignOn_service_from_string() using test data."""
+ new_endpoint = md.single_sign_on_service_from_string(
+ md_data.TEST_SINGLE_SIGN_ON_SERVICE)
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+class TestNameIDMappingService:
+
+ def setup_class(self):
+ self.endpoint = md.NameIDMappingService()
+
+ def testAccessors(self):
+ """Test for NameIDMappingService accessors"""
+ self.endpoint.binding = saml2.BINDING_HTTP_POST
+ self.endpoint.location = "http://www.example.com/endpoint"
+ self.endpoint.response_location = "http://www.example.com/response"
+ new_endpoint = md.name_id_mapping_service_from_string(self.endpoint.to_string())
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+ def testUsingTestData(self):
+ """Test for name_id_mapping_service_from_string() using test data."""
+ new_endpoint = md.name_id_mapping_service_from_string(
+ md_data.TEST_NAME_ID_MAPPING_SERVICE)
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+class TestAssertionIDRequestService:
+
+ def setup_class(self):
+ self.endpoint = md.AssertionIDRequestService()
+
+ def testAccessors(self):
+ """Test for AssertionIDRequestService accessors"""
+ self.endpoint.binding = saml2.BINDING_HTTP_POST
+ self.endpoint.location = "http://www.example.com/endpoint"
+ self.endpoint.response_location = "http://www.example.com/response"
+ new_endpoint = md.assertion_id_request_service_from_string(
+ self.endpoint.to_string())
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+ def testUsingTestData(self):
+ """Test for assertion_id_request_service_from_string() using test data."""
+ new_endpoint = md.assertion_id_request_service_from_string(
+ md_data.TEST_ASSERTION_ID_REQUEST_SERVICE)
+ assert new_endpoint.binding == saml2.BINDING_HTTP_POST
+ assert new_endpoint.location == "http://www.example.com/endpoint"
+ assert new_endpoint.response_location == "http://www.example.com/response"
+
+class TestAttributeProfile:
+
+ def setup_class(self):
+ self.attribute_profile = md.AttributeProfile()
+
+ def testAccessors(self):
+ """Test for AttributeProfile accessors"""
+ self.attribute_profile.text = saml.PROFILE_ATTRIBUTE_BASIC
+ new_attribute_profile = md.attribute_profile_from_string(
+ self.attribute_profile.to_string())
+ assert new_attribute_profile.text.strip() == saml.PROFILE_ATTRIBUTE_BASIC
+
+ def testUsingTestData(self):
+ """Test for name_id_format_from_string() using test data."""
+ new_attribute_profile = md.attribute_profile_from_string(
+ md_data.TEST_ATTRIBUTE_PROFILE)
+ assert new_attribute_profile.text.strip() == saml.PROFILE_ATTRIBUTE_BASIC
+
+
+class TestIDPSSODescriptor:
+ def setup_class(self):
+ self.idp_sso_descriptor = md.IDPSSODescriptor()
+
+ def testAccessors(self):
+ """Test for IDPSSODescriptor accessors"""
+ self.idp_sso_descriptor.id = "ID"
+ self.idp_sso_descriptor.valid_until = "2008-09-14T01:05:02Z"
+ self.idp_sso_descriptor.cache_duration = "10:00:00:00"
+ self.idp_sso_descriptor.protocol_support_enumeration = \
+ samlp.NAMESPACE
+ self.idp_sso_descriptor.error_url = "http://www.example.com/errorURL"
+ self.idp_sso_descriptor.signature = ds.Signature()
+ self.idp_sso_descriptor.extensions = md.Extensions()
+ self.idp_sso_descriptor.key_descriptor.append(md.key_descriptor_from_string(
+ md_data.TEST_KEY_DESCRIPTOR))
+ self.idp_sso_descriptor.organization = md.Organization()
+ self.idp_sso_descriptor.contact_person.append(md.ContactPerson())
+ self.idp_sso_descriptor.artifact_resolution_service.append(
+ md.ArtifactResolutionService())
+ self.idp_sso_descriptor.single_logout_service.append(
+ md.SingleLogoutService())
+ self.idp_sso_descriptor.manage_name_id_service.append(
+ md.ManageNameIDService())
+ self.idp_sso_descriptor.name_id_format.append(
+ md.NameIDFormat())
+ self.idp_sso_descriptor.want_authn_requests_signed = 'true'
+ self.idp_sso_descriptor.single_sign_on_service.append(
+ md.SingleSignOnService())
+ self.idp_sso_descriptor.name_id_mapping_service.append(
+ md.NameIDMappingService())
+ self.idp_sso_descriptor.assertion_id_request_service.append(
+ md.AssertionIDRequestService())
+ self.idp_sso_descriptor.attribute_profile.append(
+ md.AttributeProfile())
+ self.idp_sso_descriptor.attribute.append(saml.Attribute())
+
+ new_idp_sso_descriptor = md.idpsso_descriptor_from_string(
+ self.idp_sso_descriptor.to_string())
+ assert new_idp_sso_descriptor.id == "ID"
+ assert new_idp_sso_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_idp_sso_descriptor.cache_duration == "10:00:00:00"
+ assert new_idp_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE
+ assert new_idp_sso_descriptor.error_url == "http://www.example.com/errorURL"
+ assert isinstance(new_idp_sso_descriptor.signature, ds.Signature)
+ assert isinstance(new_idp_sso_descriptor.extensions, md.Extensions)
+ assert isinstance(new_idp_sso_descriptor.key_descriptor[0],
+ md.KeyDescriptor)
+ assert isinstance(new_idp_sso_descriptor.organization,
+ md.Organization)
+ assert isinstance(new_idp_sso_descriptor.contact_person[0],
+ md.ContactPerson)
+ assert isinstance(
+ new_idp_sso_descriptor.artifact_resolution_service[0],
+ md.ArtifactResolutionService)
+ assert isinstance(new_idp_sso_descriptor.single_logout_service[0],
+ md.SingleLogoutService)
+ assert isinstance(new_idp_sso_descriptor.manage_name_id_service[0],
+ md.ManageNameIDService)
+ assert isinstance(new_idp_sso_descriptor.name_id_format[0],
+ md.NameIDFormat)
+ assert new_idp_sso_descriptor.want_authn_requests_signed == "true"
+ assert isinstance(new_idp_sso_descriptor.single_sign_on_service[0],
+ md.SingleSignOnService)
+ assert isinstance(new_idp_sso_descriptor.name_id_mapping_service[0],
+ md.NameIDMappingService)
+ assert isinstance(
+ new_idp_sso_descriptor.assertion_id_request_service[0],
+ md.AssertionIDRequestService)
+ assert isinstance(new_idp_sso_descriptor.attribute_profile[0],
+ md.AttributeProfile)
+ assert isinstance(new_idp_sso_descriptor.attribute[0],
+ saml.Attribute)
+
+ def testUsingTestData(self):
+ """Test for idpsso_descriptor_from_string() using test data."""
+ new_idp_sso_descriptor = md.idpsso_descriptor_from_string(
+ md_data.TEST_IDP_SSO_DESCRIPTOR)
+ assert new_idp_sso_descriptor.id == "ID"
+ assert new_idp_sso_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_idp_sso_descriptor.cache_duration == "10:00:00:00"
+ assert new_idp_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE
+ assert new_idp_sso_descriptor.error_url == "http://www.example.com/errorURL"
+ assert isinstance(new_idp_sso_descriptor.signature, ds.Signature)
+ assert isinstance(new_idp_sso_descriptor.extensions, md.Extensions)
+ assert isinstance(new_idp_sso_descriptor.key_descriptor[0],
+ md.KeyDescriptor)
+ assert isinstance(new_idp_sso_descriptor.organization,
+ md.Organization)
+ assert isinstance(new_idp_sso_descriptor.contact_person[0],
+ md.ContactPerson)
+ assert isinstance(
+ new_idp_sso_descriptor.artifact_resolution_service[0],
+ md.ArtifactResolutionService)
+ assert isinstance(new_idp_sso_descriptor.single_logout_service[0],
+ md.SingleLogoutService)
+ assert isinstance(new_idp_sso_descriptor.manage_name_id_service[0],
+ md.ManageNameIDService)
+ assert isinstance(new_idp_sso_descriptor.name_id_format[0],
+ md.NameIDFormat)
+ assert new_idp_sso_descriptor.want_authn_requests_signed == "true"
+ assert isinstance(new_idp_sso_descriptor.single_sign_on_service[0],
+ md.SingleSignOnService)
+ assert isinstance(new_idp_sso_descriptor.name_id_mapping_service[0],
+ md.NameIDMappingService)
+ assert isinstance(
+ new_idp_sso_descriptor.assertion_id_request_service[0],
+ md.AssertionIDRequestService)
+ assert isinstance(new_idp_sso_descriptor.attribute_profile[0],
+ md.AttributeProfile)
+ assert isinstance(new_idp_sso_descriptor.attribute[0],
+ saml.Attribute)
+
+ def testUsingScope(self):
+ descriptor = md.IDPSSODescriptor()
+ scope = shibmd.Scope()
+ scope.text = "example.org"
+ scope.regexp = "false"
+ descriptor.extensions = md.Extensions()
+ ext = saml2.element_to_extension_element(scope)
+ descriptor.extensions.extension_elements.append(ext)
+ exts = descriptor.extensions
+ assert len(exts.extension_elements) == 1
+ elem = exts.extension_elements[0]
+ inst = saml2.extension_element_to_element(elem,
+ shibmd.ELEMENT_FROM_STRING,
+ namespace=shibmd.NAMESPACE)
+ assert isinstance(inst, shibmd.Scope)
+ assert inst.text == "example.org"
+ assert inst.regexp == "false"
+
+class TestAssertionConsumerService:
+
+ def setup_class(self):
+ self.i_e = md.AssertionConsumerService()
+
+ def testAccessors(self):
+ """Test for AssertionConsumerService accessors"""
+ self.i_e.binding = saml2.BINDING_HTTP_POST
+ self.i_e.location = "http://www.example.com/endpoint"
+ self.i_e.response_location = "http://www.example.com/response"
+ self.i_e.index = "1"
+ self.i_e.is_default = "false"
+ new_i_e = md.assertion_consumer_service_from_string(self.i_e.to_string())
+ assert new_i_e.binding == saml2.BINDING_HTTP_POST
+ assert new_i_e.location == "http://www.example.com/endpoint"
+ assert new_i_e.response_location == "http://www.example.com/response"
+ assert new_i_e.index == "1"
+ assert new_i_e.is_default == "false"
+
+ def testUsingTestData(self):
+ """Test for assertion_consumer_service_from_string() using test data."""
+ new_i_e = md.assertion_consumer_service_from_string(
+ md_data.TEST_ASSERTION_CONSUMER_SERVICE)
+ assert new_i_e.binding == saml2.BINDING_HTTP_POST
+ assert new_i_e.location == "http://www.example.com/endpoint"
+ assert new_i_e.response_location == "http://www.example.com/response"
+ assert new_i_e.index == "1"
+ assert new_i_e.is_default == "false"
+
+
+class TestRequestedAttribute:
+
+ def setup_class(self):
+ self.requested_attribute = md.RequestedAttribute()
+
+ def testAccessors(self):
+ """Test for RequestedAttribute accessors"""
+ assert isinstance(self.requested_attribute, saml.AttributeType_)
+ assert isinstance(self.requested_attribute, md.RequestedAttribute)
+ assert self.requested_attribute.is_required is None
+ self.requested_attribute.is_required = "true"
+ new_requested_attribute = md.requested_attribute_from_string(
+ self.requested_attribute.to_string())
+ assert new_requested_attribute.is_required == "true"
+ assert isinstance(new_requested_attribute, saml.AttributeType_)
+ assert isinstance(new_requested_attribute, md.RequestedAttribute)
+
+ def testUsingTestData(self):
+ """Test for requested_attribute_from_string() using test data."""
+ new_requested_attribute = md.requested_attribute_from_string(
+ md_data.TEST_REQUESTED_ATTRIBUTE)
+ assert new_requested_attribute.is_required == "true"
+ assert isinstance(new_requested_attribute, saml.AttributeType_)
+ assert isinstance(new_requested_attribute, md.RequestedAttribute)
+
+
+class TestServiceName:
+
+ def setup_class(self):
+ self.service_name = md.ServiceName()
+
+ def testAccessors(self):
+ """Test for ServiceName accessors"""
+ self.service_name.lang = "en"
+ self.service_name.text = "SIOS mail"
+ new_service_name = md.service_name_from_string(self.service_name.to_string())
+ assert new_service_name.lang == "en"
+ assert new_service_name.text.strip() == "SIOS mail"
+
+ def testUsingTestData(self):
+ """Test for organization_name_from_string() using test data."""
+ new_service_name = md.service_name_from_string(md_data.TEST_SERVICE_NAME)
+ assert new_service_name.lang == "en"
+ assert new_service_name.text.strip() == "Catalogix Whois"
+
+
+class TestServiceDescription:
+
+ def setup_class(self):
+ self.service_description = md.ServiceDescription()
+
+ def testAccessors(self):
+ """Test for ServiceDescription accessors"""
+ self.service_description.lang = "en"
+ self.service_description.text = "SIOS mail service"
+ new_service_description = md.service_description_from_string(
+ self.service_description.to_string())
+ assert new_service_description.lang == "en"
+ assert new_service_description.text.strip() == "SIOS mail service"
+
+ def testUsingTestData(self):
+ """Test for organization_name_from_string() using test data."""
+ new_service_description = md.service_description_from_string(
+ md_data.TEST_SERVICE_DESCRIPTION)
+ assert new_service_description.lang == "en"
+ assert new_service_description.text.strip() == "Catalogix Whois Service"
+
+
+class TestAttributeConsumingService:
+
+ def setup_class(self):
+ self.attribute_consuming_service = md.AttributeConsumingService()
+
+ def testAccessors(self):
+ """Test for AttributeConsumingService accessors"""
+ self.attribute_consuming_service.service_name.append(md.ServiceName())
+ self.attribute_consuming_service.service_description.append(
+ md.ServiceDescription())
+ self.attribute_consuming_service.requested_attribute.append(
+ md.RequestedAttribute())
+ self.attribute_consuming_service.index = "1"
+ self.attribute_consuming_service.is_default = "true"
+
+ new_attribute_consuming_service = md.attribute_consuming_service_from_string(
+ self.attribute_consuming_service.to_string())
+ assert new_attribute_consuming_service.index == "1"
+ assert new_attribute_consuming_service.is_default == "true"
+ assert isinstance(new_attribute_consuming_service.service_name[0],
+ md.ServiceName)
+ assert isinstance(
+ new_attribute_consuming_service.service_description[0],
+ md.ServiceDescription)
+ assert isinstance(
+ new_attribute_consuming_service.requested_attribute[0],
+ md.RequestedAttribute)
+
+ def testUsingTestData(self):
+ """Test for attribute_consuming_service_from_string() using test data."""
+ new_attribute_consuming_service = md.attribute_consuming_service_from_string(
+ md_data.TEST_ATTRIBUTE_CONSUMING_SERVICE)
+ assert new_attribute_consuming_service.index == "1"
+ assert new_attribute_consuming_service.is_default == "true"
+ assert isinstance(new_attribute_consuming_service.service_name[0],
+ md.ServiceName)
+ assert isinstance(
+ new_attribute_consuming_service.service_description[0],
+ md.ServiceDescription)
+ assert isinstance(
+ new_attribute_consuming_service.requested_attribute[0],
+ md.RequestedAttribute)
+
+
+class TestSPSSODescriptor:
+ def setup_class(self):
+ self.sp_sso_descriptor = md.SPSSODescriptor()
+
+ def testAccessors(self):
+ """Test for SPSSODescriptor accessors"""
+ self.sp_sso_descriptor.id = "ID"
+ self.sp_sso_descriptor.valid_until = "2008-09-14T01:05:02Z"
+ self.sp_sso_descriptor.cache_duration = "10:00:00:00"
+ self.sp_sso_descriptor.protocol_support_enumeration = \
+ samlp.NAMESPACE
+ self.sp_sso_descriptor.error_url = "http://www.example.com/errorURL"
+ self.sp_sso_descriptor.signature = ds.Signature()
+ self.sp_sso_descriptor.extensions = md.Extensions()
+ self.sp_sso_descriptor.key_descriptor.append(md.key_descriptor_from_string(
+ md_data.TEST_KEY_DESCRIPTOR))
+ self.sp_sso_descriptor.organization = md.Organization()
+ self.sp_sso_descriptor.contact_person.append(md.ContactPerson())
+ self.sp_sso_descriptor.artifact_resolution_service.append(
+ md.ArtifactResolutionService())
+ self.sp_sso_descriptor.single_logout_service.append(
+ md.SingleLogoutService())
+ self.sp_sso_descriptor.manage_name_id_service.append(
+ md.ManageNameIDService())
+ self.sp_sso_descriptor.name_id_format.append(
+ md.NameIDFormat())
+ self.sp_sso_descriptor.authn_requests_signed = "true"
+ self.sp_sso_descriptor.want_assertions_signed = "true"
+ self.sp_sso_descriptor.assertion_consumer_service.append(
+ md.AssertionConsumerService())
+ self.sp_sso_descriptor.attribute_consuming_service.append(
+ md.AttributeConsumingService())
+
+ print self.sp_sso_descriptor
+ new_sp_sso_descriptor = md.spsso_descriptor_from_string(
+ self.sp_sso_descriptor.to_string())
+ print new_sp_sso_descriptor
+ assert new_sp_sso_descriptor.id == "ID"
+ assert new_sp_sso_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_sp_sso_descriptor.cache_duration == "10:00:00:00"
+ assert new_sp_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE
+ assert new_sp_sso_descriptor.error_url == "http://www.example.com/errorURL"
+ assert isinstance(new_sp_sso_descriptor.signature, ds.Signature)
+ assert isinstance(new_sp_sso_descriptor.extensions, md.Extensions)
+ assert isinstance(new_sp_sso_descriptor.key_descriptor[0],
+ md.KeyDescriptor)
+ assert isinstance(new_sp_sso_descriptor.organization,
+ md.Organization)
+ assert isinstance(new_sp_sso_descriptor.contact_person[0],
+ md.ContactPerson)
+ assert isinstance(
+ new_sp_sso_descriptor.artifact_resolution_service[0],
+ md.ArtifactResolutionService)
+ assert isinstance(new_sp_sso_descriptor.single_logout_service[0],
+ md.SingleLogoutService)
+ assert isinstance(new_sp_sso_descriptor.manage_name_id_service[0],
+ md.ManageNameIDService)
+ assert isinstance(new_sp_sso_descriptor.name_id_format[0],
+ md.NameIDFormat)
+ assert new_sp_sso_descriptor.authn_requests_signed == "true"
+ assert new_sp_sso_descriptor.want_assertions_signed == "true"
+ assert isinstance(
+ new_sp_sso_descriptor.assertion_consumer_service[0],
+ md.AssertionConsumerService)
+ assert isinstance(
+ new_sp_sso_descriptor.attribute_consuming_service[0],
+ md.AttributeConsumingService)
+
+ def testUsingTestData(self):
+ """Test for spsso_descriptor_from_string() using test data."""
+ new_sp_sso_descriptor = md.spsso_descriptor_from_string(
+ md_data.TEST_SP_SSO_DESCRIPTOR)
+ assert new_sp_sso_descriptor.id == "ID"
+ assert new_sp_sso_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_sp_sso_descriptor.cache_duration == "10:00:00:00"
+ assert new_sp_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE
+ assert new_sp_sso_descriptor.error_url == "http://www.example.com/errorURL"
+ assert isinstance(new_sp_sso_descriptor.signature, ds.Signature)
+ assert isinstance(new_sp_sso_descriptor.extensions, md.Extensions)
+ print new_sp_sso_descriptor.extensions.__dict__
+ assert len(new_sp_sso_descriptor.extensions.extension_elements) == 2
+ for eelem in new_sp_sso_descriptor.extensions.extension_elements:
+ print "EE",eelem.__dict__
+ dp = extension_element_to_element(eelem, idpdisc.ELEMENT_FROM_STRING,
+ idpdisc.NAMESPACE)
+ print "DP",dp.c_tag, dp.c_namespace,dp.__dict__
+ assert isinstance(dp, idpdisc.DiscoveryResponse)
+ assert isinstance(new_sp_sso_descriptor.key_descriptor[0],
+ md.KeyDescriptor)
+ assert isinstance(new_sp_sso_descriptor.organization,
+ md.Organization)
+ assert isinstance(new_sp_sso_descriptor.contact_person[0],
+ md.ContactPerson)
+ assert isinstance(
+ new_sp_sso_descriptor.artifact_resolution_service[0],
+ md.ArtifactResolutionService)
+ assert isinstance(new_sp_sso_descriptor.single_logout_service[0],
+ md.SingleLogoutService)
+ assert isinstance(new_sp_sso_descriptor.manage_name_id_service[0],
+ md.ManageNameIDService)
+ assert isinstance(new_sp_sso_descriptor.name_id_format[0],
+ md.NameIDFormat)
+ assert new_sp_sso_descriptor.authn_requests_signed == "true"
+ assert new_sp_sso_descriptor.want_assertions_signed == "true"
+ assert isinstance(
+ new_sp_sso_descriptor.assertion_consumer_service[0],
+ md.AssertionConsumerService)
+ assert isinstance(
+ new_sp_sso_descriptor.attribute_consuming_service[0],
+ md.AttributeConsumingService)
+
+
+class TestEntityDescriptor:
+ def setup_class(self):
+ self.entity_descriptor = md.EntityDescriptor()
+
+ def testAccessors(self):
+ """Test for RoleDescriptor accessors"""
+ self.entity_descriptor.id = "ID"
+ self.entity_descriptor.entity_id = "entityID"
+ self.entity_descriptor.valid_until = "2008-09-14T01:05:02Z"
+ self.entity_descriptor.cache_duration = "10:00:00:00"
+
+ self.entity_descriptor.signature = ds.Signature()
+ self.entity_descriptor.extensions = md.Extensions()
+ self.entity_descriptor.role_descriptor.append(md.RoleDescriptor())
+ self.entity_descriptor.idpsso_descriptor.append(md.IDPSSODescriptor())
+ self.entity_descriptor.spsso_descriptor.append(md.SPSSODescriptor())
+ self.entity_descriptor.organization = md.Organization()
+ self.entity_descriptor.contact_person.append(md.ContactPerson())
+ self.entity_descriptor.additional_metadata_location.append(
+ md.AdditionalMetadataLocation())
+
+ new_entity_descriptor = md.entity_descriptor_from_string(
+ self.entity_descriptor.to_string())
+ assert new_entity_descriptor.id == "ID"
+ assert new_entity_descriptor.entity_id == "entityID"
+ assert new_entity_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_entity_descriptor.cache_duration == "10:00:00:00"
+ assert isinstance(new_entity_descriptor.signature, ds.Signature)
+ assert isinstance(new_entity_descriptor.extensions, md.Extensions)
+ assert isinstance(new_entity_descriptor.role_descriptor[0],
+ md.RoleDescriptor)
+ assert isinstance(new_entity_descriptor.idpsso_descriptor[0],
+ md.IDPSSODescriptor)
+ assert isinstance(new_entity_descriptor.spsso_descriptor[0],
+ md.SPSSODescriptor)
+ assert isinstance(new_entity_descriptor.organization,
+ md.Organization)
+ assert isinstance(new_entity_descriptor.contact_person[0],
+ md.ContactPerson)
+ assert isinstance(
+ new_entity_descriptor.additional_metadata_location[0],
+ md.AdditionalMetadataLocation)
+
+ def testUsingTestData(self):
+ """Test for entity_descriptor_from_string() using test data."""
+ new_entity_descriptor = md.entity_descriptor_from_string(
+ md_data.TEST_ENTITY_DESCRIPTOR)
+ assert new_entity_descriptor.id == "ID"
+ assert new_entity_descriptor.entity_id == "entityID"
+ assert new_entity_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_entity_descriptor.cache_duration == "10:00:00:00"
+ assert isinstance(new_entity_descriptor.signature, ds.Signature)
+ assert isinstance(new_entity_descriptor.extensions, md.Extensions)
+ assert isinstance(new_entity_descriptor.role_descriptor[0],
+ md.RoleDescriptor)
+ assert isinstance(new_entity_descriptor.idpsso_descriptor[0],
+ md.IDPSSODescriptor)
+ assert isinstance(new_entity_descriptor.spsso_descriptor[0],
+ md.SPSSODescriptor)
+ assert isinstance(new_entity_descriptor.organization,
+ md.Organization)
+ assert isinstance(new_entity_descriptor.contact_person[0],
+ md.ContactPerson)
+ assert isinstance(new_entity_descriptor.additional_metadata_location[0],
+ md.AdditionalMetadataLocation)
+
+
+class TestEntitiesDescriptor:
+ def setup_class(self):
+ self.entities_descriptor = md.EntitiesDescriptor()
+
+ def testAccessors(self):
+ """Test for EntitiesDescriptor accessors"""
+ self.entities_descriptor.id = "ID"
+ self.entities_descriptor.name = "name"
+ self.entities_descriptor.valid_until = "2008-09-14T01:05:02Z"
+ self.entities_descriptor.cache_duration = "10:00:00:00"
+
+ self.entities_descriptor.signature = ds.Signature()
+ self.entities_descriptor.extensions = md.Extensions()
+ self.entities_descriptor.entity_descriptor.append(md.EntityDescriptor())
+ self.entities_descriptor.entities_descriptor.append(
+ md.EntitiesDescriptor())
+
+ new_entities_descriptor = md.entities_descriptor_from_string(
+ self.entities_descriptor.to_string())
+ assert new_entities_descriptor.id == "ID"
+ assert new_entities_descriptor.name == "name"
+ assert new_entities_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_entities_descriptor.cache_duration == "10:00:00:00"
+ assert isinstance(new_entities_descriptor.signature, ds.Signature)
+ assert isinstance(new_entities_descriptor.extensions, md.Extensions)
+ assert isinstance(new_entities_descriptor.entity_descriptor[0],
+ md.EntityDescriptor)
+ assert isinstance(new_entities_descriptor.entities_descriptor[0],
+ md.EntitiesDescriptor)
+
+ def testUsingTestData(self):
+ """Test for entities_descriptor_from_string() using test data."""
+ new_entities_descriptor = md.entities_descriptor_from_string(
+ md_data.TEST_ENTITIES_DESCRIPTOR)
+ assert new_entities_descriptor.id == "ID"
+ assert new_entities_descriptor.name == "name"
+ assert new_entities_descriptor.valid_until == "2008-09-14T01:05:02Z"
+ assert new_entities_descriptor.cache_duration == "10:00:00:00"
+ assert isinstance(new_entities_descriptor.signature, ds.Signature)
+ assert isinstance(new_entities_descriptor.extensions, md.Extensions)
+ assert isinstance(new_entities_descriptor.entity_descriptor[0],
+ md.EntityDescriptor)
+ assert isinstance(new_entities_descriptor.entities_descriptor[0],
+ md.EntitiesDescriptor)
+
+
diff --git a/tests/test_10_time_util.py b/tests/test_10_time_util.py
new file mode 100644
index 00000000..555ee15d
--- /dev/null
+++ b/tests/test_10_time_util.py
@@ -0,0 +1,124 @@
+#!/usr/bin/env python
+
+import calendar
+import datetime
+import time
+from saml2.time_util import f_quotient, modulo, parse_duration, add_duration
+from saml2.time_util import str_to_time, instant, valid, in_a_while
+from saml2.time_util import before, after, not_before, not_on_or_after
+
+def test_f_quotient():
+ assert f_quotient(-1,3) == -1
+ assert f_quotient(0,3) == 0
+ assert f_quotient(1,3) == 0
+ assert f_quotient(2,3) == 0
+ assert f_quotient(3,3) == 1
+ assert f_quotient(3.123,3) == 1
+
+def test_modulo():
+ assert modulo(-1,3) == 2
+ assert modulo(0,3) == 0
+ assert modulo(1,3) == 1
+ assert modulo(2,3) == 2
+ assert modulo(3,3) == 0
+ x = 3.123
+ assert modulo(3.123,3) == x - 3
+
+def test_f_quotient_2():
+ assert f_quotient(0, 1, 13) == -1
+ for i in range(1,13):
+ assert f_quotient(i, 1, 13) == 0
+ assert f_quotient(13, 1, 13) == 1
+ assert f_quotient(13.123, 1, 13) == 1
+
+def test_modulo_2():
+ assert modulo(0, 1, 13) == 12
+ for i in range(1,13):
+ assert modulo(i, 1, 13) == i
+ assert modulo(13, 1, 13) == 1
+ #x = 0.123
+ #assert modulo(13+x, 1, 13) == 1+x
+
+def test_parse_duration():
+ (sign, d) = parse_duration("P1Y3M5DT7H10M3.3S")
+ assert sign == "+"
+ assert d['tm_sec'] == 3.3
+ assert d['tm_mon'] == 3
+ assert d['tm_hour'] == 7
+ assert d['tm_mday'] == 5
+ assert d['tm_year'] == 1
+ assert d['tm_min'] == 10
+
+def test_add_duration_1():
+ #2000-01-12T12:13:14Z P1Y3M5DT7H10M3S 2001-04-17T19:23:17Z
+ t = add_duration(str_to_time("2000-01-12T12:13:14Z"), "P1Y3M5DT7H10M3S")
+ assert t.tm_year == 2001
+ assert t.tm_mon == 4
+ assert t.tm_mday == 17
+ assert t.tm_hour == 19
+ assert t.tm_min == 23
+ assert t.tm_sec == 17
+
+def test_add_duration_2():
+ #2000-01-12 PT33H 2000-01-13
+ t = add_duration(str_to_time("2000-01-12T00:00:00Z"),"PT33H")
+ assert t.tm_year == 2000
+ assert t.tm_mon == 1
+ assert t.tm_mday == 14
+ assert t.tm_hour == 9
+ assert t.tm_min == 0
+ assert t.tm_sec == 0
+
+def test_str_to_time():
+ t = calendar.timegm(str_to_time("2000-01-12T00:00:00Z"))
+ #TODO: Find all instances of time.mktime(.....)
+ #t = time.mktime(str_to_time("2000-01-12T00:00:00Z"))
+ #assert t == 947631600.0
+ #TODO: add something to show how this time was arrived at
+ # do this as an external method in the
+ assert t == 947635200
+
+def test_instant():
+ inst = str_to_time(instant())
+ now = time.gmtime()
+
+ assert now >= inst
+
+def test_valid():
+ assert valid("2000-01-12T00:00:00Z") == False
+ current_year = datetime.datetime.today().year
+ assert valid("%d-01-12T00:00:00Z" % (current_year + 1)) == True
+ this_instance = instant()
+ time.sleep(1)
+ assert valid(this_instance) == False # unless on a very fast machine :-)
+ soon = in_a_while(seconds=10)
+ assert valid(soon) == True
+
+def test_timeout():
+ soon = in_a_while(seconds=1)
+ time.sleep(2)
+ assert valid(soon) == False
+
+
+def test_before():
+ current_year = datetime.datetime.today().year
+ assert before("%d-01-01T00:00:00Z" % (current_year - 1)) == False
+ assert before("%d-01-01T00:00:00Z" % (current_year + 1)) == True
+
+
+def test_after():
+ current_year = datetime.datetime.today().year
+ assert after("%d-01-01T00:00:00Z" % (current_year + 1)) == False
+ assert after("%d-01-01T00:00:00Z" % (current_year - 1)) == True
+
+
+def test_not_before():
+ current_year = datetime.datetime.today().year
+ assert not_before("%d-01-01T00:00:00Z" % (current_year + 1)) == False
+ assert not_before("%d-01-01T00:00:00Z" % (current_year - 1)) == True
+
+
+def test_not_on_or_after():
+ current_year = datetime.datetime.today().year
+ assert not_on_or_after("%d-01-01T00:00:00Z" % (current_year + 1)) == True
+ assert not_on_or_after("%d-01-01T00:00:00Z" % (current_year - 1)) == False
diff --git a/tests/test_12_s_utils.py b/tests/test_12_s_utils.py
new file mode 100644
index 00000000..dfdd8943
--- /dev/null
+++ b/tests/test_12_s_utils.py
@@ -0,0 +1,453 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import zlib
+import base64
+import gzip
+
+from saml2 import make_instance
+from saml2 import s_utils as utils
+from saml2 import saml
+from saml2 import samlp
+from saml2 import md
+
+from saml2.s_utils import do_attribute_statement
+
+from saml2.sigver import make_temp
+
+from saml2.saml import Attribute, NAME_FORMAT_URI, AttributeValue
+
+from py.test import raises
+
+SUCCESS_STATUS = """<?xml version=\'1.0\' encoding=\'UTF-8\'?>
+<ns0:Status xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></ns0:Status>"""
+
+ERROR_STATUS = """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:Status xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal" /></ns0:StatusCode><ns0:StatusMessage>Error resolving principal</ns0:StatusMessage></ns0:Status>"""
+
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+def _oeq(l1,l2):
+ if len(l1) != len(l2):
+ print "Different number of items"
+ return False
+ for item in l1:
+ if item not in l2:
+ print "%s not in l2" % (item,)
+ for ite in l2:
+ print "\t%s" % (ite,)
+ return False
+ return True
+
+def test_inflate_then_deflate():
+ str = """Selma Lagerlöf (1858-1940) was born in Östra Emterwik, Värmland,
+ Sweden. She was brought up on Mårbacka, the family estate, which she did
+ not leave until 1881, when she went to a teachers' college at Stockholm"""
+
+ interm = utils.deflate_and_base64_encode(str)
+ bis = utils.decode_base64_and_inflate(interm)
+ assert bis == str
+
+def test_status_success():
+ status = utils.success_status_factory()
+ status_text = "%s" % status
+ assert status_text == SUCCESS_STATUS
+ assert status.status_code.value == samlp.STATUS_SUCCESS
+
+def test_error_status():
+ status = utils.status_message_factory("Error resolving principal",
+ samlp.STATUS_UNKNOWN_PRINCIPAL,
+ samlp.STATUS_RESPONDER)
+
+ status_text = "%s" % status
+ print status_text
+ assert status_text == ERROR_STATUS
+
+def test_status_from_exception():
+ e = utils.UnknownPrincipal("Error resolving principal")
+ stat = utils.error_status_factory(e)
+ status_text = "%s" % stat
+ print status_text
+ assert status_text == ERROR_STATUS
+
+def test_attribute_sn():
+ attr = utils.do_attributes({"surName":("Jeter", "")})
+ assert len(attr) == 1
+ print attr
+ inst = attr[0]
+ assert inst.name == "surName"
+ assert len(inst.attribute_value) == 1
+ av = inst.attribute_value[0]
+ assert av.text == "Jeter"
+
+def test_attribute_age():
+ attr = utils.do_attributes({"age":(37, "")})
+
+ assert len(attr) == 1
+ inst = attr[0]
+ print inst
+ assert inst.name == "age"
+ assert len(inst.attribute_value) == 1
+ av = inst.attribute_value[0]
+ assert av.text == "37"
+ assert av.get_type() == "xs:integer"
+
+def test_attribute_onoff():
+ attr = utils.do_attributes({"onoff":(False, "")})
+
+ assert len(attr) == 1
+ inst = attr[0]
+ print inst
+ assert inst.name == "onoff"
+ assert len(inst.attribute_value) == 1
+ av = inst.attribute_value[0]
+ assert av.text == "false"
+ assert av.get_type() == "xs:boolean"
+
+def test_attribute_base64():
+ b64sl = base64.b64encode("Selma Lagerlöf")
+ attr = utils.do_attributes({"name":(b64sl, "xs:base64Binary")})
+
+ assert len(attr) == 1
+ inst = attr[0]
+ print inst
+ assert inst.name == "name"
+ assert len(inst.attribute_value) == 1
+ av = inst.attribute_value[0]
+ assert av.get_type() == "xs:base64Binary"
+ assert av.text.strip() == b64sl
+
+def test_attribute_statement():
+ statement = do_attribute_statement({"surName":("Jeter", ""),
+ "givenName":("Derek", "")})
+ print statement
+ assert statement.keyswv() == ["attribute"]
+ assert len(statement.attribute) == 2
+ attr0 = statement.attribute[0]
+ assert _eq(attr0.keyswv(), ["name","attribute_value"])
+ assert len(attr0.attribute_value) == 1
+ attr1 = statement.attribute[1]
+ assert _eq(attr1.keyswv(), ["name","attribute_value"])
+ assert len(attr1.attribute_value) == 1
+ if attr0.name == "givenName":
+ assert attr0.attribute_value[0].text == "Derek"
+ assert attr1.name == "surName"
+ assert attr1.attribute_value[0].text == "Jeter"
+ else:
+ assert attr0.name == "surName"
+ assert attr0.attribute_value[0].text == "Jeter"
+ assert attr1.name == "givenName"
+ assert attr1.attribute_value[0].text == "Derek"
+
+def test_audience():
+ aud_restr = utils.factory(saml.AudienceRestriction,
+ audience=utils.factory(saml.Audience,text="urn:foo:bar"))
+
+ assert aud_restr.keyswv() == ["audience"]
+ assert aud_restr.audience.text == "urn:foo:bar"
+
+def test_conditions():
+ conditions = utils.factory( saml.Conditions,
+ not_before="2009-10-30T07:58:10.852Z",
+ not_on_or_after="2009-10-30T08:03:10.852Z",
+ audience_restriction=[utils.factory(saml.AudienceRestriction,
+ audience=utils.factory(saml.Audience,
+ text="urn:foo:bar"))])
+
+ assert _eq(conditions.keyswv(), ["not_before", "not_on_or_after",
+ "audience_restriction"])
+ assert conditions.not_before == "2009-10-30T07:58:10.852Z"
+ assert conditions.not_on_or_after == "2009-10-30T08:03:10.852Z"
+ assert conditions.audience_restriction[0].audience.text == "urn:foo:bar"
+
+def test_value_1():
+ #FriendlyName="givenName" Name="urn:oid:2.5.4.42"
+ # NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ attribute = utils.factory(saml.Attribute, name="urn:oid:2.5.4.42",
+ name_format=NAME_FORMAT_URI)
+ assert _eq(attribute.keyswv(),["name","name_format"])
+ assert attribute.name == "urn:oid:2.5.4.42"
+ assert attribute.name_format == saml.NAME_FORMAT_URI
+
+def test_value_2():
+ attribute = utils.factory(saml.Attribute, name="urn:oid:2.5.4.42",
+ name_format=NAME_FORMAT_URI,
+ friendly_name="givenName")
+ assert _eq(attribute.keyswv(),["name","name_format","friendly_name"])
+ assert attribute.name == "urn:oid:2.5.4.42"
+ assert attribute.name_format == NAME_FORMAT_URI
+ assert attribute.friendly_name == "givenName"
+
+def test_value_3():
+ attribute = utils.factory(saml.Attribute,
+ attribute_value=[utils.factory(
+ saml.AttributeValue, text="Derek")],
+ name="urn:oid:2.5.4.42",
+ name_format=NAME_FORMAT_URI,
+ friendly_name="givenName")
+
+ assert _eq(attribute.keyswv(),["name", "name_format",
+ "friendly_name", "attribute_value"])
+ assert attribute.name == "urn:oid:2.5.4.42"
+ assert attribute.name_format == NAME_FORMAT_URI
+ assert attribute.friendly_name == "givenName"
+ assert len(attribute.attribute_value) == 1
+ assert attribute.attribute_value[0].text == "Derek"
+
+def test_value_4():
+ attribute = utils.factory(saml.Attribute,
+ attribute_value=[utils.factory(
+ saml.AttributeValue, text="Derek")],
+ friendly_name="givenName")
+
+ assert _eq(attribute.keyswv(),["friendly_name", "attribute_value"])
+ assert attribute.friendly_name == "givenName"
+ assert len(attribute.attribute_value) == 1
+ assert attribute.attribute_value[0].text == "Derek"
+
+def test_do_attribute_statement_0():
+ statement = do_attribute_statement({"vo_attr":("foobar", "")})
+
+ assert statement.keyswv() == ["attribute"]
+ assert len(statement.attribute) == 1
+ attr0 = statement.attribute[0]
+ assert _eq(attr0.keyswv(), ["name","attribute_value"])
+ assert attr0.name == "vo_attr"
+ assert len(attr0.attribute_value) == 1
+ assert attr0.attribute_value[0].text == "foobar"
+
+def test_do_attribute_statement():
+ statement = do_attribute_statement({"surName":("Jeter", ""),
+ "givenName":(["Derek",
+ "Sanderson"], "")})
+
+ assert statement.keyswv() == ["attribute"]
+ assert len(statement.attribute) == 2
+ attr0 = statement.attribute[0]
+ assert _eq(attr0.keyswv(), ["name","attribute_value"])
+ attr1 = statement.attribute[1]
+ assert _eq(attr1.keyswv(), ["name","attribute_value"])
+ if attr0.name == "givenName":
+ assert len(attr0.attribute_value) == 2
+ assert _eq([av.text for av in attr0.attribute_value],
+ ["Derek","Sanderson"])
+ assert attr1.name == "surName"
+ assert attr1.attribute_value[0].text == "Jeter"
+ assert len(attr1.attribute_value) == 1
+ else:
+ assert attr0.name == "surName"
+ assert attr0.attribute_value[0].text == "Jeter"
+ assert len(attr0.attribute_value) == 1
+ assert attr1.name == "givenName"
+ assert len(attr1.attribute_value) == 2
+ assert _eq([av.text for av in attr1.attribute_value],
+ ["Derek","Sanderson"])
+
+def test_do_attribute_statement_multi():
+ statement = do_attribute_statement(
+ {( "urn:oid:1.3.6.1.4.1.5923.1.1.1.7",
+ "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "eduPersonEntitlement"):("Jeter", "")})
+
+ assert statement.keyswv() == ["attribute"]
+ assert len(statement.attribute)
+ assert _eq(statement.attribute[0].keyswv(),
+ ["name","name_format","friendly_name","attribute_value"])
+ attribute = statement.attribute[0]
+ assert attribute.name == "urn:oid:1.3.6.1.4.1.5923.1.1.1.7"
+ assert attribute.name_format == (
+ "urn:oasis:names:tc:SAML:2.0:attrname-format:uri")
+ assert attribute.friendly_name == "eduPersonEntitlement"
+
+def test_subject():
+ subject = utils.factory(saml.Subject, text="_aaa",
+ name_id=saml.NameID(
+ text=saml.NAMEID_FORMAT_TRANSIENT))
+
+ assert _eq(subject.keyswv(),["text", "name_id"])
+ assert subject.text == "_aaa"
+ assert subject.name_id.text == saml.NAMEID_FORMAT_TRANSIENT
+
+# ---------------------------------------------------------------------------
+
+def test_parse_attribute_map():
+ (forward, backward) = utils.parse_attribute_map(["attribute.map"])
+
+ assert _eq(forward.keys(), backward.values())
+ assert _eq(forward.values(), backward.keys())
+ print forward.keys()
+ assert _oeq(forward.keys(), [
+ ('urn:oid:1.3.6.1.4.1.5923.1.1.1.7', NAME_FORMAT_URI),
+ ('urn:oid:0.9.2342.19200300.100.1.1', NAME_FORMAT_URI),
+ ('urn:oid:1.3.6.1.4.1.5923.1.1.1.1', NAME_FORMAT_URI),
+ ('urn:oid:2.5.4.42', NAME_FORMAT_URI),
+ ('urn:oid:2.5.4.4', NAME_FORMAT_URI),
+ ('urn:oid:0.9.2342.19200300.100.1.3', NAME_FORMAT_URI),
+ ('urn:oid:2.5.4.12', NAME_FORMAT_URI)])
+ assert _eq(forward.keys(), [
+ ('urn:oid:1.3.6.1.4.1.5923.1.1.1.7', NAME_FORMAT_URI),
+ ('urn:oid:0.9.2342.19200300.100.1.1', NAME_FORMAT_URI),
+ ('urn:oid:1.3.6.1.4.1.5923.1.1.1.1', NAME_FORMAT_URI),
+ ('urn:oid:2.5.4.42', NAME_FORMAT_URI),
+ ('urn:oid:2.5.4.4', NAME_FORMAT_URI),
+ ('urn:oid:0.9.2342.19200300.100.1.3', NAME_FORMAT_URI),
+ ('urn:oid:2.5.4.12', NAME_FORMAT_URI)])
+ assert _eq(backward.keys(),["surName","givenName","title","uid","mail",
+ "eduPersonAffiliation",
+ "eduPersonEntitlement"])
+
+
+def test_identity_attribute_0():
+ (forward, backward) = utils.parse_attribute_map(["attribute.map"])
+ a = Attribute(name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI,
+ friendly_name="surName")
+
+ assert utils.identity_attribute("name",a,forward) == "urn:oid:2.5.4.4"
+ assert utils.identity_attribute("friendly",a,forward) == "surName"
+
+def test_identity_attribute_1():
+ (forward, backward) = utils.parse_attribute_map(["attribute.map"])
+ a = Attribute(name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI)
+
+ assert utils.identity_attribute("name",a,forward) == "urn:oid:2.5.4.4"
+ assert utils.identity_attribute("friendly",a,forward) == "surName"
+
+def test_identity_attribute_2():
+ (forward, backward) = utils.parse_attribute_map(["attribute.map"])
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI)
+
+ assert utils.identity_attribute("name",a,forward) == "urn:oid:2.5.4.5"
+ # if there would be a map it would be serialNumber
+ assert utils.identity_attribute("friendly",a,forward) == "urn:oid:2.5.4.5"
+
+def test_identity_attribute_3():
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI)
+
+ assert utils.identity_attribute("name",a) == "urn:oid:2.5.4.5"
+ # if there would be a map it would be serialNumber
+ assert utils.identity_attribute("friendly",a) == "urn:oid:2.5.4.5"
+
+def test_identity_attribute_4():
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber")
+
+ assert utils.identity_attribute("name",a) == "urn:oid:2.5.4.5"
+ # if there would be a map it would be serialNumber
+ assert utils.identity_attribute("friendly",a) == "serialNumber"
+
+def _givenName(a):
+ assert a["name"] == "urn:oid:2.5.4.42"
+ assert a["friendly_name"] == "givenName"
+ assert len(a["attribute_value"]) == 1
+ assert a["attribute_value"] == [{"text":"Derek"}]
+
+def _surName(a):
+ assert a["name"] == "urn:oid:2.5.4.4"
+ assert a["friendly_name"] == "surName"
+ assert len(a["attribute_value"]) == 1
+ assert a["attribute_value"] == [{"text":"Jeter"}]
+
+def test_nameformat_email():
+ assert utils.valid_email("foo@example.com")
+ assert utils.valid_email("a@b.com")
+ assert utils.valid_email("a@b.se")
+ assert utils.valid_email("john@doe@johndoe.com") == False
+
+def test_attribute():
+ a = utils.factory(saml.Attribute,
+ friendly_name="eduPersonScopedAffiliation",
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")
+
+ assert _eq(a.keyswv(), ["friendly_name","name", "name_format"])
+
+ a = utils.factory(saml.Attribute,
+ friendly_name="eduPersonScopedAffiliation",
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ attribute_value=[saml.AttributeValue(text="member@example.com")])
+
+ assert _eq(a.keyswv(), ["friendly_name","name", "name_format",
+ "attribute_value"])
+
+def test_attribute_statement():
+ statement = utils.factory( saml.Statement,
+ attribute=[
+ utils.factory(saml.Attribute,
+ attribute_value=[
+ utils.factory(
+ saml.AttributeValue,text="Derek")],
+ friendly_name="givenName"),
+ utils.factory(saml.Attribute,
+ attribute_value=[
+ utils.factory(
+ saml.AttributeValue,text="Jeter")],
+ friendly_name="surName"),
+ ])
+ assert statement.keyswv() == ["attribute"]
+ assert len(statement.attribute) == 2
+
+def test_subject_confirmation_data():
+ s = utils.factory( saml.SubjectConfirmation,
+ in_response_to="_12345678",
+ not_before="2010-02-11T07:30:00Z",
+ not_on_or_after="2010-02-11T07:35:00Z",
+ recipient="http://example.com/sp/",
+ address="192.168.0.10")
+
+ assert _eq(s.keyswv(),["in_response_to","not_before","not_on_or_after",
+ "recipient", "address"])
+
+def test_subject_confirmation():
+ s = utils.factory( saml.SubjectConfirmation,
+ method="urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser",
+ base_id="1234",
+ name_id="abcd",
+ subject_confirmation_data=utils.factory(
+ saml.SubjectConfirmationData,
+ in_response_to="_1234567890",
+ recipient="http://example.com/sp/"))
+
+ assert _eq(s.keyswv(),
+ ["method","base_id","name_id","subject_confirmation_data"])
+ assert s.method == "urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser"
+
+
+def test_authn_context_class_ref():
+ a = utils.factory( saml.AuthnContextClassRef,
+ text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified")
+ assert a.keyswv() == ["text"]
+ assert a.text == "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified"
+
+def test_authn_context():
+ accr = utils.factory( saml.AuthnContext,
+ text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified")
+ a = utils.factory(saml.AuthnContext, authn_context_class_ref=accr)
+
+ assert a.keyswv() == ["authn_context_class_ref"]
+
+def test_authn_statement():
+ accr = utils.factory( saml.AuthnContextClassRef,
+ text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified")
+ ac = utils.factory( saml.AuthnContext,
+ authn_context_class_ref=accr)
+ ast = utils.factory( saml.AuthnStatement,
+ authn_instant="2010-03-10T12:33:00Z",
+ session_index="_12345",
+ session_not_on_or_after="2010-03-11T12:00:00Z",
+ authn_context=ac
+ )
+ assert _eq(ast.keyswv(),["authn_instant","session_index",
+ "session_not_on_or_after",
+ "authn_context"])
+
+def test_signature():
+ arr = ["foobar", "1234567890"]
+ csum = utils.signature("abcdef", arr)
+ arr.append(csum)
+
+ assert utils.verify_signature("abcdef", arr)
+
+ \ No newline at end of file
diff --git a/tests/test_13_validate.py b/tests/test_13_validate.py
new file mode 100644
index 00000000..6ca4e4da
--- /dev/null
+++ b/tests/test_13_validate.py
@@ -0,0 +1,107 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import saml2
+import xmldsig as ds
+
+from saml2 import saml
+from saml2 import samlp
+from saml2 import md
+from saml2.validate import valid_duration
+from saml2.validate import valid_unsigned_short
+from saml2.validate import valid_non_negative_integer
+from saml2.validate import valid_string
+from saml2.validate import valid_instance
+from saml2.validate import valid_any_uri
+from saml2.validate import NotValid
+from saml2.validate import valid_anytype
+
+from py.test import raises
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+def test_duration():
+ assert valid_duration("P1Y2M3DT10H30M")
+ assert valid_duration("P1Y2M3DT10H30M1.567S")
+ assert valid_duration("-P120D")
+ assert valid_duration("P1347Y")
+ assert valid_duration("P1347M")
+ assert valid_duration("P1Y2MT2H")
+ assert valid_duration("P0Y1347M")
+ assert valid_duration("P0Y1347M0D")
+ assert valid_duration("-P1347M")
+
+ raises( NotValid, 'valid_duration("P-1347M")')
+ raises( NotValid, ' valid_duration("P1Y2MT")')
+ raises( NotValid, ' valid_duration("P1Y2MT2.5H")')
+ raises( NotValid, ' valid_duration("P1Y2MT2xH")')
+
+
+def test_unsigned_short():
+ assert valid_unsigned_short("1234")
+
+ raises( NotValid, ' valid_unsigned_short("-1234")')
+ raises( NotValid, ' valid_unsigned_short("1234567890")')
+
+def test_valid_non_negative_integer():
+ assert valid_non_negative_integer("1234567890")
+
+ raises( NotValid, 'valid_non_negative_integer("-123")')
+ raises( NotValid, 'valid_non_negative_integer("123.56")')
+ assert valid_non_negative_integer("12345678901234567890")
+
+def test_valid_string():
+ assert valid_string(u'example')
+
+ raises( NotValid, 'valid_string("02656c6c6f".decode("hex"))')
+
+def test_valid_anyuri():
+ assert valid_any_uri("urn:oasis:names:tc:SAML:2.0:attrname-format:uri")
+
+def test_valid_instance():
+ attr_statem = saml.AttributeStatement()
+ text = ["value of test attribute",
+ "value1 of test attribute",
+ "value2 of test attribute",
+ "value1 of test attribute2",
+ "value2 of test attribute2",]
+
+ attr_statem.attribute.append(saml.Attribute())
+ attr_statem.attribute.append(saml.Attribute())
+ attr_statem.attribute[0].name = "testAttribute"
+ attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI
+ attr_statem.attribute[0].friendly_name = "test attribute"
+ attr_statem.attribute[0].attribute_value.append(saml.AttributeValue())
+ attr_statem.attribute[0].attribute_value[0].text = text[0]
+
+ attr_statem.attribute[1].name = "testAttribute2"
+ attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED
+ attr_statem.attribute[1].friendly_name = text[2]
+ attr_statem.attribute[1].attribute_value.append(saml.AttributeValue())
+ attr_statem.attribute[1].attribute_value[0].text = text[2]
+
+ assert valid_instance(attr_statem)
+
+ response = samlp.Response()
+ response.id = "response id"
+ response.in_response_to = "request id"
+ response.version = saml2.VERSION
+ response.issue_instant = "2007-09-14T01:05:02Z"
+ response.destination = "http://www.example.com/Destination"
+ response.consent = saml.CONSENT_UNSPECIFIED
+ response.issuer = saml.Issuer()
+ response.status = samlp.Status()
+ response.assertion.append(saml.Assertion())
+
+ raises( NotValid, 'valid_instance(response)')
+
+def test_valid_anytype():
+ assert valid_anytype("130.239.16.3")
+ assert valid_anytype("textstring")
+ assert valid_anytype("12345678")
+ assert valid_anytype("-1234")
+ assert valid_anytype("P1Y2M3DT10H30M")
+ assert valid_anytype("urn:oasis:names:tc:SAML:2.0:attrname-format:uri")
+
+ \ No newline at end of file
diff --git a/tests/test_20_assertion.py b/tests/test_20_assertion.py
new file mode 100644
index 00000000..b7e284ef
--- /dev/null
+++ b/tests/test_20_assertion.py
@@ -0,0 +1,608 @@
+from saml2 import md, assertion
+from saml2.saml import Attribute, NAME_FORMAT_URI, AttributeValue
+from saml2.assertion import Policy, Assertion, filter_on_attributes
+from saml2.assertion import filter_attribute_value_assertions, from_local
+from saml2.s_utils import MissingValue
+from saml2 import attribute_converter
+from saml2.attribute_converter import ac_factory
+
+from py.test import raises
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+gn = md.RequestedAttribute(
+ name="urn:oid:2.5.4.42",
+ friendly_name="givenName",
+ name_format=NAME_FORMAT_URI)
+
+sn = md.RequestedAttribute(
+ name="urn:oid:2.5.4.4",
+ friendly_name="surName",
+ name_format=NAME_FORMAT_URI)
+
+mail = md.RequestedAttribute(
+ name="urn:oid:0.9.2342.19200300.100.1.3",
+ friendly_name="mail",
+ name_format=NAME_FORMAT_URI)
+
+# ---------------------------------------------------------------------------
+
+def test_filter_on_attributes_0():
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber")
+
+ required = [a]
+ ava = { "serialNumber": ["12345"]}
+
+ ava = filter_on_attributes(ava, required)
+ assert ava.keys() == ["serialNumber"]
+ assert ava["serialNumber"] == ["12345"]
+
+def test_filter_on_attributes_1():
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber")
+
+ required = [a]
+ ava = { "serialNumber": ["12345"], "givenName":["Lars"]}
+
+ ava = filter_on_attributes(ava, required)
+ assert ava.keys() == ["serialNumber"]
+ assert ava["serialNumber"] == ["12345"]
+
+
+# ----------------------------------------------------------------------
+
+def test_lifetime_1():
+ conf = {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:umu.se:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "givenName": None,
+ "surName": None,
+ "mail": [".*@.*\.umu\.se"],
+ }
+ }}
+
+ r = Policy(conf)
+ assert r is not None
+
+ assert r.get_lifetime("urn:mace:umu.se:saml:roland:sp") == {"minutes": 5}
+ assert r.get_lifetime("urn:mace:example.se:saml:sp") == {"minutes": 15}
+
+def test_lifetime_2():
+ conf = {
+ "default": {
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:umu.se:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "givenName": None,
+ "surName": None,
+ "mail": [".*@.*\.umu\.se"],
+ }
+ }}
+
+ r = Policy(conf)
+ assert r is not None
+
+ assert r.get_lifetime("urn:mace:umu.se:saml:roland:sp") == {"minutes": 5}
+ assert r.get_lifetime("urn:mace:example.se:saml:sp") == {"hours": 1}
+
+
+def test_ava_filter_1():
+ conf = {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:umu.se:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "givenName": None,
+ "surName": None,
+ "mail": [".*@.*\.umu\.se"],
+ }
+ }}
+
+ r = Policy(conf)
+
+ ava = {"givenName":"Derek",
+ "surName": "Jeter",
+ "mail":"derek@example.com"}
+
+ ava = r.filter(ava,"urn:mace:umu.se:saml:roland:sp",None,None)
+ assert _eq(ava.keys(), ["givenName","surName"])
+
+ ava = {"givenName":"Derek",
+ "mail":"derek@nyy.umu.se"}
+
+ assert _eq(ava.keys(), ["givenName","mail"])
+
+def test_ava_filter_2():
+ conf = {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:umu.se:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "givenName": None,
+ "surName": None,
+ "mail": [".*@.*\.umu\.se"],
+ }
+ }}
+
+ policy = Policy(conf)
+
+ ava = {"givenName":"Derek",
+ "surName": "Jeter",
+ "mail":"derek@example.com"}
+
+ # I'm filtering away something the SP deems necessary
+
+ #policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', [mail], [gn, sn])
+
+ raises(MissingValue, policy.filter, ava, 'urn:mace:umu.se:saml:roland:sp',
+ [mail], [gn, sn])
+
+ ava = {"givenName":"Derek",
+ "surName": "Jeter"}
+
+ # it wasn't there to begin with
+ raises(MissingValue, policy.filter, ava, 'urn:mace:umu.se:saml:roland:sp',
+ [gn,sn,mail])
+
+def test_filter_attribute_value_assertions_0(AVA):
+ p = Policy({
+ "default": {
+ "attribute_restrictions": {
+ "surName": [".*berg"],
+ }
+ }
+ })
+
+ ava = filter_attribute_value_assertions(AVA[3].copy(),
+ p.get_attribute_restriction(""))
+
+ print ava
+ assert ava.keys() == ["surName"]
+ assert ava["surName"] == ["Hedberg"]
+
+def test_filter_attribute_value_assertions_1(AVA):
+ p = Policy({
+ "default": {
+ "attribute_restrictions": {
+ "surName": None,
+ "givenName": [".*er.*"],
+ }
+ }
+ })
+
+ ava = filter_attribute_value_assertions(AVA[0].copy(),
+ p.get_attribute_restriction(""))
+
+ print ava
+ assert _eq(ava.keys(), ["givenName","surName"])
+ assert ava["surName"] == ["Jeter"]
+ assert ava["givenName"] == ["Derek"]
+
+ ava = filter_attribute_value_assertions(AVA[1].copy(),
+ p.get_attribute_restriction(""))
+
+ print ava
+ assert _eq(ava.keys(), ["surName"])
+ assert ava["surName"] == ["Howard"]
+
+
+def test_filter_attribute_value_assertions_2(AVA):
+ p = Policy({
+ "default": {
+ "attribute_restrictions": {
+ "givenName": ["^R.*"],
+ }
+ }
+ })
+
+ ava = filter_attribute_value_assertions(AVA[0].copy(),
+ p.get_attribute_restriction(""))
+
+ print ava
+ assert _eq(ava.keys(), [])
+
+ ava = filter_attribute_value_assertions(AVA[1].copy(),
+ p.get_attribute_restriction(""))
+
+ print ava
+ assert _eq(ava.keys(), ["givenName"])
+ assert ava["givenName"] == ["Ryan"]
+
+ ava = filter_attribute_value_assertions(AVA[3].copy(),
+ p.get_attribute_restriction(""))
+
+ print ava
+ assert _eq(ava.keys(), ["givenName"])
+ assert ava["givenName"] == ["Roland"]
+
+# ----------------------------------------------------------------------------
+
+def test_assertion_1(AVA):
+ ava = Assertion(AVA[0])
+
+ print ava
+ print ava.__dict__
+
+ policy = Policy({
+ "default": {
+ "attribute_restrictions": {
+ "givenName": ["^R.*"],
+ }
+ }
+ })
+
+ ava = ava.apply_policy( "", policy )
+
+ print ava
+ assert _eq(ava.keys(), [])
+
+ ava = Assertion(AVA[1].copy())
+ ava = ava.apply_policy( "", policy )
+ assert _eq(ava.keys(), ["givenName"])
+ assert ava["givenName"] == ["Ryan"]
+
+ ava = Assertion(AVA[3].copy())
+ ava = ava.apply_policy( "", policy )
+ assert _eq(ava.keys(), ["givenName"])
+ assert ava["givenName"] == ["Roland"]
+
+def test_assertion_2():
+ AVA = {'mail': u'roland.hedberg@adm.umu.se',
+ 'eduPersonTargetedID': 'http://lingon.ladok.umu.se:8090/idp!http://lingon.ladok.umu.se:8088/sp!95e9ae91dbe62d35198fbbd5e1fb0976',
+ 'displayName': u'Roland Hedberg',
+ 'uid': 'http://roland.hedberg.myopenid.com/'}
+
+ ava = Assertion(AVA)
+
+ policy = Policy( {
+ "default": {
+ "lifetime": {"minutes": 240},
+ "attribute_restrictions": None, # means all I have
+ "name_form": NAME_FORMAT_URI
+ },
+ })
+
+ ava = ava.apply_policy( "", policy )
+ acs = ac_factory("attributemaps")
+ attribute=from_local(acs, ava, policy.get_name_form(""))
+
+ assert len(attribute) == 4
+ names = [attr.name for attr in attribute]
+ assert _eq(names, ['urn:oid:0.9.2342.19200300.100.1.3',
+ 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10',
+ 'urn:oid:2.16.840.1.113730.3.1.241',
+ 'urn:oid:0.9.2342.19200300.100.1.1'])
+
+# ----------------------------------------------------------------------------
+
+def test_filter_values_req_2():
+ a1 = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber")
+ a2 = Attribute(name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI,
+ friendly_name="surName")
+
+ required = [a1,a2]
+ ava = { "serialNumber": ["12345"], "givenName":["Lars"]}
+
+ raises(MissingValue, filter_on_attributes, ava, required)
+
+def test_filter_values_req_3():
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber", attribute_value=[
+ AttributeValue(text="12345")])
+
+ required = [a]
+ ava = { "serialNumber": ["12345"]}
+
+ ava = filter_on_attributes(ava, required)
+ assert ava.keys() == ["serialNumber"]
+ assert ava["serialNumber"] == ["12345"]
+
+def test_filter_values_req_4():
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber", attribute_value=[
+ AttributeValue(text="54321")])
+
+ required = [a]
+ ava = { "serialNumber": ["12345"]}
+
+ raises(MissingValue, filter_on_attributes, ava, required)
+
+def test_filter_values_req_5():
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber", attribute_value=[
+ AttributeValue(text="12345")])
+
+ required = [a]
+ ava = { "serialNumber": ["12345", "54321"]}
+
+ ava = filter_on_attributes(ava, required)
+ assert ava.keys() == ["serialNumber"]
+ assert ava["serialNumber"] == ["12345"]
+
+def test_filter_values_req_6():
+ a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber", attribute_value=[
+ AttributeValue(text="54321")])
+
+ required = [a]
+ ava = { "serialNumber": ["12345", "54321"]}
+
+ ava = filter_on_attributes(ava, required)
+ assert ava.keys() == ["serialNumber"]
+ assert ava["serialNumber"] == ["54321"]
+
+def test_filter_values_req_opt_0():
+ r = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber", attribute_value=[
+ AttributeValue(text="54321")])
+ o = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber", attribute_value=[
+ AttributeValue(text="12345")])
+
+ ava = { "serialNumber": ["12345", "54321"]}
+
+ ava = filter_on_attributes(ava, [r], [o])
+ assert ava.keys() == ["serialNumber"]
+ assert _eq(ava["serialNumber"], ["12345","54321"])
+
+def test_filter_values_req_opt_1():
+ r = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber", attribute_value=[
+ AttributeValue(text="54321")])
+ o = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI,
+ friendly_name="serialNumber", attribute_value=[
+ AttributeValue(text="12345"),
+ AttributeValue(text="abcd0")])
+
+ ava = { "serialNumber": ["12345", "54321"]}
+
+ ava = filter_on_attributes(ava, [r], [o])
+ assert ava.keys() == ["serialNumber"]
+ assert _eq(ava["serialNumber"], ["12345","54321"])
+
+def test_filter_values_req_opt_2():
+ r = [Attribute(friendly_name="surName",
+ name="urn:oid:2.5.4.4",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ Attribute(friendly_name="givenName",
+ name="urn:oid:2.5.4.42",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ Attribute(friendly_name="mail",
+ name="urn:oid:0.9.2342.19200300.100.1.3",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+ o = [Attribute(friendly_name="title",
+ name="urn:oid:2.5.4.12",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+
+
+ ava = { "surname":["Hedberg"], "givenName":["Roland"],
+ "eduPersonAffiliation":["staff"],"uid":["rohe0002"]}
+
+ raises(MissingValue, "filter_on_attributes(ava, r, o)")
+
+# ---------------------------------------------------------------------------
+
+def test_filter_values_req_opt_4():
+ r = [Attribute(friendly_name="surName",
+ name="urn:oid:2.5.4.4",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ Attribute(friendly_name="givenName",
+ name="urn:oid:2.5.4.42",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+ o = [Attribute(friendly_name="title",
+ name="urn:oid:2.5.4.12",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+
+ acs = attribute_converter.ac_factory("attributemaps")
+
+ rava = attribute_converter.ava_fro(acs, r)
+ oava = attribute_converter.ava_fro(acs, o)
+
+ ava = { "sn":["Hedberg"], "givenName":["Roland"],
+ "eduPersonAffiliation":["staff"],"uid":["rohe0002"]}
+
+ ava = assertion.filter_on_demands(ava, rava, oava)
+ print ava
+ assert _eq(ava.keys(), ['givenName', 'sn'])
+ assert ava == {'givenName': ['Roland'], 'sn': ['Hedberg']}
+
+# ---------------------------------------------------------------------------
+
+
+def test_filter_ava_0():
+ policy = Policy({
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ }
+ })
+
+ ava = { "givenName": ["Derek"], "surName": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com"]}
+
+ # No restrictions apply
+ ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp",
+ [], [])
+
+ assert _eq(ava.keys(), ["givenName", "surName", "mail"])
+ assert ava["givenName"] == ["Derek"]
+ assert ava["surName"] == ["Jeter"]
+ assert ava["mail"] == ["derek@nyy.mlb.com"]
+
+
+def test_filter_ava_1():
+ """ No mail address returned """
+ policy = Policy({
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "givenName": None,
+ "surName": None,
+ }
+ }})
+
+ ava = { "givenName": ["Derek"], "surName": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com"]}
+
+ # No restrictions apply
+ ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp", [], [])
+
+ assert _eq(ava.keys(), ["givenName", "surName"])
+ assert ava["givenName"] == ["Derek"]
+ assert ava["surName"] == ["Jeter"]
+
+def test_filter_ava_2():
+ """ Only mail returned """
+ policy = Policy({
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "mail": None,
+ }
+ }})
+
+ ava = { "givenName": ["Derek"], "surName": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com"]}
+
+ # No restrictions apply
+ ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp", [], [])
+
+ assert _eq(ava.keys(), ["mail"])
+ assert ava["mail"] == ["derek@nyy.mlb.com"]
+
+def test_filter_ava_3():
+ """ Only example.com mail addresses returned """
+ policy = Policy({
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "mail": [".*@example\.com$"],
+ }
+ }})
+
+ ava = { "givenName": ["Derek"], "surName": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com", "dj@example.com"]}
+
+ # No restrictions apply
+ ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp", [], [])
+
+ assert _eq(ava.keys(), ["mail"])
+ assert ava["mail"] == ["dj@example.com"]
+
+def test_filter_ava_4():
+ """ Return everything as default policy is used """
+ policy = Policy({
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None # means all I have
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "attribute_restrictions":{
+ "mail": [".*@example\.com$"],
+ }
+ }})
+
+ ava = { "givenName": ["Derek"], "surName": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com", "dj@example.com"]}
+
+ # No restrictions apply
+ ava = policy.filter(ava, "urn:mace:example.com:saml:curt:sp", [], [])
+
+ assert _eq(ava.keys(), ['mail', 'givenName', 'surName'])
+ assert _eq(ava["mail"], ["derek@nyy.mlb.com", "dj@example.com"])
+
+def test_req_opt():
+ req = [md.RequestedAttribute(friendly_name="surname", name="urn:oid:2.5.4.4",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ is_required="true"),
+ md.RequestedAttribute(friendly_name="givenname",
+ name="urn:oid:2.5.4.42",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ is_required="true"),
+ md.RequestedAttribute(friendly_name="edupersonaffiliation",
+ name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ is_required="true")]
+
+ opt = [md.RequestedAttribute(friendly_name="title",
+ name="urn:oid:2.5.4.12",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ is_required="false")]
+
+ policy = Policy()
+ ava = {'givenname': 'Roland', 'surname': 'Hedberg',
+ 'uid': 'rohe0002', 'edupersonaffiliation': 'staff'}
+
+ sp_entity_id = "urn:mace:example.com:saml:curt:sp"
+ fava = policy.filter(ava, sp_entity_id, req, opt)
+ assert fava
+
+def test_filter_on_wire_representation_1():
+ r = [Attribute(friendly_name="surName",
+ name="urn:oid:2.5.4.4",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ Attribute(friendly_name="givenName",
+ name="urn:oid:2.5.4.42",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+ o = [Attribute(friendly_name="title",
+ name="urn:oid:2.5.4.12",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+
+ acs = attribute_converter.ac_factory("attributemaps")
+
+ ava = { "sn":["Hedberg"], "givenname":["Roland"],
+ "edupersonaffiliation":["staff"],"uid":["rohe0002"]}
+
+ ava = assertion.filter_on_wire_representation(ava, acs, r, o)
+ assert _eq(ava.keys(), ["sn", "givenname"])
+
+def test_filter_on_wire_representation_2():
+ r = [Attribute(friendly_name="surName",
+ name="urn:oid:2.5.4.4",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ Attribute(friendly_name="givenName",
+ name="urn:oid:2.5.4.42",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+ o = [Attribute(friendly_name="title",
+ name="urn:oid:2.5.4.12",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+
+ acs = attribute_converter.ac_factory("attributemaps")
+
+ ava = { "sn":["Hedberg"], "givenname":["Roland"],
+ "title":["Master"],"uid":["rohe0002"]}
+
+ ava = assertion.filter_on_wire_representation(ava, acs, r, o)
+ assert _eq(ava.keys(), ["sn", "givenname", "title"]) \ No newline at end of file
diff --git a/tests/test_21_attribute_converter.py b/tests/test_21_attribute_converter.py
new file mode 100644
index 00000000..384158fc
--- /dev/null
+++ b/tests/test_21_attribute_converter.py
@@ -0,0 +1,160 @@
+#!/usr/bin/env python
+
+from saml2 import attribute_converter, saml
+
+from attribute_statement_data import *
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+BASIC_NF = 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic'
+URI_NF = 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri'
+SAML1 = 'urn:mace:shibboleth:1.0:attributeNamespace:uri'
+
+def test_default():
+ acs = attribute_converter.ac_factory()
+ assert acs
+
+class TestAC():
+ def setup_class(self):
+ self.acs = attribute_converter.ac_factory("attributemaps")
+
+ def test_setup(self):
+ print self.acs
+ assert len(self.acs) == 3
+ assert _eq([a.name_format for a in self.acs],[BASIC_NF, URI_NF, SAML1] )
+
+ def test_ava_fro_1(self):
+ ats = saml.attribute_statement_from_string(STATEMENT1)
+ #print ats
+ ava = None
+
+ for ac in self.acs:
+ try:
+ ava = ac.fro(ats)
+ break
+ except attribute_converter.UnknownNameFormat:
+ pass
+ print ava.keys()
+ assert _eq(ava.keys(),['givenName', 'displayName', 'uid',
+ 'eduPersonNickname', 'street', 'eduPersonScopedAffiliation',
+ 'employeeType', 'eduPersonAffiliation', 'eduPersonPrincipalName',
+ 'sn', 'postalCode', 'physicalDeliveryOfficeName', 'ou',
+ 'eduPersonTargetedID', 'cn'])
+
+ def test_ava_fro_2(self):
+ ats = saml.attribute_statement_from_string(STATEMENT2)
+ #print ats
+ ava = None
+ for ac in self.acs:
+ try:
+ ava = ac.fro(ats)
+ break
+ except attribute_converter.UnknownNameFormat:
+ pass
+ print ava.keys()
+ assert _eq(ava.keys(),['uid', 'swissEduPersonUniqueID',
+ 'swissEduPersonHomeOrganizationType',
+ 'eduPersonEntitlement',
+ 'eduPersonAffiliation', 'sn', 'mail',
+ 'swissEduPersonHomeOrganization', 'givenName'])
+
+ def test_to_attrstat_1(self):
+ ava = { "givenName": "Roland", "sn": "Hedberg" }
+
+ statement = attribute_converter.from_local(self.acs, ava, BASIC_NF)
+
+ assert statement is not None
+ assert len(statement) == 2
+ a0 = statement[0]
+ a1 = statement[1]
+ if a0.friendly_name == 'sn':
+ assert a0.name == 'urn:mace:dir:attribute-def:sn'
+ assert a0.name_format == BASIC_NF
+ assert a1.friendly_name == "givenName"
+ assert a1.name == 'urn:mace:dir:attribute-def:givenName'
+ assert a1.name_format == BASIC_NF
+ elif a0.friendly_name == 'givenName':
+ assert a0.name == 'urn:mace:dir:attribute-def:givenName'
+ assert a0.name_format == BASIC_NF
+ assert a1.friendly_name == "sn"
+ assert a1.name == 'urn:mace:dir:attribute-def:sn'
+ assert a1.name_format == BASIC_NF
+ else:
+ assert False
+
+ def test_to_attrstat_2(self):
+ ava = { "givenName": "Roland", "surname": "Hedberg" }
+
+ statement = attribute_converter.from_local(self.acs, ava, URI_NF)
+
+ assert len(statement) == 2
+ a0 = statement[0]
+ a1 = statement[1]
+ if a0.friendly_name == 'surname':
+ assert a0.name == 'urn:oid:2.5.4.4'
+ assert a0.name_format == URI_NF
+ assert a1.friendly_name == "givenName"
+ assert a1.name == 'urn:oid:2.5.4.42'
+ assert a1.name_format == URI_NF
+ elif a0.friendly_name == 'givenName':
+ assert a0.name == 'urn:oid:2.5.4.42'
+ assert a0.name_format == URI_NF
+ assert a1.friendly_name == "surname"
+ assert a1.name == 'urn:oid:2.5.4.4'
+ assert a1.name_format == URI_NF
+ else:
+ assert False
+
+ def test_to_local_name(self):
+
+ attr = [saml.Attribute(friendly_name="surName",
+ name="urn:oid:2.5.4.4",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ saml.Attribute(friendly_name="efternamn",
+ name="urn:oid:2.5.4.42",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ saml.Attribute(friendly_name="titel",
+ name="urn:oid:2.5.4.12",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+
+ lan = [attribute_converter.to_local_name(self.acs, a) for a in attr]
+
+ assert _eq(lan, ['sn', 'givenName', 'title'])
+
+ def test_ava_fro_1(self):
+
+ attr = [saml.Attribute(friendly_name="surName",
+ name="urn:oid:2.5.4.4",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ saml.Attribute(friendly_name="efternamn",
+ name="urn:oid:2.5.4.42",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
+ saml.Attribute(friendly_name="titel",
+ name="urn:oid:2.5.4.12",
+ name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
+
+ result = attribute_converter.ava_fro(self.acs, attr)
+
+ print result
+ assert result == {'givenName': [], 'sn': [], 'title': []}
+
+ def test_to_local_name_from_basic(self):
+ attr = [saml.Attribute(
+ name="urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN")]
+
+ lan = [attribute_converter.to_local_name(self.acs, a) for a in attr]
+
+ assert _eq(lan, ['eduPersonPrimaryOrgUnitDN'])
+
+ def test_to_and_for(self):
+ ava = { "givenName": "Roland", "surname": "Hedberg" }
+
+ basic_ac = [a for a in self.acs if a.name_format == BASIC_NF][0]
+
+ attr_state = saml.AttributeStatement(basic_ac.to_(ava))
+
+ oava = basic_ac.fro(attr_state)
+
+ assert _eq(ava.keys(), oava.keys())
+ \ No newline at end of file
diff --git a/tests/test_30_metadata.py b/tests/test_30_metadata.py
new file mode 100644
index 00000000..cb9e8d7f
--- /dev/null
+++ b/tests/test_30_metadata.py
@@ -0,0 +1,470 @@
+import datetime
+import re
+#import os
+
+from saml2 import metadata, make_vals, make_instance
+from saml2 import NAMESPACE as SAML2_NAMESPACE
+from saml2 import BINDING_SOAP
+from saml2 import md, saml, samlp
+from saml2 import time_util
+from saml2.saml import NAMEID_FORMAT_TRANSIENT, NAME_FORMAT_URI
+from saml2.attribute_converter import ac_factory
+
+#from py.test import raises
+
+SWAMI_METADATA = "swamid-1.0.xml"
+INCOMMON_METADATA = "InCommon-metadata.xml"
+EXAMPLE_METADATA = "metadata_example.xml"
+SWITCH_METADATA = "metadata.aaitest.xml"
+SP_METADATA = "metasp.xml"
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+def _read_file(name):
+ try:
+ return open(name).read()
+ except IOError:
+ name = "tests/"+name
+ return open(name).read()
+
+def _read_lines(name):
+ try:
+ return open(name).readlines()
+ except IOError:
+ name = "tests/"+name
+ return open(name).readlines()
+
+def _fix_valid_until(xmlstring):
+ new_date = datetime.datetime.now() + datetime.timedelta(days=1)
+ new_date = new_date.strftime("%Y-%m-%dT%H:%M:%SZ")
+ return re.sub(r' validUntil=".*?"', ' validUntil="%s"' % new_date,
+ xmlstring)
+
+ATTRCONV = ac_factory("attributemaps")
+
+def test_swami_1():
+ md = metadata.MetaData(attrconv=ATTRCONV)
+ md.import_metadata(_read_file(SWAMI_METADATA),"-")
+ print len(md.entity)
+ assert len(md.entity)
+ idps = dict([(id,ent["idp_sso"]) for id,ent in md.entity.items() \
+ if "idp_sso" in ent])
+ print idps
+ assert idps.keys()
+ idp_sso = md.single_sign_on_services(
+ 'https://idp.umu.se/saml2/idp/metadata.php')
+ assert md.name('https://idp.umu.se/saml2/idp/metadata.php') == (
+ u'Ume\xe5 University (SAML2)')
+ assert len(idp_sso) == 1
+ assert idp_sso == ['https://idp.umu.se/saml2/idp/SSOService.php']
+ print md._loc_key['https://idp.umu.se/saml2/idp/SSOService.php']
+ ssocerts = md.certs('https://idp.umu.se/saml2/idp/SSOService.php', "signing")
+ print ssocerts
+ assert len(ssocerts) == 1
+ print md._wants.keys()
+ assert _eq(md._wants.keys(),['https://sp.swamid.se/shibboleth',
+ 'https://connect8.sunet.se/shibboleth',
+ 'https://beta.lobber.se/shibboleth',
+ 'https://connect.uninett.no/shibboleth',
+ 'https://www.diva-portal.org/shibboleth',
+ 'https://connect.sunet.se/shibboleth',
+ 'https://crowd.nordu.net/shibboleth'])
+
+ print md.wants('https://www.diva-portal.org/shibboleth')
+ assert _eq(md.wants('https://www.diva-portal.org/shibboleth')[1].keys(),
+ ['mail', 'givenName', 'eduPersonPrincipalName', 'sn',
+ 'eduPersonScopedAffiliation'])
+
+ assert md.wants('https://connect.sunet.se/shibboleth')[0] == {}
+ assert _eq(md.wants('https://connect.sunet.se/shibboleth')[1].keys(),
+ ['mail', 'givenName', 'eduPersonPrincipalName', 'sn',
+ 'eduPersonScopedAffiliation'])
+
+def test_incommon_1():
+ md = metadata.MetaData(attrconv=ATTRCONV)
+ md.import_metadata(_read_file(INCOMMON_METADATA),"-")
+ print len(md.entity)
+ assert len(md.entity) == 442
+ idps = dict([
+ (id,ent["idp_sso"]) for id,ent in md.entity.items() if "idp_sso" in ent])
+ print idps.keys()
+ assert len(idps) == 53 # !!!!???? < 10%
+ assert md.single_sign_on_services('urn:mace:incommon:uiuc.edu') == []
+ idp_sso = md.single_sign_on_services('urn:mace:incommon:alaska.edu')
+ assert len(idp_sso) == 1
+ print idp_sso
+ print md.wants
+ assert idp_sso == ['https://idp.alaska.edu/idp/profile/SAML2/Redirect/SSO']
+
+def test_example():
+ md = metadata.MetaData(attrconv=ATTRCONV)
+ md.import_metadata(_read_file(EXAMPLE_METADATA), "-")
+ print len(md.entity)
+ assert len(md.entity) == 1
+ idps = dict([(id,ent["idp_sso"]) for id,ent in md.entity.items() \
+ if "idp_sso" in ent])
+ assert idps.keys() == [
+ 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php']
+ print md._loc_key['http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php']
+ certs = md.certs(
+ 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php',
+ "signing")
+ assert len(certs) == 1
+ assert isinstance(certs[0], tuple)
+ assert len(certs[0]) == 2
+
+def test_switch_1():
+ md = metadata.MetaData(attrconv=ATTRCONV)
+ md.import_metadata(_read_file(SWITCH_METADATA), "-")
+ print len(md.entity)
+ assert len(md.entity) == 90
+ idps = dict([(id,ent["idp_sso"]) for id,ent in md.entity.items() \
+ if "idp_sso" in ent])
+ print idps.keys()
+ idp_sso = md.single_sign_on_services(
+ 'https://aai-demo-idp.switch.ch/idp/shibboleth')
+ assert len(idp_sso) == 1
+ print idp_sso
+ assert idp_sso == [
+ 'https://aai-demo-idp.switch.ch/idp/profile/SAML2/Redirect/SSO']
+ assert len(idps) == 16
+ aas = dict([(id,ent["attribute_authority"]) for id,ent in md.entity.items() \
+ if "attribute_authority" in ent])
+ print aas.keys()
+ aads = aas['https://aai-demo-idp.switch.ch/idp/shibboleth']
+ assert len(aads) == 1
+ aad = aads[0]
+ assert len(aad.attribute_service) == 1
+ assert len(aad.name_id_format) == 2
+ dual = dict([(id,ent) for id,ent in md.entity.items() \
+ if "idp_sso" in ent and "sp_sso" in ent])
+ print len(dual)
+ assert len(dual) == 0
+
+def test_sp_metadata():
+ md = metadata.MetaData(attrconv=ATTRCONV)
+ md.import_metadata(_fix_valid_until(_read_file(SP_METADATA)), "-")
+
+ print md.entity
+ assert len(md.entity) == 1
+ assert md.entity.keys() == ['urn:mace:umu.se:saml:roland:sp']
+ assert _eq(md.entity['urn:mace:umu.se:saml:roland:sp'].keys(), [
+ 'valid_until',"organization","sp_sso",
+ 'contact_person'])
+ print md.entity['urn:mace:umu.se:saml:roland:sp']["sp_sso"][0].keyswv()
+ (req,opt) = md.attribute_consumer('urn:mace:umu.se:saml:roland:sp')
+ print req
+ assert len(req) == 3
+ assert len(opt) == 1
+ assert opt[0].name == 'urn:oid:2.5.4.12'
+ assert opt[0].friendly_name == 'title'
+ assert _eq([n.name for n in req],['urn:oid:2.5.4.4', 'urn:oid:2.5.4.42',
+ 'urn:oid:0.9.2342.19200300.100.1.3'])
+ assert _eq([n.friendly_name for n in req],['surName', 'givenName', 'mail'])
+ print md.wants
+
+ assert md._wants.keys() == ['urn:mace:umu.se:saml:roland:sp']
+ assert _eq(md.wants('urn:mace:umu.se:saml:roland:sp')[0].keys(),
+ ["mail", "givenName", "sn"])
+ assert _eq(md.wants('urn:mace:umu.se:saml:roland:sp')[1].keys(),
+ ["title"])
+
+KALMAR2_URL = "https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2"
+KALMAR2_CERT = "kalmar2.pem"
+
+#def test_import_external_metadata(xmlsec):
+# md = metadata.MetaData(xmlsec,attrconv=ATTRCONV)
+# md.import_external_metadata(KALMAR2_URL, KALMAR2_CERT)
+#
+# print len(md.entity)
+# assert len(md.entity) > 20
+# idps = dict([
+# (id,ent["idp_sso"]) for id,ent in md.entity.items() if "idp_sso" in ent])
+# print idps.keys()
+# assert len(idps) > 1
+# assert "https://idp.umu.se/saml2/idp/metadata.php" in idps
+
+# ------------ Constructing metaval ----------------------------------------
+
+def test_construct_organisation_name():
+ o = md.Organization()
+ make_vals({"text":"Exempel AB", "lang":"se"},
+ md.OrganizationName, o, "organization_name")
+ print o
+ assert str(o) == """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:Organization xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:OrganizationName xml:lang="se">Exempel AB</ns0:OrganizationName></ns0:Organization>"""
+
+def test_make_int_value():
+ val = make_vals( 1, saml.AttributeValue, part=True)
+ assert isinstance(val, saml.AttributeValue)
+ assert val.text == "1"
+
+def test_make_true_value():
+ val = make_vals( True, saml.AttributeValue, part=True )
+ assert isinstance(val, saml.AttributeValue)
+ assert val.text == "true"
+
+def test_make_false_value():
+ val = make_vals( False, saml.AttributeValue, part=True )
+ assert isinstance(val, saml.AttributeValue)
+ assert val.text == "false"
+
+NO_VALUE = """<?xml version='1.0' encoding='UTF-8'?>
+<saml:AttributeValue xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" />"""
+
+def test_make_no_value():
+ val = make_vals( None, saml.AttributeValue, part=True )
+ assert isinstance(val, saml.AttributeValue)
+ assert val.text == ""
+ print val
+ assert val.to_string({'saml': saml.NAMESPACE}) == NO_VALUE
+
+def test_make_string():
+ val = make_vals( "example", saml.AttributeValue, part=True )
+ assert isinstance(val, saml.AttributeValue)
+ assert val.text == "example"
+
+def test_make_list_of_strings():
+ attr = saml.Attribute()
+ vals = ["foo", "bar"]
+ make_vals(vals, saml.AttributeValue, attr, "attribute_value")
+ assert attr.keyswv() == ["attribute_value"]
+ print attr.attribute_value
+ assert _eq([val.text for val in attr.attribute_value], vals)
+
+def test_make_dict():
+ vals = ["foo", "bar"]
+ attrval = { "attribute_value": vals}
+ attr = make_vals(attrval, saml.Attribute, part=True)
+ assert attr.keyswv() == ["attribute_value"]
+ assert _eq([val.text for val in attr.attribute_value], vals)
+
+# ------------ Constructing metadata ----------------------------------------
+
+def test_construct_contact():
+ c = make_instance(md.ContactPerson, {
+ "given_name":"Roland",
+ "sur_name": "Hedberg",
+ "email_address": "roland@catalogix.se",
+ })
+ print c
+ assert c.given_name.text == "Roland"
+ assert c.sur_name.text == "Hedberg"
+ assert c.email_address[0].text == "roland@catalogix.se"
+ assert _eq(c.keyswv(), ["given_name","sur_name","email_address"])
+
+
+def test_construct_organisation():
+ c = make_instance( md.Organization, {
+ "organization_name": ["Example Co.",
+ {"text":"Exempel AB", "lang":"se"}],
+ "organization_url": "http://www.example.com/"
+ })
+
+ assert _eq(c.keyswv(), ["organization_name","organization_url"])
+ assert len(c.organization_name) == 2
+ org_names = [on.text for on in c.organization_name]
+ assert _eq(org_names,["Exempel AB","Example Co."])
+ assert len(c.organization_url) == 1
+
+def test_construct_entity_descr_1():
+ ed = make_instance(md.EntityDescriptor,
+ {"organization": {
+ "organization_name":"Catalogix",
+ "organization_url": "http://www.catalogix.se/"},
+ "entity_id": "urn:mace:catalogix.se:sp1",
+ })
+
+ assert ed.entity_id == "urn:mace:catalogix.se:sp1"
+ org = ed.organization
+ assert org
+ assert _eq(org.keyswv(), ["organization_name","organization_url"])
+ assert len(org.organization_name) == 1
+ assert org.organization_name[0].text == "Catalogix"
+ assert org.organization_url[0].text == "http://www.catalogix.se/"
+
+def test_construct_entity_descr_2():
+ ed = make_instance(md.EntityDescriptor,
+ {"organization": {
+ "organization_name":"Catalogix",
+ "organization_url": "http://www.catalogix.se/"},
+ "entity_id": "urn:mace:catalogix.se:sp1",
+ "contact_person": {
+ "given_name":"Roland",
+ "sur_name": "Hedberg",
+ "email_address": "roland@catalogix.se",
+ }
+ })
+
+ assert _eq(ed.keyswv(), ["entity_id", "contact_person", "organization"])
+ assert ed.entity_id == "urn:mace:catalogix.se:sp1"
+ org = ed.organization
+ assert org
+ assert _eq(org.keyswv(), ["organization_name", "organization_url"])
+ assert len(org.organization_name) == 1
+ assert org.organization_name[0].text == "Catalogix"
+ assert org.organization_url[0].text == "http://www.catalogix.se/"
+ assert len(ed.contact_person) == 1
+ c = ed.contact_person[0]
+ assert c.given_name.text == "Roland"
+ assert c.sur_name.text == "Hedberg"
+ assert c.email_address[0].text == "roland@catalogix.se"
+ assert _eq(c.keyswv(), ["given_name","sur_name","email_address"])
+
+def test_construct_key_descriptor():
+ cert = "".join(_read_lines("test.pem")[1:-1]).strip()
+ spec = {
+ "use": "signing",
+ "key_info" : {
+ "x509_data": {
+ "x509_certificate": cert
+ }
+ }
+ }
+ kd = make_instance(md.KeyDescriptor, spec)
+ assert _eq(kd.keyswv(), ["use", "key_info"])
+ assert kd.use == "signing"
+ ki = kd.key_info
+ assert _eq(ki.keyswv(), ["x509_data"])
+ assert len(ki.x509_data) == 1
+ data = ki.x509_data[0]
+ assert _eq(data.keyswv(), ["x509_certificate"])
+ assert data.x509_certificate
+ assert len(data.x509_certificate.text.strip()) == len(cert)
+
+def test_construct_key_descriptor_with_key_name():
+ cert = "".join(_read_lines("test.pem")[1:-1]).strip()
+ spec = {
+ "use": "signing",
+ "key_info" : {
+ "key_name": "example.com",
+ "x509_data": {
+ "x509_certificate": cert
+ }
+ }
+ }
+ kd = make_instance(md.KeyDescriptor, spec)
+ assert _eq(kd.keyswv(), ["use", "key_info"])
+ assert kd.use == "signing"
+ ki = kd.key_info
+ assert _eq(ki.keyswv(), ["x509_data", "key_name"])
+ assert len(ki.key_name) == 1
+ assert ki.key_name[0].text.strip() == "example.com"
+ assert len(ki.x509_data) == 1
+ data = ki.x509_data[0]
+ assert _eq(data.keyswv(), ["x509_certificate"])
+ assert data.x509_certificate
+ assert len(data.x509_certificate.text.strip()) == len(cert)
+
+def test_construct_AttributeAuthorityDescriptor():
+ aad = make_instance(
+ md.AttributeAuthorityDescriptor, {
+ "valid_until": time_util.in_a_while(30), # 30 days from now
+ "id": "aad.example.com",
+ "protocol_support_enumeration": SAML2_NAMESPACE,
+ "attribute_service": {
+ "binding": BINDING_SOAP,
+ "location": "http://example.com:6543/saml2/aad",
+ },
+ "name_id_format":[
+ NAMEID_FORMAT_TRANSIENT,
+ ],
+ "key_descriptor": {
+ "use": "signing",
+ "key_info" : {
+ "key_name": "example.com",
+ }
+ }
+ })
+
+ print aad
+ assert _eq(aad.keyswv(),["valid_until", "id", "attribute_service",
+ "name_id_format", "key_descriptor",
+ "protocol_support_enumeration"])
+ assert time_util.str_to_time(aad.valid_until)
+ assert aad.id == "aad.example.com"
+ assert aad.protocol_support_enumeration == SAML2_NAMESPACE
+ assert len(aad.attribute_service) == 1
+ atsr = aad.attribute_service[0]
+ assert _eq(atsr.keyswv(),["binding", "location"])
+ assert atsr.binding == BINDING_SOAP
+ assert atsr.location == "http://example.com:6543/saml2/aad"
+ assert len(aad.name_id_format) == 1
+ nif = aad.name_id_format[0]
+ assert nif.text.strip() == NAMEID_FORMAT_TRANSIENT
+ assert len(aad.key_descriptor) == 1
+ kdesc = aad.key_descriptor[0]
+ assert kdesc.use == "signing"
+ assert kdesc.key_info.key_name[0].text.strip() == "example.com"
+
+STATUS_RESULT = """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:Status xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal" /></ns0:StatusCode><ns0:StatusMessage>Error resolving principal</ns0:StatusMessage></ns0:Status>"""
+
+def test_status():
+ input = {
+ "status_code": {
+ "value": samlp.STATUS_RESPONDER,
+ "status_code":
+ {
+ "value": samlp.STATUS_UNKNOWN_PRINCIPAL,
+ },
+ },
+ "status_message": "Error resolving principal",
+ }
+ status_text = "%s" % make_instance( samlp.Status, input)
+ assert status_text == STATUS_RESULT
+
+def test_attributes():
+ required = ["surname", "givenname", "edupersonaffiliation"]
+ ra = metadata.do_requested_attribute(required, ATTRCONV, "True")
+ print ra
+ assert ra
+ assert len(ra) == 3
+ for i in range(3):
+ assert isinstance(ra[i], md.RequestedAttribute)
+ assert ra[i].name_format == NAME_FORMAT_URI
+ assert ra[i].attribute_value == []
+ assert ra[i].is_required == "True"
+ assert ra[0].friendly_name == "surname"
+ assert ra[0].name == 'urn:oid:2.5.4.4'
+
+
+def test_extend():
+ md = metadata.MetaData(attrconv=ATTRCONV)
+ md.import_metadata(_fix_valid_until(_read_file("extended.xml")), "-")
+
+ signcerts = md.certs("https://coip-test.sunet.se/shibboleth", "signing")
+ assert len(signcerts) == 1
+ enccerts = md.certs("https://coip-test.sunet.se/shibboleth", "encryption")
+ assert len(enccerts) == 1
+ assert signcerts[0] == enccerts[0]
+
+def test_ui_info():
+ md = metadata.MetaData(attrconv=ATTRCONV)
+ md.import_metadata(_fix_valid_until(_read_file("idp_uiinfo.xml")), "-")
+ loc = md.single_sign_on_services_with_uiinfo(
+ "http://example.com/saml2/idp.xml")
+ assert len(loc) == 1
+ assert loc[0][0] == "http://example.com/saml2/"
+ assert len(loc[0][1]) == 1
+ ui_info = loc[0][1][0]
+ print ui_info
+ assert ui_info.description[0].text == "Exempel bolag"
+
+def test_pdp():
+ md = metadata.MetaData(attrconv=ATTRCONV)
+ md.import_metadata(_fix_valid_until(_read_file("pdp_meta.xml")), "-")
+
+ assert md
+
+ pdps = md.pdp_services("http://www.example.org/pysaml2/")
+
+ assert len(pdps) == 1
+ pdp = pdps[0]
+ assert len(pdp.authz_service) == 1
+ assert pdp.authz_service[0].location == "http://www.example.org/pysaml2/authz"
+ assert pdp.authz_service[0].binding == BINDING_SOAP
+ endpoints = md.authz_service_endpoints("http://www.example.org/pysaml2/")
+ assert len(endpoints) == 1
+ assert endpoints[0] == "http://www.example.org/pysaml2/authz"
diff --git a/tests/test_31_config.py b/tests/test_31_config.py
new file mode 100644
index 00000000..c6ff3e01
--- /dev/null
+++ b/tests/test_31_config.py
@@ -0,0 +1,334 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import sys
+import logging
+
+from saml2 import BINDING_HTTP_REDIRECT, BINDING_SOAP, BINDING_HTTP_POST
+from saml2.config import SPConfig, IdPConfig, Config
+from saml2.metadata import MetaData
+from py.test import raises
+
+from saml2 import root_logger
+
+sp1 = {
+ "entityid" : "urn:mace:umu.se:saml:roland:sp",
+ "service": {
+ "sp": {
+ "endpoints" : {
+ "assertion_consumer_service" : ["http://lingon.catalogix.se:8087/"],
+ },
+ "name": "test",
+ "idp" : {
+ "urn:mace:example.com:saml:roland:idp": {'single_sign_on_service':
+ {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect':
+ 'http://localhost:8088/sso/'}},
+ }
+ }
+ },
+ "key_file" : "mykey.pem",
+ "cert_file" : "mycert.pem",
+ #"xmlsec_binary" : "/opt/local/bin/xmlsec1",
+ "metadata": {
+ "local": ["metadata.xml",
+ "urn-mace-swami.se-swamid-test-1.0-metadata.xml"],
+ },
+ "virtual_organization" : {
+ "coip":{
+ "nameid_format" : "urn:oasis:names:tc:SAML:2.0:nameid-format:transient",
+ "common_identifier": "eduPersonPrincipalName",
+ "attribute_auth": [
+ "https://coip-test.sunet.se/idp/shibboleth",
+ ]
+ }
+ },
+ "attribute_map_dir": "attributemaps",
+ "only_use_keys_in_metadata": True,
+}
+
+sp2 = {
+ "entityid" : "urn:mace:umu.se:saml:roland:sp",
+ "name" : "Rolands SP",
+ "service": {
+ "sp": {
+ "endpoints" : {
+ "assertion_consumer_service" : ["http://lingon.catalogix.se:8087/"],
+ },
+ "required_attributes": ["surName", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp": {
+ "" : "https://example.com/saml2/idp/SSOService.php",
+ }
+ }
+ },
+ #"xmlsec_binary" : "/opt/local/bin/xmlsec1",
+}
+
+IDP1 = {
+ "entityid" : "urn:mace:umu.se:saml:roland:idp",
+ "name" : "Rolands IdP",
+ "service": {
+ "idp": {
+ "endpoints": {
+ "single_sign_on_service" : ["http://localhost:8088/"],
+ },
+ "policy": {
+ "default": {
+ "attribute_restrictions": {
+ "givenName": None,
+ "surName": None,
+ "eduPersonAffiliation": ["(member|staff)"],
+ "mail": [".*@example.com"],
+ }
+ },
+ "urn:mace:umu.se:saml:roland:sp": None
+ },
+ }
+ },
+ #"xmlsec_binary" : "/usr/local/bin/xmlsec1",
+}
+
+IDP2 = {
+ "entityid" : "urn:mace:umu.se:saml:roland:idp",
+ "name" : "Rolands IdP",
+ "service": {
+ "idp": {
+ "endpoints": {
+ "single_sign_on_service" : ["http://localhost:8088/"],
+ "single_logout_service" : [("http://localhost:8088/", BINDING_HTTP_REDIRECT)],
+ },
+ "policy":{
+ "default": {
+ "attribute_restrictions": {
+ "givenName": None,
+ "surName": None,
+ "eduPersonAffiliation": ["(member|staff)"],
+ "mail": [".*@example.com"],
+ }
+ },
+ "urn:mace:umu.se:saml:roland:sp": None
+ },
+ }
+ },
+ #"xmlsec_binary" : "/usr/local/bin/xmlsec1",
+}
+
+PDP = {
+ "entityid" : "http://example.org/pysaml2/pdp",
+ "name" : "Rolands PdP",
+ "service": {
+ "pdp": {
+ "endpoints": {
+ "authz_service" : [("http://example.org/pysaml2/pdp/authz",
+ BINDING_SOAP)],
+ },
+ }
+ },
+ "key_file" : "test.key",
+ "cert_file" : "test.pem",
+ "organization": {
+ "name": "Exempel AB",
+ "display_name": [("Exempel AB","se"),("Example Co.","en")],
+ "url":"http://www.example.com/roland",
+ },
+ "contact_person": [{
+ "given_name":"John",
+ "sur_name": "Smith",
+ "email_address": ["john.smith@example.com"],
+ "contact_type": "technical",
+ },
+ ],
+}
+
+ECP_SP = {
+ "entityid" : "urn:mace:umu.se:saml:roland:ecpsp",
+ "name" : "Rolands ECP_SP",
+ "service": {
+ "sp": {
+ "endpoints" : {
+ "assertion_consumer_service" : ["http://lingon.catalogix.se:8087/"],
+ },
+ "ecp" : {
+ "130.239.": "http://example.com/idp",
+ }
+ }
+ },
+ #"xmlsec_binary" : "/opt/local/bin/xmlsec1",
+}
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+def test_1():
+ c = SPConfig().load(sp1)
+ c.context = "sp"
+ print c
+ assert c.endpoints
+ assert c.name
+ assert c.idp
+ md = c.metadata
+ assert isinstance(md, MetaData)
+
+ assert len(c.idp) == 1
+ assert c.idp.keys() == ["urn:mace:example.com:saml:roland:idp"]
+ assert c.idp.values() == [{'single_sign_on_service':
+ {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect':
+ 'http://localhost:8088/sso/'}}]
+
+ assert c.only_use_keys_in_metadata
+
+def test_2():
+ c = SPConfig().load(sp2)
+ c.context = "sp"
+
+ print c
+ assert c.endpoints
+ assert c.idp
+ assert c.optional_attributes
+ assert c.name
+ assert c.required_attributes
+
+ assert len(c.idp) == 1
+ assert c.idp.keys() == [""]
+ assert c.idp.values() == ["https://example.com/saml2/idp/SSOService.php"]
+ assert c.only_use_keys_in_metadata is None
+
+def test_minimum():
+ minimum = {
+ "entityid" : "urn:mace:example.com:saml:roland:sp",
+ "service": {
+ "sp": {
+ "endpoints" : {
+ "assertion_consumer_service" : ["http://sp.example.org/"],
+ },
+ "name" : "test",
+ "idp": {
+ "" : "https://example.com/idp/SSOService.php",
+ },
+ }
+ },
+ #"xmlsec_binary" : "/usr/local/bin/xmlsec1",
+ }
+
+ c = SPConfig().load(minimum)
+ c.context = "sp"
+
+ assert c is not None
+
+def test_idp_1():
+ c = IdPConfig().load(IDP1)
+ c.context = "idp"
+
+ print c
+ assert c.endpoint("single_sign_on_service")[0] == 'http://localhost:8088/'
+
+ attribute_restrictions = c.policy.get_attribute_restriction("")
+ assert attribute_restrictions["eduPersonAffiliation"][0].match("staff")
+
+def test_idp_2():
+ c = IdPConfig().load(IDP2)
+ c.context = "idp"
+
+ print c
+ assert c.endpoint("single_logout_service",
+ BINDING_SOAP) == []
+ assert c.endpoint("single_logout_service",
+ BINDING_HTTP_REDIRECT) == ["http://localhost:8088/"]
+
+ attribute_restrictions = c.policy.get_attribute_restriction("")
+ assert attribute_restrictions["eduPersonAffiliation"][0].match("staff")
+
+def test_wayf():
+ c = SPConfig().load_file("server_conf")
+ c.context = "sp"
+
+ idps = c.idps()
+ assert idps == {'urn:mace:example.com:saml:roland:idp': 'Example Co.'}
+ idps = c.idps(["se","en"])
+ assert idps == {'urn:mace:example.com:saml:roland:idp': 'Exempel AB'}
+
+ c.setup_logger()
+
+ assert root_logger.level != logging.NOTSET
+ assert root_logger.level == logging.WARNING
+ assert len(root_logger.handlers) == 1
+ assert isinstance(root_logger.handlers[0],
+ logging.handlers.RotatingFileHandler)
+ handler = root_logger.handlers[0]
+ assert handler.backupCount == 5
+ assert handler.maxBytes == 100000
+ assert handler.mode == "a"
+ assert root_logger.name == "pySAML2"
+ assert root_logger.level == 30
+
+def test_conf_syslog():
+ c = SPConfig().load_file("server_conf_syslog")
+ c.context = "sp"
+
+ # otherwise the logger setting is not changed
+ root_logger.level = logging.NOTSET
+ root_logger.handlers = []
+
+ print c.logger
+ c.setup_logger()
+
+ assert root_logger.level != logging.NOTSET
+ assert root_logger.level == logging.INFO
+ assert len(root_logger.handlers) == 1
+ assert isinstance(root_logger.handlers[0],
+ logging.handlers.SysLogHandler)
+ handler = root_logger.handlers[0]
+ print handler.__dict__
+ assert handler.facility == "local3"
+ assert handler.address == ('localhost', 514)
+ if sys.version >= (2, 7):
+ assert handler.socktype == 2
+ else:
+ pass
+ assert root_logger.name == "pySAML2"
+ assert root_logger.level == 20
+
+#noinspection PyUnresolvedReferences
+def test_3():
+ cnf = Config()
+ cnf.load_file("sp_1_conf")
+ assert cnf.entityid == "urn:mace:example.com:saml:roland:sp"
+ assert cnf.debug == 1
+ assert cnf.key_file == "test.key"
+ assert cnf.cert_file == "test.pem"
+ #assert cnf.xmlsec_binary == "/usr/local/bin/xmlsec1"
+ assert cnf.accepted_time_diff == 60
+ assert cnf.secret == "0123456789"
+ assert cnf.metadata is not None
+ assert cnf.attribute_converters is not None
+
+def test_sp():
+ cnf = SPConfig()
+ cnf.load_file("sp_1_conf")
+ assert cnf.single_logout_services("urn:mace:example.com:saml:roland:idp",
+ BINDING_HTTP_POST) == ["http://localhost:8088/slo"]
+ assert cnf.endpoint("assertion_consumer_service") == \
+ ["http://lingon.catalogix.se:8087/"]
+ assert len(cnf.idps()) == 1
+
+def test_dual():
+ cnf = Config().load_file("idp_sp_conf")
+ assert cnf.serves() == ["sp", "idp"]
+
+ spcnf = cnf.copy_into("sp")
+ assert isinstance(spcnf, SPConfig)
+ assert spcnf.context == "sp"
+
+ idpcnf = cnf.copy_into("idp")
+ assert isinstance(idpcnf, IdPConfig)
+ assert idpcnf.context == "idp"
+
+def test_ecp():
+ cnf = SPConfig()
+ cnf.load(ECP_SP)
+ assert cnf.endpoint("assertion_consumer_service") == \
+ ["http://lingon.catalogix.se:8087/"]
+ eid = cnf.ecp_endpoint("130.239.16.3")
+ assert eid == "http://example.com/idp"
+ eid = cnf.ecp_endpoint("130.238.20.20")
+ assert eid is None \ No newline at end of file
diff --git a/tests/test_32_cache.py b/tests/test_32_cache.py
new file mode 100644
index 00000000..9fc4c410
--- /dev/null
+++ b/tests/test_32_cache.py
@@ -0,0 +1,118 @@
+#!/usr/bin/env python
+
+import time
+import py
+from saml2.cache import Cache
+from saml2.time_util import in_a_while, str_to_time
+
+SESSION_INFO_PATTERN = {"ava":{}, "came from":"", "not_on_or_after":0,
+ "issuer":"", "session_id":-1}
+
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+
+class TestClass:
+ def setup_class(self):
+ self.cache = Cache()
+
+
+ def test_set(self):
+ not_on_or_after = str_to_time(in_a_while(days=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"givenName":["Derek"]}
+ self.cache.set("1234", "abcd", session_info,
+ not_on_or_after)
+
+ (ava, inactive) = self.cache.get_identity("1234")
+ assert inactive == []
+ assert ava.keys() == ["givenName"]
+ assert ava["givenName"] == ["Derek"]
+
+ def test_add_ava_info(self):
+ not_on_or_after = str_to_time(in_a_while(days=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"surName":["Jeter"]}
+ self.cache.set("1234", "bcde", session_info,
+ not_on_or_after)
+
+ (ava, inactive) = self.cache.get_identity("1234")
+ assert inactive == []
+ assert _eq(ava.keys(), ["givenName","surName"])
+ assert ava["givenName"] == ["Derek"]
+ assert ava["surName"] == ["Jeter"]
+
+ def test_from_one_target_source(self):
+ session_info = self.cache.get("1234","bcde")
+ ava = session_info["ava"]
+ assert _eq(ava.keys(), ["surName"])
+ assert ava["surName"] == ["Jeter"]
+ session_info = self.cache.get("1234","abcd")
+ ava = session_info["ava"]
+ assert _eq(ava.keys(), ["givenName"])
+ assert ava["givenName"] == ["Derek"]
+
+ def test_entities(self):
+ assert _eq(self.cache.entities("1234"), ["abcd", "bcde"])
+ py.test.raises(Exception, "self.cache.entities('6666')")
+
+ def test_remove_info(self):
+ self.cache.reset("1234", "bcde")
+ assert self.cache.active("1234", "bcde") == False
+ assert self.cache.active("1234", "abcd")
+
+ (ava, inactive) = self.cache.get_identity("1234")
+ assert inactive == ['bcde']
+ assert _eq(ava.keys(), ["givenName"])
+ assert ava["givenName"] == ["Derek"]
+
+ def test_active(self):
+ assert self.cache.active("1234", "bcde") == False
+ assert self.cache.active("1234", "abcd")
+
+ def test_subjects(self):
+ assert self.cache.subjects() == ["1234"]
+
+ def test_second_subject(self):
+ not_on_or_after = str_to_time(in_a_while(days=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"givenName":["Ichiro"],
+ "surName":["Suzuki"]}
+ self.cache.set("9876", "abcd", session_info,
+ not_on_or_after)
+
+ (ava, inactive) = self.cache.get_identity("9876")
+ assert inactive == []
+ assert _eq(ava.keys(), ["givenName","surName"])
+ assert ava["givenName"] == ["Ichiro"]
+ assert ava["surName"] == ["Suzuki"]
+ assert _eq(self.cache.subjects(), ["1234","9876"])
+
+ def test_receivers(self):
+ assert _eq(self.cache.receivers("9876"), ["abcd"])
+
+ not_on_or_after = str_to_time(in_a_while(days=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"givenName":["Ichiro"],
+ "surName":["Suzuki"]}
+ self.cache.set("9876", "bcde", session_info,
+ not_on_or_after)
+
+ assert _eq(self.cache.receivers("9876"), ["abcd", "bcde"])
+ assert _eq(self.cache.subjects(), ["1234","9876"])
+
+ def test_timeout(self):
+ not_on_or_after = str_to_time(in_a_while(seconds=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"givenName":["Alex"],
+ "surName":["Rodriguez"]}
+ self.cache.set("1000", "bcde", session_info,
+ not_on_or_after)
+
+ time.sleep(2)
+ (ava, inactive) = self.cache.get_identity("1000")
+ assert inactive == ["bcde"]
+ assert ava == {}
+
+ \ No newline at end of file
diff --git a/tests/test_33_identifier.py b/tests/test_33_identifier.py
new file mode 100644
index 00000000..6082528f
--- /dev/null
+++ b/tests/test_33_identifier.py
@@ -0,0 +1,146 @@
+#!/usr/bin/env python
+
+from saml2 import samlp
+from saml2.saml import NAMEID_FORMAT_PERSISTENT, NAMEID_FORMAT_TRANSIENT
+from saml2.config import IdPConfig
+from saml2.server import Identifier
+from saml2.assertion import Policy
+
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+CONFIG = IdPConfig().load({
+ "entityid" : "urn:mace:example.com:idp:2",
+ "name" : "test",
+ "service": {
+ "idp": {
+ "endpoints" : {
+ "single_sign_on_service" : ["http://idp.example.org/"],
+ },
+ "policy": {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None, # means all I have
+ "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "nameid_format": NAMEID_FORMAT_PERSISTENT
+ }
+ }
+ }
+ },
+ "virtual_organization" : {
+ "http://vo.example.org/biomed":{
+ "nameid_format" : "urn:oid:2.16.756.1.2.5.1.1.1-NameID",
+ "common_identifier": "uid",
+ },
+ "http://vo.example.org/design":{
+ }
+ }
+})
+
+NAME_ID_POLICY_1 = """<?xml version="1.0" encoding="utf-8"?>
+<NameIDPolicy xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+ SPNameQualifier="http://vo.example.org/biomed"
+/>
+"""
+
+NAME_ID_POLICY_2 = """<?xml version="1.0" encoding="utf-8"?>
+<NameIDPolicy xmlns="urn:oasis:names:tc:SAML:2.0:protocol"
+ SPNameQualifier="http://vo.example.org/design"
+/>
+"""
+
+
+class TestIdentifier():
+ def setup_class(self):
+ self.id = Identifier("subject.db", CONFIG.virtual_organization)
+
+ def test_persistent_1(self):
+ policy = Policy({
+ "default": {
+ "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "nameid_format": NAMEID_FORMAT_PERSISTENT,
+ "attribute_restrictions": {
+ "surName": [".*berg"],
+ }
+ }
+ })
+
+ nameid = self.id.construct_nameid(policy, "foobar",
+ "urn:mace:example.com:sp:1")
+
+ assert _eq(nameid.keys(), ['text', 'sp_provided_id',
+ 'sp_name_qualifier', 'name_qualifier', 'format'])
+ assert _eq(nameid.keyswv(), ['format', 'text', 'sp_name_qualifier'])
+ assert nameid.sp_name_qualifier == "urn:mace:example.com:sp:1"
+ assert nameid.format == NAMEID_FORMAT_PERSISTENT
+
+ nameid_2 = self.id.construct_nameid(policy, "foobar",
+ "urn:mace:example.com:sp:1")
+
+ assert nameid != nameid_2
+ assert nameid.text == nameid_2.text
+
+ def test_transient_1(self):
+ policy = Policy({
+ "default": {
+ "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "nameid_format": NAMEID_FORMAT_TRANSIENT,
+ "attribute_restrictions": {
+ "surName": [".*berg"],
+ }
+ }
+ })
+ nameid = self.id.construct_nameid(policy, "foobar",
+ "urn:mace:example.com:sp:1")
+
+ assert _eq(nameid.keyswv(), ['text', 'format', 'sp_name_qualifier'])
+ assert nameid.format == NAMEID_FORMAT_TRANSIENT
+
+ def test_vo_1(self):
+ policy = Policy({
+ "default": {
+ "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "nameid_format": NAMEID_FORMAT_PERSISTENT,
+ "attribute_restrictions": {
+ "surName": [".*berg"],
+ }
+ }
+ })
+
+ name_id_policy = samlp.name_id_policy_from_string(NAME_ID_POLICY_1)
+ nameid = self.id.construct_nameid(policy, "foobar",
+ "urn:mace:example.com:sp:1",
+ {"uid": "foobar01"},
+ name_id_policy)
+
+ assert _eq(nameid.keyswv(), ['text', 'sp_name_qualifier', 'format'])
+ assert nameid.sp_name_qualifier == 'http://vo.example.org/biomed'
+ assert nameid.format == \
+ CONFIG.virtual_organization['http://vo.example.org/biomed'][
+ "nameid_format"]
+ assert nameid.text == "foobar01"
+
+ def test_vo_2(self):
+ policy = Policy({
+ "default": {
+ "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "nameid_format": NAMEID_FORMAT_PERSISTENT,
+ "attribute_restrictions": {
+ "surName": [".*berg"],
+ }
+ }
+ })
+
+ name_id_policy = samlp.name_id_policy_from_string(NAME_ID_POLICY_2)
+
+ nameid = self.id.construct_nameid(policy, "foobar",
+ "urn:mace:example.com:sp:1",
+ {"uid": "foobar01"},
+ name_id_policy)
+
+ assert _eq(nameid.keyswv(), ['text', 'sp_name_qualifier', 'format'])
+ assert nameid.sp_name_qualifier == 'http://vo.example.org/design'
+ assert nameid.format == NAMEID_FORMAT_PERSISTENT
+ assert nameid.text != "foobar01"
+
diff --git a/tests/test_34_population.py b/tests/test_34_population.py
new file mode 100644
index 00000000..9e03f140
--- /dev/null
+++ b/tests/test_34_population.py
@@ -0,0 +1,165 @@
+#!/usr/bin/env python
+
+from saml2.population import Population
+from saml2.time_util import in_a_while
+
+IDP_ONE = "urn:mace:example.com:saml:one:idp"
+IDP_OTHER = "urn:mace:example.com:saml:other:idp"
+
+def _eq(l1, l2):
+ return set(l1) == set(l2)
+
+class TestPopulationMemoryBased():
+ def setup_class(self):
+ self.population = Population()
+
+ def test_add_person(self):
+ session_info = {
+ "name_id": "123456",
+ "issuer": IDP_ONE,
+ "not_on_or_after": in_a_while(minutes=15),
+ "ava": {
+ "givenName": "Anders",
+ "surName": "Andersson",
+ "mail": "anders.andersson@example.com"
+ }
+ }
+ self.population.add_information_about_person(session_info)
+
+ issuers = self.population.issuers_of_info("123456")
+ assert issuers == [IDP_ONE]
+ subjects = self.population.subjects()
+ assert subjects == ["123456"]
+ # Are any of the sources gone stale
+ stales = self.population.stale_sources_for_person("123456")
+ assert stales == []
+ # are any of the possible sources not used or gone stale
+ possible = [IDP_ONE, IDP_OTHER]
+ stales = self.population.stale_sources_for_person("123456", possible)
+ assert stales == [IDP_OTHER]
+
+ (identity, stale) = self.population.get_identity("123456")
+ assert stale == []
+ assert identity == {'mail': 'anders.andersson@example.com',
+ 'givenName': 'Anders',
+ 'surName': 'Andersson'}
+
+ info = self.population.get_info_from("123456", IDP_ONE)
+ assert info.keys() == ["not_on_or_after", "name_id", "ava"]
+ assert info["name_id"] == '123456'
+ assert info["ava"] == {'mail': 'anders.andersson@example.com',
+ 'givenName': 'Anders',
+ 'surName': 'Andersson'}
+
+ def test_extend_person(self):
+ session_info = {
+ "name_id": "123456",
+ "issuer": IDP_OTHER,
+ "not_on_or_after": in_a_while(minutes=15),
+ "ava": {
+ "eduPersonEntitlement": "Anka"
+ }
+ }
+
+ self.population.add_information_about_person(session_info)
+
+ issuers = self.population.issuers_of_info("123456")
+ assert _eq(issuers, [IDP_ONE, IDP_OTHER])
+ subjects = self.population.subjects()
+ assert subjects == ["123456"]
+ # Are any of the sources gone stale
+ stales = self.population.stale_sources_for_person("123456")
+ assert stales == []
+ # are any of the possible sources not used or gone stale
+ possible = [IDP_ONE, IDP_OTHER]
+ stales = self.population.stale_sources_for_person("123456", possible)
+ assert stales == []
+
+ (identity, stale) = self.population.get_identity("123456")
+ assert stale == []
+ assert identity == {'mail': 'anders.andersson@example.com',
+ 'givenName': 'Anders',
+ 'surName': 'Andersson',
+ "eduPersonEntitlement": "Anka"}
+
+ info = self.population.get_info_from("123456", IDP_OTHER)
+ assert info.keys() == ["not_on_or_after", "name_id", "ava"]
+ assert info["name_id"] == '123456'
+ assert info["ava"] == {"eduPersonEntitlement": "Anka"}
+
+ def test_add_another_person(self):
+ session_info = {
+ "name_id": "abcdef",
+ "issuer": IDP_ONE,
+ "not_on_or_after": in_a_while(minutes=15),
+ "ava": {
+ "givenName": "Bertil",
+ "surName": "Bertilsson",
+ "mail": "bertil.bertilsson@example.com"
+ }
+ }
+ self.population.add_information_about_person(session_info)
+
+ issuers = self.population.issuers_of_info("abcdef")
+ assert issuers == [IDP_ONE]
+ subjects = self.population.subjects()
+ assert _eq(subjects, ["123456", "abcdef"])
+
+ stales = self.population.stale_sources_for_person("abcdef")
+ assert stales == []
+ # are any of the possible sources not used or gone stale
+ possible = [IDP_ONE, IDP_OTHER]
+ stales = self.population.stale_sources_for_person("abcdef", possible)
+ assert stales == [IDP_OTHER]
+
+ (identity, stale) = self.population.get_identity("abcdef")
+ assert stale == []
+ assert identity == {"givenName": "Bertil",
+ "surName": "Bertilsson",
+ "mail": "bertil.bertilsson@example.com"
+ }
+
+ info = self.population.get_info_from("abcdef", IDP_ONE)
+ assert info.keys() == ["not_on_or_after", "name_id", "ava"]
+ assert info["name_id"] == 'abcdef'
+ assert info["ava"] == {"givenName": "Bertil",
+ "surName": "Bertilsson",
+ "mail": "bertil.bertilsson@example.com"
+ }
+
+ def test_modify_person(self):
+ session_info = {
+ "name_id": "123456",
+ "issuer": IDP_ONE,
+ "not_on_or_after": in_a_while(minutes=15),
+ "ava": {
+ "givenName": "Arne",
+ "surName": "Andersson",
+ "mail": "arne.andersson@example.com"
+ }
+ }
+ self.population.add_information_about_person(session_info)
+
+ issuers = self.population.issuers_of_info("123456")
+ assert _eq(issuers, [IDP_ONE, IDP_OTHER])
+ subjects = self.population.subjects()
+ assert _eq(subjects, ["123456", "abcdef"])
+ # Are any of the sources gone stale
+ stales = self.population.stale_sources_for_person("123456")
+ assert stales == []
+ # are any of the possible sources not used or gone stale
+ possible = [IDP_ONE, IDP_OTHER]
+ stales = self.population.stale_sources_for_person("123456", possible)
+ assert stales == []
+
+ (identity, stale) = self.population.get_identity("123456")
+ assert stale == []
+ assert identity == {'mail': 'arne.andersson@example.com',
+ 'givenName': 'Arne',
+ 'surName': 'Andersson',
+ "eduPersonEntitlement": "Anka"}
+
+ info = self.population.get_info_from("123456", IDP_OTHER)
+ assert info.keys() == ["not_on_or_after", "name_id", "ava"]
+ assert info["name_id"] == '123456'
+ assert info["ava"] == {"eduPersonEntitlement": "Anka"} \ No newline at end of file
diff --git a/tests/test_36_mdbcache.py b/tests/test_36_mdbcache.py
new file mode 100644
index 00000000..42a7501f
--- /dev/null
+++ b/tests/test_36_mdbcache.py
@@ -0,0 +1,91 @@
+#!/usr/bin/env python
+
+__author__ = 'rolandh'
+
+import time
+from saml2.cache import ToOld
+from saml2.mdbcache import Cache
+from saml2.time_util import in_a_while, str_to_time
+from pytest import raises
+
+SESSION_INFO_PATTERN = {"ava":{}, "came from":"", "not_on_or_after":0,
+ "issuer":"", "session_id":-1}
+
+class TestMongoDBCache():
+ def setup_class(self):
+ try:
+ self.cache = Cache()
+ self.cache.clear()
+ except Exception:
+ self.cache = None
+
+ def test_set_get_1(self):
+ if self.cache is not None:
+ not_on_or_after = str_to_time(in_a_while(days=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"givenName":["Derek"]}
+ # subject_id, entity_id, info, timestamp
+ self.cache.set("1234", "abcd", session_info, not_on_or_after)
+
+ info = self.cache.get("1234", "abcd")
+ #{u'issuer': u'', u'came from': u'', u'ava': {u'givenName': [u'Derek']}, u'session_id': -1, u'not_on_or_after': 0}
+ ava = info["ava"]
+ print ava
+ assert ava.keys() == ["givenName"]
+ assert ava["givenName"] == ["Derek"]
+
+ def test_set_get_2(self):
+ if self.cache is not None:
+ not_on_or_after = str_to_time(in_a_while(seconds=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"givenName":["Mariano"]}
+ # subject_id, entity_id, info, timestamp
+ self.cache.set("1235", "abcd", session_info,
+ not_on_or_after)
+ time.sleep(2)
+
+ raises(ToOld, 'self.cache.get("1235", "abcd")')
+ info = self.cache.get("1235", "abcd", False)
+ assert info != {}
+
+ def test_remove(self):
+ if self.cache is not None:
+ self.cache.delete("1234")
+
+ info = self.cache.get("1234", "abcd")
+ print info
+ assert info == {}
+
+ def test_subjects(self):
+ if self.cache is not None:
+ slist = self.cache.subjects()
+ assert len(slist) == 1
+ assert slist == ["1235"]
+
+ def test_identity(self):
+ if self.cache is not None:
+ not_on_or_after = str_to_time(in_a_while(days=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"givenName":["Derek"]}
+ self.cache.set("1234", "abcd", session_info, not_on_or_after)
+
+ not_on_or_after = str_to_time(in_a_while(days=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"mail":["Derek.Jeter@mlb.com"]}
+ self.cache.set("1234", "xyzv", session_info, not_on_or_after)
+
+ (ident, _) = self.cache.get_identity("1234")
+ print ident
+ assert len(ident.keys()) == 2
+ assert "givenName" in ident.keys()
+ assert "mail" in ident.keys()
+ assert ident["mail"] == ["Derek.Jeter@mlb.com"]
+ assert ident["givenName"] == ["Derek"]
+
+ def test_remove_2(self):
+ if self.cache is not None:
+ self.cache.delete("1234")
+
+ info = self.cache.get("1234", "xyzv")
+ print info
+ assert info == {}
diff --git a/tests/test_40_sigver.py b/tests/test_40_sigver.py
new file mode 100644
index 00000000..8a4f509b
--- /dev/null
+++ b/tests/test_40_sigver.py
@@ -0,0 +1,292 @@
+#!/usr/bin/env python
+
+import base64
+
+from saml2 import sigver
+from saml2 import class_name
+from saml2 import time_util
+from saml2 import saml, samlp
+from saml2.s_utils import factory, do_attribute_statement
+from saml2.sigver import xmlsec_version, get_xmlsec_binary
+
+from py.test import raises
+
+SIGNED = "saml_signed.xml"
+UNSIGNED = "saml_unsigned.xml"
+FALSE_SIGNED = "saml_false_signed.xml"
+SIMPLE_SAML_PHP_RESPONSE = "simplesamlphp_authnresponse.xml"
+
+PUB_KEY = "test.pem"
+PRIV_KEY = "test.key"
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+CERT1 = """MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk="""
+
+CERT_SSP = """MIICizCCAfQCCQCY8tKaMc0BMjANBgkqhkiG9w0BAQUFADCBiTELMAkGA1UEBhMC
+Tk8xEjAQBgNVBAgTCVRyb25kaGVpbTEQMA4GA1UEChMHVU5JTkVUVDEOMAwGA1UE
+CxMFRmVpZGUxGTAXBgNVBAMTEG9wZW5pZHAuZmVpZGUubm8xKTAnBgkqhkiG9w0B
+CQEWGmFuZHJlYXMuc29sYmVyZ0B1bmluZXR0Lm5vMB4XDTA4MDUwODA5MjI0OFoX
+DTM1MDkyMzA5MjI0OFowgYkxCzAJBgNVBAYTAk5PMRIwEAYDVQQIEwlUcm9uZGhl
+aW0xEDAOBgNVBAoTB1VOSU5FVFQxDjAMBgNVBAsTBUZlaWRlMRkwFwYDVQQDExBv
+cGVuaWRwLmZlaWRlLm5vMSkwJwYJKoZIhvcNAQkBFhphbmRyZWFzLnNvbGJlcmdA
+dW5pbmV0dC5ubzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt8jLoqI1VTlx
+AZ2axiDIThWcAOXdu8KkVUWaN/SooO9O0QQ7KRUjSGKN9JK65AFRDXQkWPAu4Hln
+O4noYlFSLnYyDxI66LCr71x4lgFJjqLeAvB/GqBqFfIZ3YK/NrhnUqFwZu63nLrZ
+jcUZxNaPjOOSRSDaXpv1kb5k3jOiSGECAwEAATANBgkqhkiG9w0BAQUFAAOBgQBQ
+Yj4cAafWaYfjBU2zi1ElwStIaJ5nyp/s/8B8SAPK2T79McMyccP3wSW13LHkmM1j
+wKe3ACFXBvqGQN0IbcH49hu0FKhYFM/GPDJcIHFBsiyMBXChpye9vBaTNEBCtU3K
+jjyG0hRT2mAQ9h+bkPmOvlEo/aH0xR68Z9hw4PF13w=="""
+
+from pyasn1.codec.der import decoder
+
+def test_cert_from_instance_1():
+ xml_response = open(SIGNED).read()
+ response = samlp.response_from_string(xml_response)
+ assertion = response.assertion[0]
+ certs = sigver.cert_from_instance(assertion)
+ assert len(certs) == 1
+ print certs[0]
+ assert certs[0] == CERT1
+
+def test_cert_from_instance_ssp():
+ xml_response = open(SIMPLE_SAML_PHP_RESPONSE).read()
+ response = samlp.response_from_string(xml_response)
+ assertion = response.assertion[0]
+ certs = sigver.cert_from_instance(assertion)
+ assert len(certs) == 1
+ assert certs[0] == CERT_SSP
+ der = base64.b64decode(certs[0])
+ print str(decoder.decode(der)).replace('.',"\n.")
+ assert decoder.decode(der)
+
+
+class TestSecurity():
+ def setup_class(self):
+ xmlexec = get_xmlsec_binary()
+ self.sec = sigver.SecurityContext(xmlexec, key_file=PRIV_KEY,
+ cert_file=PUB_KEY, debug=1)
+
+ self._assertion = factory( saml.Assertion,
+ version="2.0",
+ id="11111",
+ issue_instant="2009-10-30T13:20:28Z",
+ signature=sigver.pre_signature_part("11111", self.sec.my_cert, 1),
+ attribute_statement=do_attribute_statement({
+ ("","","surName"): ("Foo",""),
+ ("","","givenName") :("Bar",""),
+ })
+ )
+
+ def test_verify_1(self):
+ xml_response = open(SIGNED).read()
+ response = self.sec.correctly_signed_response(xml_response)
+ assert response
+
+ def test_non_verify_1(self):
+ """ unsigned is OK """
+ xml_response = open(UNSIGNED).read()
+ response = self.sec.correctly_signed_response(xml_response)
+ assert response
+
+ def test_non_verify_2(self):
+ xml_response = open(FALSE_SIGNED).read()
+ raises(sigver.SignatureError,self.sec.correctly_signed_response,
+ xml_response)
+
+ def test_sign_assertion(self):
+ ass = self._assertion
+ print ass
+ sign_ass = self.sec.sign_assertion_using_xmlsec("%s" % ass,
+ nodeid=ass.id)
+ #print sign_ass
+ sass = saml.assertion_from_string(sign_ass)
+ #print sass
+ assert _eq(sass.keyswv(), ['attribute_statement', 'issue_instant',
+ 'version', 'signature', 'id'])
+ assert sass.version == "2.0"
+ assert sass.id == "11111"
+ assert time_util.str_to_time(sass.issue_instant)
+
+ print xmlsec_version(get_xmlsec_binary())
+
+ item = self.sec.check_signature(sass, node_name=class_name(sass))
+
+ assert isinstance(item, saml.Assertion)
+
+ def test_sign_response(self):
+ response = factory(samlp.Response,
+ assertion=self._assertion,
+ id="22222",
+ signature=sigver.pre_signature_part("22222", self.sec.my_cert))
+
+ to_sign = [(class_name(self._assertion), self._assertion.id),
+ (class_name(response), response.id)]
+ s_response = sigver.signed_instance_factory( response, self.sec, to_sign)
+
+ assert s_response is not None
+ print s_response
+ print
+ sass = s_response.assertion[0]
+
+ print sass
+ assert _eq(sass.keyswv(), ['attribute_statement', 'issue_instant',
+ 'version', 'signature', 'id'])
+ assert sass.version == "2.0"
+ assert sass.id == "11111"
+
+ item = self.sec.check_signature(s_response,
+ node_name=class_name(s_response))
+ assert isinstance(item, samlp.Response)
+ assert item.id == "22222"
+
+ def test_sign_response_2(self):
+ assertion2 = factory( saml.Assertion,
+ version= "2.0",
+ id= "11122",
+ issue_instant= "2009-10-30T13:20:28Z",
+ signature= sigver.pre_signature_part("11122", self.sec.my_cert),
+ attribute_statement=do_attribute_statement({
+ ("","","surName"): ("Fox",""),
+ ("","","givenName") :("Bear",""),
+ })
+ )
+ response = factory(samlp.Response,
+ assertion=assertion2,
+ id="22233",
+ signature=sigver.pre_signature_part("22233", self.sec.my_cert))
+
+ to_sign = [(class_name(assertion2), assertion2.id),
+ (class_name(response), response.id)]
+
+ s_response = sigver.signed_instance_factory(response, self.sec, to_sign)
+
+ assert s_response is not None
+ sass = s_response.assertion[0]
+ assert _eq(sass.keyswv(), ['attribute_statement', 'issue_instant',
+ 'version', 'signature', 'id'])
+ assert sass.version == "2.0"
+ assert sass.id == "11122"
+
+ item = self.sec.check_signature(s_response,
+ node_name=class_name(s_response))
+
+ assert isinstance(item, samlp.Response)
+
+ def test_sign_verify(self):
+ response = factory(samlp.Response,
+ assertion=self._assertion,
+ id="22233",
+ signature=sigver.pre_signature_part("22233", self.sec.my_cert))
+
+ to_sign = [(class_name(self._assertion), self._assertion.id),
+ (class_name(response), response.id)]
+
+ s_response = sigver.signed_instance_factory(response, self.sec, to_sign)
+
+ print s_response
+ res = self.sec.verify_signature("%s" % s_response,
+ node_name=class_name(samlp.Response()))
+
+ print res
+ assert res
+
+ def test_sign_verify_with_cert_from_instance(self):
+ response = factory(samlp.Response,
+ assertion=self._assertion,
+ id="22222",
+ signature=sigver.pre_signature_part("22222", self.sec.my_cert))
+
+ to_sign = [(class_name(self._assertion), self._assertion.id),
+ (class_name(response), response.id)]
+
+ s_response = sigver.signed_instance_factory(response, self.sec, to_sign)
+
+ print s_response.keyswv()
+ print s_response.signature.keyswv()
+ print s_response.signature.key_info.keyswv()
+
+ ci = "".join(sigver.cert_from_instance(s_response)[0].split())
+
+ print ci
+ print self.sec.my_cert
+
+ assert ci == self.sec.my_cert
+
+ res = self.sec.verify_signature("%s" % s_response,
+ node_name=class_name(samlp.Response()))
+ assert res
+ res = self.sec._check_signature("%s" % s_response, s_response,
+ class_name(s_response))
+
+ assert res == s_response
+
+ def test_sign_verify_assertion_with_cert_from_instance(self):
+ assertion = factory( saml.Assertion,
+ version= "2.0",
+ id= "11100",
+ issue_instant= "2009-10-30T13:20:28Z",
+ signature= sigver.pre_signature_part("11100", self.sec.my_cert),
+ attribute_statement=do_attribute_statement({
+ ("","","surName"): ("Fox",""),
+ ("","","givenName") :("Bear",""),
+ })
+ )
+
+ to_sign = [(class_name(assertion), assertion.id)]
+ s_assertion = sigver.signed_instance_factory(assertion, self.sec, to_sign)
+ print s_assertion
+
+ ci = "".join(sigver.cert_from_instance(s_assertion)[0].split())
+ assert ci == self.sec.my_cert
+
+ res = self.sec.verify_signature("%s" % s_assertion,
+ node_name=class_name(s_assertion))
+ assert res
+
+ res = self.sec._check_signature("%s" % s_assertion, s_assertion,
+ class_name(s_assertion))
+
+ assert res
+
+ def test_exception_sign_verify_with_cert_from_instance(self):
+ assertion = factory( saml.Assertion,
+ version= "2.0",
+ id= "11100",
+ issue_instant= "2009-10-30T13:20:28Z",
+ #signature= sigver.pre_signature_part("11100", self.sec.my_cert),
+ attribute_statement=do_attribute_statement({
+ ("","","surName"): ("Foo",""),
+ ("","","givenName") :("Bar",""),
+ })
+ )
+
+ response = factory(samlp.Response,
+ assertion=assertion,
+ id="22222",
+ signature=sigver.pre_signature_part("22222", self.sec.my_cert))
+
+ to_sign = [(class_name(response), response.id)]
+
+ s_response = sigver.signed_instance_factory(response, self.sec, to_sign)
+
+ # Change something that should make everything fail
+ s_response.id = "23456"
+ raises(sigver.SignatureError, self.sec._check_signature,
+ "%s" % s_response, s_response, class_name(s_response))
+
diff --git a/tests/test_41_response.py b/tests/test_41_response.py
new file mode 100644
index 00000000..6f9db6eb
--- /dev/null
+++ b/tests/test_41_response.py
@@ -0,0 +1,117 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from saml2 import saml
+from saml2 import config
+
+from saml2.server import Server
+from saml2.response import response_factory
+from saml2.response import StatusResponse
+from saml2.response import AuthnResponse
+from saml2.sigver import SecurityContext
+from saml2.sigver import security_context
+from saml2.sigver import get_xmlsec_binary
+from saml2.sigver import MissingKey
+
+from pytest import raises
+
+XML_RESPONSE_FILE = "saml_signed.xml"
+XML_RESPONSE_FILE2 = "saml2_response.xml"
+
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+class TestResponse:
+ def setup_class(self):
+ server = Server("idp_conf")
+ name_id = server.ident.transient_nameid(
+ "urn:mace:example.com:saml:roland:sp",
+ "id12")
+
+ self._resp_ = server.do_response(
+ "id12", # in_response_to
+ "http://lingon.catalogix.se:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ {"eduPersonEntitlement":"Jeter"},
+ name_id = name_id
+ )
+
+ self._sign_resp_ = server.do_response(
+ "id12", # in_response_to
+ "http://lingon.catalogix.se:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ {"eduPersonEntitlement":"Jeter"},
+ name_id = name_id,
+ sign=True
+ )
+
+ self._resp_authn = server.do_response(
+ "id12", # in_response_to
+ "http://lingon.catalogix.se:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ {"eduPersonEntitlement":"Jeter"},
+ name_id = name_id,
+ authn=(saml.AUTHN_PASSWORD, "http://www.example.com/login")
+ )
+
+ conf = config.SPConfig()
+ conf.load_file("server_conf")
+ self.conf = conf
+
+ def test_1(self):
+ xml_response = ("%s" % (self._resp_,)).split("\n")[1]
+ resp = response_factory(xml_response, self.conf,
+ return_addr="http://lingon.catalogix.se:8087/",
+ outstanding_queries={"id12": "http://localhost:8088/sso"},
+ timeslack=10000, decode=False)
+
+ assert isinstance(resp, StatusResponse)
+ assert isinstance(resp, AuthnResponse)
+
+ def test_2(self):
+ xml_response = ("%s" % (self._sign_resp_,)).split("\n",1)[1]
+ resp = response_factory(xml_response, self.conf,
+ return_addr="http://lingon.catalogix.se:8087/",
+ outstanding_queries={"id12": "http://localhost:8088/sso"},
+ timeslack=10000, decode=False)
+
+ assert isinstance(resp, StatusResponse)
+ assert isinstance(resp, AuthnResponse)
+
+ # def test_3(self):
+ # xml_response = ("%s" % (self._logout_resp,)).split("\n")[1]
+ # sec = security_context(self.conf)
+ # resp = response_factory(xml_response, self.conf,
+ # return_addr="http://lingon.catalogix.se:8087/",
+ # outstanding_queries={"id12": "http://localhost:8088/sso"},
+ # timeslack=10000, decode=False)
+ #
+ # assert isinstance(resp, StatusResponse)
+ # assert isinstance(resp, LogoutResponse)
+
+ def test_decrypt(self):
+ attr_stat = saml.attribute_statement_from_string(
+ open("encrypted_attribute_statement.xml").read())
+
+ assert len(attr_stat.attribute) == 0
+ assert len(attr_stat.encrypted_attribute) == 4
+
+ xmlsec = get_xmlsec_binary()
+ sec = SecurityContext(xmlsec, key_file="private_key.pem")
+
+ resp = AuthnResponse(sec, None, "entity_id")
+ resp.decrypt_attributes(attr_stat)
+
+ assert len(attr_stat.attribute) == 4
+ assert len(attr_stat.encrypted_attribute) == 4
+
+
+ def test_only_use_keys_in_metadata(self):
+ conf = config.SPConfig()
+ conf.load_file("sp_2_conf")
+
+ sc = security_context(conf)
+ # should fail
+ raises(MissingKey,
+ 'sc.correctly_signed_response("%s" % self._sign_resp_)')
diff --git a/tests/test_43_soap.py b/tests/test_43_soap.py
new file mode 100755
index 00000000..d54181fa
--- /dev/null
+++ b/tests/test_43_soap.py
@@ -0,0 +1,66 @@
+#!/usr/bin/env python
+
+try:
+ from xml.etree import cElementTree as ElementTree
+ if ElementTree.VERSION < '1.3.0':
+ # cElementTree has no support for register_namespace
+ # neither _namespace_map, thus we sacrify performance
+ # for correctness
+ from xml.etree import ElementTree
+except ImportError:
+ try:
+ import cElementTree as ElementTree
+ except ImportError:
+ from elementtree import ElementTree
+
+import saml2.samlp as samlp
+from saml2.samlp import NAMESPACE as SAMLP_NAMESPACE
+
+NAMESPACE = "http://schemas.xmlsoap.org/soap/envelope/"
+
+example = """<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
+ <Body>
+ <samlp:Response xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
+ xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+ ID="_6c3a4f8b9c2d" Version="2.0" IssueInstant="2004-03-27T08:42:00Z">
+ <saml:Issuer>https://www.example.com/SAML</saml:Issuer>
+ <Status>
+ <StatusCode Value='urn:oasis:names:tc:SAML:2.0:status:Success'/>
+ </Status>
+ <saml:Assertion>
+ <saml:Subject></saml:Subject>
+ <saml:AttributeStatement></saml:AttributeStatement>
+ </saml:Assertion>
+ </samlp:Response>
+ </Body>
+</Envelope>
+"""
+
+def test_parse_soap_envelope():
+ envelope = ElementTree.fromstring(example)
+ assert envelope.tag == '{%s}Envelope' % NAMESPACE
+ # How to check that it's the right type ?
+ assert len(envelope) == 1
+ body = envelope[0]
+ assert body.tag == '{%s}Body' % NAMESPACE
+ assert len(body) == 1
+ saml_part = body[0]
+ assert saml_part.tag == '{%s}Response' % SAMLP_NAMESPACE
+ # {http://schemas.xmlsoap.org/soap/envelope/}Envelope
+
+def test_make_soap_envelope():
+ envelope = ElementTree.Element('')
+ envelope.tag = '{%s}Envelope' % NAMESPACE
+ body = ElementTree.Element('')
+ body.tag = '{%s}Body' % NAMESPACE
+ envelope.append(body)
+ request = samlp.AuthnRequest()
+ request.become_child_element_of(body)
+
+ assert envelope.tag == '{%s}Envelope' % NAMESPACE
+ assert len(envelope) == 1
+ body = envelope[0]
+ assert body.tag == '{%s}Body' % NAMESPACE
+ assert len(body) == 1
+ saml_part = body[0]
+ assert saml_part.tag == '{%s}AuthnRequest' % SAMLP_NAMESPACE
diff --git a/tests/test_44_authnresp.py b/tests/test_44_authnresp.py
new file mode 100644
index 00000000..a22af3ff
--- /dev/null
+++ b/tests/test_44_authnresp.py
@@ -0,0 +1,116 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from saml2 import samlp, BINDING_HTTP_POST
+from saml2 import saml, config, class_name, make_instance
+from saml2.server import Server
+from saml2.response import authn_response, StatusResponse
+from saml2.config import config_factory
+
+XML_RESPONSE_FILE = "saml_signed.xml"
+XML_RESPONSE_FILE2 = "saml2_response.xml"
+
+import os
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+class TestAuthnResponse:
+ def setup_class(self):
+ server = Server("idp_conf")
+ name_id = server.ident.transient_nameid(
+ "urn:mace:example.com:saml:roland:sp","id12")
+
+ self._resp_ = server.do_response(
+ "id12", # in_response_to
+ "http://lingon.catalogix.se:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ {"eduPersonEntitlement":"Jeter"},
+ name_id = name_id
+ )
+
+ self._sign_resp_ = server.do_response(
+ "id12", # in_response_to
+ "http://lingon.catalogix.se:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ {"eduPersonEntitlement":"Jeter"},
+ name_id = name_id,
+ sign=True
+ )
+
+ self._resp_authn = server.do_response(
+ "id12", # in_response_to
+ "http://lingon.catalogix.se:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ {"eduPersonEntitlement":"Jeter"},
+ name_id = name_id,
+ authn=(saml.AUTHN_PASSWORD, "http://www.example.com/login")
+ )
+
+ self.conf = config_factory("sp", "server_conf")
+ self.ar = authn_response(self.conf, "http://lingon.catalogix.se:8087/")
+
+ def test_verify_1(self):
+ xml_response = ("%s" % (self._resp_,)).split("\n")[1]
+ self.ar.outstanding_queries = {"id12": "http://localhost:8088/sso"}
+ self.ar.timeslack = 10000
+ self.ar.loads(xml_response, decode=False)
+ self.ar.verify()
+
+ print self.ar.__dict__
+ assert self.ar.came_from == 'http://localhost:8088/sso'
+ assert self.ar.session_id() == "id12"
+ assert self.ar.ava == {'eduPersonEntitlement': ['Jeter'] }
+ assert self.ar.name_id
+ assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp'
+
+ def test_verify_signed_1(self):
+ xml_response = ("%s" % (self._sign_resp_,)).split("\n",1)[1]
+ print xml_response
+
+ self.ar.outstanding_queries = {"id12": "http://localhost:8088/sso"}
+ self.ar.timeslack = 10000
+ self.ar.loads(xml_response, decode=False)
+ self.ar.verify()
+
+ print self.ar.__dict__
+ assert self.ar.came_from == 'http://localhost:8088/sso'
+ assert self.ar.session_id() == "id12"
+ assert self.ar.ava == {'eduPersonEntitlement': ['Jeter'] }
+ assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp'
+ assert self.ar.name_id
+
+ def test_parse_2(self):
+ xml_response = open(XML_RESPONSE_FILE).read()
+ ID = "bahigehogffohiphlfmplepdpcohkhhmheppcdie"
+ self.ar.outstanding_queries = {ID: "http://localhost:8088/foo"}
+ self.ar.return_addr = "http://xenosmilus.umdc.umu.se:8087/login"
+ self.ar.entity_id = "xenosmilus.umdc.umu.se"
+ # roughly a year, should create the response on the fly
+ self.ar.timeslack = 315360000 # indecent long time
+ self.ar.loads(xml_response, decode=False)
+ self.ar.verify()
+
+ print self.ar.__dict__
+ assert self.ar.came_from == 'http://localhost:8088/foo'
+ assert self.ar.session_id() == ID
+ assert self.ar.name_id
+
+ def test_verify_w_authn(self):
+ xml_response = ("%s" % (self._resp_authn,)).split("\n",1)[1]
+ self.ar.outstanding_queries = {"id12": "http://localhost:8088/sso"}
+ self.ar.return_addr = "http://lingon.catalogix.se:8087/"
+ self.ar.entity_id = "urn:mace:example.com:saml:roland:sp"
+ self.ar.timeslack = 10000
+ self.ar.loads(xml_response, decode=False)
+ self.ar.verify()
+
+ print self.ar.assertion
+ assert len(self.ar.assertion.authn_statement) == 1
+ authn_info = self.ar.authn_info()
+ assert len(authn_info) == 1
+ assert authn_info[0][0] == saml.AUTHN_PASSWORD
+ assert authn_info[0][1] == ["http://www.example.com/login"]
+ session_info = self.ar.session_info()
+ assert session_info["authn_info"] == authn_info
+
diff --git a/tests/test_50_server.py b/tests/test_50_server.py
new file mode 100644
index 00000000..1b3f802d
--- /dev/null
+++ b/tests/test_50_server.py
@@ -0,0 +1,473 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+from saml2.server import Server, Identifier
+from saml2 import samlp, saml, client, config
+from saml2 import s_utils
+from saml2 import sigver
+from saml2 import time_util
+from saml2.s_utils import OtherError
+from saml2.s_utils import do_attribute_statement, factory
+from saml2.soap import make_soap_enveloped_saml_thingy
+from saml2 import BINDING_HTTP_POST, BINDING_HTTP_REDIRECT
+
+from py.test import raises
+import os
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+class TestIdentifier():
+ def setup_class(self):
+ self.ident = Identifier("foobar.db")
+
+ def test_persistent_nameid(self):
+ sp_id = "urn:mace:umu.se:sp"
+ nameid = self.ident.persistent_nameid(sp_id, "abcd0001")
+ remote_id = nameid.text.strip()
+ print remote_id
+ print self.ident.map
+ local = self.ident.local_name(sp_id, remote_id)
+ assert local == "abcd0001"
+ assert self.ident.local_name(sp_id, "pseudo random string") is None
+ assert self.ident.local_name(sp_id+":x", remote_id) is None
+
+ # Always get the same
+ nameid2 = self.ident.persistent_nameid(sp_id, "abcd0001")
+ assert nameid.text.strip() == nameid2.text.strip()
+
+ def test_transient_nameid(self):
+ sp_id = "urn:mace:umu.se:sp"
+ nameid = self.ident.transient_nameid(sp_id, "abcd0001")
+ remote_id = nameid.text.strip()
+ print remote_id
+ print self.ident.map
+ local = self.ident.local_name(sp_id, remote_id)
+ assert local == "abcd0001"
+ assert self.ident.local_name(sp_id, "pseudo random string") is None
+ assert self.ident.local_name(sp_id+":x", remote_id) is None
+
+ # Getting a new, means really getting a new !
+ nameid2 = self.ident.transient_nameid(sp_id, "abcd0001")
+ assert nameid.text.strip() != nameid2.text.strip()
+
+ def teardown_class(self):
+ if os.path.exists("foobar.db"):
+ os.unlink("foobar.db")
+
+class TestServer1():
+ def setup_class(self):
+ self.server = Server("idp_conf")
+
+ conf = config.SPConfig()
+ conf.load_file("server_conf")
+ self.client = client.Saml2Client(conf)
+
+ def test_issuer(self):
+ issuer = self.server.issuer()
+ assert isinstance(issuer, saml.Issuer)
+ assert _eq(issuer.keyswv(), ["text","format"])
+ assert issuer.format == saml.NAMEID_FORMAT_ENTITY
+ assert issuer.text == self.server.conf.entityid
+
+
+ def test_assertion(self):
+ assertion = s_utils.assertion_factory(
+ subject= factory(saml.Subject, text="_aaa",
+ name_id=factory(saml.NameID,
+ format=saml.NAMEID_FORMAT_TRANSIENT)),
+ attribute_statement = do_attribute_statement({
+ ("","","surName"): ("Jeter",""),
+ ("","","givenName") :("Derek",""),
+ }),
+ issuer=self.server.issuer(),
+ )
+
+ assert _eq(assertion.keyswv(),['attribute_statement', 'issuer', 'id',
+ 'subject', 'issue_instant', 'version'])
+ assert assertion.version == "2.0"
+ assert assertion.issuer.text == "urn:mace:example.com:saml:roland:idp"
+ #
+ assert assertion.attribute_statement
+ attribute_statement = assertion.attribute_statement
+ assert len(attribute_statement.attribute) == 2
+ attr0 = attribute_statement.attribute[0]
+ attr1 = attribute_statement.attribute[1]
+ if attr0.attribute_value[0].text == "Derek":
+ assert attr0.friendly_name == "givenName"
+ assert attr1.friendly_name == "surName"
+ assert attr1.attribute_value[0].text == "Jeter"
+ else:
+ assert attr1.friendly_name == "givenName"
+ assert attr1.attribute_value[0].text == "Derek"
+ assert attr0.friendly_name == "surName"
+ assert attr0.attribute_value[0].text == "Jeter"
+ #
+ subject = assertion.subject
+ assert _eq(subject.keyswv(),["text", "name_id"])
+ assert subject.text == "_aaa"
+ assert subject.name_id.format == saml.NAMEID_FORMAT_TRANSIENT
+
+ def test_response(self):
+ response = sigver.response_factory(
+ in_response_to="_012345",
+ destination="https:#www.example.com",
+ status=s_utils.success_status_factory(),
+ assertion=s_utils.assertion_factory(
+ subject = factory( saml.Subject, text="_aaa",
+ name_id=saml.NAMEID_FORMAT_TRANSIENT),
+ attribute_statement = do_attribute_statement({
+ ("","","surName"): ("Jeter",""),
+ ("","","givenName") :("Derek",""),
+ }),
+ issuer=self.server.issuer(),
+ ),
+ issuer=self.server.issuer(),
+ )
+
+ print response.keyswv()
+ assert _eq(response.keyswv(),['destination', 'assertion','status',
+ 'in_response_to', 'issue_instant',
+ 'version', 'issuer', 'id'])
+ assert response.version == "2.0"
+ assert response.issuer.text == "urn:mace:example.com:saml:roland:idp"
+ assert response.destination == "https:#www.example.com"
+ assert response.in_response_to == "_012345"
+ #
+ status = response.status
+ print status
+ assert status.status_code.value == samlp.STATUS_SUCCESS
+
+ def test_parse_faulty_request(self):
+ authn_request = self.client.authn_request(
+ query_id = "id1",
+ destination = "http://www.example.com",
+ service_url = "http://www.example.org",
+ spentityid = "urn:mace:example.com:saml:roland:sp",
+ my_name = "My real name",
+ )
+
+ intermed = s_utils.deflate_and_base64_encode("%s" % authn_request)
+ # should raise an error because faulty spentityid
+ raises(OtherError, self.server.parse_authn_request, intermed)
+
+ def test_parse_faulty_request_to_err_status(self):
+ authn_request = self.client.authn_request(
+ query_id = "id1",
+ destination = "http://www.example.com",
+ service_url = "http://www.example.org",
+ spentityid = "urn:mace:example.com:saml:roland:sp",
+ my_name = "My real name",
+ )
+
+ intermed = s_utils.deflate_and_base64_encode("%s" % authn_request)
+ try:
+ self.server.parse_authn_request(intermed)
+ status = None
+ except OtherError, oe:
+ print oe.args
+ status = s_utils.error_status_factory(oe)
+
+ assert status
+ print status
+ assert _eq(status.keyswv(), ["status_code", "status_message"])
+ assert status.status_message.text == 'Not destined for me!'
+ status_code = status.status_code
+ assert _eq(status_code.keyswv(), ["status_code","value"])
+ assert status_code.value == samlp.STATUS_RESPONDER
+ assert status_code.status_code.value == samlp.STATUS_UNKNOWN_PRINCIPAL
+
+ def test_parse_ok_request(self):
+ authn_request = self.client.authn_request(
+ query_id = "id1",
+ destination = "http://localhost:8088/sso",
+ service_url = "http://localhost:8087/",
+ spentityid = "urn:mace:example.com:saml:roland:sp",
+ my_name = "My real name",
+ )
+
+ print authn_request
+ intermed = s_utils.deflate_and_base64_encode("%s" % authn_request)
+ response = self.server.parse_authn_request(intermed)
+ # returns a dictionary
+ print response
+ assert response["consumer_url"] == "http://localhost:8087/"
+ assert response["id"] == "id1"
+ name_id_policy = response["request"].name_id_policy
+ assert _eq(name_id_policy.keyswv(), ["format", "allow_create"])
+ assert name_id_policy.format == saml.NAMEID_FORMAT_TRANSIENT
+ assert response["sp_entity_id"] == "urn:mace:example.com:saml:roland:sp"
+
+ def test_sso_response_with_identity(self):
+ name_id = self.server.ident.transient_nameid(
+ "urn:mace:example.com:saml:roland:sp",
+ "id12")
+ resp = self.server.do_response(
+ "id12", # in_response_to
+ "http://localhost:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ { "eduPersonEntitlement": "Short stop"}, # identity
+ name_id
+ )
+
+ print resp.keyswv()
+ assert _eq(resp.keyswv(),['status', 'destination', 'assertion',
+ 'in_response_to', 'issue_instant',
+ 'version', 'id', 'issuer'])
+ assert resp.destination == "http://localhost:8087/"
+ assert resp.in_response_to == "id12"
+ assert resp.status
+ assert resp.status.status_code.value == samlp.STATUS_SUCCESS
+ assert resp.assertion
+ assert resp.assertion
+ assertion = resp.assertion
+ print assertion
+ assert assertion.authn_statement
+ assert assertion.conditions
+ assert assertion.attribute_statement
+ attribute_statement = assertion.attribute_statement
+ print attribute_statement
+ assert len(attribute_statement.attribute) == 1
+ attribute = attribute_statement.attribute[0]
+ assert len(attribute.attribute_value) == 1
+ assert attribute.friendly_name == "eduPersonEntitlement"
+ assert attribute.name == "urn:oid:1.3.6.1.4.1.5923.1.1.1.7"
+ assert attribute.name_format == "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ value = attribute.attribute_value[0]
+ assert value.text.strip() == "Short stop"
+ assert value.get_type() == "xs:string"
+ assert assertion.subject
+ assert assertion.subject.name_id
+ assert assertion.subject.subject_confirmation
+ confirmation = assertion.subject.subject_confirmation
+ print confirmation.keyswv()
+ print confirmation.subject_confirmation_data
+ assert confirmation.subject_confirmation_data.in_response_to == "id12"
+
+ def test_sso_response_without_identity(self):
+ resp = self.server.do_response(
+ "id12", # in_response_to
+ "http://localhost:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ )
+
+ print resp.keyswv()
+ assert _eq(resp.keyswv(),['status', 'destination', 'in_response_to',
+ 'issue_instant', 'version', 'id', 'issuer'])
+ assert resp.destination == "http://localhost:8087/"
+ assert resp.in_response_to == "id12"
+ assert resp.status
+ assert resp.status.status_code.value == samlp.STATUS_SUCCESS
+ assert resp.issuer.text == "urn:mace:example.com:saml:roland:idp"
+ assert not resp.assertion
+
+ def test_sso_failure_response(self):
+ exc = s_utils.MissingValue("eduPersonAffiliation missing")
+ resp = self.server.error_response("id12", "http://localhost:8087/",
+ "urn:mace:example.com:saml:roland:sp", exc )
+
+ print resp.keyswv()
+ assert _eq(resp.keyswv(),['status', 'destination', 'in_response_to',
+ 'issue_instant', 'version', 'id', 'issuer'])
+ assert resp.destination == "http://localhost:8087/"
+ assert resp.in_response_to == "id12"
+ assert resp.status
+ print resp.status
+ assert resp.status.status_code.value == samlp.STATUS_RESPONDER
+ assert resp.status.status_code.status_code.value == \
+ samlp.STATUS_REQUEST_UNSUPPORTED
+ assert resp.status.status_message.text == \
+ "eduPersonAffiliation missing"
+ assert resp.issuer.text == "urn:mace:example.com:saml:roland:idp"
+ assert not resp.assertion
+
+ def test_authn_response_0(self):
+ self.server = Server("idp_conf")
+
+ conf = config.SPConfig()
+ conf.load_file("server_conf")
+ self.client = client.Saml2Client(conf)
+ ava = { "givenName": ["Derek"], "surName": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com"]}
+
+ resp_str = self.server.authn_response(ava,
+ "id1", "http://local:8087/",
+ "urn:mace:example.com:saml:roland:sp",
+ samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT,
+ allow_create="true"),
+ "foba0001@example.com")
+
+ response = samlp.response_from_string("\n".join(resp_str))
+ print response.keyswv()
+ assert _eq(response.keyswv(),['status', 'destination', 'assertion',
+ 'in_response_to', 'issue_instant', 'version',
+ 'issuer', 'id'])
+ print response.assertion[0].keyswv()
+ assert len(response.assertion) == 1
+ assert _eq(response.assertion[0].keyswv(), ['authn_statement',
+ 'attribute_statement', 'subject', 'issue_instant',
+ 'version', 'issuer', 'conditions', 'id'])
+ assertion = response.assertion[0]
+ assert len(assertion.attribute_statement) == 1
+ astate = assertion.attribute_statement[0]
+ print astate
+ assert len(astate.attribute) == 3
+
+ def test_signed_response(self):
+ name_id = self.server.ident.transient_nameid(
+ "urn:mace:example.com:saml:roland:sp",
+ "id12")
+
+ signed_resp = self.server.do_response(
+ "id12", # in_response_to
+ "http://lingon.catalogix.se:8087/", # consumer_url
+ "urn:mace:example.com:saml:roland:sp", # sp_entity_id
+ {"eduPersonEntitlement":"Jeter"},
+ name_id = name_id,
+ sign=True
+ )
+
+ print "%s" % signed_resp
+ assert signed_resp
+
+ # It's the assertions that are signed not the response per se
+ assert len(signed_resp.assertion) == 1
+ assertion = signed_resp.assertion[0]
+
+ # Since the reponse is created dynamically I don't know the signature
+ # value. Just that there should be one
+ assert assertion.signature.signature_value.text != ""
+
+ def test_slo_http_post(self):
+ soon = time_util.in_a_while(days=1)
+ sinfo = {
+ "name_id": "foba0001",
+ "issuer": "urn:mace:example.com:saml:roland:idp",
+ "not_on_or_after" : soon,
+ "user": {
+ "givenName": "Leo",
+ "surName": "Laport",
+ }
+ }
+ self.client.users.add_information_about_person(sinfo)
+
+ logout_request = self.client.construct_logout_request(
+ subject_id="foba0001",
+ destination = "http://localhost:8088/slop",
+ issuer_entity_id = "urn:mace:example.com:saml:roland:idp",
+ reason = "I'm tired of this")
+
+ intermed = s_utils.deflate_and_base64_encode("%s" % (logout_request,))
+
+ #saml_soap = make_soap_enveloped_saml_thingy(logout_request)
+ request = self.server.parse_logout_request(intermed, BINDING_HTTP_POST)
+ assert request
+
+ def test_slo_soap(self):
+ soon = time_util.in_a_while(days=1)
+ sinfo = {
+ "name_id": "foba0001",
+ "issuer": "urn:mace:example.com:saml:roland:idp",
+ "not_on_or_after" : soon,
+ "user": {
+ "givenName": "Leo",
+ "surName": "Laport",
+ }
+ }
+
+ sp = client.Saml2Client(config_file="server_conf")
+ sp.users.add_information_about_person(sinfo)
+
+ logout_request = sp.construct_logout_request(subject_id = "foba0001",
+ destination = "http://localhost:8088/slo",
+ issuer_entity_id = "urn:mace:example.com:saml:roland:idp",
+ reason = "I'm tired of this")
+
+ _ = s_utils.deflate_and_base64_encode("%s" % (logout_request,))
+
+ saml_soap = make_soap_enveloped_saml_thingy(logout_request)
+ idp = Server("idp_soap_conf")
+ request = idp.parse_logout_request(saml_soap)
+ assert request
+
+#------------------------------------------------------------------------
+
+IDENTITY = {"eduPersonAffiliation": ["staff", "member"],
+ "surName": ["Jeter"], "givenName": ["Derek"],
+ "mail": ["foo@gmail.com"]}
+
+class TestServer2():
+ def setup_class(self):
+ self.server = Server("restrictive_idp_conf")
+
+ def test_do_aa_reponse(self):
+ aa_policy = self.server.conf.policy
+ print aa_policy.__dict__
+ response = self.server.do_aa_response("aaa", "http://example.com/sp/",
+ "urn:mace:example.com:sp:1", IDENTITY.copy())
+
+ assert response is not None
+ assert response.destination == "http://example.com/sp/"
+ assert response.in_response_to == "aaa"
+ assert response.version == "2.0"
+ assert response.issuer.text == "urn:mace:example.com:saml:roland:idpr"
+ assert response.status.status_code.value == samlp.STATUS_SUCCESS
+ assert response.assertion
+ assertion = response.assertion
+ assert assertion.version == "2.0"
+ subject = assertion.subject
+ #assert subject.name_id.format == saml.NAMEID_FORMAT_TRANSIENT
+ assert subject.subject_confirmation
+ subject_confirmation = subject.subject_confirmation
+ assert subject_confirmation.subject_confirmation_data.in_response_to == "aaa"
+
+def _logout_request(conf_file):
+ conf = config.SPConfig()
+ conf.load_file(conf_file)
+ sp = client.Saml2Client(conf)
+
+ soon = time_util.in_a_while(days=1)
+ sinfo = {
+ "name_id": "foba0001",
+ "issuer": "urn:mace:example.com:saml:roland:idp",
+ "not_on_or_after" : soon,
+ "user": {
+ "givenName": "Leo",
+ "surName": "Laport",
+ }
+ }
+ sp.users.add_information_about_person(sinfo)
+
+ return sp.construct_logout_request(
+ subject_id = "foba0001",
+ destination = "http://localhost:8088/slo",
+ issuer_entity_id = "urn:mace:example.com:saml:roland:idp",
+ reason = "I'm tired of this")
+
+class TestServerLogout():
+
+ def test_1(self):
+ server = Server("idp_slo_redirect_conf")
+ request = _logout_request("sp_slo_redirect_conf")
+ print request
+ bindings = [BINDING_HTTP_REDIRECT]
+ (resp, headers, message) = server.logout_response(request, bindings)
+ assert resp == '302 Found'
+ assert len(headers) == 1
+ assert headers[0][0] == "Location"
+ assert message == ['']
+
+# class TestSign():
+# def test_1(self):
+# IDP = server.Server("restrictive_idp.config", debug=1)
+# ava = { "givenName": ["Derek"], "surName": ["Jeter"],
+# "mail": ["derek@nyy.mlb.com"]}
+#
+# authn_resp = IDP.authn_response(ava,
+# "id1", "http://local:8087/",
+# "urn:mace:example.com:saml:roland:sp",
+# samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT,
+# allow_create="true"),
+# "foba0001@example.com", sign=True)
+# print authn_resp
+# assert False
diff --git a/tests/test_51_client.py b/tests/test_51_client.py
new file mode 100644
index 00000000..dbd2d908
--- /dev/null
+++ b/tests/test_51_client.py
@@ -0,0 +1,592 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import base64
+import urllib
+from urlparse import urlparse, parse_qs
+
+from saml2.client import Saml2Client, LogoutError
+from saml2 import samlp, BINDING_HTTP_POST
+from saml2 import BINDING_SOAP
+from saml2 import saml, config, class_name
+from saml2.server import Server
+from saml2.s_utils import decode_base64_and_inflate
+from saml2.time_util import in_a_while
+from saml2.assertion import Assertion
+from saml2.assertion import Policy
+
+from py.test import raises
+
+def for_me(condition, me ):
+ for restriction in condition.audience_restriction:
+ audience = restriction.audience
+ if audience.text.strip() == me:
+ return True
+
+def ava(attribute_statement):
+ result = {}
+ for attribute in attribute_statement.attribute:
+ # Check name_format ??
+ name = attribute.name.strip()
+ result[name] = []
+ for value in attribute.attribute_value:
+ result[name].append(value.text.strip())
+ return result
+
+def _leq(l1, l2):
+ return set(l1) == set(l2)
+
+# def test_parse_3():
+# xml_response = open(XML_RESPONSE_FILE3).read()
+# response = samlp.response_from_string(xml_response)
+# client = Saml2Client({})
+# (ava, name_id, real_uri) = \
+# client.do_response(response, "xenosmilus.umdc.umu.se")
+# print 40*"="
+# print ava
+# print 40*","
+# print name_id
+# assert False
+
+REQ1 = { "1.2.14": """<?xml version='1.0' encoding='UTF-8'?>
+<ns0:AttributeQuery Destination="https://idp.example.com/idp/" ID="id1" IssueInstant="%s" Version="2.0" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"><ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion">urn:mace:example.com:saml:roland:sp</ns1:Issuer><ns1:Subject xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion"><ns1:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">E8042FB4-4D5B-48C3-8E14-8EDD852790DD</ns1:NameID></ns1:Subject></ns0:AttributeQuery>""",
+ "1.2.16":"""<?xml version='1.0' encoding='UTF-8'?>
+<ns0:AttributeQuery xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" Destination="https://idp.example.com/idp/" ID="id1" IssueInstant="%s" Version="2.0"><ns1:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">urn:mace:example.com:saml:roland:sp</ns1:Issuer><ns1:Subject><ns1:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent">E8042FB4-4D5B-48C3-8E14-8EDD852790DD</ns1:NameID></ns1:Subject></ns0:AttributeQuery>"""}
+
+class TestClient:
+ def setup_class(self):
+ self.server = Server("idp_conf")
+
+ conf = config.SPConfig()
+ conf.load_file("server_conf")
+ self.client = Saml2Client(conf)
+
+ def test_create_attribute_query1(self):
+ req = self.client.create_attribute_query("id1",
+ "E8042FB4-4D5B-48C3-8E14-8EDD852790DD",
+ "https://idp.example.com/idp/",
+ nameid_format=saml.NAMEID_FORMAT_PERSISTENT)
+ reqstr = "%s" % req.to_string()
+
+ assert req.destination == "https://idp.example.com/idp/"
+ assert req.id == "id1"
+ assert req.version == "2.0"
+ subject = req.subject
+ name_id = subject.name_id
+ assert name_id.format == saml.NAMEID_FORMAT_PERSISTENT
+ assert name_id.text == "E8042FB4-4D5B-48C3-8E14-8EDD852790DD"
+ issuer = req.issuer
+ assert issuer.text == "urn:mace:example.com:saml:roland:sp"
+
+ attrq = samlp.attribute_query_from_string(reqstr)
+
+ print attrq.keyswv()
+ assert _leq(attrq.keyswv(), ['destination', 'subject', 'issue_instant',
+ 'version', 'id', 'issuer'])
+
+ assert attrq.destination == req.destination
+ assert attrq.id == req.id
+ assert attrq.version == req.version
+ assert attrq.issuer.text == issuer.text
+ assert attrq.issue_instant == req.issue_instant
+ assert attrq.subject.name_id.format == name_id.format
+ assert attrq.subject.name_id.text == name_id.text
+
+ def test_create_attribute_query2(self):
+ req = self.client.create_attribute_query("id1",
+ "E8042FB4-4D5B-48C3-8E14-8EDD852790DD",
+ "https://idp.example.com/idp/",
+ attribute={
+ ("urn:oid:2.5.4.42",
+ "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "givenName"):None,
+ ("urn:oid:2.5.4.4",
+ "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ "surname"):None,
+ ("urn:oid:1.2.840.113549.1.9.1",
+ "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"):None,
+ },
+ nameid_format=saml.NAMEID_FORMAT_PERSISTENT)
+
+ print req.to_string()
+ assert req.destination == "https://idp.example.com/idp/"
+ assert req.id == "id1"
+ assert req.version == "2.0"
+ subject = req.subject
+ name_id = subject.name_id
+ assert name_id.format == saml.NAMEID_FORMAT_PERSISTENT
+ assert name_id.text == "E8042FB4-4D5B-48C3-8E14-8EDD852790DD"
+ assert len(req.attribute) == 3
+ # one is givenName
+ seen = []
+ for attribute in req.attribute:
+ if attribute.name == "urn:oid:2.5.4.42":
+ assert attribute.name_format == saml.NAME_FORMAT_URI
+ assert attribute.friendly_name == "givenName"
+ seen.append("givenName")
+ elif attribute.name == "urn:oid:2.5.4.4":
+ assert attribute.name_format == saml.NAME_FORMAT_URI
+ assert attribute.friendly_name == "surname"
+ seen.append("surname")
+ elif attribute.name == "urn:oid:1.2.840.113549.1.9.1":
+ assert attribute.name_format == saml.NAME_FORMAT_URI
+ if getattr(attribute,"friendly_name"):
+ assert False
+ seen.append("email")
+ assert set(seen) == set(["givenName", "surname", "email"])
+
+ def test_create_attribute_query_3(self):
+ req = self.client.create_attribute_query("id1",
+ "_e7b68a04488f715cda642fbdd90099f5",
+ "https://aai-demo-idp.switch.ch/idp/shibboleth",
+ nameid_format=saml.NAMEID_FORMAT_TRANSIENT )
+
+ assert isinstance(req, samlp.AttributeQuery)
+ assert req.destination == "https://aai-demo-idp.switch.ch/idp/shibboleth"
+ assert req.id == "id1"
+ assert req.version == "2.0"
+ assert req.issue_instant
+ assert req.issuer.text == "urn:mace:example.com:saml:roland:sp"
+ nameid = req.subject.name_id
+ assert nameid.format == saml.NAMEID_FORMAT_TRANSIENT
+ assert nameid.text == "_e7b68a04488f715cda642fbdd90099f5"
+
+ def test_attribute_query(self):
+ req = self.client.attribute_query(
+ "_e7b68a04488f715cda642fbdd90099f5",
+ "https://aai-demo-idp.switch.ch/idp/shibboleth",
+ nameid_format=saml.NAMEID_FORMAT_TRANSIENT)
+
+ # since no one is answering on the other end
+ assert req is None
+
+ # def test_idp_entry(self):
+ # idp_entry = self.client.idp_entry(name="Umeå Universitet",
+ # location="https://idp.umu.se/")
+ #
+ # assert idp_entry.name == "Umeå Universitet"
+ # assert idp_entry.loc == "https://idp.umu.se/"
+ #
+ # def test_scope(self):
+ # entity_id = "urn:mace:example.com:saml:roland:idp"
+ # locs = self.client.metadata.single_sign_on_services(entity_id)
+ # scope = self.client.scoping_from_metadata(entity_id, locs)
+ #
+ # assert scope.idp_list
+ # assert len(scope.idp_list.idp_entry) == 1
+ # idp_entry = scope.idp_list.idp_entry[0]
+ # assert idp_entry.name == 'Exempel AB'
+ # assert idp_entry.loc == ['http://localhost:8088/sso']
+
+ def test_create_auth_request_0(self):
+ ar_str = "%s" % self.client.authn_request("id1",
+ "http://www.example.com/sso",
+ "http://www.example.org/service",
+ "urn:mace:example.org:saml:sp",
+ "My Name")
+ ar = samlp.authn_request_from_string(ar_str)
+ print ar
+ assert ar.assertion_consumer_service_url == "http://www.example.org/service"
+ assert ar.destination == "http://www.example.com/sso"
+ assert ar.protocol_binding == BINDING_HTTP_POST
+ assert ar.version == "2.0"
+ assert ar.provider_name == "My Name"
+ assert ar.issuer.text == "urn:mace:example.org:saml:sp"
+ nid_policy = ar.name_id_policy
+ assert nid_policy.allow_create == "true"
+ assert nid_policy.format == saml.NAMEID_FORMAT_TRANSIENT
+
+ def test_create_auth_request_vo(self):
+ assert self.client.config.virtual_organization.keys() == [
+ "urn:mace:example.com:it:tek"]
+
+ ar_str = "%s" % self.client.authn_request("666",
+ "http://www.example.com/sso",
+ "http://www.example.org/service",
+ "urn:mace:example.org:saml:sp",
+ "My Name",
+ vorg="urn:mace:example.com:it:tek")
+
+ ar = samlp.authn_request_from_string(ar_str)
+ print ar
+ assert ar.id == "666"
+ assert ar.assertion_consumer_service_url == "http://www.example.org/service"
+ assert ar.destination == "http://www.example.com/sso"
+ assert ar.protocol_binding == BINDING_HTTP_POST
+ assert ar.version == "2.0"
+ assert ar.provider_name == "My Name"
+ assert ar.issuer.text == "urn:mace:example.org:saml:sp"
+ nid_policy = ar.name_id_policy
+ assert nid_policy.allow_create == "true"
+ assert nid_policy.format == saml.NAMEID_FORMAT_PERSISTENT
+ assert nid_policy.sp_name_qualifier == "urn:mace:example.com:it:tek"
+
+ def test_sign_auth_request_0(self):
+ #print self.client.config
+
+ ar_str = "%s" % self.client.authn_request("id1",
+ "http://www.example.com/sso",
+ "http://www.example.org/service",
+ "urn:mace:example.org:saml:sp",
+ "My Name", sign=True)
+
+ ar = samlp.authn_request_from_string(ar_str)
+
+ assert ar
+ assert ar.signature
+ assert ar.signature.signature_value
+ signed_info = ar.signature.signed_info
+ #print signed_info
+ assert len(signed_info.reference) == 1
+ assert signed_info.reference[0].uri == "#id1"
+ assert signed_info.reference[0].digest_value
+ print "------------------------------------------------"
+ try:
+ assert self.client.sec.correctly_signed_authn_request(ar_str,
+ self.client.config.xmlsec_binary,
+ self.client.config.metadata)
+ except Exception: # missing certificate
+ self.client.sec.verify_signature(ar_str, node_name=class_name(ar))
+
+ def test_response(self):
+ IDP = "urn:mace:example.com:saml:roland:idp"
+
+ ava = { "givenName": ["Derek"], "surname": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com"]}
+
+ resp_str = "\n".join(self.server.authn_response(
+ identity=ava,
+ in_response_to="id1",
+ destination="http://lingon.catalogix.se:8087/",
+ sp_entity_id="urn:mace:example.com:saml:roland:sp",
+ name_id_policy=samlp.NameIDPolicy(
+ format=saml.NAMEID_FORMAT_PERSISTENT),
+ userid="foba0001@example.com"))
+
+ resp_str = base64.encodestring(resp_str)
+
+ authn_response = self.client.response({"SAMLResponse":resp_str},
+ {"id1":"http://foo.example.com/service"})
+
+ assert authn_response is not None
+ assert authn_response.issuer() == IDP
+ assert authn_response.response.assertion[0].issuer.text == IDP
+ session_info = authn_response.session_info()
+
+ print session_info
+ assert session_info["ava"] == {'mail': ['derek@nyy.mlb.com'], 'givenName': ['Derek'], 'sn': ['Jeter']}
+ assert session_info["issuer"] == IDP
+ assert session_info["came_from"] == "http://foo.example.com/service"
+ response = samlp.response_from_string(authn_response.xmlstr)
+ assert response.destination == "http://lingon.catalogix.se:8087/"
+
+ # One person in the cache
+ assert len(self.client.users.subjects()) == 1
+ subject_id = self.client.users.subjects()[0]
+ print "||||", self.client.users.get_info_from(subject_id, IDP)
+ # The information I have about the subject comes from one source
+ assert self.client.users.issuers_of_info(subject_id) == [IDP]
+
+ # --- authenticate another person
+
+ ava = { "givenName": ["Alfonson"], "surname": ["Soriano"],
+ "mail": ["alfonson@chc.mlb.com"]}
+
+ resp_str = "\n".join(self.server.authn_response(
+ identity=ava,
+ in_response_to="id2",
+ destination="http://lingon.catalogix.se:8087/",
+ sp_entity_id="urn:mace:example.com:saml:roland:sp",
+ name_id_policy=samlp.NameIDPolicy(
+ format=saml.NAMEID_FORMAT_PERSISTENT),
+ userid="also0001@example.com"))
+
+ resp_str = base64.encodestring(resp_str)
+
+ self.client.response({"SAMLResponse":resp_str},
+ {"id2":"http://foo.example.com/service"})
+
+ # Two persons in the cache
+ assert len(self.client.users.subjects()) == 2
+ issuers = [self.client.users.issuers_of_info(s) for s in self.client.users.subjects()]
+ # The information I have about the subjects comes from the same source
+ print issuers
+ assert issuers == [[IDP], [IDP]]
+
+ def test_init_values(self):
+ entityid = self.client.config.entityid
+ print entityid
+ assert entityid == "urn:mace:example.com:saml:roland:sp"
+ print self.client.config.idp
+ print self.client.config.metadata.idps()
+ print self.client.config.idps()
+ location = self.client._sso_location()
+ print location
+ assert location == 'http://localhost:8088/sso'
+ service_url = self.client.service_url()
+ print service_url
+ assert service_url == "http://lingon.catalogix.se:8087/"
+ my_name = self.client._my_name()
+ print my_name
+ assert my_name == "urn:mace:example.com:saml:roland:sp"
+
+ def test_authenticate(self):
+ print self.client.config.idps()
+ (sid, response) = self.client.authenticate(
+ "urn:mace:example.com:saml:roland:idp",
+ "http://www.example.com/relay_state")
+ assert sid is not None
+ assert response[0] == "Location"
+ o = urlparse(response[1])
+ qdict = parse_qs(o.query)
+ assert _leq(qdict.keys(), ['SAMLRequest', 'RelayState'])
+ saml_request = decode_base64_and_inflate(qdict["SAMLRequest"][0])
+ print saml_request
+ authnreq = samlp.authn_request_from_string(saml_request)
+ assert authnreq.id == sid
+
+ def test_authenticate_no_args(self):
+ (sid, request) = self.client.authenticate(relay_state="http://www.example.com/relay_state")
+ assert sid is not None
+ assert request[0] == "Location"
+ o = urlparse(request[1])
+ qdict = parse_qs(o.query)
+ assert _leq(qdict.keys(), ['SAMLRequest', 'RelayState'])
+ saml_request = decode_base64_and_inflate(qdict["SAMLRequest"][0])
+ assert qdict["RelayState"][0] == "http://www.example.com/relay_state"
+ print saml_request
+ authnreq = samlp.authn_request_from_string(saml_request)
+ print authnreq.keyswv()
+ assert authnreq.id == sid
+ assert authnreq.destination == "http://localhost:8088/sso"
+ assert authnreq.assertion_consumer_service_url == "http://lingon.catalogix.se:8087/"
+ assert authnreq.provider_name == "urn:mace:example.com:saml:roland:sp"
+ assert authnreq.protocol_binding == BINDING_HTTP_POST
+ name_id_policy = authnreq.name_id_policy
+ assert name_id_policy.allow_create == "true"
+ assert name_id_policy.format == "urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
+ issuer = authnreq.issuer
+ assert issuer.text == "urn:mace:example.com:saml:roland:sp"
+
+
+ def test_logout_1(self):
+ """ one IdP/AA with BINDING_HTTP_REDIRECT on single_logout_service"""
+
+ # information about the user from an IdP
+ session_info = {
+ "name_id": "123456",
+ "issuer": "urn:mace:example.com:saml:roland:idp",
+ "not_on_or_after": in_a_while(minutes=15),
+ "ava": {
+ "givenName": "Anders",
+ "surName": "Andersson",
+ "mail": "anders.andersson@example.com"
+ }
+ }
+ self.client.users.add_information_about_person(session_info)
+ entity_ids = self.client.users.issuers_of_info("123456")
+ assert entity_ids == ["urn:mace:example.com:saml:roland:idp"]
+ resp = self.client.global_logout("123456", "Tired", in_a_while(minutes=5))
+ print resp
+ assert resp
+ assert resp[0] # a session_id
+ assert resp[1] == '200 OK'
+ assert resp[2] == [('Content-type', 'text/html')]
+ assert resp[3][0] == '<head>'
+ assert resp[3][1] == '<title>SAML 2.0 POST</title>'
+ session_info = self.client.state[resp[0]]
+ print session_info
+ assert session_info["entity_id"] == entity_ids[0]
+ assert session_info["subject_id"] == "123456"
+ assert session_info["reason"] == "Tired"
+ assert session_info["operation"] == "SLO"
+ assert session_info["entity_ids"] == entity_ids
+ assert session_info["sign"] == False
+
+ def test_logout_2(self):
+ """ one IdP/AA with BINDING_SOAP, can't actually send something"""
+
+ conf = config.SPConfig()
+ conf.load_file("server2_conf")
+ client = Saml2Client(conf)
+
+ # information about the user from an IdP
+ session_info = {
+ "name_id": "123456",
+ "issuer": "urn:mace:example.com:saml:roland:idp",
+ "not_on_or_after": in_a_while(minutes=15),
+ "ava": {
+ "givenName": "Anders",
+ "surName": "Andersson",
+ "mail": "anders.andersson@example.com"
+ }
+ }
+ client.users.add_information_about_person(session_info)
+ entity_ids = self.client.users.issuers_of_info("123456")
+ assert entity_ids == ["urn:mace:example.com:saml:roland:idp"]
+ destinations = client.config.single_logout_services(entity_ids[0],
+ BINDING_SOAP)
+ print destinations
+ assert destinations == ['http://localhost:8088/slo']
+
+ # Will raise an error since there is noone at the other end.
+ raises(LogoutError, 'client.global_logout("123456", "Tired", in_a_while(minutes=5))')
+
+ def test_logout_3(self):
+ """ two or more IdP/AA with BINDING_HTTP_REDIRECT"""
+
+ conf = config.SPConfig()
+ conf.load_file("server3_conf")
+ client = Saml2Client(conf)
+
+ # information about the user from an IdP
+ session_info_authn = {
+ "name_id": "123456",
+ "issuer": "urn:mace:example.com:saml:roland:idp",
+ "not_on_or_after": in_a_while(minutes=15),
+ "ava": {
+ "givenName": "Anders",
+ "surName": "Andersson",
+ "mail": "anders.andersson@example.com"
+ }
+ }
+ client.users.add_information_about_person(session_info_authn)
+ session_info_aa = {
+ "name_id": "123456",
+ "issuer": "urn:mace:example.com:saml:roland:aa",
+ "not_on_or_after": in_a_while(minutes=15),
+ "ava": {
+ "eduPersonEntitlement": "Foobar",
+ }
+ }
+ client.users.add_information_about_person(session_info_aa)
+ entity_ids = client.users.issuers_of_info("123456")
+ assert _leq(entity_ids, ["urn:mace:example.com:saml:roland:idp",
+ "urn:mace:example.com:saml:roland:aa"])
+ resp = client.global_logout("123456", "Tired", in_a_while(minutes=5))
+ print resp
+ assert resp
+ assert resp[0] # a session_id
+ assert resp[1] == '200 OK'
+ # HTTP POST
+ assert resp[2] == [('Content-type', 'text/html')]
+ assert resp[3][0] == '<head>'
+ assert resp[3][1] == '<title>SAML 2.0 POST</title>'
+
+ state_info = client.state[resp[0]]
+ print state_info
+ assert state_info["entity_id"] == entity_ids[0]
+ assert state_info["subject_id"] == "123456"
+ assert state_info["reason"] == "Tired"
+ assert state_info["operation"] == "SLO"
+ assert state_info["entity_ids"] == entity_ids
+ assert state_info["sign"] == False
+
+ def test_authz_decision_query(self):
+ conf = config.SPConfig()
+ conf.load_file("server3_conf")
+ client = Saml2Client(conf)
+
+ AVA = {'mail': u'roland.hedberg@adm.umu.se',
+ 'eduPersonTargetedID': '95e9ae91dbe62d35198fbbd5e1fb0976',
+ 'displayName': u'Roland Hedberg',
+ 'uid': 'http://roland.hedberg.myopenid.com/'}
+
+ sp_entity_id = "sp_entity_id"
+ in_response_to = "1234"
+ consumer_url = "http://example.com/consumer"
+ name_id = saml.NameID(saml.NAMEID_FORMAT_TRANSIENT, text="name_id")
+ policy = Policy()
+ ava = Assertion(AVA)
+ assertion = ava.construct(sp_entity_id, in_response_to,
+ consumer_url, name_id,
+ conf.attribute_converters,
+ policy, issuer=client._issuer())
+
+ adq = client.authz_decision_query_using_assertion("entity_id",
+ assertion,
+ "read",
+ "http://example.com/text")
+
+ assert adq
+ print adq
+ assert adq.keyswv() != []
+ assert adq.destination == "entity_id"
+ assert adq.resource == "http://example.com/text"
+ assert adq.action[0].text == "read"
+
+ def test_request_to_discovery_service(self):
+ disc_url = "http://example.com/saml2/idp/disc"
+ url = self.client.request_to_discovery_service(disc_url)
+ print url
+ assert url == "http://example.com/saml2/idp/disc?entityID=urn%3Amace%3Aexample.com%3Asaml%3Aroland%3Asp"
+
+ url = self.client.request_to_discovery_service(disc_url,
+ return_url= "http://example.org/saml2/sp/ds")
+
+ print url
+ assert url == "http://example.com/saml2/idp/disc?entityID=urn%3Amace%3Aexample.com%3Asaml%3Aroland%3Asp&return=http%3A%2F%2Fexample.org%2Fsaml2%2Fsp%2Fds"
+
+ def test_get_idp_from_discovery_service(self):
+ pdir = {"entityID": "http://example.org/saml2/idp/sso"}
+ params = urllib.urlencode(pdir)
+ redirect_url = "http://example.com/saml2/sp/disc?%s" % params
+
+ entity_id = self.client.get_idp_from_discovery_service(url=redirect_url)
+ assert entity_id == "http://example.org/saml2/idp/sso"
+
+ pdir = {"idpID": "http://example.org/saml2/idp/sso"}
+ params = urllib.urlencode(pdir)
+ redirect_url = "http://example.com/saml2/sp/disc?%s" % params
+
+ entity_id = self.client.get_idp_from_discovery_service(url=redirect_url,
+ returnIDParam="idpID")
+
+ assert entity_id == "http://example.org/saml2/idp/sso"
+
+ def test_unsolicited_response(self):
+ """
+
+ """
+ self.server = Server("idp_conf")
+
+ conf = config.SPConfig()
+ conf.load_file("server_conf")
+ self.client = Saml2Client(conf)
+
+ for subject in self.client.users.subjects():
+ self.client.users.remove_person(subject)
+
+ IDP = "urn:mace:example.com:saml:roland:idp"
+
+ ava = { "givenName": ["Derek"], "surname": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com"]}
+
+ resp_str = "\n".join(self.server.authn_response(
+ identity=ava,
+ in_response_to="id1",
+ destination="http://lingon.catalogix.se:8087/",
+ sp_entity_id="urn:mace:example.com:saml:roland:sp",
+ name_id_policy=samlp.NameIDPolicy(
+ format=saml.NAMEID_FORMAT_PERSISTENT),
+ userid="foba0001@example.com"))
+
+ resp_str = base64.encodestring(resp_str)
+
+ self.client.allow_unsolicited = True
+ authn_response = self.client.response({"SAMLResponse":resp_str}, ())
+
+ assert authn_response is not None
+ assert authn_response.issuer() == IDP
+ assert authn_response.response.assertion[0].issuer.text == IDP
+ session_info = authn_response.session_info()
+
+ print session_info
+ assert session_info["ava"] == {'mail': ['derek@nyy.mlb.com'], 'givenName': ['Derek'], 'sn': ['Jeter']}
+ assert session_info["issuer"] == IDP
+ assert session_info["came_from"] == ""
+ response = samlp.response_from_string(authn_response.xmlstr)
+ assert response.destination == "http://lingon.catalogix.se:8087/"
+
+ # One person in the cache
+ assert len(self.client.users.subjects()) == 1
diff --git a/tests/test_60_sp.py b/tests/test_60_sp.py
new file mode 100644
index 00000000..01b98932
--- /dev/null
+++ b/tests/test_60_sp.py
@@ -0,0 +1,63 @@
+#!/usr/bin/env python
+# -*- coding: utf-8 -*-
+
+import base64
+from s2repoze.plugins.sp import make_plugin
+from saml2.server import Server
+from saml2 import make_instance, samlp, saml
+
+ENV1 = {'SERVER_SOFTWARE': 'CherryPy/3.1.2 WSGI Server',
+ 'SCRIPT_NAME': '',
+ 'ACTUAL_SERVER_PROTOCOL': 'HTTP/1.1',
+ 'REQUEST_METHOD': 'GET',
+ 'PATH_INFO': '/krissms',
+ 'SERVER_PROTOCOL': 'HTTP/1.1',
+ 'QUERY_STRING': '',
+ 'REMOTE_ADDR': '127.0.0.1',
+ 'HTTP_USER_AGENT':
+ 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) ',
+ 'HTTP_CONNECTION': 'keep-alive',
+ 'SERVER_NAME': 'lingon-catalogix-se-2.local',
+ 'REMOTE_PORT': '57309',
+ 'wsgi.url_scheme': 'http',
+ 'SERVER_PORT': '8087',
+ 'HTTP_HOST': '127.0.0.1:8087',
+ 'wsgi.multithread': True,
+ 'HTTP_ACCEPT':
+ 'application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5',
+ 'wsgi.version': (1, 0),
+ 'wsgi.run_once': False,
+ 'wsgi.multiprocess': False,
+ 'HTTP_ACCEPT_LANGUAGE': 'en-us',
+ 'HTTP_ACCEPT_ENCODING': 'gzip, deflate'}
+
+class TestSP():
+ def setup_class(self):
+ self.sp = make_plugin("rem", saml_conf="server_conf")
+ self.server = Server(config_file="idp_conf")
+
+ def test_setup(self):
+ assert self.sp
+
+ def test_identify(self):
+
+ # Create a SAMLResponse
+ ava = { "givenName": ["Derek"], "surname": ["Jeter"],
+ "mail": ["derek@nyy.mlb.com"]}
+
+ resp_str = "\n".join(self.server.authn_response(ava,
+ "id1", "http://lingon.catalogix.se:8087/",
+ "urn:mace:example.com:saml:roland:sp",
+ samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT,
+ allow_create="true"),
+ "foba0001@example.com"))
+
+ resp_str = base64.encodestring(resp_str)
+ self.sp.outstanding_queries = {"id1":"http://www.example.com/service"}
+ session_info = self.sp._eval_authn_response({},{"SAMLResponse":resp_str})
+
+ assert len(session_info) > 1
+ assert session_info["came_from"] == 'http://www.example.com/service'
+ assert session_info["ava"] == {'givenName': ['Derek'],
+ 'mail': ['derek@nyy.mlb.com'],
+ 'sn': ['Jeter']} \ No newline at end of file
diff --git a/tests/test_61_makemeta.py b/tests/test_61_makemeta.py
new file mode 100644
index 00000000..49b2015a
--- /dev/null
+++ b/tests/test_61_makemeta.py
@@ -0,0 +1,303 @@
+import saml2
+from saml2 import metadata
+from saml2 import md
+from saml2 import BINDING_HTTP_POST
+from saml2 import extension_elements_to_elements
+
+from saml2.extension import shibmd
+from saml2.extension import mdui
+from saml2.extension import idpdisc
+
+from saml2.attribute_converter import ac_factory
+from saml2.saml import NAME_FORMAT_URI
+from saml2.config import SPConfig, IdPConfig
+
+def _eq(l1,l2):
+ return set(l1) == set(l2)
+
+SP = {
+ "name" : "Rolands SP",
+ "description": "One of the best SPs in business",
+ "service": {
+ "sp": {
+ "endpoints": {
+ "single_logout_service" : ["http://localhost:8087/logout"],
+ "assertion_consumer_service" : [{"location":"http://localhost:8087/",
+ "binding":BINDING_HTTP_POST},]
+ },
+ "required_attributes": ["sn", "givenName", "mail"],
+ "optional_attributes": ["title"],
+ "idp": {
+ "" : "https://example.com/saml2/idp/SSOService.php",
+ },
+ }
+ },
+ "metadata": {
+ "local": ["foo.xml"],
+ },
+ "attribute_map_dir" : "attributemaps",
+}
+
+IDP = {
+ "name" : "Rolands IdP",
+ "service": {
+ "idp": {
+ "endpoints": {
+ "single_sign_on_service" : ["http://localhost:8088/sso"],
+ },
+ "policy": {
+ "default": {
+ "lifetime": {"minutes":15},
+ "attribute_restrictions": None, # means all I have
+ "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
+ },
+ "urn:mace:example.com:saml:roland:sp": {
+ "lifetime": {"minutes": 5},
+ "nameid_format": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
+ }
+ },
+ "scope": ["example.org"],
+ "ui_info": {
+ "privacy_statement_url":
+ "http://example.com/saml2/privacyStatement.html",
+ "information_url": "http://example.com/saml2/info.html",
+ "logo": {
+ "height": "40",
+ "width" : "30",
+ "text": "http://example.com/logo.jpg"
+ },
+ "display_name": "Example Co.",
+ "description" : {"text":"Exempel bolag","lang":"se"},
+ "keywords": {"lang":"en", "text":["foo", "bar"]}
+ },
+ }
+ },
+ "metadata": {
+ "local": ["bar.xml"],
+ },
+}
+
+def test_org_1():
+ desc = {
+ "name": [("Example Company","en"), ("Exempel AB","se"), "Example",],
+ "display_name": ["Example AS", ("Voorbeeld AZ", "")],
+ "url": [("http://example.com","en")],
+ }
+ org = metadata.do_organization_info(desc)
+ print org
+ assert isinstance(org, md.Organization)
+ print org.keyswv()
+ assert _eq(org.keyswv(), ['organization_name',
+ 'organization_display_name','organization_url'])
+ assert len(org.organization_name) == 3
+ assert len(org.organization_display_name) == 2
+ assert len(org.organization_url) == 1
+
+def test_org_2():
+ desc = {
+ "name": [("Example Company","en"), ("Exempel AB","se"), "Example",],
+ "display_name": "Example AS",
+ "url": ("http://example.com","en"),
+ }
+ org = metadata.do_organization_info(desc)
+ print org
+ assert _eq(org.keyswv(), ['organization_name',
+ 'organization_display_name','organization_url'])
+ assert len(org.organization_name) == 3
+ assert len(org.organization_display_name) == 1
+ assert org.organization_display_name[0].text == 'Example AS'
+ assert len(org.organization_url) == 1
+ assert isinstance(org.organization_url[0], md.OrganizationURL)
+ assert org.organization_url[0].lang == "en"
+ assert org.organization_url[0].text == 'http://example.com'
+
+def test_org_3():
+ desc = { "display_name": ["Rolands SAML"] }
+ org = metadata.do_organization_info(desc)
+ assert _eq(org.keyswv(), ['organization_display_name'])
+ assert len(org.organization_display_name) == 1
+
+def test_contact_0():
+ conf = [{
+ "given_name":"Roland",
+ "sur_name": "Hedberg",
+ "telephone_number": "+46 70 100 00 00",
+ "email_address": ["foo@eample.com", "foo@example.org"],
+ "contact_type": "technical"
+ }]
+ contact_person = metadata.do_contact_person_info(conf)
+ assert _eq(contact_person[0].keyswv(), ['given_name', 'sur_name',
+ 'contact_type', 'telephone_number',
+ "email_address"])
+ print contact_person[0]
+ person = contact_person[0]
+ assert person.contact_type == "technical"
+ assert isinstance(person.given_name, md.GivenName)
+ assert person.given_name.text == "Roland"
+ assert isinstance(person.sur_name, md.SurName)
+ assert person.sur_name.text == "Hedberg"
+ assert isinstance(person.telephone_number[0], md.TelephoneNumber)
+ assert person.telephone_number[0].text == "+46 70 100 00 00"
+ assert len(person.email_address) == 2
+ assert isinstance(person.email_address[0], md.EmailAddress)
+ assert person.email_address[0].text == "foo@eample.com"
+
+def test_do_endpoints():
+ eps = metadata.do_endpoints(SP["service"]["sp"]["endpoints"],
+ metadata.ENDPOINTS["sp"])
+ print eps
+ assert _eq(eps.keys(), ["assertion_consumer_service",
+ "single_logout_service"])
+
+ assert len(eps["single_logout_service"]) == 1
+ sls = eps["single_logout_service"][0]
+ assert sls.location == "http://localhost:8087/logout"
+ assert sls.binding == BINDING_HTTP_POST
+
+ assert len(eps["assertion_consumer_service"]) == 1
+ acs = eps["assertion_consumer_service"][0]
+ assert acs.location == "http://localhost:8087/"
+ assert acs.binding == BINDING_HTTP_POST
+
+ assert "artifact_resolution_service" not in eps
+ assert "manage_name_id_service" not in eps
+
+def test_required_attributes():
+ attrconverters = ac_factory("../tests/attributemaps")
+ ras = metadata.do_requested_attribute(
+ SP["service"]["sp"]["required_attributes"],
+ attrconverters, is_required="true")
+ assert len(ras) == len(SP["service"]["sp"]["required_attributes"])
+ print ras[0]
+ assert ras[0].name == 'urn:oid:2.5.4.4'
+ assert ras[0].name_format == NAME_FORMAT_URI
+ assert ras[0].is_required == "true"
+
+def test_optional_attributes():
+ attrconverters = ac_factory("../tests/attributemaps")
+ ras = metadata.do_requested_attribute(
+ SP["service"]["sp"]["optional_attributes"],
+ attrconverters)
+ assert len(ras) == len(SP["service"]["sp"]["optional_attributes"])
+ print ras[0]
+ assert ras[0].name == 'urn:oid:2.5.4.12'
+ assert ras[0].name_format == NAME_FORMAT_URI
+ assert ras[0].is_required == "false"
+
+def test_do_sp_sso_descriptor():
+ conf = SPConfig().load(SP, metadata_construction=True)
+ spsso = metadata.do_sp_sso_descriptor(conf)
+
+ assert isinstance(spsso, md.SPSSODescriptor)
+ assert _eq(spsso.keyswv(), ['authn_requests_signed',
+ 'attribute_consuming_service',
+ 'single_logout_service',
+ 'protocol_support_enumeration',
+ 'assertion_consumer_service',
+ 'want_assertions_signed'])
+
+ assert spsso.authn_requests_signed == "false"
+ assert spsso.want_assertions_signed == "true"
+ assert len (spsso.attribute_consuming_service) == 1
+ acs = spsso.attribute_consuming_service[0]
+ print acs.keyswv()
+ assert _eq(acs.keyswv(), ['requested_attribute', 'service_name',
+ 'service_description', 'index'])
+ assert acs.service_name[0].text == SP["name"]
+ assert acs.service_description[0].text == SP["description"]
+ assert len(acs.requested_attribute) == 4
+ assert acs.requested_attribute[0].friendly_name == "sn"
+ assert acs.requested_attribute[0].name == 'urn:oid:2.5.4.4'
+ assert acs.requested_attribute[0].name_format == NAME_FORMAT_URI
+ assert acs.requested_attribute[0].is_required == "true"
+
+def test_do_sp_sso_descriptor_2():
+ SP["service"]["sp"]["discovery_response"] = "http://example.com/sp/ds"
+
+ conf = SPConfig().load(SP, metadata_construction=True)
+ spsso = metadata.do_sp_sso_descriptor(conf)
+
+ assert isinstance(spsso, md.SPSSODescriptor)
+ print spsso.keyswv()
+ assert _eq(spsso.keyswv(), ['authn_requests_signed',
+ 'attribute_consuming_service',
+ 'single_logout_service',
+ 'protocol_support_enumeration',
+ 'assertion_consumer_service',
+ 'want_assertions_signed',
+ 'extensions'])
+
+ exts = spsso.extensions.extension_elements
+ assert len(exts) == 1
+ print exts
+ idpd = saml2.extension_element_to_element(exts[0],
+ idpdisc.ELEMENT_FROM_STRING,
+ namespace=idpdisc.NAMESPACE)
+ print idpd
+ assert idpd.location == "http://example.com/sp/ds"
+ assert idpd.index == "0"
+ assert idpd.binding == "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+
+def test_entity_description():
+ #confd = eval(open("../tests/server.config").read())
+ confd = SPConfig().load_file("server_conf")
+ print confd.attribute_converters
+ entd = metadata.entity_descriptor(confd, 1)
+ assert entd is not None
+ print entd.keyswv()
+ assert _eq(entd.keyswv(), ['valid_until', 'entity_id', 'contact_person',
+ 'spsso_descriptor', 'organization'])
+ print entd
+ assert entd.entity_id == "urn:mace:example.com:saml:roland:sp"
+
+def test_do_idp_sso_descriptor():
+ conf = IdPConfig().load(IDP, metadata_construction=True)
+ idpsso = metadata.do_idp_sso_descriptor(conf)
+
+ assert isinstance(idpsso, md.IDPSSODescriptor)
+ assert _eq(idpsso.keyswv(), ['protocol_support_enumeration',
+ 'single_sign_on_service',
+ 'want_authn_requests_signed',
+ "extensions"])
+ exts = idpsso.extensions.extension_elements
+ assert len(exts) == 2
+ print exts
+ inst = saml2.extension_element_to_element(exts[0],
+ shibmd.ELEMENT_FROM_STRING,
+ namespace=shibmd.NAMESPACE)
+ assert isinstance(inst, shibmd.Scope)
+ assert inst.text == "example.org"
+ assert inst.regexp == "false"
+
+ uiinfo = saml2.extension_element_to_element(exts[1],
+ mdui.ELEMENT_FROM_STRING,
+ namespace=mdui.NAMESPACE)
+
+ assert uiinfo
+ assert _eq(uiinfo.keyswv(), ['display_name', 'description',
+ 'information_url', 'privacy_statement_url',
+ 'keywords', 'logo'])
+
+ assert len(uiinfo.privacy_statement_url) == 1
+ assert uiinfo.privacy_statement_url[0].text == "http://example.com/saml2/privacyStatement.html"
+ assert len(uiinfo.description) == 1
+ assert uiinfo.description[0].text == "Exempel bolag"
+ assert uiinfo.description[0].lang == "se"
+
+ res = extension_elements_to_elements(exts,[shibmd, mdui])
+
+ assert len(res) == 2
+ # one is a shibmd.Scope instance and the other a mdui.UIInfo instance
+ if isinstance(res[0], shibmd.Scope):
+ assert isinstance(res[1], mdui.UIInfo)
+ elif isinstance(res[1], shibmd.Scope):
+ assert isinstance(res[0], mdui.UIInfo)
+
+ found = idpsso.extensions.find_extensions(mdui.UIInfo.c_tag,
+ mdui.NAMESPACE)
+ assert len(found) == 1
+
+ elem = idpsso.extensions.extensions_as_elements(mdui.UIInfo.c_tag, mdui)
+ assert len(elem) == 1
+ assert isinstance(elem[0], mdui.UIInfo)
+
diff --git a/tests/test_62_vo.py b/tests/test_62_vo.py
new file mode 100644
index 00000000..43c3c2db
--- /dev/null
+++ b/tests/test_62_vo.py
@@ -0,0 +1,79 @@
+__author__ = 'rolandh'
+
+from saml2.virtual_org import VirtualOrg
+from saml2 import config
+from saml2.client import Saml2Client
+from saml2.time_util import str_to_time, in_a_while
+
+SESSION_INFO_PATTERN = {"ava":{}, "came from":"", "not_on_or_after":0,
+ "issuer":"", "session_id":-1}
+
+def add_derek_info(sp):
+ not_on_or_after = str_to_time(in_a_while(days=1))
+ session_info = SESSION_INFO_PATTERN.copy()
+ session_info["ava"] = {"givenName":["Derek"], "umuselin":["deje0001"]}
+ session_info["issuer"] = "https://toylan3.umdc.umu.se/shibboleth"
+ session_info["name_id"] = "abcdefgh"
+ session_info["not_on_or_after"] = not_on_or_after
+ # subject_id, entity_id, info, timestamp
+ sp.users.add_information_about_person(session_info)
+
+class TestVirtualOrg():
+ def setup_class(self):
+ conf = config.SPConfig()
+ conf.load_file("server_conf")
+ self.sp = Saml2Client(conf)
+
+ vo_name = conf.virtual_organization.keys()[0]
+ self.vo = VirtualOrg(self.sp, vo_name)
+ add_derek_info(self.sp)
+
+ def test_mta(self):
+ aas = self.vo.members_to_ask("abcdefgh")
+ print aas
+ assert len(aas) == 2
+ assert 'urn:mace:example.com:saml:aa' in aas
+ assert 'urn:mace:example.com:saml:idp' in aas
+
+ def test_unknown_subject(self):
+ aas = self.vo.members_to_ask("01234567")
+ print aas
+ assert len(aas) == 0
+
+ def test_id(self):
+ id = self.vo.get_common_identifier("abcdefgh")
+ print id
+ assert id == "deje0001"
+
+ def test_id_unknown(self):
+ id = self.vo.get_common_identifier("01234567")
+ assert id is None
+
+class TestVirtualOrg_2():
+ def setup_class(self):
+ conf = config.SPConfig()
+ conf.load_file("server_conf")
+ vo_name = conf.virtual_organization.keys()[0]
+ self.sp = Saml2Client(conf, virtual_organization=vo_name)
+ add_derek_info(self.sp)
+
+ def test_mta(self):
+ aas = self.sp.vorg.members_to_ask("abcdefgh")
+ print aas
+ assert len(aas) == 2
+ assert 'urn:mace:example.com:saml:aa' in aas
+ assert 'urn:mace:example.com:saml:idp' in aas
+
+ def test_unknown_subject(self):
+ aas = self.sp.vorg.members_to_ask("01234567")
+ print aas
+ assert len(aas) == 0
+
+ def test_id(self):
+ id = self.sp.vorg.get_common_identifier("abcdefgh")
+ print id
+ assert id == "deje0001"
+
+ def test_id_unknown(self):
+ id = self.sp.vorg.get_common_identifier("01234567")
+ assert id is None
diff --git a/tests/test_63_ecp.py b/tests/test_63_ecp.py
new file mode 100644
index 00000000..6d01d49f
--- /dev/null
+++ b/tests/test_63_ecp.py
@@ -0,0 +1,68 @@
+__author__ = 'rolandh'
+
+from saml2 import soap
+from saml2 import samlp
+from saml2 import config
+from saml2 import ecp
+
+from saml2.profile import ecp as ecp_prof
+from saml2.profile import paos
+from saml2.client import Saml2Client
+
+def _eq(l1, l2):
+ if len(l1) == len(l2):
+ return set(l1) == set(l2)
+ else:
+ return len(l1) == len(l2)
+
+def test_multiple_soap_headers():
+ xml_str = open("ecp_soap.xml").read()
+ res = soap.class_instances_from_soap_enveloped_saml_thingies(xml_str,
+ [ecp_prof,
+ paos,
+ samlp])
+
+ assert res["body"].c_tag == "AuthnRequest"
+
+ assert len(res["header"]) == 3
+ headers = ["{%s}%s" % (i.c_namespace, i.c_tag) for i in res["header"]]
+ print headers
+ assert _eq(headers,['{urn:liberty:paos:2003-08}Request',
+ '{urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp}Request',
+ '{urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp}RelayState'])
+
+ _relay_state = None
+
+ for item in res["header"]:
+ if item.c_tag == "RelayState" and item.c_namespace == ecp_prof.NAMESPACE:
+ _relay_state = item
+
+ assert _relay_state
+ assert _relay_state.actor == "http://schemas.xmlsoap.org/soap/actor/next"
+
+class TestECPClient(object):
+ def setup_class(self):
+ conf = config.SPConfig()
+ conf.load_file("server_conf")
+ self.client = Saml2Client(conf)
+
+ def test_ecp_authn(self):
+ ssid, soap_req = ecp.ecp_auth_request(self.client,
+ "urn:mace:example.com:saml:roland:idp",
+ "id1")
+ print soap_req
+ response = soap.class_instances_from_soap_enveloped_saml_thingies(
+ soap_req,
+ [paos,
+ ecp_prof,
+ samlp])
+ print response
+ assert len(response["header"]) == 2
+ assert response["body"].c_tag == "AuthnRequest"
+ assert response["body"].c_namespace == samlp.NAMESPACE
+ headers = ["{%s}%s" % (i.c_namespace,
+ i.c_tag) for i in response["header"]]
+ print headers
+ assert _eq(headers,['{urn:liberty:paos:2003-08}Request',
+ #'{urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp}Request',
+ '{urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp}RelayState'])
diff --git a/tests/urn-mace-swami.se-swamid-test-1.0-metadata.xml b/tests/urn-mace-swami.se-swamid-test-1.0-metadata.xml
new file mode 100644
index 00000000..d256a2ab
--- /dev/null
+++ b/tests/urn-mace-swami.se-swamid-test-1.0-metadata.xml
@@ -0,0 +1,1771 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+
+ This file was automatically generated - do not edit
+
+ NOTE WELL
+
+ This file is not signed. The contents of this file should not be used in
+ production environment. No trust should be placed in the objects described
+ by this metadata.
+
+ NOTE WELL
+
+ -->
+<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:shibmeta="urn:mace:shibboleth:metadata:1.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" Name="urn:mace:swami.se:swamid:test-1.0">
+ <EntityDescriptor entityID="https://atmail.it.su.se/shibboleth" xml:base="swamid-1.0/atmail.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB3TCCAUagAwIBAgIJANxweZKmoF/1MA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD2F0bWFpbC5pdC5zdS5zZTAeFw0wOTAzMDYxMjAwMzZaFw0xMDAzMDYxMjAw
+MzZaMBoxGDAWBgNVBAMTD2F0bWFpbC5pdC5zdS5zZTCBnzANBgkqhkiG9w0BAQEF
+AAOBjQAwgYkCgYEArjRI35nDap2bPKSwCTCma3+JocxQH6YwkJG4E7BHwBpoFzbC
+r1vEZeP5feZNb7H1OrO7U/yTMqqLapljeCyHz7tIscnSfE/uRlaJ1rzpY4jEiRpo
+LWKpXOMSc484CDf3n2YERQonP3QHI2q+FyIPPPPyaHmQctKxeuPkH4sO4K0CAwEA
+AaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDAN
+BgkqhkiG9w0BAQUFAAOBgQCl0yPGhsEInSQRCRfAZlS4ZngXPxLpu2j4a6asoo2P
+LnWJfnUPCY81o90j6uNeZ5VEXbRoTi5ZoVjbi2hLzn0XAxRhL8VXrYk6/kduHH1Z
+2KVxwbLyfwYHUZZ2zijZRNiiG2Pi0ICqEjaT0iv4I4J/m7jZDn6vW7h5MELG6cH9
+ew==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://atmail.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Stockholms universitet</GivenName>
+ <SurName>Helpdesk</SurName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://order.kib.ki.se/shibboleth" xml:base="swamid-1.0/order.kib.ki.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB3TCCAUagAwIBAgIJAIJMRwSRhML5MA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNV
+BAMTD29yZGVyLmtpYi5raS5zZTAeFw0wOTAyMTAxMDIyMzRaFw0xMDAyMTAxMDIy
+MzRaMBoxGDAWBgNVBAMTD29yZGVyLmtpYi5raS5zZTCBnzANBgkqhkiG9w0BAQEF
+AAOBjQAwgYkCgYEAvlxRXM/J483VG0epYggM0vfL+vYbmlMigYtUBqHM0skjAnKc
+TtujE1AUY3tmSRRd0Xgl0WpCSI8NTXeJAdi2UZOXP1ws/jSnno/8i99wXusco2Vf
+Q8gBaBUvN5+qx0Rppoxr4QMKijbYPy9ZPFhW9Jk39x8eFixw1aIMWBgF8BMCAwEA
+AaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDAN
+BgkqhkiG9w0BAQUFAAOBgQAKwyqh0ZfM11pMJSCRg6SZ2/d5cWk0KYv1B5S5hdCv
+rQRHv+ED1BUZqNtwRQ7EBgiTo8j7Q+RhAghUTRqV3FPf8SNedrcvHL6zW6dyt5Yx
+MBf3wEO4O3lPkpCpb+FxEYGf0sClPyZBISZLKaI+o7MDeE30FlNf0100Fv9qCEi9
+QQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://order.kib.ki.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">KI</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Karolinska Institutet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ki.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>KI bibliotek</Company>
+ <GivenName>Ylva</GivenName>
+ <SurName>Gavel</SurName>
+ <EmailAddress>ylva.gavel@ki.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://atmail-dev-01.it.su.se/shibboleth" xml:base="swamid-1.0/atmail-dev-01.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB+TCCAWKgAwIBAgIJAKMLZOIZMhLZMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNV
+BAMTHWF0bWFpbC1kZXYuaXQuc3Uuc2Utc2hpYmIuY3J0MB4XDTA5MDMwNTEyMzMz
+OVoXDTEwMDMwNTEyMzMzOVowKDEmMCQGA1UEAxMdYXRtYWlsLWRldi5pdC5zdS5z
+ZS1zaGliYi5jcnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL3asHFQGZX3
+ojnZrBw89ufD1Co/bLyNCgC++XHCCdxgqC4Dup279+45hrVS4J3uyWhFjKx2luff
+88QQ5XS4Bao3lwBbnct5ds83adFxCsS05l20YgSfDydWr6YBcssOq7ZvV/OJdkMI
+a0Uk+i6c+3+ChEVCwEZ9iRJdpuYEBT+3AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsG
+AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEASeqm
+fJn6M79EiZh66eKW+iaszRpXPVvJgr+Bzv0mXZ11IKBdZKRx0LoxcYWlu/RzT2q2
+qgK+ISTg38JgmSq0G2tqQ3M51njLA0Lyj9dTaSkV1r22jQkmh7q6lPeeA+yQ8RF4
+cNel/csgsvm7FfgPWaQyWTGnGzNo0PmNTl7nMoM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://atmail-dev-01.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://atmail-dev-02.it.su.se/shibboleth" xml:base="swamid-1.0/atmail-dev-02.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB+TCCAWKgAwIBAgIJAKMLZOIZMhLZMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNV
+BAMTHWF0bWFpbC1kZXYuaXQuc3Uuc2Utc2hpYmIuY3J0MB4XDTA5MDMwNTEyMzMz
+OVoXDTEwMDMwNTEyMzMzOVowKDEmMCQGA1UEAxMdYXRtYWlsLWRldi5pdC5zdS5z
+ZS1zaGliYi5jcnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL3asHFQGZX3
+ojnZrBw89ufD1Co/bLyNCgC++XHCCdxgqC4Dup279+45hrVS4J3uyWhFjKx2luff
+88QQ5XS4Bao3lwBbnct5ds83adFxCsS05l20YgSfDydWr6YBcssOq7ZvV/OJdkMI
+a0Uk+i6c+3+ChEVCwEZ9iRJdpuYEBT+3AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsG
+AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEASeqm
+fJn6M79EiZh66eKW+iaszRpXPVvJgr+Bzv0mXZ11IKBdZKRx0LoxcYWlu/RzT2q2
+qgK+ISTg38JgmSq0G2tqQ3M51njLA0Lyj9dTaSkV1r22jQkmh7q6lPeeA+yQ8RF4
+cNel/csgsvm7FfgPWaQyWTGnGzNo0PmNTl7nMoM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://atmail-dev-02.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://atmail-dev-03.it.su.se/shibboleth" xml:base="swamid-1.0/atmail-dev-03.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB+TCCAWKgAwIBAgIJAKMLZOIZMhLZMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNV
+BAMTHWF0bWFpbC1kZXYuaXQuc3Uuc2Utc2hpYmIuY3J0MB4XDTA5MDMwNTEyMzMz
+OVoXDTEwMDMwNTEyMzMzOVowKDEmMCQGA1UEAxMdYXRtYWlsLWRldi5pdC5zdS5z
+ZS1zaGliYi5jcnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL3asHFQGZX3
+ojnZrBw89ufD1Co/bLyNCgC++XHCCdxgqC4Dup279+45hrVS4J3uyWhFjKx2luff
+88QQ5XS4Bao3lwBbnct5ds83adFxCsS05l20YgSfDydWr6YBcssOq7ZvV/OJdkMI
+a0Uk+i6c+3+ChEVCwEZ9iRJdpuYEBT+3AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsG
+AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEASeqm
+fJn6M79EiZh66eKW+iaszRpXPVvJgr+Bzv0mXZ11IKBdZKRx0LoxcYWlu/RzT2q2
+qgK+ISTg38JgmSq0G2tqQ3M51njLA0Lyj9dTaSkV1r22jQkmh7q6lPeeA+yQ8RF4
+cNel/csgsvm7FfgPWaQyWTGnGzNo0PmNTl7nMoM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://atmail-dev-03.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://atmail-dev-08.it.su.se/shibboleth" xml:base="swamid-1.0/atmail-dev-08.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB+TCCAWKgAwIBAgIJAKMLZOIZMhLZMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNV
+BAMTHWF0bWFpbC1kZXYuaXQuc3Uuc2Utc2hpYmIuY3J0MB4XDTA5MDMwNTEyMzMz
+OVoXDTEwMDMwNTEyMzMzOVowKDEmMCQGA1UEAxMdYXRtYWlsLWRldi5pdC5zdS5z
+ZS1zaGliYi5jcnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL3asHFQGZX3
+ojnZrBw89ufD1Co/bLyNCgC++XHCCdxgqC4Dup279+45hrVS4J3uyWhFjKx2luff
+88QQ5XS4Bao3lwBbnct5ds83adFxCsS05l20YgSfDydWr6YBcssOq7ZvV/OJdkMI
+a0Uk+i6c+3+ChEVCwEZ9iRJdpuYEBT+3AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsG
+AQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEASeqm
+fJn6M79EiZh66eKW+iaszRpXPVvJgr+Bzv0mXZ11IKBdZKRx0LoxcYWlu/RzT2q2
+qgK+ISTg38JgmSq0G2tqQ3M51njLA0Lyj9dTaSkV1r22jQkmh7q6lPeeA+yQ8RF4
+cNel/csgsvm7FfgPWaQyWTGnGzNo0PmNTl7nMoM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://atmail-dev-08.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://dedserv79.levonline.com/shibboleth" xml:base="swamid-1.0/dedserv79.levonline.com.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDqTCCAxKgAwIBAgIQR6zE+Dd0h7n/xp/glALOXTANBgkqhkiG9w0BAQUFADCB
+xDELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJ
+Q2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UE
+CxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEZMBcGA1UEAxMQVGhh
+d3RlIFNlcnZlciBDQTEmMCQGCSqGSIb3DQEJARYXc2VydmVyLWNlcnRzQHRoYXd0
+ZS5jb20wHhcNMDgxMjMxMDAwMDAwWhcNMDkxMjMxMjM1OTU5WjCBvjEfMB0GA1UE
+ChMWd3d3LnN1LmRlc2lnbm1hbnVhbC5zZTE7MDkGA1UECxMyR28gdG8gaHR0cHM6
+Ly93d3cudGhhd3RlLmNvbS9yZXBvc2l0b3J5L2luZGV4Lmh0bWwxIjAgBgNVBAsT
+GVRoYXd0ZSBTU0wxMjMgY2VydGlmaWNhdGUxGTAXBgNVBAsTEERvbWFpbiBWYWxp
+ZGF0ZWQxHzAdBgNVBAMTFnd3dy5zdS5kZXNpZ25tYW51YWwuc2UwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBAOXSB2UaeXIMM6A3GLYEuJzLon24K7epkJ4+YuhI
+d5f8DkAURzp4ZQSy7xs51NH2sha/PrcJehsax0QqEfM/lZ7HVH0iXx1Rl8Ou2hXE
+69Dm3zCf4TJKXNPrayGhNfq1gWu96COQ2h7rwReQYDcLUZ6aN40fyWyx5fMDp71f
+tHk7AgMBAAGjgZ8wgZwwDAYDVR0TAQH/BAIwADA5BgNVHR8EMjAwMC6gLKAqhiho
+dHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlU2VydmVyQ0EuY3JsMB0GA1UdJQQW
+MBQGCCsGAQUFBwMBBggrBgEFBQcDAjAyBggrBgEFBQcBAQQmMCQwIgYIKwYBBQUH
+MAGGFmh0dHA6Ly9vY3NwLnRoYXd0ZS5jb20wDQYJKoZIhvcNAQEFBQADgYEAyEa5
+yGXa4LSFMNuxnj6s4l9gG+pndoPlUC2c7Ux6dvD6GS17RV5Xq2ZZUk0J9yIoBAnZ
+inwJzduHXWa66JEY8lPf9ir7WKOZ6BcDMfhsYDVRoBoFlStIgXbweoaA/pJbadXH
+qlG83cbyWydqYCCYruAVslAykrwfBXAXdCs4YBs=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dedserv79.levonline.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Emanuel</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Emanuel AB</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.emanuel.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Emanuel AB</Company>
+ <GivenName>Fredrik</GivenName>
+ <SurName>Näslund</SurName>
+ <EmailAddress>fredrik.naslund@emanuel.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://mondo.su.se" xml:base="swamid-1.0/mondo.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEqDCCA5CgAwIBAgILAQAAAAABF+lM7GUwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDIwNTExMTMyOFoXDTExMDIwNTExMTMyOFowWDELMAkGA1UEBhMCU0UxEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEUMBIGA1UEAxMLbW9uZG8uc3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClSBJoeuabz4UK5mlbnydJ2ETrTVWhvpxIeRWXaeuHZHVLDaN2OBy8aLAePUrjtQpVhDFzZJTaqXdXW69R8hnMi+e7/AWXErrgAHxzISqBzYWINR3NxUHuMKmrYrx2FAB/GHE5kcyXhK+FFOO9QHoKGnsY4C5eNy+LEQy85vN7TZbbynJh+wz1Zt/dFCRsG4wjAJ/LKgnzbCOTpStPWBFBs5LwROQfAKeat2J988FRePNk8mpJV3Ul9/mLuFTxTkQH0IsyVe5FFxuDgOleMVY/DPkwusTnbfH6romQ4MGgZjC+868AS4DQZD+6FlPHbo5Exff7e+gz8Ix/dEQf6539AgMBAAGjggFqMIIBZjBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBQRIAkpF6sLIzBkXpn7H6dKD+rxqzA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwFgYDVR0RBA8wDYILbW9uZG8uc3Uuc2UwDQYJKoZIhvcNAQEFBQADggEBAAqtgxC6/5zH9LRXhegr4kfa2FOzPMoxzvzRB4r9WO+57xD2ssX+qufIKZwHxV7zllI8WVq4U85KOkrxxqXn3arv8DRkw5zR0nYVKjkhl/ufWHqUARag8hn14nTDJvvnoRfoV5eq0xP7EYEBg0b67riujYbVpMNQ/OKK+DOKr2bPOv966GyUfX/5hlu1rweOixOcS7kOV+jCkPu80xElv+ARBhqn+4qph6WngFNh4Z/zrnJpuBYHmywmv873kFPauHEZukzFRNCgfmmQhz6OzXSBhT0JpuZG3SbXAtW7g1UMUd+NsTJzMXfPbh1y04GkC1KJmzcqNYuc2L04Q3mNwRY=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mondo.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <SurName>IT och Media</SurName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ <TelephoneNumber>+46 8 161999</TelephoneNumber>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://sakailab2.it.secure.su.se" xml:base="swamid-1.0/sakailab2.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB8TCCAVqgAwIBAgIJAP4MwiI1u4AIMA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNVBAMTGXNha2FpbGFiMi5pdC5zZWN1cmUuc3Uuc2UwHhcNMDcwNDEzMDgyMzI0WhcNMDgwNDEyMDgyMzI0WjAkMSIwIAYDVQQDExlzYWthaWxhYjIuaXQuc2VjdXJlLnN1LnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCij2ONEMrxXluEiQ64CbRCzSxQytiYJZ+v4DEuE4EoLNFXNI6lgRuz4IJeE6Trc8A5k1yvBS8Nd+9XemLESG02z5xcaRI0dyc4SItOcPnsMYI9ionl/ieQmS0Nr3PBM4LPla6MDAQkGblnEdfKQ6Ht5UFI2VGBIAfZEpQezcxiWQIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBABHSliUMz1w1CBX2arDOnAwS61/a2uUMer4fejYGXIl5Ch3j8xtHrTQ5lezjNXYZKMZIT7rraDmqwPJv2SBsrD4CJVY/D5frOSYokfScetjtXIUyzSGqBGZruxEZcDkou9uUacG2AWTvLnUuagH1Xtu9RrWVV1+n/MpKPXgIzKEk</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sakailab2.it.secure.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>joakim.lundin@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://ensky.lhs.se/shibboleth" xml:base="swamid-1.0/ensky.lhs.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDGzCCAoSgAwIBAgIBADANBgkqhkiG9w0BAQQFADBtMQswCQYDVQQGEwJTRTESMBAGA1UECBMJU3RvY2tob2xtMRIwEAYDVQQHEwlTdG9ja2hvbG0xHzAdBgNVBAoTFlN0b2NraG9sbXMgdW5pdmVyc2l0ZXQxFTATBgNVBAMTDGVuc2t5Lmxocy5zZTAeFw0wODAxMDQxMzMyMjdaFw0wOTAxMDMxMzMyMjdaMG0xCzAJBgNVBAYTAlNFMRIwEAYDVQQIEwlTdG9ja2hvbG0xEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEVMBMGA1UEAxMMZW5za3kubGhzLnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2CiFF4kFxQldm58ws8hL5xZ+g9eJ+MyM51AstGYvu1RTcorlVtIZNcGSQQxdKZyh0sSxo7UYrKq5OqByycIxiya5jo7lwVrKZnd7Tto7RThgxiO6G6i3G36osvZiZpFGYgETSVQjh1XknN5n9samtrEqM6p1ASsW8iLmpcjJ0vwIDAQABo4HKMIHHMB0GA1UdDgQWBBSmAaEu+Tmvy3zW9M0oTdY68IlS+TCBlwYDVR0jBIGPMIGMgBSmAaEu+Tmvy3zW9M0oTdY68IlS+aFxpG8wbTELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMR8wHQYDVQQKExZTdG9ja2hvbG1zIHVuaXZlcnNpdGV0MRUwEwYDVQQDEwxlbnNreS5saHMuc2WCAQAwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOBgQClgcpD+e9rYZ7Uk43AJ+Xbg/h7M8kMPzzTnikIGNIR1t+ArCoRxX/YchJ1LtCFEkOBC16HKewBxKoslypESqSOsVMyr3z/TUDvEBUaNbHLmwuD616gZK1Vb9FYAQWHmXBNeWJl09476pMXW3u9MTRL+FXFMjt7IiwIysrEcHht3Q==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://ensky.lhs.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <SurName>Helpdesk</SurName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://shib-sp.kau.se/shibboleth" xml:base="swamid-1.0/shib-sp.kau.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEOzCCAyOgAwIBAgILAQAAAAABGZV7kNAwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDQyODE0NDE0MloXDTExMDQyODE0NDE0MlowbDELMAkGA1UEBhMCU0UxETAPBgNVBAgTCFZhcm1sYW5kMREwDwYDVQQHEwhLYXJsc3RhZDEeMBwGA1UEChMVS2FybHN0YWRzIHVuaXZlcnNpdGV0MRcwFQYDVQQDEw5zaGliLXNwLmthdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwWLmt/yXGpvZePRdurs9d88gTVDwLlDXBjTqTIKVjSqLL/e2wcf4KVySNd1DM2/GDf1+w5GA+gnqsjLHjER98tZIKJ9k8M3Euj1eZGdOnqDmYBd1lv7aqny1H6HI6jGaDzLWh+lyTEZYGVToMPAEqjoa4JL9UVxe8NDf7QUYSfUCAwEAAaOCAW0wggFpMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFMvK6U7CjAuzqDcmFPeN7/Z2O64rMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAZBgNVHREEEjAQgg5zaGliLXNwLmthdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEANiuwG1H0856K8Fyw42L21cA3OpGAgWGYQ8AM+wPlmxIKj8eWWNOgR/xSDNLbSVKBLY76bSLNeDbTpodz0Dxhepv0GEnUWic9qNK7mp3Y0swNLMlr3KvRpoSc3zNqjHu7DeAJvXQO+iiXdLQnwegCEaXPj6HXKOo4nETG43KW3GNLO8fAaCHnBDZqIgBqx/3jCIgIBtwZwAN6F92LTVYkzso6gi9Y15LDkqTUWuw0rTnM2xG/ceXxiLGJJ8cDVhvBpTKTedD6cslNY9DFOXyfbuToQv+4ZyCpYnnGc92CSU0AWmIabqfHozHN6aq9oGzD+/bgg5TSRP6yvb/RQgPICQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shib-sp.kau.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">KAU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Karlstad university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kau.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Karlstad University</Company>
+ <GivenName>Paul</GivenName>
+ <SurName>Scott</SurName>
+ <EmailAddress>paul.scott@kau.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://www.wisum.umdac.umu.se/shibboleth" xml:base="swamid-1.0/www.wisum.umdac.umu.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEIDCCAwigAwIBAgIJAK9QqKCZ3zkPMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNVBAYTAlNFMRkwFwYDVQQKExBVbWVhIHVuaXZlcnNpdGV0MQ4wDAYDVQQLEwVVTURBQzEgMB4GA1UEAxMXc2hpYi53aXN1bS51bWRhYy51bXUuc2UwHhcNMDgwNDA5MTMxODExWhcNMTgwNDA3MTMxODExWjBaMQswCQYDVQQGEwJTRTEZMBcGA1UEChMQVW1lYSB1bml2ZXJzaXRldDEOMAwGA1UECxMFVU1EQUMxIDAeBgNVBAMTF3NoaWIud2lzdW0udW1kYWMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmNj6WbsLMYpYHT4ADVRHbwuAQyFcOae7XyGOi8zBBBr72UP3xK6u1Hp3bt1yLRvt/RbHgCDpOzMmgMaRQ2cdl9Zvv5g/b+linOvMIYGQMPpyfLv2+bUcMVGRJdNLLEIMoLAXPBLxDxe6sFYYZXneJ23N/HcYLqlqAq6tcrRcYSqlg0MtgHb73X9pIGDOVkj4+kXRi8QgctJ6fP4smdjJ/czrit2pxpZVS/YPpd7+7HcNWW+KVBE21n0GiXB3+Xz/UlGDtJVK85xRLEeW968IshsIr2vb5owSw6bmCstJpfFAUnxUkFbSacPRZ6IE5RVwZsIDdU1x5fZWnZ7Go028vwIDAQABo4HoMIHlMB0GA1UdDgQWBBSKDBHqWWDKe3RRfwtFEKDYMT2QkjCBjAYDVR0jBIGEMIGBgBSKDBHqWWDKe3RRfwtFEKDYMT2QkqFepFwwWjELMAkGA1UEBhMCU0UxGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxDjAMBgNVBAsTBVVNREFDMSAwHgYDVQQDExdzaGliLndpc3VtLnVtZGFjLnVtdS5zZYIJAK9QqKCZ3zkPMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgXgMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjANBgkqhkiG9w0BAQUFAAOCAQEADPd7MbU1LuZE1a109E/Aur9gr/A0OI6j4r5ODOlumR7XYKLvzjc8ccTh9//uznSGgxKsfB47YDRi1fNI+LemRfiLXaFex3gTPj0S8bXZtZHnotF9M97HgwXSihEfULhRqWZ/JYw4P96XX22BmAHCfAI6w6ZCxhDcY4ekDuOTKszPd9mdHw798GKqM0S+GRCtk4L0dQfeocWyEYaYI0bXNeJi7MNfmm5Qj9ynruEYKpOQfZ/oTeVmdhxe4T0CgOvygcsMPdYgTMrTItqtwO3vVRTn4ryNQLWtxs7sMF9v93ylUECtDyYoziBoL0qkD/aq7B+Wm9EV7D03jOf47P/LjQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.wisum.umdac.umu.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Umeå University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>UMDAC</Company>
+ <GivenName>Tommy</GivenName>
+ <SurName>Larsson</SurName>
+ <EmailAddress>tommy.larsson@umdac.umu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://beta.augustus.se" xml:base="swamid-1.0/beta.augustus.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB1zCCAUCgAwIBAgIBADANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBiZXRhLmF1Z3VzdHVzLnNlMB4XDTA3MDMwNjEwMDQxNFoXDTA3MDQwNTEwMDQxNFowGzEZMBcGA1UEAxMQYmV0YS5hdWd1c3R1cy5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAspI7ryh7WFO+CWytUzDg4U/WEKsX/ty82lQ31JdBhKkVV66vPRWz81QjzPruL7+dLLDtgcMJNPwNR8BHOHA0R/XlYsePA/GL0iGbwkXRlPs63wELlaj1TiXgtnOBRLrBRHyUIcnrq3c2tVrrUmLp4gifKIHhBgsKwZkDvUN+88UCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQCXjwpqbm73q7ZadtdRLeLCjMspJjHWMGRCJvIb+EqEaO4CFFHFl+XxSUHIkbZk3VUrTZkQ+gQSY649mhsz+TL+saFPRqQQtWIS8okALuVStN0ySkY1NRml8Ou9sq3/CRl77f02Ff5QgemFqQGilmso7XEXhLDL2kOFxKLHBtbQzg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://beta.augustus.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Genuine Text</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Genuine Text</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.genuinetext.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Know Net AB</Company>
+ <GivenName>Ingemar</GivenName>
+ <SurName>Lundström</SurName>
+ <EmailAddress>ingemar.lundstrom@knownet.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://dspace.it.su.se" xml:base="swamid-1.0/dspace.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB3TCCAUagAwIBAgIJAIn9WqXf82qOMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNVBAMTD2RzcGFjZS5pdC5zdS5zZTAeFw0wNzA3MTIxMzQyMTlaFw0wODA3MTExMzQyMTlaMBoxGDAWBgNVBAMTD2RzcGFjZS5pdC5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyYoPpp6u3J8W5IWpucWDj0AsqQ/pQ57t69VPK3zgm1UYD8F5mLiOfS8QnKeQfrwZ9UY3kY6R/T1OQIQ3rO3v/48Kp4lAC6Dc2nHVYGLAWHiv7tE9PxT/JZlj8K7NJRNMhbiciwZvCPUkOSR5X9AL0OKdCHzjt+00iZ4HY5+nsFkCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQC5Iwgi0vCqM9wjQsPNlmcDhd3NtVpTVhLSNjQw7pwGT4Xpfh1OaiMU3IqWJoaiGDXhF4YqPNkt4IDcgR2a+U6j8pTG1WDqRnzmCCNSCLfBcsIKhvm+qbW1sazWdHCWE4Z6ZDPL2Gw88EHmYAgC+2s0Dhun9IueFTdaUpoY2EW21Q==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://dspace.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Jan</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://lists.su.se/shibboleth" xml:base="swamid-1.0/lists.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB1TCCAT6gAwIBAgIJAOsd1P/iHwDdMA0GCSqGSIb3DQEBBQUAMBYxFDASBgNVBAMTC2xpc3RzLnN1LnNlMB4XDTA4MDIxMjEyNTk0NVoXDTA5MDIxMTEyNTk0NVowFjEUMBIGA1UEAxMLbGlzdHMuc3Uuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALnNTH6G15SgAwQHMCa9FLJ4g/MnmZ+2Q0m8ZvXA5OKoLY+7vpH7XrojM2/ziobcPK+pE5UNaNOpVffBUFtibabgXs2N7BUDJWjcvRqk5rxmEoMd1mCRQ6WOATBPdSkZ3xFvs0yy5y+1xRNsBji7gb326dHS/WUIDAw/62dCLG5PAgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAH7Ml0chViQ1GTX4RkL/S8bJpELYqTNBZ7+s7wMOwPF/TxJKeC6yFCkFKx4Ts8uGuJ3Bo3MsetTTUe24WD5aRO76k6p7y/HPs+nk0e0VJKz3NSktKGE/uXt59B/ax1tdVOMuZTGV9GwwlgHOMapYOBylI7Nriufub8Cgtwf4VwgQ=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://lists.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Helpdesk</GivenName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://shibboleth.sys.kth.se/identity" xml:base="swamid-1.0/shibboleth.sys.kth.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>kth.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB6TCCAVKgAwIBAgIJAOWxnEiImxnuMA0GCSqGSIb3DQEBBQUAMCAxHjAcBgNVBAMTFXNoaWJib2xldGguc3lzLmt0aC5zZTAeFw0wODAyMDcwMDI4MDFaFw0xMTAyMDYwMDI4MDFaMCAxHjAcBgNVBAMTFXNoaWJib2xldGguc3lzLmt0aC5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsoH589Je8tY9QKR4fdR5IMw+EOAsGNETKCdap9hqbSKSX5cG8xsJ3wjgxwbe9LbiboKk8GwxU/iSuxtzIa+myfeFkgL/IR0En6lyFvPnJxcNOV2fAVlForH2OPrt/WxeP9AzkzyjzrjOtH6mi4pT7jiHjxKWX7L6vB7rgyTJjHsCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQB3Ktsl6UYCV5YRwJ/gnHndiiUR/kOdaJaC0sv5C1f+uNdBGxJqz6h8W4rKXv6B4m/oDyZY0P7GYY1bZ2fMTnTfVF5MsCscURIIHz8bo+/LoYp/fRQSm/AG2Xz3vJFEMFtKXoGvi9VgcSS1BoBAn2I9oxZTNmTxlmkocYMYXdMopA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.sys.kth.se:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope>kth.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB6TCCAVKgAwIBAgIJAOWxnEiImxnuMA0GCSqGSIb3DQEBBQUAMCAxHjAcBgNVBAMTFXNoaWJib2xldGguc3lzLmt0aC5zZTAeFw0wODAyMDcwMDI4MDFaFw0xMTAyMDYwMDI4MDFaMCAxHjAcBgNVBAMTFXNoaWJib2xldGguc3lzLmt0aC5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsoH589Je8tY9QKR4fdR5IMw+EOAsGNETKCdap9hqbSKSX5cG8xsJ3wjgxwbe9LbiboKk8GwxU/iSuxtzIa+myfeFkgL/IR0En6lyFvPnJxcNOV2fAVlForH2OPrt/WxeP9AzkzyjzrjOtH6mi4pT7jiHjxKWX7L6vB7rgyTJjHsCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQB3Ktsl6UYCV5YRwJ/gnHndiiUR/kOdaJaC0sv5C1f+uNdBGxJqz6h8W4rKXv6B4m/oDyZY0P7GYY1bZ2fMTnTfVF5MsCscURIIHz8bo+/LoYp/fRQSm/AG2Xz3vJFEMFtKXoGvi9VgcSS1BoBAn2I9oxZTNmTxlmkocYMYXdMopA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibboleth.sys.kth.se/shibboleth-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibboleth.sys.kth.se/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">KTH</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Royal Institute of Technology</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kth.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Royal Institute of Technology</Company>
+ <EmailAddress>jbn@kth.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://pp-admin.it.su.se/shibboleth" xml:base="swamid-1.0/pp-admin.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEtDCCA5ygAwIBAgILAQAAAAABGexP22YwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDUxNTExMjA1OFoXDTExMDUxNTExMjA1OFowXjELMAkGA1UEBhMCU0UxEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEaMBgGA1UEAxMRcHAtYWRtaW4uaXQuc3Uuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC6OjuBsS+ovpRix7TUGMEcb+i2oovl8ByI4/zVEhEnxx5+Ge87eWcmysYeWad+HubtiZY72lcaOwCAb4LBKwHr7EzoJeF7+fw4AfprJvbBvsPcc0OMCqzqDrw6PgXizNsQV8e4PaWEKCQctkRaUAxW62rWhJh2rHMy4EIostzUNlZpwQpy78VLylAVCCM1vPJJY0w6D0PJYW6i8kpjzafaghpkNjO0rMNK+gZpW+T6oIwE5cwfKUb0hIBWC8eyczpG7bpp3Vz/Wj8aKcNPsUAMv49qKKNs+J87rQ/BnWaTvFPT65UVdxDuFmtF+pZs0pkhd9zsTjgd7/3smOuBRTzpAgMBAAGjggFwMIIBbDBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBRMpoJHRqciKnJu7I96P/+zer9o3jA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHAYDVR0RBBUwE4IRcHAtYWRtaW4uaXQuc3Uuc2UwDQYJKoZIhvcNAQEFBQADggEBAI3W3fQlz6aTvGwzQkGF1jAwCUruHjj2/Zmxyt1SiagyGDPx0SMIEm6QygWe64UgFmGOrql3eAE/4N7XfqMq6Ue4LO72I3Td6cDKVmR8jO0cjl4Uz0p4FL0gfIB/4HF7fEOGep+0LqITKt5DhG7N43naV+ZYkP0wXzfwFZhkKb95bH3csPGqAs4pwULQpD4bskN9IrwQZeSOsWHOVmrO/6T81W3zrqLwEwx1b9CRteuF6UlKHPSYCcsodl53PLCnAZU8MKXnzGN94d34gg88Es2F4XY6ulPwlr+wKBTlb0lZSH9ScgjSm3uKikSb2S57pLREth398dCkAXSBVbwL3Cg=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://pp-admin.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>SU Helpdesk</GivenName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://www.sub.su.se" xml:base="swamid-1.0/www.sub.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB2TCCAUKgAwIBAgIJAIRfFzH12j9JMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNVBAMTDXd3dy5zdWIuc3Uuc2UwHhcNMDgwNTE0MTQ0NzQ5WhcNMDkwNTE0MTQ0NzQ5WjAYMRYwFAYDVQQDEw13d3cuc3ViLnN1LnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/9u6s9iHrmj7IvMgSpT8UEzo+Wld9S1QKximd7S6vkIf2arFtvC+Wr04ilfgS6Sp4fOXtGoo9nM7rp6CCdg2RNsrrPUrbs/QkLS5kii2lvQgJ+Q+cJNyJBJhUOgczKcF1nax1roIHKoRMrlRaaeYPv2hh4cVWT23gE5sd+L4pgwIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBABcE9tkmR3jTnoWrU5o54zbUKsehvKJozqBrMInvLqwyURkUG2M2jHG+RLtJ0VXBYqtEPbjq0O0kQ6JjAlciMsgv9SVyYryhMjtHZujTalMnRwLF7uWNtR62wY+w53G+7dr9F6cOh4bCXqEN/xs8SoYEymgUBrfKR8SVNxRihZFk</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.sub.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Conny</GivenName>
+ <SurName>Richardson</SurName>
+ <EmailAddress>conny.richardson@sub.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://idp.protectnetwork.org/protectnetwork-idp" xml:base="swamid-1.0/idp.protectnetwork.org.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>idp.protectnetwork.org</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICxzCCAjCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkTELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRleGFzMRcwFQYDVQQKEw45U3RhciBSZXNlYXJjaDEXMBUGA1UECxMOUHJvdGVjdE5ldHdvcmsxGjAYBgNVBAMTEVByb3RlY3ROZXR3b3JrIENBMSQwIgYJKoZIhvcNAQkBFhVjYUBwcm90ZWN0bmV0d29yay5vcmcwHhcNMDcwMjE0MjA1ODA4WhcNMTcwMjExMjA1ODA4WjCBhzELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRleGFzMQ8wDQYDVQQHEwZBdXN0aW4xHTAbBgNVBAoTFDlTdGFyIFJlc2VhcmNoLCBJbmMuMRcwFQYDVQQLEw5Qcm90ZWN0TmV0d29yazEfMB0GA1UEAxMWaWRwLnByb3RlY3RuZXR3b3JrLm9yZzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDQt4HC/EHIKS8a+Qd/4JE20wR91v5N7jh8ScDw6DvZ5RcvHQngXCk6FfCFUAev/dZxR31U4RpvFzCbj3sGB+G1AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTRRyiPTvIDunJKy1+hmlkgl7/G+zAfBgNVHSMEGDAWgBQtFNiF4X/xTkU36JaWVCh08bzGgDANBgkqhkiG9w0BAQUFAAOBgQAm3BTIwg6Lxk3EAoLR2cDfb+jNWAtls7q077Mw3tMXxnuoi0uSo+LC6bPdPjC9YKujSKF34Au0s7y9bfXspClfCmyuviYVOrpVUze2h2MfHUVsKEUo/uivLYuMZjNp6Yrt90AoKPLPF6vU6gLAn6nsR7bhsdIqSXD/93r8HFV3NA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.protectnetwork.org:8443/protectnetwork-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope>idp.protectnetwork.org</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIICxzCCAjCgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBkTELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRleGFzMRcwFQYDVQQKEw45U3RhciBSZXNlYXJjaDEXMBUGA1UECxMOUHJvdGVjdE5ldHdvcmsxGjAYBgNVBAMTEVByb3RlY3ROZXR3b3JrIENBMSQwIgYJKoZIhvcNAQkBFhVjYUBwcm90ZWN0bmV0d29yay5vcmcwHhcNMDcwMjE0MjA1ODA4WhcNMTcwMjExMjA1ODA4WjCBhzELMAkGA1UEBhMCVVMxDjAMBgNVBAgTBVRleGFzMQ8wDQYDVQQHEwZBdXN0aW4xHTAbBgNVBAoTFDlTdGFyIFJlc2VhcmNoLCBJbmMuMRcwFQYDVQQLEw5Qcm90ZWN0TmV0d29yazEfMB0GA1UEAxMWaWRwLnByb3RlY3RuZXR3b3JrLm9yZzBcMA0GCSqGSIb3DQEBAQUAA0sAMEgCQQDQt4HC/EHIKS8a+Qd/4JE20wR91v5N7jh8ScDw6DvZ5RcvHQngXCk6FfCFUAev/dZxR31U4RpvFzCbj3sGB+G1AgMBAAGjezB5MAkGA1UdEwQCMAAwLAYJYIZIAYb4QgENBB8WHU9wZW5TU0wgR2VuZXJhdGVkIENlcnRpZmljYXRlMB0GA1UdDgQWBBTRRyiPTvIDunJKy1+hmlkgl7/G+zAfBgNVHSMEGDAWgBQtFNiF4X/xTkU36JaWVCh08bzGgDANBgkqhkiG9w0BAQUFAAOBgQAm3BTIwg6Lxk3EAoLR2cDfb+jNWAtls7q077Mw3tMXxnuoi0uSo+LC6bPdPjC9YKujSKF34Au0s7y9bfXspClfCmyuviYVOrpVUze2h2MfHUVsKEUo/uivLYuMZjNp6Yrt90AoKPLPF6vU6gLAn6nsR7bhsdIqSXD/93r8HFV3NA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.protectnetwork.org/protectnetwork-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.protectnetwork.org/protectnetwork-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">ProtectNetwork</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">ProtectNetwork</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.protectnetwork.com/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <SurName>Technical Contact</SurName>
+ <EmailAddress>support@protectnetwork.org</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://www2.genuinetext.com" xml:base="swamid-1.0/www2.genuinetext.com.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB3zCCAUigAwIBAgIBADANBgkqhkiG9w0BAQUFADAfMR0wGwYDVQQDExR3d3cyLmdlbnVpbmV0ZXh0LmNvbTAeFw0wNzA2MjgwNzQyMDFaFw0wODA2MjcwNzQyMDFaMB8xHTAbBgNVBAMTFHd3dzIuZ2VudWluZXRleHQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDXrK5K9YE7tnnBVaTMz69QcJjidb7xnIWJdVeC9YYlelV9tFN36p+u7QgK/eG+vRc9Kwh1RUoI0XbuzC5Fdxc5YiMBZgZ2R2JxnYzEcfvdzos3II8RogwyivbLsUT5NU0F4FLjwov1zF1QpoSvGuW1/CJMExRgIp7vW3DVhS5YJQIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBAJTktMXh4KsNDVG1y2LbyetIzFPlBWlFRXlgAtIOR+zjCholmKT3CXm4adUiOPedWrI267c1d26rnWhkJQ8Oy8Z1m7byqR19jwrWVDzOhbr6jjBSevwl1KgswifirFvm8COPZcrliWg95lCuCwDHRH2QDJKzXPDNNmGBh6h3Ka/g</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www2.genuinetext.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Genuine Text</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Genuine Text</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.genuinetext.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Know Net AB</Company>
+ <GivenName>Ingemar</GivenName>
+ <SurName>Lundström</SurName>
+ <EmailAddress>ingemar.lundstrom@knownet.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://lab03.lab.it.su.se" xml:base="swamid-1.0/lab03.lab.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB4zCCAUygAwIBAgIJAKqPtbsIKhS9MA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMTEmxhYjAzLmxhYi5pdC5zdS5zZTAeFw0wNzA1MDIwODA1NDdaFw0wODA1MDEwODA1NDdaMB0xGzAZBgNVBAMTEmxhYjAzLmxhYi5pdC5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvwFbKHSn0UpnszEG7YuVxKj+ZXKfsbcOJqHSiZMhGemw4CWc+ExXYFPDTSaphqatht3q17u9CFUkpygMo2HUWLWO5Zdk2lgpnhnT2B1xk8esRS0yjCwE0Gv9QewxaSCS+e+i5cMsXVhXD5zkBIKmW10p59YJ0qPwkRuwTcs02uUCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQB10thLCTHsz++ZC5far37xRlor/7BF3o86JBtyqXNdYszFxgWYOILxC/rYiCxZr8ON1QKQ3ZNj+sZxZm1/fAQl+4hNCs1XgvoLRqK/eW4DHZLZWjQyn9+aHI1+ADkpzARLbJf5TQCJeJSmp+f3YIbqJQptXIGcBvLBSoe1R7Drag==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://lab03.lab.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Mattias</GivenName>
+ <SurName>Amnefelt</SurName>
+ <EmailAddress>mattiasa@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://calsrv1.it.secure.su.se" xml:base="swamid-1.0/calsrv1.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB7TCCAVagAwIBAgIJALw0kc74UYP+MA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNVBAMTF2NhbHNydjEuaXQuc2VjdXJlLnN1LnNlMB4XDTA3MDUyMjA3NDA0OFoXDTA4MDUyMTA3NDA0OFowIjEgMB4GA1UEAxMXY2Fsc3J2MS5pdC5zZWN1cmUuc3Uuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKVMn+fnnV8w2GuB1KMm6gEiZqqCBrHWWUDK5SEVDy6rT2qK/VkuxyxvDPFXdd8kbpaOpqxMcy+J4QvS74xkOSKHF8ISTvX9328cU1pUe9u7Gd5C37zD5OgAUqIVq1GwvZHrSstZuoF/4LQoJJbEBquwGGd8tldflGEJtcxb7iP7AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAoFPwC0awA7gYbfZPCtUpHmly4cc8utYSgjb+rsTFGuYu5V7Ec5/o1F73vsibmRufBRyczQsX9oeNHENawKmka/0JUo1FTyTI0yN1or7LhW8mAle+80o5EVd/Xa5yP4jof+/Ey79UeLG+CuJbRiH0f9kO1e4r/fFGP60Ck76CeoU=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://calsrv1.it.secure.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Mattias</GivenName>
+ <SurName>Amnefelt</SurName>
+ <EmailAddress>mattiasa@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://samsok.libris.kb.se/shibboleth" xml:base="swamid-1.0/samsok.libris.kb.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB5TCCAU6gAwIBAgIJAKMZgDG7eScnMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNVBAMTE3NhbXNvay5saWJyaXMua2Iuc2UwHhcNMDcxMTA3MDk0MzI5WhcNMDgxMTA2MDk0MzI5WjAeMRwwGgYDVQQDExNzYW1zb2subGlicmlzLmtiLnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCydaK46C816+A1I6Ykb9AvLf0rfYlhFT6vMe0a3DM7A0HovsWl8HThJwQNTGSDowty1svAlRgBU5gQKuCA9ruc7XZi7pn0vuVgtayVvkoh9adN/8QVFvz2KY0uux7M2ewyQ+R2PA/w58LJa996RQlcHeDAdQFfg87nUFQEZauy5QIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBAHFDEp8qHZKfS1RQDYvG/pYJZ/0PHRcoDK5J2GGpQ4/SIsJBbtF/2uWLVfywNDYIP7DruWxHUOLaNE6ovJ9S1+RGi8iix8I44/Nh0EjyyQqU8w8IoyDdzUUV9fBZ2BWz0JvFT4uBZDR2b3keXr2OlxYphbx3ikXpwZrVzWQq6mKm</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://samsok.libris.kb.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Libris</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Libris</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kb.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Kungliga Biblioteket</Company>
+ <GivenName>Arvid</GivenName>
+ <SurName>Oja</SurName>
+ <EmailAddress>arvid.oja@kb.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://shibidp.uu.se/identity" xml:base="swamid-1.0/shibidp.uu.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>user.uu.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB0TCCATqgAwIBAgIBADANBgkqhkiG9w0BAQUFADAYMRYwFAYDVQQDEw1zaGliaWRwLnV1LnNlMB4XDTA3MDUwODEwNDY1MFoXDTA4MDUwNzEwNDY1MFowGDEWMBQGA1UEAxMNc2hpYmlkcC51dS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzGH4thr/rDNTlJ3TsiWJVn+2iyzT6Up6ovHXYmNvhltZ3+hmrtdnbCqQY4qukpBO88JDZ23PiVLJq4uR0UGwGsyz8Pv9xQo+N9v+LchgL0iGgjdN7ocrNGj4GZjtuJwyzi83QvAct7wVkkXi5aAmF8nJkRSvUTXWqhJxOiFztb8CAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQCd/cI5uIl8XgRP/dtC5veRO3m7phwQworwQMruTHgWvLL5cJ6Sh18dPOVZmHz/Hcldh0qeqPvL41oXe+84oMdscMHNGIUngj4tLywAwosjQiNGX9yqfxjUKqhuHJUcxZ0tEZHJZB+WEPybvVULvSUXa4ldQaKs4iRDPdCLHwCcQw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.uu.se:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope>user.uu.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB0TCCATqgAwIBAgIBADANBgkqhkiG9w0BAQUFADAYMRYwFAYDVQQDEw1zaGliaWRwLnV1LnNlMB4XDTA3MDUwODEwNDY1MFoXDTA4MDUwNzEwNDY1MFowGDEWMBQGA1UEAxMNc2hpYmlkcC51dS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzGH4thr/rDNTlJ3TsiWJVn+2iyzT6Up6ovHXYmNvhltZ3+hmrtdnbCqQY4qukpBO88JDZ23PiVLJq4uR0UGwGsyz8Pv9xQo+N9v+LchgL0iGgjdN7ocrNGj4GZjtuJwyzi83QvAct7wVkkXi5aAmF8nJkRSvUTXWqhJxOiFztb8CAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQCd/cI5uIl8XgRP/dtC5veRO3m7phwQworwQMruTHgWvLL5cJ6Sh18dPOVZmHz/Hcldh0qeqPvL41oXe+84oMdscMHNGIUngj4tLywAwosjQiNGX9yqfxjUKqhuHJUcxZ0tEZHJZB+WEPybvVULvSUXa4ldQaKs4iRDPdCLHwCcQw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shibidp.uu.se/shibboleth-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shibidp.uu.se/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Uppsala University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.uu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Uppsala Universitet</Company>
+ <SurName>IT Stöd</SurName>
+ <EmailAddress>shibboleth-datordrift@its.uu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://public.it.secure.su.se/shibboleth" xml:base="swamid-1.0/public.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEvjCCA6agAwIBAgILAQAAAAABFmvKK3EwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3
+MTEyMzA5MTUxOVoXDTEwMTEyMzA5MTUxOVowYzELMAkGA1UEBhMCU0UxEjAQBgNV
+BAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEf
+MB0GA1UEAxMWcHVibGljLml0LnNlY3VyZS5zdS5zZTCCASIwDQYJKoZIhvcNAQEB
+BQADggEPADCCAQoCggEBANux9UY7pUlBpN3lxrQWXjZ00DK1xzfcQEEC6LKspVYe
+GJsAiFRc+SMop1Cnc4YiOddStc9+IDRKwb73vHx/GFtnI7Zb1qIXpJ0M0ZrfGidA
+tztvxyCH4XfUtkt5FN7ddC5BliOyiMe3zyj8iFI+9nNfD78Y6j/3fE6WrvUJc/4d
+DDPRZTe6TrGUNBkciAJ6oacr4OpQZbfCfj+a2Yn7cOPR1zd6F8AlZJFq7Ar10GyK
+tyO9vtRYohrFPtyWzAcKtWviLqhMqtD7lJ0YhWWWG3v0urf4oEuV61V+kYdVkWfq
+e+IEYZE7PHh3KtlsAxR77MEGAOMUJBpSV0SwqYR1DW0CAwEAAaOCAXUwggFxMFAG
+A1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmds
+b2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAw
+HwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFPdeIF2l
+bPoooNDO34RQ7onNPa8+MDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xv
+YmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/Bggr
+BgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1
+Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAhBgNV
+HREEGjAYghZwdWJsaWMuaXQuc2VjdXJlLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IB
+AQAfFkW7oYLUfXyNkUeY0JhCRjyyjrqb9fhRNRsvB1VjTrHAv631Md9wUtMMb4+t
+aZTPnVsLtDlHA35spsrOMbW+9oDQ06SuKG3DV5WMSF8ikOMuKhlPdLK9+PPm3dHW
+A2A0TrQm1vGjxAOnswwqqEubsyxkmudvN2K+TIsX0H95rxQu3LgJsd0waABo6MmU
+eL583SvdxpG2Lm7xlIlcIH8jxWku6Mdr4ddGInUTlMsDuNnHXkVhVnnKZbw1vR/G
+c7BUOAsMn/LFsWGiq4tSa3HLbBcmEp2wS6Ige0RvRXqlks3NFiJmkQCtTsaf2W3A
+oVTP6ALo3SBZB1UvM5yfdUek</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://public.it.secure.su.se/shibboleth/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Leif</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://downloads.channel8.msdn.com/shibboleth-sp" xml:base="swamid-1.0/downloads.channel8.msdn.com.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEEDCCA3mgAwIBAgIQN06OsbviIojJc+SBPDreGzANBgkqhkiG9w0BAQUFADCBzjELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3duMR0wGwYDVQQKExRUaGF3dGUgQ29uc3VsdGluZyBjYzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2aWNlcyBEaXZpc2lvbjEhMB8GA1UEAxMYVGhhd3RlIFByZW1pdW0gU2VydmVyIENBMSgwJgYJKoZIhvcNAQkBFhlwcmVtaXVtLXNlcnZlckB0aGF3dGUuY29tMB4XDTA3MTAwOTAwMDAwMFoXDTA4MTAwODIzNTk1OVowgZAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xFDASBgNVBAsTC0NFUlRJRklDQVRFMSQwIgYDVQQDExtkb3dubG9hZHMuY2hhbm5lbDgubXNkbi5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCfyRQMTqYbgXsPNT2qgSnbF8qIkt1jsZ3rrT3s8ILtoYGSH6LgC7ILO/+Zktr5gBt84CMVmDY/XJ0jsN8NOzlBTD4yhpiaKxSABxSvyAHHTuzFBnXiGiLd4Pcw86vtaoBZ6srUBlrTwuvjIBBCB/g7L/aOUWAHEXUgXdi/yHi4jLZe/37lH0Wpfz/49NiesaIPRCZ8hYwYGnbVFr1BStSFztsM5YQFH3XabRF5XzapD8Gct1PwFCnyNdRvo2OXCrPLlEEBB+Y6+tNOwKOtqWtFsaUnURQWh/lf7sSHa+XrbI/Kne3ygVuEi3N5fqJaSo5unMBBPrrXR0ZZNV04Xqm7AgMBAAGjgaYwgaMwDAYDVR0TAQH/BAIwADBABgNVHR8EOTA3MDWgM6Axhi9odHRwOi8vY3JsLnRoYXd0ZS5jb20vVGhhd3RlU2VydmVyUHJlbWl1bUNBLmNybDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwMgYIKwYBBQUHAQEEJjAkMCIGCCsGAQUFBzABhhZodHRwOi8vb2NzcC50aGF3dGUuY29tMA0GCSqGSIb3DQEBBQUAA4GBALUFY4LBe1RA6yi+6jYgfqDP+8qnlVcTdYV9a9eJyrJvDZd8eMZqKuvAT9UXQeMSqbxZcgIn8GPEkCTX3HsuQChoZFadYsBWOha1je24YMZTSkouCE3W8yBR4XOFEs+bSTRT3KgVDqcKdr1Yf6FrxJzaVyKjMjWD3lNSYimR4opC</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://downloads.channel8.msdn.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.dreamspark.com/Shibboleth.sso/SAML/POST" index="2"/>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.dreamspark.com/Shibboleth.sso/SAML/Artifact" index="3"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">STT</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Student Tech Toolbox</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">https://downloads.channel8.msdn.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <GivenName>STT Support</GivenName>
+ <EmailAddress>stt@9starresearch.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>STT Technical</GivenName>
+ <EmailAddress>stt@9starresearch.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Bruce</GivenName>
+ <SurName>Curling</SurName>
+ <EmailAddress>bcurling@microsoft.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://idp.lhs.se/identity" xml:base="swamid-1.0/idp.lhs.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>lhs.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIByzCCATSgAwIBAgIBADANBgkqhkiG9w0BAQUFADAVMRMwEQYDVQQDEwppZHAubGhzLnNlMB4XDTA3MTAwMTExMjExOFoXDTA4MDkzMDExMjExOFowFTETMBEGA1UEAxMKaWRwLmxocy5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtSdeqn5nVMW4+ctoX2rGMh/o62G6qypOuVIWnKLK10B+pZ7bw8bqJ17zjVqjDKxNvX5QyPXD/mp+K1MPjCfw6Hgf6n2acXiXVXOZPQ+858dBmLzIl3fJAh+t7V3mdbT/PcjgMtgbCWZ48N0xquknoXS2KUOru0W7voTuHxqDOMUCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQAUAndrDJLIPtAmRnE1PmfQpMkO0Cn2HofaiWmmtG6n/IfGFql1cuyTSl9a2kMkHRNK1POUC7fypNmSFhBBxtvtdohCAJLoSKpZXd9KdE5tN2YgMlUFIfPd+2gVD4adgtKNspWQIp5uo83K5RQqSFdJrtQhmB8GjGbR3lRGzu46lg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.lhs.se:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope>lhs.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIByzCCATSgAwIBAgIBADANBgkqhkiG9w0BAQUFADAVMRMwEQYDVQQDEwppZHAubGhzLnNlMB4XDTA3MTAwMTExMjExOFoXDTA4MDkzMDExMjExOFowFTETMBEGA1UEAxMKaWRwLmxocy5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtSdeqn5nVMW4+ctoX2rGMh/o62G6qypOuVIWnKLK10B+pZ7bw8bqJ17zjVqjDKxNvX5QyPXD/mp+K1MPjCfw6Hgf6n2acXiXVXOZPQ+858dBmLzIl3fJAh+t7V3mdbT/PcjgMtgbCWZ48N0xquknoXS2KUOru0W7voTuHxqDOMUCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQAUAndrDJLIPtAmRnE1PmfQpMkO0Cn2HofaiWmmtG6n/IfGFql1cuyTSl9a2kMkHRNK1POUC7fypNmSFhBBxtvtdohCAJLoSKpZXd9KdE5tN2YgMlUFIfPd+2gVD4adgtKNspWQIp5uo83K5RQqSFdJrtQhmB8GjGbR3lRGzu46lg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.lhs.se/shibboleth-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.lhs.se/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">LHS</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lärarhögskolan</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lhs.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Lärarhögskolan</Company>
+ <EmailAddress>info@lhs.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://mondo-web.it.su.se/shibboleth" xml:base="swamid-1.0/mondo-web.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB4zCCAUygAwIBAgIJAN5zNlbssq13MA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMTEm1vbmRvLXdlYi5pdC5zdS5zZTAeFw0wODA0MDIwNzI3MTZaFw0xNjA2MTkwNzI3MTZaMB0xGzAZBgNVBAMTEm1vbmRvLXdlYi5pdC5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA92ZD35RNWkg5x8yaykgO4gAU2j7VPrCfl9ut461Tai9XFRyK+OWp5Ln+hXguW7VylGTfcEbOjjh51gAvxX310OwiohlLXmnBdwjfMmIhv8tOjHOjlZQSuYSGC0TFCvHJu/9cvJ285S1Itcg0iqTZWhC7fOlXyEBCTBTC5dHZr2sCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQDtazBSwFaLjM2ac/Zup8SCVouGN10jYpvpMfLZWtiThdLJS1Q0q2ayq91V8kMp02Y1Wt3ruZNbC3SE0U5CvAX/KpJaYuaFJWJO7YXvfeIJwau3ZmTG4CFlf0mjd419TWErju6PXeo6wcsmaZ6vEuse7fj3596LiC6sXwry+nNzUg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://mondo-web.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <SurName>IT och media Helpdesk</SurName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://idp.hig.se/identity" xml:base="swamid-1.0/idp.hig.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>hig.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEjTCCA3WgAwIBAgILAQAAAAABF3zoubQwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDExNTEwMDUwMloXDTExMDExNTEwMDUwMlowPjELMAkGA1UEBhMCU0UxGjAYBgNVBAoTEUhvZ3Nrb2xhbiBpIEdhdmxlMRMwEQYDVQQDEwppZHAuaGlnLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVJwkvrkl/JSBQKx95eRku9iUK8odClbfPr4AlDANP+b2mWYiUaSxoXu+SJkUO/HDtBDmcghRvGHYyv6YLXANk17bzV7PemQb4zA0plyKaurqY6M1FLx5RNEXDplElriWQsDA0Tyuhoz6t/uZpHETngtHpu7NlxWsyONUxeR7Cf6r2DjqiRBn76kI+8G1HBfTHf0xCGZmPWYewJzH1dnFT4pUaWu6psqhGMmZ5jgb0cDyVOz+sKcDp7MlMfQG/vziUySepAKfKSer7Dr84bVUIsa8C+ikQF582Q33Zuunpm+hJRDntXTA3ZJdmK38muiVaSBa70oL+ri7ZcnIceVWwIDAQABo4IBaTCCAWUwUAYDVR0gBEkwRzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUc6OwpqVR5fUo66R7/PzCQUtL1mswOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25hbC5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBUGA1UdEQQOMAyCCmlkcC5oaWcuc2UwDQYJKoZIhvcNAQEFBQADggEBAGYIiDLBZooLBBfMbHTA/aU6Vf2lD8++0uZ/pDsO0fHT52dhLB/zVOxQoJvs7P8z4VOQYM60N4iC18cOrEmt9//8V+4OzLnkrGKrr7xDuc6JBpHkMTUiYozHCPPOCAgmf/OZmCEnWc+ne0dHx+A+ThJy9PEebN2yvjs307dP/GFgWSjXKKGVVLnJ2G9/bYn/gTi51/etdbbC0oXZ7GnV2fEI2IhU18IacIogt0RODek8hnEEfSBBEvS7Yb+g/NPZsdM3NiKs486221H7eF0MllYb+Z68AKqtOv+bJZyXnmYaoyENgNrEyIHrd5rGeACUjq4u31pt2dlMWuPW1O/xbf0=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hig.se:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope>hig.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEjTCCA3WgAwIBAgILAQAAAAABF3zoubQwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDExNTEwMDUwMloXDTExMDExNTEwMDUwMlowPjELMAkGA1UEBhMCU0UxGjAYBgNVBAoTEUhvZ3Nrb2xhbiBpIEdhdmxlMRMwEQYDVQQDEwppZHAuaGlnLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVJwkvrkl/JSBQKx95eRku9iUK8odClbfPr4AlDANP+b2mWYiUaSxoXu+SJkUO/HDtBDmcghRvGHYyv6YLXANk17bzV7PemQb4zA0plyKaurqY6M1FLx5RNEXDplElriWQsDA0Tyuhoz6t/uZpHETngtHpu7NlxWsyONUxeR7Cf6r2DjqiRBn76kI+8G1HBfTHf0xCGZmPWYewJzH1dnFT4pUaWu6psqhGMmZ5jgb0cDyVOz+sKcDp7MlMfQG/vziUySepAKfKSer7Dr84bVUIsa8C+ikQF582Q33Zuunpm+hJRDntXTA3ZJdmK38muiVaSBa70oL+ri7ZcnIceVWwIDAQABo4IBaTCCAWUwUAYDVR0gBEkwRzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUc6OwpqVR5fUo66R7/PzCQUtL1mswOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25hbC5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBUGA1UdEQQOMAyCCmlkcC5oaWcuc2UwDQYJKoZIhvcNAQEFBQADggEBAGYIiDLBZooLBBfMbHTA/aU6Vf2lD8++0uZ/pDsO0fHT52dhLB/zVOxQoJvs7P8z4VOQYM60N4iC18cOrEmt9//8V+4OzLnkrGKrr7xDuc6JBpHkMTUiYozHCPPOCAgmf/OZmCEnWc+ne0dHx+A+ThJy9PEebN2yvjs307dP/GFgWSjXKKGVVLnJ2G9/bYn/gTi51/etdbbC0oXZ7GnV2fEI2IhU18IacIogt0RODek8hnEEfSBBEvS7Yb+g/NPZsdM3NiKs486221H7eF0MllYb+Z68AKqtOv+bJZyXnmYaoyENgNrEyIHrd5rGeACUjq4u31pt2dlMWuPW1O/xbf0=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.hig.se/shibboleth-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.hig.se/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">HIG</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Högskolan i Gävle</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.hig.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Högskolan i Gävle</Company>
+ <EmailAddress>Patrik.Carlsson@hig.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://kurssystem.theducation.se/shibboleth" xml:base="swamid-1.0/kurssystem.theducation.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDTTCCAragAwIBAgIDCCIdMA0GCSqGSIb3DQEBBAUAMFoxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNFcXVpZmF4IFNlY3VyZSBJbmMuMS0wKwYDVQQDEyRFcXVpZmF4IFNlY3VyZSBHbG9iYWwgZUJ1c2luZXNzIENBLTEwHhcNMDgwNDAzMTQ0MjQ5WhcNMTMwNDAzMTQ0MjQ5WjCBvDELMAkGA1UEBhMCU0UxGTAXBgNVBAoUECoudGhlZHVjYXRpb24uc2UxEzARBgNVBAsTCkdUNzA3NjI3MjExMTAvBgNVBAsTKFNlZSB3d3cucmFwaWRzc2wuY29tL3Jlc291cmNlcy9jcHMgKGMpMDgxLzAtBgNVBAsTJkRvbWFpbiBDb250cm9sIFZhbGlkYXRlZCAtIFJhcGlkU1NMKFIpMRkwFwYDVQQDFBAqLnRoZWR1Y2F0aW9uLnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4Pzl5pjvT/SsuiWwP0z8+8r5BrbCuj8EqOipkuzGrGDf4tX99KZ3Th3A5oj+F0/Q+zvoahsjaNDApl+c4/1MSkFJ4zwvVzD6gKUT9IjNhvgo76AiESGc4H3Q9Cx5eOHlW3PZb52OReQHfMJE1fSEbkblcKN9My4jw8daHKUWa4QIDAQABo4G9MIG6MA4GA1UdDwEB/wQEAwIE8DAdBgNVHQ4EFgQUd0McrJB/XWAUvjR8pI3+KgMBVyQwOwYDVR0fBDQwMjAwoC6gLIYqaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9nbG9iYWxjYTEuY3JsMB8GA1UdIwQYMBaAFL6ooHRyUGtEt8kj2Puo/7NXa2hsMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBBAUAA4GBAH9cyYy0MRdMkX1epA9L21g5gN0l6spUrUB59dmtp0g68Be+I6mLoeCcfY9h6g+6FIxLcs0Q9rK9fZeHdtfZ9DW8t4IqzYhY9GMgpKVnn3mt/K4tJKT1MAc//6UbHUtmqt7ESKx1aZF92zJCCKD1ZBTE6tV7mpzLyR4XW/ZbKAWZ</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://kurssystem.theducation.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">TheEducation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Education</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.theducation.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>The Education AB</Company>
+ <GivenName>Niklas</GivenName>
+ <SurName>Hahn</SurName>
+ <EmailAddress>niklas.hahn@theducation.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://datordiagnos.theducation.se/shibboleth" xml:base="swamid-1.0/datordiagnos.theducation.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDYzCCAsygAwIBAgIDCpCbMA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNVBAYTAlVT
+MRwwGgYDVQQKExNFcXVpZmF4IFNlY3VyZSBJbmMuMS0wKwYDVQQDEyRFcXVpZmF4
+IFNlY3VyZSBHbG9iYWwgZUJ1c2luZXNzIENBLTEwHhcNMDkwMTI4MjExOTIzWhcN
+MTAwMzMwMjAxOTIzWjCB0jELMAkGA1UEBhMCU0UxJDAiBgNVBAoTG2RhdG9yZGlh
+Z25vcy50aGVkdWNhdGlvbi5zZTETMBEGA1UECxMKR1Q4NzcwNjg0MDExMC8GA1UE
+CxMoU2VlIHd3dy5yYXBpZHNzbC5jb20vcmVzb3VyY2VzL2NwcyAoYykwOTEvMC0G
+A1UECxMmRG9tYWluIENvbnRyb2wgVmFsaWRhdGVkIC0gUmFwaWRTU0woUikxJDAi
+BgNVBAMTG2RhdG9yZGlhZ25vcy50aGVkdWNhdGlvbi5zZTCBnzANBgkqhkiG9w0B
+AQEFAAOBjQAwgYkCgYEA4l35wegbwf4A2r9UxAAouQ8RtWt+lULu6ozCUBuDece4
+AjFxXak+PWLRMwhzqIatHGUqV1dmxHTswKjGvADiJELUvONZYrX7x1iK9ujOmUfX
+HaaWHWTU2xNu7kYviOVgVGTI6d0nQgIslOUzm0iQjPQatqz5BmhiMZEkUCbEAKUC
+AwEAAaOBvTCBujAOBgNVHQ8BAf8EBAMCBPAwHQYDVR0OBBYEFPsryoJD8yOSdDRA
+D1HJocGqUnSjMDsGA1UdHwQ0MDIwMKAuoCyGKmh0dHA6Ly9jcmwuZ2VvdHJ1c3Qu
+Y29tL2NybHMvZ2xvYmFsY2ExLmNybDAfBgNVHSMEGDAWgBS+qKB0clBrRLfJI9j7
+qP+zV2tobDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwDAYDVR0TAQH/
+BAIwADANBgkqhkiG9w0BAQUFAAOBgQA2j+xNoRdgGbDFgL0n+SzC8IJahAb+VFX6
+xOTDiLnVeyapjtQ1RxxPOdXCxssw/1AiEqia2jd2jueShPFnuMds6dKlWkowkuhz
+U5Jei29sH75lhE7LTrMijuDV+YxqhwxX8VXCbX8bG3OIkYJpHPg597UpESNtBIIT
+m9IladK+fg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://datordiagnos.theducation.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">TheEducation</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">The Education</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.theducation.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>The Education AB</Company>
+ <GivenName>Niklas</GivenName>
+ <SurName>Hahn</SurName>
+ <EmailAddress>niklas.hahn@theducation.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://toylan3.umdc.umu.se/shibboleth" xml:base="swamid-1.0/toylan3.umdc.umu.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDmTCCAoGgAwIBAgIBATANBgkqhkiG9w0BAQQFADA3MREwDwYDVQQKEwhUZXN0U2hpYjEiMCAGA1UEAxMZVGVzdFNoaWIgU2VydmljZSBQcm92aWRlcjAeFw0wNzAzMDgxNTM3MjZaFw0wOTAzMDgxNDM3MjZaMFUxETAPBgNVBAoTCFRlc3RTaGliMSIwIAYDVQQLExlUZXN0U2hpYiBTZXJ2aWNlIFByb3ZpZGVyMRwwGgYDVQQDExN0b3lsYW4zLnVtZGMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfM9MoLpJxjRj5uRYnNGLZA8fme2UjKKvmONqPC1l+N1HStnlvwh/kfT4GQUK6JE2CgCqLlUJFBO1B3G5CRPI1A+P4ZKfM6P8JxQxhi7cy/2EwkPVyWwYhdkblLpUHG9fAQ1Db2Ly3DHvEeRhwJvTFWbszK1qQYkLEBOfeH96oQh/sR8PeIWl29VrGv8iBl9eYEMV+N9EXpv+RA/4OoHw5gKvxEaisXudvjPcqTfzi+05jUqtIWvTkhqLyLEFqGqwozbY6/xqKHOAMEGjL0Xiz4TnXBEtBLCIFAJUKhh5nNzD0IQdyfsIVt+dvGQ5dWulG/7lQEEfOp2eHnM1/BGbwIDAQABo4GRMIGOMB0GA1UdDgQWBBRkimJZ51LPqunOKtZDS5D1+ZGarDBfBgNVHSMEWDBWgBRkimJZ51LPqunOKtZDS5D1+ZGarKE7pDkwNzERMA8GA1UEChMIVGVzdFNoaWIxIjAgBgNVBAMTGVRlc3RTaGliIFNlcnZpY2UgUHJvdmlkZXKCAQEwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQQFAAOCAQEAWtfBvtBEnBv55fG1204OmkimhP8p9M77Us6a3hwkXYLd1vKh+tA6XfPeKdHOZtLQoaUqa9j5xl6sbvGDhOrH4YOJCMheDICEolBRku0MyI5PJRMTlIE4Wu3B/v9p+J3jMeFgX0ZSH01EqeVuwtI1SiaLditmVYm//T19Q5ByArp0ccT+L6ly+p0BMnkDILJusTW8kRYTrk63kC8SepIQUNdQo7af1t5jtBn6o0+xx23QlQ13tx5WBbdT4AHaKZ/4NXEwvVCmr+myQKY0FH13453cRRwLleAQPHOkGO81eAo/9DPv6Udbjx4QBMYlObRQRzMLz3kjuGkhemYpVSu78A==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://toylan3.umdc.umu.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Umeå University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>UMDAC</Company>
+ <GivenName>Tommy</GivenName>
+ <SurName>Larsson</SurName>
+ <EmailAddress>tommy.larsson@umdac.umu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://sp1.lab.it.su.se" xml:base="swamid-1.0/sp1.lab.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB+jCCAWOgAwIBAgIRAJVCJLoWBVtmqwrsh0psrA0wDQYJKoZIhvcNAQEFBQAwGzEZMBcGA1UEAxMQc3AxLmxhYi5pdC5zdS5zZTAeFw0wNjExMjcwODI4MDFaFw0wNjEyMzEyMzAwMDBaMBsxGTAXBgNVBAMTEHNwMS5sYWIuaXQuc3Uuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJHpeBYXpgvcLYDnlnJsATNVkEHzLsVga22m+Om1/32yCLnhH7DMlbhbaMb1r1oAX53O5rXXv5CX8AGR5rXkrADTO00LX7ChxFs3P6PhgQ/EnrSe0V71Armi82SAOHjzQkeWwjkxhLqLyWy7Y3Jw82VfBrAovUua7y+w21IGJtIJAgMBAAGjPjA8MA4GA1UdDwEB/wQEAwID6DAqBgNVHSUBAf8EIDAeBggrBgEFBQcDBAYIKwYBBQUHAwIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4GBAFTiOOdKyQ+F9k++RqYiAkYYu/pXGwcl8vfhRTFX9Mnlzy/zy/ffDVBRRvhQPd0Lqm7mj/mkg1etLMb3S2fdWBa1pUeFQtSUxMqoACAngIdr+piFsbhu4u9UPUOdD8m9scpqQ1AusGxUmCBClEElZRtmqO9UwL7hD/fVE4TRU+a4</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp1.lab.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Leif</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://hr-sso.pb.su.se/shibboleth" xml:base="swamid-1.0/hr-sso.pb.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEsDCCA5igAwIBAgILAQAAAAABFmJUXjMwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3
+MTEyMTEzMTAwNFoXDTEwMTEyMTEzMTAwNFowXDELMAkGA1UEBhMCU0UxEjAQBgNV
+BAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEY
+MBYGA1UEAxMPaHItc3NvLnBiLnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEA6nJtfAvJ3JnERGef+Nukx94z98YailSaHC6kwm2iWy75PJQF3wS+
+7ZUCyK19nIYjBUWHyGf5+jCa7B7hIJCjEfYSII6JIn+fkX5WZAuhuSIP8YnlHMiF
+gqCEB6QVs99YEjsOVcHdNlhCFhbLQviItaA90aLdFTXN3PIulguG/PFP5kfui0To
+epO5Ko9j2eCboDRhrS/G+Hq4ulALBigu1GT5zJinGYOtcV/0noTbv2iS8H20N4gM
+Dt0ej3CCCSMk2Gr/P/IQEjOpHfR4IHle4JWhOkPjJrRpMc5vusvAOAH8S/TpvB3y
+jpbhQtBnOhtY921vX0jPMIT0c3KsefqZDQIDAQABo4IBbjCCAWowUAYDVR0gBEkw
+RzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2ln
+bi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSME
+GDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUfU0a2PdASTZigfkX
+Ce/k93IclTAwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWdu
+Lm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAC
+hjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25h
+bC5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBoGA1UdEQQTMBGC
+D2hyLXNzby5wYi5zdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAJumC9GPp4iTr8iI1
+VlYDEHunB0Ly7ij3okLwkNk4NWIoFfFt4DJNj4i6GDWjOisk1OoFQOKYv8pw3HZw
+SHPfcgeGE/LqgF0zxqw+xHw1ND/MEavfnS5pZ/7FCEkoTCHvSImuRn/0fmV8DtQI
+xlcHgQs3YwfCaqFPuTo/VPDTJcbS1UvH3A8SWzqP4CgFobzFRH6vg2NfwHH5tRaa
+uZ2/xGhPjpAwhqYe2eduOtM/8UetFmYbOR9Ku1D2i/v2sMtEp34iE51KRCQCW7bW
+Nyyybd8JvsVdmtfi3BZLfir3u4vG7e+Wi0dIn0MMQxCk1FawoB8LjFeHGcM3h6m7
+5ezhww==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://hr-sso.pb.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Max</GivenName>
+ <SurName>Quetel</SurName>
+ <EmailAddress>max@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://roundup-test.it.su.se/shibboleth" xml:base="swamid-1.0/roundup-test.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEvDCCA6SgAwIBAgILAQAAAAABHEtYz+8wDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDkxMDA4MjAyM1oXDTExMDkxMDA4MjAyM1owYjELMAkGA1UEBhMCU0UxEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEeMBwGA1UEAxMVcm91bmR1cC10ZXN0Lml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuWia8Li3lAlfEHtajbEj7JE3xX31jtPI8mWIbrv82bM1UqfJNFOtrYoukrOLwB8y/trTytPxNOykhAEOK8uElNIJWvrmpe2Upmn/yAxT+7FT8RYECh558rLYdwE7RKiu9W4W/mztFKXGTVsG6c0PmUh+bchTW7XikyqhuvyHaYBZ2Qf+mMMk4No0qCtLakjvWaMXEEJRSEMiMPXBkkpaaAwBVc9baK0+EYuTKII2L4tx2eNSzposXqj2lSks70tHsJnTHUBYeVZiVPYpeu34kO/0NPBeq9CFgk49aHZpuq+iQBx/BX1I2Z5iRV+UY0eZpENVapWf6M1nYz6h7HcXUQIDAQABo4IBdDCCAXAwUAYDVR0gBEkwRzBFBgcqhkixPgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5uZXQvcmVwb3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBRlZaM91zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQUdj87P0v1GpRPfbrHmKPY4EvzN8AwOgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9lZHVjYXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8vc2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25hbC5jcnQwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMCAGA1UdEQQZMBeCFXJvdW5kdXAtdGVzdC5pdC5zdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAiRmbVYXHgEs6d68zfqAsHBLUGrysmZkJnx1603o5CbMxG0DSVtUPWL9artz68/dazxvI4zdrkxNb9j8mHTOZ6jYYon3VwI4d4RSjuXtRTfa+Tc9qGsi79U7ALH4RgFp6ltAZL+r3vKFKwWnD5ToXtm0S3ih8LUxtKNpTb3mlv2Ib8nCcsmR91y+Dl0ypgxp/Kqoi0jEcijffZXkfzmKmcOlsbrBZw4BJzogHVTdGFj3P5oJy13h+oldS7kwYljI2h7Z+BVMmrSguWTgqbErhQInbOiZggQhfB3x70OdJs4DDrMzSQctqEXlj+Eb7qSdYyuP1kMjI1P+0IGLq+PSN6A==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://roundup-test.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Klas</GivenName>
+ <SurName>Lindforss</SurName>
+ <EmailAddress>kllin@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://idp.test.umu.se/identity" xml:base="swamid-1.0/idp.test.umu.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>umu.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEOjCCAyKgAwIBAgICAd4wDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCU0UxGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxGzAZBgNVBAMTElVtZWEgVW5pdmVyc2l0eSBDQTAeFw0wODAzMTIxNDEwNDFaFw0wODExMDcxNDEwNDFaMEIxCzAJBgNVBAYTAlNFMRkwFwYDVQQKExBVbWVhIHVuaXZlcnNpdGV0MRgwFgYDVQQDEw9pZHAudGVzdC51bXUuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKQGac7vCABvE1YFheXQHgAh1HVl6gFkekBpLJ8sEa6bNu/adQOW2xFI801HfgW3xqQYW48wLinru22nPUE3cF30ISIB/r8qL6mw6c1nkZB62g3Svy42mW7ay7Kio+W3gS9NxEHoiHvCLPVYFBtOKe3FVwV1mnBffEv9jvbGfYYfAgMBAAGjggG5MIIBtTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLWJ/IUQTsdgSBj3xq+hTSN2qZk5MH8GA1UdIwR4MHaAFHaQAcfvra4Asfdp2f4VKKzmMs5AoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBVbml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kgUG9saWN5IENBggERMCoGA1UdEgQjMCGBCWNhQHVtdS5zZYYUaHR0cDovL3d3dy5jYS51bXUuc2UwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3d3dy5jYS51bXUuc2UvY3JsX3YyLmNybDB+BgNVHSAEdzB1MHMGCCqFcCsCAQEBMGcwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2EudW11LnNlL0NQUzA/BggrBgEFBQcCAjAzGjFMaW1pdGVkIExpYWJpbGl0eSwgc2VlIGh0dHA6Ly93d3cuc3d1cGtpLnN1LnNlL0NQMA0GCSqGSIb3DQEBBQUAA4IBAQBjHF+0/RXKijMD2t6taOHp61TSP47fa/s9gD2H7mjlXKxwf2VHaN2mQ5Cy71atSzWpgfArCbND6lYLIaguDqkj+TtJAse3VBFe/nlaY5ewKxfaCLnnNGGNnoFaoVjTiZYrSYvSsqHjMmwIsgeAhVtAagkmB71B6QRL7nXwAJffNa1LVpVVI4e5T1tKa9BB5Z7LwqZSnC/MnBkNEU9h/Lw3gzIZyijNbnkOAVBnRf9gJwC8dHNafWhHyGj4urC2/GZIR+Mt+5HgQ2DKufHBjMv4a6edLS/gZFb4KfxmjgZDrb0ZC75Y9lcqiz8QZDXbu/4/ptMx7dNkEPfwJyuOD0TP</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.test.umu.se:9443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope>umu.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEOjCCAyKgAwIBAgICAd4wDQYJKoZIhvcNAQEFBQAwRTELMAkGA1UEBhMCU0UxGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxGzAZBgNVBAMTElVtZWEgVW5pdmVyc2l0eSBDQTAeFw0wODAzMTIxNDEwNDFaFw0wODExMDcxNDEwNDFaMEIxCzAJBgNVBAYTAlNFMRkwFwYDVQQKExBVbWVhIHVuaXZlcnNpdGV0MRgwFgYDVQQDEw9pZHAudGVzdC51bXUuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKQGac7vCABvE1YFheXQHgAh1HVl6gFkekBpLJ8sEa6bNu/adQOW2xFI801HfgW3xqQYW48wLinru22nPUE3cF30ISIB/r8qL6mw6c1nkZB62g3Svy42mW7ay7Kio+W3gS9NxEHoiHvCLPVYFBtOKe3FVwV1mnBffEv9jvbGfYYfAgMBAAGjggG5MIIBtTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFLWJ/IUQTsdgSBj3xq+hTSN2qZk5MH8GA1UdIwR4MHaAFHaQAcfvra4Asfdp2f4VKKzmMs5AoVukWTBXMQswCQYDVQQGEwJTRTEYMBYGA1UEChMPVW1lYSBVbml2ZXJzaXR5MRMwEQYDVQQLEwpTd1VQS0ktUENBMRkwFwYDVQQDExBTd1VQS0kgUG9saWN5IENBggERMCoGA1UdEgQjMCGBCWNhQHVtdS5zZYYUaHR0cDovL3d3dy5jYS51bXUuc2UwMAYDVR0fBCkwJzAloCOgIYYfaHR0cDovL3d3dy5jYS51bXUuc2UvY3JsX3YyLmNybDB+BgNVHSAEdzB1MHMGCCqFcCsCAQEBMGcwJAYIKwYBBQUHAgEWGGh0dHA6Ly93d3cuY2EudW11LnNlL0NQUzA/BggrBgEFBQcCAjAzGjFMaW1pdGVkIExpYWJpbGl0eSwgc2VlIGh0dHA6Ly93d3cuc3d1cGtpLnN1LnNlL0NQMA0GCSqGSIb3DQEBBQUAA4IBAQBjHF+0/RXKijMD2t6taOHp61TSP47fa/s9gD2H7mjlXKxwf2VHaN2mQ5Cy71atSzWpgfArCbND6lYLIaguDqkj+TtJAse3VBFe/nlaY5ewKxfaCLnnNGGNnoFaoVjTiZYrSYvSsqHjMmwIsgeAhVtAagkmB71B6QRL7nXwAJffNa1LVpVVI4e5T1tKa9BB5Z7LwqZSnC/MnBkNEU9h/Lw3gzIZyijNbnkOAVBnRf9gJwC8dHNafWhHyGj4urC2/GZIR+Mt+5HgQ2DKufHBjMv4a6edLS/gZFb4KfxmjgZDrb0ZC75Y9lcqiz8QZDXbu/4/ptMx7dNkEPfwJyuOD0TP</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.test.umu.se:9443/shibboleth-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.test.umu.se:9443/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Umeå University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>UMDAC</Company>
+ <GivenName>Einar</GivenName>
+ <SurName>Hillbom</SurName>
+ <EmailAddress>einar.hillbom@umdac.umu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://cbs-vylvatest.kib.ki.se/shibboleth" xml:base="swamid-1.0/cbs-vylvatest.kib.ki.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB7TCCAVagAwIBAgIJAMV5iXtJKd2UMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNVBAMTF2Nicy12eWx2YXRlc3Qua2liLmtpLnNlMB4XDTA4MDcyMzEzMDM0OFoXDTA5MDcyMzEzMDM0OFowIjEgMB4GA1UEAxMXY2JzLXZ5bHZhdGVzdC5raWIua2kuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPAnswr/MkrQXkXZJbv3ArV/q0kowtVLnQIM6nuJjyw/96cQ7UuYFOFpIEhT+fQdthkKdSAAa74U10+r6wUqj7HgGWrKDn6HfGaYUx5vuLt7kHIuLSTdnU5xbH+9D2S1BwdK8qEjCtT5kxPk4/2mXpTVEdQRXdaxLanrIk4Sex/bAgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAvRiCRo0g0bZ8TNZWO5iCmdrMCtDTM4I9JYf0zR0hYbf61U2r1h2iE3IfC4JvNmclEDbhL/aJQrqgglG8mSyBVYN9mu3L3y+O0ZvCLGC5EOHTLVZjihfL1VDwt054lB18AkxOh2H+dkcq6B7cI0XdFesHi4iW9HGr23C22xfLIpQ=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://cbs-vylvatest.kib.ki.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">KI</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Karolinska Institutet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ki.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>KI bibliotek</Company>
+ <GivenName>Ylva</GivenName>
+ <SurName>Gavel</SurName>
+ <EmailAddress>ylva.gavel@ki.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://jolu.dev.it.secure.su.se/shibboleth" xml:base="swamid-1.0/jolu.dev.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB7zCCAVigAwIBAgIJAJ4RwLsrE8VvMA0GCSqGSIb3DQEBBQUAMCMxITAfBgNVBAMTGGpvbHUuZGV2Lml0LnNlY3VyZS5zdS5zZTAeFw0wODA1MTIwODAyNDhaFw0wOTA1MTIwODAyNDhaMCMxITAfBgNVBAMTGGpvbHUuZGV2Lml0LnNlY3VyZS5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqaabQgxKHFyHGXBa9TfOe9W/LbX9issL2lWtFaG5++KQMgcYOrFChkxyifmwJih+MJYoAaBZGWjDM/FfLyXe31flkC4uE1GScOGojtobRY9KcLR0XbHaxwPCSnkBOIncfEHuwOK9IUgCz1G8i4VGQm7lbIyijqPrt+aQXCePldUCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQBB6cbInUeuMbPM1WxT4xLKR4WF3lgIt5mqd/dpM6PySbW0d0+E+qkyhJeHFBhhHxFvnsaE9Y0hrIc862sCoe7EojgbFjV2SrqTrvQ4yVs/dXFZ0ipEli9wsc6RrgbVV9DRW6F2z7PSnw9Xi+wUm3vkvf/1/LqFU/sTz9Ek3zukHg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://jolu.dev.it.secure.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://labs.swami.se" xml:base="swamid-1.0/labs.swami.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB2TCCAUKgAwIBAgIJANxR0VNsO3LLMA0GCSqGSIb3DQEBBQUAMBgxFjAUBgNVBAMTDWxhYnMuc3dhbWkuc2UwHhcNMDcwNDEzMDgxMjM0WhcNMDgwNDEyMDgxMjM0WjAYMRYwFAYDVQQDEw1sYWJzLnN3YW1pLnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDuZSnm1OGEZ+1NPqvCPX3P7EsxMd2kEoTMHKBuTsUngFk5hU0Zk6Jr8Cf4qdwzQRsvoacZjERnzrkOQw45NuMVvLLrErD8qon0uLQGpzsqNIoQ8eJz+CIsoHeSJUGi8FKbRvrKJm9DR2vlrxAxwxuUkyyZ/f/Uvk9S8E0+rwuOEQIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBAGIkqz4KXzPlA4mrprQuGgyXJLZGbZVmWWNxqaihEzjskAdZBom1VBbVuk1KMqiHCbxn2HasBucWGdoLDkAmITFbnL5Lt5lUQ4bdSuVQgboitHHLp49H3gLFg8Jym2Mlj5jzz7ZAEQ64yf2XWhTHK894Z2+5gApkK5N7pDEwUW03</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://labs.swami.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SWAMI</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">SWAMI</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.swami.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Leif</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="http://shibboleth.ebscohost.com" xml:base="swamid-1.0/shibboleth.ebscohost.com.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEZDCCA82gAwIBAgIQCj52FvC7d3ialzMyLa5a/TANBgkqhkiG9w0BAQUFADCBujEfMB0GA1UEChMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazEXMBUGA1UECxMOVmVyaVNpZ24sIEluYy4xMzAxBgNVBAsTKlZlcmlTaWduIEludGVybmF0aW9uYWwgU2VydmVyIENBIC0gQ2xhc3MgMzFJMEcGA1UECxNAd3d3LnZlcmlzaWduLmNvbS9DUFMgSW5jb3JwLmJ5IFJlZi4gTElBQklMSVRZIExURC4oYyk5NyBWZXJpU2lnbjAeFw0wODAzMzEwMDAwMDBaFw0wOTA0MDQyMzU5NTlaMIGbMQswCQYDVQQGEwJVUzEWMBQGA1UECBMNTWFzc2FjaHVzZXR0czEQMA4GA1UEBxQHSXBzd2ljaDEfMB0GA1UEChQWRUJTQ08gSW5kdXN0cmllcywgSW5jLjEeMBwGA1UECxQVc2hpYmJvbGV0aDEuZXBuZXQuY29tMSEwHwYDVQQDFBhzaGliYm9sZXRoLmVic2NvaG9zdC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKeXf+L4GiuqTaeJVlsjwdZ4rKJ+vZy8dBTlrzGDFZigOqtHj8JG/XZzACJ+pmbrz6S1fU/TFbavF3DjOw+pB2VGV/nCfXExtnb0/X5Fh2n7HuWsXQytsBFNV8js6AKrWQf9zkjKih3CKtNhhegO2PWj7zcuBklF9jGcz0nhiY5LAgMBAAGjggGGMIIBgjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBGBgNVHR8EPzA9MDugOaA3hjVodHRwOi8vY3JsLnZlcmlzaWduLmNvbS9DbGFzczNJbnRlcm5hdGlvbmFsU2VydmVyLmNybDBEBgNVHSAEPTA7MDkGC2CGSAGG+EUBBxcDMCowKAYIKwYBBQUHAgEWHGh0dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEwNAYDVR0lBC0wKwYJYIZIAYb4QgQBBgorBgEEAYI3CgMDBggrBgEFBQcDAQYIKwYBBQUHAwIwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8vb2NzcC52ZXJpc2lnbi5jb20wbgYIKwYBBQUHAQwEYjBgoV6gXDBaMFgwVhYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQUS2u5KJYGDLvQUjibKaxLB4shBRgwJhYkaHR0cDovL2xvZ28udmVyaXNpZ24uY29tL3ZzbG9nbzEuZ2lmMA0GCSqGSIb3DQEBBQUAA4GBABIHjfxZW+PJ1V3daNHMcBfpadojtptZZeszBIDqVDwSqhz8ETMuvWUomS+lwIIm3Pxg6bRIcet9ND1cwre1fcnBhyjWy2PonxiryOrNvIIG12Omi53xkwL+zJfA9tG5G/qpYmoOU1GGCnTPrVDph+amUIIBFiwBgtVTyys/vkxm</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://shibboleth.ebscohost.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">epnet.com</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">EBSCO Information Services</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.ebsco.com/home/</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="administrative">
+ <GivenName>Burns</GivenName>
+ <SurName>Ron</SurName>
+ <EmailAddress>rburns@epnet.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>Flynn</GivenName>
+ <SurName>Dave</SurName>
+ <EmailAddress>dflynn@epnet.com</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="support">
+ <GivenName/>
+ <SurName>Customer Satisfaction</SurName>
+ <EmailAddress>eptech@epnet.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://shib-idp.kau.se/identity" xml:base="swamid-1.0/shib-idp.kau.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>kau.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEPTCCAyWgAwIBAgILAQAAAAABGTNtk4cwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDQwOTEzNDM0OVoXDTExMDQwOTEzNDM0OVowbTELMAkGA1UEBhMCU0UxETAPBgNVBAgTCFZhcm1sYW5kMREwDwYDVQQHEwhLYXJsc3RhZDEeMBwGA1UEChMVS2FybHN0YWRzIHVuaXZlcnNpdGV0MRgwFgYDVQQDEw9zaGliLWlkcC5rYXUuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKOQIKbkk/FiMrF0SnFnN+leGueG0+qQMczfPQuUkTp1y+nhtIuvD+3t2pzPsuUcHtArrJjBKPg3Mp5Tt8cHWNdRl1j6l0TN1Rtk+1rmyMck5HZp1b296ldPtyCzon/txPB356CiT6KvW/iHY0hAiupIKdlWLK360ZGqThCPext1AgMBAAGjggFuMIIBajBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBRUfoCGld9kbPhwSgnkIMv3jWpxODA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGgYDVR0RBBMwEYIPc2hpYi1pZHAua2F1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAI/dNIi3iuS6nw4Tll1ZCc3kuHyG5In67CmtjO0owGmkh/4+B+ZHA37U5SZeKYPliiNqjUX6rlz4WYtvj/wFcAXSbcbgVRWkCVTkYahWL4DysGEanzeTJvWgcnJXix1JO6nifJYw8nJEBhuZrmrEuDj/5EmkekkGxRgGA9QgLSsYCnzkcm71R3PNO+rvSiBzY8MeIgiS96Jpe09iafVA0/w1Q8pyhLdLa8KWl80Rjjo/JVi34LECLwq9emIXIxNTr6ot3WdamoIZtEVOVbdwPoEAlekE87VJ2w7Y/yMqFz6bLp4cQ91PQZG91Y2NtQY4RBFCci5LO0dlcJTF2kMxkT</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp.kau.se:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope>kau.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEPTCCAyWgAwIBAgILAQAAAAABGTNtk4cwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4MDQwOTEzNDM0OVoXDTExMDQwOTEzNDM0OVowbTELMAkGA1UEBhMCU0UxETAPBgNVBAgTCFZhcm1sYW5kMREwDwYDVQQHEwhLYXJsc3RhZDEeMBwGA1UEChMVS2FybHN0YWRzIHVuaXZlcnNpdGV0MRgwFgYDVQQDEw9zaGliLWlkcC5rYXUuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKOQIKbkk/FiMrF0SnFnN+leGueG0+qQMczfPQuUkTp1y+nhtIuvD+3t2pzPsuUcHtArrJjBKPg3Mp5Tt8cHWNdRl1j6l0TN1Rtk+1rmyMck5HZp1b296ldPtyCzon/txPB356CiT6KvW/iHY0hAiupIKdlWLK360ZGqThCPext1AgMBAAGjggFuMIIBajBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBRUfoCGld9kbPhwSgnkIMv3jWpxODA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwGgYDVR0RBBMwEYIPc2hpYi1pZHAua2F1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAI/dNIi3iuS6nw4Tll1ZCc3kuHyG5In67CmtjO0owGmkh/4+B+ZHA37U5SZeKYPliiNqjUX6rlz4WYtvj/wFcAXSbcbgVRWkCVTkYahWL4DysGEanzeTJvWgcnJXix1JO6nifJYw8nJEBhuZrmrEuDj/5EmkekkGxRgGA9QgLSsYCnzkcm71R3PNO+rvSiBzY8MeIgiS96Jpe09iafVA0/w1Q8pyhLdLa8KWl80Rjjo/JVi34LECLwq9emIXIxNTr6ot3WdamoIZtEVOVbdwPoEAlekE87VJ2w7Y/yMqFz6bLp4cQ91PQZG91Y2NtQY4RBFCci5LO0dlcJTF2kMxkT</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://shib-idp.kau.se/shibboleth-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://shib-idp.kau.se/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">KAU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Karlstad university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.kau.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Karlstad university</Company>
+ <EmailAddress>paul.scott@kau.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://callab0.it.secure.su.se" xml:base="swamid-1.0/callab0.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB+TCCAWKgAwIBAgIJAOlQKzLVXB5JMA0GCSqGSIb3DQEBBQUAMCgxJjAkBgNVBAMTHXNoaWJiLWNhbGxhYjAuaXQuc2VjdXJlLnN1LnNlMB4XDTA3MDMyMDEyMTMxN1oXDTA4MDMxOTEyMTMxN1owKDEmMCQGA1UEAxMdc2hpYmItY2FsbGFiMC5pdC5zZWN1cmUuc3Uuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL/+i70hIW+rIYYJ9mvNEUE1SztYa9mAZuPhH1J4li+pyvghKZQHTI3UuYpbRGEQ1/83a7MAM+6VOQmYQtZDSw8PhtJKcpd1fFhSACqpDQKgBRSwcYsQkjb52j63r3kDXT4VDosImeg0HRb+HIWo4blC8gP2sZLSKa5BHJK+87GdAgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEATDf77yw3aqQYXj4XpY3bUHrrnA9zwYrkboeTCk61s7VrNTLE0T/YEM2qFBxUOWdNxBGuuP6T30XsK2vS0VW7wHTGV+6j9KF+niUQbo/VqKOO69XaO5X0WbJKdI/WyTunmWY5uECoASNhFGcBMqcINAUSktTXlsDB6ttoP1cnjMo=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://callab0.it.secure.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://www3.genuinetext.com/shibboleth" xml:base="swamid-1.0/www3.genuinetext.com.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB5zCCAVCgAwIBAgIJALLUhMva/oz0MA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNVBAMTFHd3dzMuZ2VudWluZXRleHQuY29tMB4XDTA4MDUwNTEwNDkyNloXDTA5MDUwNTEwNDkyNlowHzEdMBsGA1UEAxMUd3d3My5nZW51aW5ldGV4dC5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMSCzocotpl6yxJCA6Jy7LwbatFjJ1UQ94ZcLJ36OPNlyX3rtLKPJTRwaCS+ld+Z7MXEWfrtEXt6iHhrNuj94HNr8dpPeneqZ7jmSI7yE22x4Xt/zvJLHdvrZypxCUs+mCWGigPchih9OgvDcTPS8Vh5GWq22yWfI7v18oWg+CR3AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAf8JbtDVoRymE0vdpbTlbjwsYK6CoXW3wi6/kb4ky6eqmGbz29niEa5xwoZKD8zDj/MNRMbVewLYqaYKanp9t/NnWY34wsiWGsszX88X91FXjjtVdVm5XaYl62RQvd6Z4OjffC0WdRzYMmqQcHQ3G5guQPQC5OaTB/2DkxLht4sg=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www3.genuinetext.com/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Genuine Text</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Genuine Text</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.genuinetext.com</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Knownet AB</Company>
+ <GivenName>Richard</GivenName>
+ <SurName>Bäckman</SurName>
+ <EmailAddress>rickard@knonet.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://xfire.mimas.ac.uk/shibboleth" xml:base="swamid-1.0/xfire.mimas.ac.uk.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEMjCCAxqgAwIBAgILAQAAAAABE7mOBYIwDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3MDcxMjA4MzEzOFoXDTEwMDcxMjA4MzEzOFowYDELMAkGA1UEBhMCR0IxJTAjBgNVBAoTHFRoZSBVbml2ZXJzaXR5IG9mIE1hbmNoZXN0ZXIxDjAMBgNVBAsTBU1JTUFTMRowGAYDVQQDExF4ZmlyZS5taW1hcy5hYy51azCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAnvcQOid24BFRMId4stwyqEmQ3jcU9pqoJI7XkIh4FgYy++lBhGFDVDxkjikhbZKgGk1NONfTGRFHJ6TYRPNNjEjDtu8eTaKVDvvgIiW+E+pbdekmHGp5/1TW30yYUxJv12tBCWSWcHuqQjbnJiM+thHvVT0Rpz269VhaI9dWZY0CAwEAAaOCAXAwggFsMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFFffHJDYEluqeqPk2YaogEb6A+BvMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAcBgNVHREEFTATghF4ZmlyZS5taW1hcy5hYy51azANBgkqhkiG9w0BAQUFAAOCAQEAgIGtV9NaiG7yikJKZQgt+GP59EkAWhGYCR8JI5gZU7z6LIyTNLO19MPb2gJiirjUQpFEEh2ZNdiYmYNzf3yZAiVNtv45BOIa+poJbWUr7wXIv48ILhIQ5uTVLXrHofOU/aq3ySpVrLB2DZ1u24GHdxjwgiaKgwk6qntO9zwSeKiK9W2bcNk2mcJh5i7WPsB3RNID/pc4KZmw7T84F0/Ju0PrT4z8ry8286iZRQbZPkTi2D1eqBI52CQIJjUPnEMUJSFLup6kGPGLqtGqqoJNc8mtot4tEQIrqfKu9coHR386P0KAJyUV3PEdkyKcpEpnl4Ky0NDDXLK0BZ4CnMh3/A==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://xfire.mimas.ac.uk/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">MIMAS</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">MIMAS</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://xfire.mimas.ac.uk</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="support">
+ <SurName>CrossFire Helpdesk</SurName>
+ <EmailAddress>crossfire@mimas.ac.uk</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="technical">
+ <GivenName>david</GivenName>
+ <SurName>Chaplin</SurName>
+ <EmailAddress>david.chaplin@manchester.ac.uk</EmailAddress>
+ </ContactPerson>
+ <ContactPerson contactType="administrative">
+ <GivenName>Ross</GivenName>
+ <SurName>Macintyre</SurName>
+ <EmailAddress>Ross.MacIntyre@manchester.ac.uk</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://idp.secure.su.se/identity" xml:base="swamid-1.0/idp.secure.su.se.xml">
+ <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>su.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEsjCCA5qgAwIBAgILAQAAAAABFxsEM3owDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3MTIyNzA5NTIxNVoXDTEwMTIyNzA5NTIxNVowXTELMAkGA1UEBhMCU0UxEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEZMBcGA1UEAxMQaWRwLnNlY3VyZS5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8J47onJaot9vYgL5d+VXRuBTlwy4quLRkcFDvAhy9YwzdDAZ0bio2qgVpXMK1aP1kvpOn6+Zy9jUKuwaUraJpE8Yp7dCzTXujrCQSS3sfy+pTwS/kcDUM/sBd16gXU4lfub56+Oiuvi9eRISDKTeZebgTskN2O7gZS91nLSo7xz/Fsrinp3oRWcqZ0VWzc0+zLIldU50ASZ/AqDQQ/JLaqI84b6Ft8JjWZKCGUqBBoRURjvDxqr2e19i2+2mu5Cbayq6IJ62yH+dP3pVd9UZntSXABaTnq2+v9dt/unhOXibzMwh87q+fI9w7SyM7Wy/r6V3qk/aes0bYI6Sj8DW0CAwEAAaOCAW8wggFrMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFMAf54GaLCmlAHIKbGBskYgJ64yTMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHREEFDASghBpZHAuc2VjdXJlLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQA2ZODtOolJMQNFz86urE/RM3LIwkaaRHv9WN743WEPVyrQ0s7XjYuHAuJCuLVhwteA0ODpbmYJHaesG1O4Hqilv/tRD+8MahGWqA2lk28T7mkx+/Hb2jsZWBIMGNNOf97sZUK100wbnsFvjvBsOAsznnRX2JKOBeemOnIPZR1EmA+VRxUaIHb2/SD63zSsa/+y8xkSYAo1Pxr9MU6jePNIPnMF7ixwfzTZElyoxKuNNbQAuxfvvbRElGs2YCmC9WBY8zGmyHfNWWblVt5tjeNH0pWu+qg1tVBSB9VZZ4xGuKgoMyoYKul4y3raQRiUCUaUmJCdAiQNqsSMpY3QpA+k</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.secure.su.se:8443/shibboleth-idp/AA"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ </AttributeAuthorityDescriptor>
+ <IDPSSODescriptor WantAuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol urn:mace:shibboleth:1.0">
+ <Extensions>
+ <shibmeta:Scope>su.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEsjCCA5qgAwIBAgILAQAAAAABFxsEM3owDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA3MTIyNzA5NTIxNVoXDTEwMTIyNzA5NTIxNVowXTELMAkGA1UEBhMCU0UxEjAQBgNVBAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEZMBcGA1UEAxMQaWRwLnNlY3VyZS5zdS5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAL8J47onJaot9vYgL5d+VXRuBTlwy4quLRkcFDvAhy9YwzdDAZ0bio2qgVpXMK1aP1kvpOn6+Zy9jUKuwaUraJpE8Yp7dCzTXujrCQSS3sfy+pTwS/kcDUM/sBd16gXU4lfub56+Oiuvi9eRISDKTeZebgTskN2O7gZS91nLSo7xz/Fsrinp3oRWcqZ0VWzc0+zLIldU50ASZ/AqDQQ/JLaqI84b6Ft8JjWZKCGUqBBoRURjvDxqr2e19i2+2mu5Cbayq6IJ62yH+dP3pVd9UZntSXABaTnq2+v9dt/unhOXibzMwh87q+fI9w7SyM7Wy/r6V3qk/aes0bYI6Sj8DW0CAwEAAaOCAW8wggFrMFAGA1UdIARJMEcwRQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24ubmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFMAf54GaLCmlAHIKbGBskYgJ64yTMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5uZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYzaHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwuY3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAbBgNVHREEFDASghBpZHAuc2VjdXJlLnN1LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQA2ZODtOolJMQNFz86urE/RM3LIwkaaRHv9WN743WEPVyrQ0s7XjYuHAuJCuLVhwteA0ODpbmYJHaesG1O4Hqilv/tRD+8MahGWqA2lk28T7mkx+/Hb2jsZWBIMGNNOf97sZUK100wbnsFvjvBsOAsznnRX2JKOBeemOnIPZR1EmA+VRxUaIHb2/SD63zSsa/+y8xkSYAo1Pxr9MU6jePNIPnMF7ixwfzTZElyoxKuNNbQAuxfvvbRElGs2YCmC9WBY8zGmyHfNWWblVt5tjeNH0pWu+qg1tVBSB9VZZ4xGuKgoMyoYKul4y3raQRiUCUaUmJCdAiQNqsSMpY3QpA+k</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp.secure.su.se/shibboleth-idp/Artifact" index="1" isDefault="true"/>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.secure.su.se/shibboleth-idp/SSO"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://umdac-humpdac.ad.umu.se/shibboleth" xml:base="swamid-1.0/umdac-humpdac.ad.umu.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB7TCCAVagAwIBAgIJAPLebS0CGJJJMA0GCSqGSIb3DQEBBQUAMCIxIDAeBgNVBAMTF3VtZGFjLWh1bXBkYWMuYWQudW11LnNlMB4XDTA3MDMxMzEwNTkzNloXDTA4MDMxMjEwNTkzNlowIjEgMB4GA1UEAxMXdW1kYWMtaHVtcGRhYy5hZC51bXUuc2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALA5VqzzCDXki71HDlWq9gwowL+0FBFZC9bCRmjKOGe9lmZveHhJ1oWN7g5wbAbC+oAciHe5vzUoEIrkl9enqqFCgOww3LhAURSuebJzbF8fz3zjdFlyzqDIlLet54YTvfdZmro4345Z46KW/dX5QOAEslLcSUev1Eq1F1rgXMV/AgMBAAGjKzApMCcGA1UdJQQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQEFBQADgYEAOHWzEvOqLpAeLm19FAZS/qG5i97eH5bx7opjABmDU7IIMT2jEhBykYL6BXbfYljLT2pyBEE2oILetNT/U09Angm2Lf8JzenPUgqS8qFGl54/Gw2GcIiDBbvmPuBWqw8CRYdfBQjBZmKs+jN+Lr1uvEvim/B4PPQg2Eypp8iz/VM=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://umdac-humpdac.ad.umu.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Umeå University</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>UMDAC</Company>
+ <GivenName>Tommy</GivenName>
+ <SurName>Larsson</SurName>
+ <EmailAddress>tommy.larsson@umdac.umu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://sp.lhs.se/shibboleth" xml:base="swamid-1.0/sp.lhs.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEFTCCA36gAwIBAgIKGij19wAAAAAAeTANBgkqhkiG9w0BAQUFADCBgjELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRgwFgYDVQQKEw9MSFMgaSBTdG9ja2hvbG0xFTATBgNVBAsTDElULUF2ZGVsbmluZzEaMBgGA1UEAxMRZ3JlZW5wb2ludC5saHMuc2UwHhcNMDcxMTE1MTE0NjUxWhcNMTIxMTE1MTE1NjUxWjCBqjEcMBoGCSqGSIb3DQEJARYNc2VjQHJ0Lmxocy5zZTELMAkGA1UEBhMCU1cxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMSkwJwYDVQQKEyBTdG9ja2hvbG0gSW5zdGl0dXRlIG9mIEVkdWNhdGlvbjEWMBQGA1UECxMNSVQtZGVwYXJ0bWVudDESMBAGA1UEAxMJc3AubGhzLnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5OuqeuhMexhFh6i1Pm0vxvhDpFmJjm9Y6M1qa6Ug+vEoWZdCv5VQEh3A5kEEMtxi1QhxkcuQhtBoi+sKweDYEcMOlktzLnaSC0wMth/VLR7y2DP5oVzl1FjIlCZ0BdSf9bZENblHNpzb0/sCaVhW09vmp74/5AqV0jLt+XgVnmxVsUBDAgTzWK9fIoDLsClc1RQSUE8asIMiKVEH7KYMOcHRYIzp4Q2++iOvtvq8EVgWZvaDVzG7/CrqFRcuk/4naMyAOKXrGNNr7qB86yFy53Be43ZZjeJv0CQC9LaJZC2QsgbsG2OcCUHbTGEFOdl5DYVfEEVpU4s336WH/eARTQIDAQABo4HjMIHgMB0GA1UdDgQWBBTwtlrmSaEvXMNXT+kQj8ULsteJCTCBvgYDVR0jBIG2MIGzgBT/0okEYerF+Z8wLX763B0yh4G60qGBiKSBhTCBgjELMAkGA1UEBhMCU0UxEjAQBgNVBAgTCVN0b2NraG9sbTESMBAGA1UEBxMJU3RvY2tob2xtMRgwFgYDVQQKEw9MSFMgaSBTdG9ja2hvbG0xFTATBgNVBAsTDElULUF2ZGVsbmluZzEaMBgGA1UEAxMRZ3JlZW5wb2ludC5saHMuc2WCEEsrLPaG8gihTtyO+tjeJYcwDQYJKoZIhvcNAQEFBQADgYEAM4a5cBBOVKPXBLE6LKKrmExK2TtsOdw17EBL43RoG9IAH22mW1IY5vglf/zaYDm/WS4+8rvGJC+WP5QyMrHQQY52Z4iiSRhLs4ccbDoNR5EF3RxM9lb5tDprncT8d2VinlFztopWUQAmB6s447w+LzqXr62OKEgX3kzZvNSanZ4=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sp.lhs.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">LHS</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Lärarhögskolan</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.lhs.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>LHS</Company>
+ <GivenName>Patrik</GivenName>
+ <SurName>Blomkvist</SurName>
+ <EmailAddress>patrik.blomkvist@lhs.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://sakailab1.it.secure.su.se" xml:base="swamid-1.0/sakailab1.it.secure.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB8TCCAVqgAwIBAgIJAKXyew6LHCQ5MA0GCSqGSIb3DQEBBQUAMCQxIjAgBgNVBAMTGXNha2FpbGFiMS5pdC5zZWN1cmUuc3Uuc2UwHhcNMDcwNDA1MTU0NDMwWhcNMDgwNDA0MTU0NDMwWjAkMSIwIAYDVQQDExlzYWthaWxhYjEuaXQuc2VjdXJlLnN1LnNlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgun00RCrC7MkeeVC/Wrmpb3Z0oCFbsq4n54JSZ4LZcH2KQm5p34GSgRWv07ki4Sa9UPuG4cqv89RkHpDzGIWxQ5kBFK6Huo0Iq+/RnmerUnfpX6GKBNQqOqtS0CNmMl1dwKrVemiMAQjxOUEX0HQdCI3V77R7TMCodcbSOfotgQIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4GBAAFteLcTuaDnorYmeupV0+ZzPk6RN/6UP5SW+oxsFA7aeg86y5f0c2uxsDhdYV1XvMVmVZ+3FCtjARsup0I6hBcWl2GMRYhF2MxJQk23Vir43VOpAxt4OtHjH7Uo3eCgARMDlUayFVB1iiaoDAjsuucg0rOu+3V2nZ3OL6bkdHhz</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sakailab1.it.secure.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Leif</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://roundup.it.su.se" xml:base="swamid-1.0/roundup.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDbTCCAlWgAwIBAgIJANbxBppDW3WQMA0GCSqGSIb3DQEBBQUAMC0xCzAJBgNVBAYTAlNFMR4wHAYDVQQDExVzaGliLXJvdW5kdXAuaXQuc3Uuc2UwHhcNMDgwMzE3MDkyMjUwWhcNMTAwMzE3MDkyMjUwWjAtMQswCQYDVQQGEwJTRTEeMBwGA1UEAxMVc2hpYi1yb3VuZHVwLml0LnN1LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfArE1PtdXywNARmL3st18I5GofeADtilz3/jzEmYg6a3/fK3mL0xvADBs0ulxL6T9qeGFZWA/APbBYO5/MP8FDsL+Mr1PVN2um4SFKpQdFym0MbJmb4qUZVKfPDcpI4dWgWZPItGA9uzzDxSKYjejWJOvgdycN8yt+rj5lwjCGHNo+/B4pAJpWFTaYZnV4bMvcin+TXib+2ome0HL+kC0ul7Vg/hLNqyOk7GbAsDuPbYzE7wIqFa3QoVDHPja5yq/UIttmOJiw7gcWJheWRCYBiMTOGCEvng+2jsxoNEM+PGSoBDWvoXY01yV9R8sMbJv5YyauDwEeVltHm47S2WwIDAQABo4GPMIGMMB0GA1UdDgQWBBSvWbE1iQBrDVnhe0JdJ+UrgKsCUTBdBgNVHSMEVjBUgBSvWbE1iQBrDVnhe0JdJ+UrgKsCUaExpC8wLTELMAkGA1UEBhMCU0UxHjAcBgNVBAMTFXNoaWItcm91bmR1cC5pdC5zdS5zZYIJANbxBppDW3WQMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAIIYR616CkgU6xlxM37KlBmrN6Dp2rU4VagC0OhkkqDa3Kt2AdOG11z1SEguKDygQT1oMztIVewIhgaq2ggF+WqqLWWfWHAi+ff/b0MOZICXlwQJPJXywXvqFgM2mEi0hMV8bITh8l3wFuO0aq6zaXlZv0XtmF8ac8Rx68DvX0n53fBI2yZ6d9Jcl2hxRtBOvUW/S8AbI8NQST1HBKnYGGX01nT7ShCXlP5hzki9PDu0gw/Z9LjvQT5KA/rkg2hHykqk7j4TYe5RyU43pkKi+Urf+RPS/6KmBqxzIfwceeUIIvou+42OK1Yhc9WcDgfxXh/BD83L74pey0npGc/X9R4=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://roundup.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Joakim</GivenName>
+ <SurName>Lundin</SurName>
+ <EmailAddress>jolu@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://tracks.it.su.se/shibboleth" xml:base="swamid-1.0/tracks.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB3TCCAUagAwIBAgIJAKMNYLPEmQEHMA0GCSqGSIb3DQEBBQUAMBoxGDAWBgNVBAMTD3RyYWNrcy5pdC5zdS5zZTAeFw0wODA4MDYwODU4MzVaFw0wOTA4MDYwODU4MzVaMBoxGDAWBgNVBAMTD3RyYWNrcy5pdC5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAyp8tiALjvVcz8AtTw5lt8CljLmOnCReeZQtm2aGGsgA6mWW3Mf9B14/4EppJ2fpko2CcMihfpy/uiVQ70f8EBJtcH2ugzBpGymYp22taan2SFSmeeC5krk5cro9D9MTtoCWmRARyIqbPpn5beVE2gJDLaFyuDsiX1P2RXzNQTCcCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQCvxq/E3dnnlDsEAZMNTgg1qKgC9EvgCGTSCE/iOXLYLpDczN55HA2nlKG2h7QC/E2Pz0bOny/oVd9qVePgaoukYSSkhgcjz5GufkTHfuOjK9JlrK1cIxk9mZjZaLcYhK4mHf92hMhalIFwRBOvVGZLcbrXic2ceaJkptRV8xCYrw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://tracks.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>SU</Company>
+ <GivenName>Leif</GivenName>
+ <SurName>Johansson</SurName>
+ <EmailAddress>leifj@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://sympa.lab.it.su.se" xml:base="swamid-1.0/sympa.lab.it.su.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIB4zCCAUygAwIBAgIJAKqPtbsIKhS9MA0GCSqGSIb3DQEBBQUAMB0xGzAZBgNVBAMTEmxhYjAzLmxhYi5pdC5zdS5zZTAeFw0wNzA1MDIwODA1NDdaFw0wODA1MDEwODA1NDdaMB0xGzAZBgNVBAMTEmxhYjAzLmxhYi5pdC5zdS5zZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvwFbKHSn0UpnszEG7YuVxKj+ZXKfsbcOJqHSiZMhGemw4CWc+ExXYFPDTSaphqatht3q17u9CFUkpygMo2HUWLWO5Zdk2lgpnhnT2B1xk8esRS0yjCwE0Gv9QewxaSCS+e+i5cMsXVhXD5zkBIKmW10p59YJ0qPwkRuwTcs02uUCAwEAAaMrMCkwJwYDVR0lBCAwHgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDBDANBgkqhkiG9w0BAQUFAAOBgQB10thLCTHsz++ZC5far37xRlor/7BF3o86JBtyqXNdYszFxgWYOILxC/rYiCxZr8ON1QKQ3ZNj+sZxZm1/fAQl+4hNCs1XgvoLRqK/eW4DHZLZWjQyn9+aHI1+ADkpzARLbJf5TQCJeJSmp+f3YIbqJQptXIGcBvLBSoe1R7Drag==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sympa.lab.it.su.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <GivenName>Mattias</GivenName>
+ <SurName>Amnefelt</SurName>
+ <EmailAddress>mattiasa@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://moodle.lhs.se/shibboleth" xml:base="swamid-1.0/moodle.lhs.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIErDCCA5SgAwIBAgILAQAAAAABHGXBykcwDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MDkxNTExMjUxMVoXDTExMDkxNTExMjUxMVowWjELMAkGA1UEBhMCU0UxEjAQBgNV
+BAcTCVN0b2NraG9sbTEfMB0GA1UEChMWU3RvY2tob2xtcyB1bml2ZXJzaXRldDEW
+MBQGA1UEAxMNbW9vZGxlLmxocy5zZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCC
+AQoCggEBANqTklz0t3Gnkq1va4uPbxMZwOJJV1QwOrGBrCx24gSvSJWrhptcFyMw
+pll8QMneR+Pb7I4wm2YaI5rxLwtBruRdgLtxuOo3LSvhzwTZXzQtC4ouCQ1EAAHT
+ytXj6+TiC0r2s3qiWMwEvspR/VaGTGDjzoEHIM40ynsxsx3LFAFJjBpzGH8Si6IB
+mJqvXAkvuesphyLGvc8c2aTvd3Zg4GL5WR0ep2DuZo1dkpuZHUZlXmS4JVpn2yZa
+HVN/CdLP60jqxvh85HLBk9DZQ0sD3dgAgy1bV/hajO0OzYuV+VQd7kvG5wTKrlUs
+41RaZMLZGZ43t94LCtQZ5IKLZl6BQ6sCAwEAAaOCAWwwggFoMFAGA1UdIARJMEcw
+RQYHKoZIsT4BADA6MDgGCCsGAQUFBwIBFixodHRwOi8vd3d3Lmdsb2JhbHNpZ24u
+bmV0L3JlcG9zaXRvcnkvY3BzLmNmbTAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgw
+FoAUZWWjPdc7EaMKByU3yUJKW3Z3UOEwHQYDVR0OBBYEFKgqzUsMQGdA4hivyxsK
+few6RFQvMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2xvYmFsc2lnbi5u
+ZXQvZWR1Y2F0aW9uYWwuY3JsME8GCCsGAQUFBwEBBEMwQTA/BggrBgEFBQcwAoYz
+aHR0cDovL3NlY3VyZS5nbG9iYWxzaWduLm5ldC9jYWNlcnQvZWR1Y2F0aW9uYWwu
+Y3J0MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAYBgNVHREEETAPgg1t
+b29kbGUubGhzLnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAsV0oNI80/L2tdAlf+ICR2
+YlEwgnkFtJGLRYZJ2uCojETA353C0NKd+IxMNuJkg7vO8fhtQbSyULRKp/XzekBx
+883u9zHDDFQOYYoTz0iLDq+6Cvx/t/b+EDO3yKt7kTRzV3idcNyygDCRAV8h2tUF
+gnZIWa5zCh0iOc5VJBW+Rupb6g9z7IYyjYopkl9ZGhwg8NwFa4qvEwwJcPgktiN/
+E0lpMFhmAzGdKZww+axLvL0lBxrPiFn747K4iJ6tc+oCCtn852zXLd/IsMY3oUWM
+t7tgUUB+rUENHrqryPN6AJ6QZR6UIWE6J6biQJVmXQldKGrGrMEnRecGyokj9kqi</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://moodle.lhs.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">SU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Stockholm university</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.su.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Stockholm university</Company>
+ <SurName>helpdesk</SurName>
+ <EmailAddress>helpdesk@it.su.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://staging.dreamspark.com/shibboleth-sp" xml:base="swamid-1.0/staging.dreamspark.com.xml">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:KeyName>staging.dreamspark.com</ds:KeyName>
+ <ds:X509Data>
+ <!-- Serial No. 435, expires on Mon Sep 20 18:11:20 2010 GMT -->
+ <ds:X509Certificate>MIIFGTCCBAGgAwIBAgICAb4wDQYJKoZIhvcNAQEFBQAwVjELMAkGA1UEBhMCVVMx
+HDAaBgNVBAoTE0luQ29tbW9uIEZlZGVyYXRpb24xKTAnBgNVBAMTIEluQ29tbW9u
+IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA4MTAwNjE4MTQwNVoXDTEwMTAw
+NzE4MTQwNVowITEfMB0GA1UEAxMWc3RhZ2luZy5kcmVhbXNwYXJrLmNvbTCBnzAN
+BgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvyt5Coj3UzRIAN4AMxfkCOJfldddhJjg
+7PEe/9HnY0GnXs3QExkFKoaLqdVa6BbGg8p5iOJvJ+hN8KW8rlEOdUaVhmPdE6y3
+ZHnErru6kmwwV/sFPQEqfsFKhENe7scfgfcMl4jx53PUkAn84itc1LSPhbJfsALu
+HurV5Nwk0+cCAwEAAaOCAqgwggKkMA4GA1UdDwEB/wQEAwIFoDAMBgNVHRMBAf8E
+AjAAMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQUrQqs
+L1PyXk/vJ7oK+EACxDjcpwUwfgYDVR0jBHcwdYAUky3IYRitY+ObZbOd3Y2TuufK
+Y0WhWqRYMFYxCzAJBgNVBAYTAlVTMRwwGgYDVQQKExNJbkNvbW1vbiBGZWRlcmF0
+aW9uMSkwJwYDVQQDEyBJbkNvbW1vbiBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eYIB
+ADCBsgYIKwYBBQUHAQEEgaUwgaIwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1v
+bmNhMS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0
+cy5wN2IwTwYIKwYBBQUHMAKGQ2h0dHA6Ly9pbmNvbW1vbmNhMi5pbmNvbW1vbmZl
+ZGVyYXRpb24ub3JnL2JyaWRnZS9jZXJ0cy9jYS1jZXJ0cy5wN2IwgY0GA1UdHwSB
+hTCBgjA/oD2gO4Y5aHR0cDovL2luY29tbW9uY3JsMS5pbmNvbW1vbmZlZGVyYXRp
+b24ub3JnL2NybC9lZWNybHMuY3JsMD+gPaA7hjlodHRwOi8vaW5jb21tb25jcmwy
+LmluY29tbW9uZmVkZXJhdGlvbi5vcmcvY3JsL2VlY3Jscy5jcmwwXgYDVR0gBFcw
+VTBTBgsrBgEEAa4jAQQBATBEMEIGCCsGAQUFBwIBFjZodHRwOi8vaW5jb21tb25j
+YS5pbmNvbW1vbmZlZGVyYXRpb24ub3JnL3ByYWN0aWNlcy5wZGYwIQYDVR0RBBow
+GIIWc3RhZ2luZy5kcmVhbXNwYXJrLmNvbTANBgkqhkiG9w0BAQUFAAOCAQEAgFob
+QMnMr7WedSIrpSek0jZoGdwW+Ih2y2ZaNP96ygFyIZTxnYDbY4wGoVPDbA+1uGew
+MoOigJlZkBeJyinRCAaOjRaOWAU91JxtJi/4kZrJbPDY8djyCbfSRAEXUSAPuBwx
+PBUwwjoz57LnhrgSNNU6X20uGOpzt9IYmcujZ/7t5P9u8/tzVBOpa62QAgFJVBwD
+Ucr+wB3H3RDSF0kBH94nAgOPXJToHWJM7gcOr+m8AEEI1YukftZVrwE9/3cI7SPe
+eEW5lxwrxpzVESmLHCr+HpdOsZqG6B4Nrt6UjjI9jB1rguPXKBjfUw7YAeCwx7jT
+05NcwImw3Hy1xQdZqQ==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://staging.dreamspark.com/Shibboleth.sso/SAML/POST" index="1"/> </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">Microsoft</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Microsoft</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.microsoft.com/en/us/default.aspx</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <GivenName>DreamSpark Engineering Team</GivenName>
+ <EmailAddress>dsengt@microsoft.com</EmailAddress>
+ </ContactPerson><ContactPerson contactType="administrative"><GivenName>Scott Blackwell</GivenName>
+ <EmailAddress>Scott.Blackwell@microsoft.com</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://sakai-utv1.umdc.umu.se/shibboleth" xml:base="swamid-1.0/sakai-utv1.umdc.umu.se.xml">
+ <SPSSODescriptor WantAssertionsSigned="false" AuthnRequestsSigned="false" protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIC8DCCAdigAwIBAgIJAJvTriiPd5m5MA0GCSqGSIb3DQEBBQUAMCExHzAdBgNVBAMTFnNha2FpLXV0djEudW1kYy51bXUuc2UwHhcNMDgxMDE3MTEwMDA2WhcNMDkxMDE3MTEwMDA2WjAhMR8wHQYDVQQDExZzYWthaS11dHYxLnVtZGMudW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kiULDipsxfHfDb2Mhk6wYwMCrcL1Ju/E9WhbSdlxEg/ACqAC5B5Rx52bfdgYb7En9/AbLHqGOlZTr61rOumve9CDT6IMimb1koIDrRMiVIC3EAYymstYOAnHMrpVC1mKGDCBfrUnd3T0Me4j7GV5wSH5GYgRdAhEqkERVEElHQSUkc+cipxceI/horF7kAh1YZSTkJEytS3nuDPJoxN+3+PSt2r7E/gicegvFG2VcWat3uyeTE3bOgw08c17hNjEoRhJcHAp1VkRazDrP6O9GeWYZCkGwKXQai3eyvaANG7QQP0TuL+tcK0yMmgWpX+XZzQJ8CmS3mNcOKp7Id7XQIDAQABoyswKTAnBgNVHSUEIDAeBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMEMA0GCSqGSIb3DQEBBQUAA4IBAQA1vO7RMDHUikujfhdulfo5lRIbgwMEZmG2mK7ge0Bx2J1CkatOFhII5u6rNsVPEHpaTVfGrk0nQksSfzYYo2lXK6PeCHV/LxYAkP57yXqgc3poNwoDmA3bejqpEc/0sgsc/fE25TvEY4/YkmYsoeicXRBfLr2nljsCJvyu95ouDwJKBuMR+UU6FzwPMv3mjkOiWgI2goPFg3NHPc2b+rgEgtdwOq7eU7IsfesKybRvDEWyYesTeUcXEC1BJB3of5AazcFOTKL+eXtSdXD1MBx/3hCTLpNgSnrkWyWrm6rSRO2WggofMWAwndraQfSMAaju7nqUJfsq8T9RWx9dNRgD</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://sakai-utv1.umdc.umu.se/Shibboleth.sso/SAML/POST" index="1" isDefault="true"/>
+ </SPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UmU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Umeå Universitet</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <Company>Umeå Universitet</Company>
+ <GivenName>Daniel</GivenName>
+ <SurName>Lind</SurName>
+ <EmailAddress>daniel.lind@umdac.umu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://slcstest.uninett.no/simplesaml/shib13/sp/metadata.php" xml:base="swamid-1.0/slcstest.uninett.no.xml">
+ <SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEbjCCA1agAwIBAgIJAOJ+MVIlv1k/MA0GCSqGSIb3DQEBBQUAMIGAMQswCQYDVQQGEwJOTzEVMBMGA1UECBMMU29yVHJvbmRlbGFnMRIwEAYDVQQHEwlUcm9uZGhlaW0xEDAOBgNVBAoTB1VOSU5FVFQxFjAUBgNVBAsTDVVOSU5FVFQgU2lnbWExHDAaBgNVBAMTE3NsY3N0ZXN0LnVuaW5ldHQubm8wHhcNMDgwOTE1MDkzNjM1WhcNMTgwOTEzMDkzNjM1WjCBgDELMAkGA1UEBhMCTk8xFTATBgNVBAgTDFNvclRyb25kZWxhZzESMBAGA1UEBxMJVHJvbmRoZWltMRAwDgYDVQQKEwdVTklORVRUMRYwFAYDVQQLEw1VTklORVRUIFNpZ21hMRwwGgYDVQQDExNzbGNzdGVzdC51bmluZXR0Lm5vMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2ENRSwN3ZHAUWGBJHGzBPvQFvYqqz23qXMcu9+9XpXIO+YedYIo4wslQQpEMgQM9s4fFpHDLzhP1qlZ1hACUxe/UF8IDSGWad7uI7aKjra/uzOUjMIIC2mUvS79CJFm2Oz/b2X4HVq5jLma1l8rfk4goRuNQPA8UuwKsLNcu7cpBY5J4oeTvczEl/W4hWLx8ywwW6TjmIVr3a7wYWAo8zTntDTjstxV1hwOCcZan5B2tm8rUkZpFuzq3Uip3NI+01OBwuecrPRQd7eOs3UspjVjkYJoPu4utPuB9IeCaBhxrdMi6T2Wo4TVQr78MB3WQ/n2tiyjVQALuSIfEK7M5wIDAQABo4HoMIHlMB0GA1UdDgQWBBTCmIdZOcTZtp50V847byR2vB7ODTCBtQYDVR0jBIGtMIGqgBTCmIdZOcTZtp50V847byR2vB7ODaGBhqSBgzCBgDELMAkGA1UEBhMCTk8xFTATBgNVBAgTDFNvclRyb25kZWxhZzESMBAGA1UEBxMJVHJvbmRoZWltMRAwDgYDVQQKEwdVTklORVRUMRYwFAYDVQQLEw1VTklORVRUIFNpZ21hMRwwGgYDVQQDExNzbGNzdGVzdC51bmluZXR0Lm5vggkA4n4xUiW/WT8wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAn8NZnWgeQgOhIOu0PWo5XyWxysSbOL+uCFDo/FD6F90LtN/OErIFQw+FaPrRxmLK1A2msKKCforXwuJV/9QjMjuJfccc9OWpQ7zDLjN1iZEkiW+vFP3ANCaT5FYAiWtzOHVu5ldcqDZ5c4VnTPCIPwGioUZpK5BTLS0gmWUikkz1EFNtxfSBbNGCcAxK1o46rKym8ReaLV5pNoqFwji/j90ODHB37d+CGe7mdXUyRWy/Kuc3D27BUt0PKrJwzSX89KI+i8U1NdQwtXXABOi7C51FKAUAXAzcXpUPBvctdomnJm+megBgm9oCwbvm8UCAMdz9kqjI2/4ui1ZTDtql4g==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <AssertionConsumerService index="0" Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://slcstest.uninett.no/simplesaml/shib13/sp/AssertionConsumerService.php"/>
+ </SPSSODescriptor>
+ <ContactPerson contactType="technical">
+ <SurName>Administrator</SurName>
+ <EmailAddress>henrik.austad@uninett.no</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <md:EntityDescriptor entityID="https://www.cambro.umu.se/shibboleth" xml:base="swamid-1.0/www.cambro.umu.se.xml">
+ <md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn:oasis:names:tc:SAML:1.0:protocol">
+ <md:Extensions>
+ <DiscoveryResponse xmlns="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="https://www.cambro.umu.se/Shibboleth.sso/DS" index="1"/>
+ </md:Extensions>
+ <md:KeyDescriptor use="signing">
+ <ds:KeyInfo>
+ <ds:KeyName>www.cambro.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.cambro.umu.se,O=Umea universitet,L=Umea,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEqTCCA5GgAwIBAgILAQAAAAABHfeXhjowDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MTIwMjExMTIxMloXDTExMTIwMjExMTIxMlowUzELMAkGA1UEBhMCU0UxDTALBgNV
+BAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxGjAYBgNVBAMTEXd3
+dy5jYW1icm8udW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+n4VtHhKL3qSK4FnDN8wABGknNsAtexRMlT36Al7fqK16cVApQRvcs03VOeDgLWNH
+X5UB9CTkbQPDzvR9FuxeJhEP7zZeXB6v1reSD7nA+Ec86UwSErBUMJ1I5h6SEGyY
+sSA+PxLr9ExrBDGKfPyR2zNbv2gUPKLtfGyr/gQJck2ACecejqMEDO0ycjCmPSEO
+sSrLRmnxA5l062dFC7P+PLvTnaNwLMydKDBt0tCgY69mT2dxnI7EvHwOQ5fiaGCh
+n452PAn+83xr4iBEVYilYaRmTWw3OrRgYLK8hgpZkTcoDPPKR/srWQ1LwMK92Pfz
+/yKdWHOpicRDdGVVPZMATwIDAQABo4IBcDCCAWwwUAYDVR0gBEkwRzBFBgcqhkix
+PgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5uZXQvcmVw
+b3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBRlZaM9
+1zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQU74LauYzTDJG34JT4jcaAsiq3ECcw
+OgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9lZHVj
+YXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8v
+c2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25hbC5jcnQwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBwGA1UdEQQVMBOCEXd3dy5jYW1i
+cm8udW11LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAUMW1oeb8zyJXdg0CPchb3aPir
+o3WQrpvQBYDksKFdPeueK6IIEIAYe6MVg2lQoJEqKEUqcvplHFucXX8k9bGodEak
+jBtdi4RA9WyrrhUenfKTDb00jipaGCEofudFdWtx31P5y0eWxBHxcFVKKoW/P9XF
+YOi8plQIEKpRiX2xhEt8xO983ek3D8OjjA4PRKcdglo5U7BbKI3Y+5hykYsTEHPv
+jluIfTG7td+0Q047IMaQYO7Fp7iSZ5TEXIgekeYWK4ZXiDpaNFMTtcEdpMfRz+89
+8Ox8mBeSmwljt29/3UxnnSTe+/YhS32WsH3ECMxU6kn+95yhYd2btBmY4zcp
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:KeyDescriptor use="encryption">
+ <ds:KeyInfo>
+ <ds:KeyName>www.cambro.umu.se</ds:KeyName>
+ <ds:X509Data>
+ <ds:X509SubjectName>CN=www.cambro.umu.se,O=Umea universitet,L=Umea,C=SE</ds:X509SubjectName>
+ <ds:X509Certificate>MIIEqTCCA5GgAwIBAgILAQAAAAABHfeXhjowDQYJKoZIhvcNAQEFBQAwXzELMAkG
+A1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlv
+bmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA4
+MTIwMjExMTIxMloXDTExMTIwMjExMTIxMlowUzELMAkGA1UEBhMCU0UxDTALBgNV
+BAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxGjAYBgNVBAMTEXd3
+dy5jYW1icm8udW11LnNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+n4VtHhKL3qSK4FnDN8wABGknNsAtexRMlT36Al7fqK16cVApQRvcs03VOeDgLWNH
+X5UB9CTkbQPDzvR9FuxeJhEP7zZeXB6v1reSD7nA+Ec86UwSErBUMJ1I5h6SEGyY
+sSA+PxLr9ExrBDGKfPyR2zNbv2gUPKLtfGyr/gQJck2ACecejqMEDO0ycjCmPSEO
+sSrLRmnxA5l062dFC7P+PLvTnaNwLMydKDBt0tCgY69mT2dxnI7EvHwOQ5fiaGCh
+n452PAn+83xr4iBEVYilYaRmTWw3OrRgYLK8hgpZkTcoDPPKR/srWQ1LwMK92Pfz
+/yKdWHOpicRDdGVVPZMATwIDAQABo4IBcDCCAWwwUAYDVR0gBEkwRzBFBgcqhkix
+PgEAMDowOAYIKwYBBQUHAgEWLGh0dHA6Ly93d3cuZ2xvYmFsc2lnbi5uZXQvcmVw
+b3NpdG9yeS9jcHMuY2ZtMA4GA1UdDwEB/wQEAwIFoDAfBgNVHSMEGDAWgBRlZaM9
+1zsRowoHJTfJQkpbdndQ4TAdBgNVHQ4EFgQU74LauYzTDJG34JT4jcaAsiq3ECcw
+OgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5nbG9iYWxzaWduLm5ldC9lZHVj
+YXRpb25hbC5jcmwwTwYIKwYBBQUHAQEEQzBBMD8GCCsGAQUFBzAChjNodHRwOi8v
+c2VjdXJlLmdsb2JhbHNpZ24ubmV0L2NhY2VydC9lZHVjYXRpb25hbC5jcnQwHQYD
+VR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMBwGA1UdEQQVMBOCEXd3dy5jYW1i
+cm8udW11LnNlMA0GCSqGSIb3DQEBBQUAA4IBAQAUMW1oeb8zyJXdg0CPchb3aPir
+o3WQrpvQBYDksKFdPeueK6IIEIAYe6MVg2lQoJEqKEUqcvplHFucXX8k9bGodEak
+jBtdi4RA9WyrrhUenfKTDb00jipaGCEofudFdWtx31P5y0eWxBHxcFVKKoW/P9XF
+YOi8plQIEKpRiX2xhEt8xO983ek3D8OjjA4PRKcdglo5U7BbKI3Y+5hykYsTEHPv
+jluIfTG7td+0Q047IMaQYO7Fp7iSZ5TEXIgekeYWK4ZXiDpaNFMTtcEdpMfRz+89
+8Ox8mBeSmwljt29/3UxnnSTe+/YhS32WsH3ECMxU6kn+95yhYd2btBmY4zcp
+</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </md:KeyDescriptor>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.cambro.umu.se/Shibboleth.sso/SLO/SOAP"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.cambro.umu.se/Shibboleth.sso/SLO/Redirect"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.cambro.umu.se/Shibboleth.sso/SLO/POST"/>
+ <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.cambro.umu.se/Shibboleth.sso/SLO/Artifact"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://www.cambro.umu.se/Shibboleth.sso/NIM/SOAP"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://www.cambro.umu.se/Shibboleth.sso/NIM/Redirect"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.cambro.umu.se/Shibboleth.sso/NIM/POST"/>
+ <md:ManageNameIDService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.cambro.umu.se/Shibboleth.sso/NIM/Artifact"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML2/POST" index="1"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML2/POST-SimpleSign" index="2"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML2/Artifact" index="3"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML2/ECP" index="4"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML/POST" index="5"/>
+ <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" Location="https://www.cambro.umu.se/Shibboleth.sso/SAML/Artifact" index="6"/>
+ </md:SPSSODescriptor>
+</md:EntityDescriptor>
+ <EntityDescriptor entityID="https://idp.umu.se/saml2/idp/metadata.php" xml:base="swamid-1.0/idp.umu.se-saml2.xml">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEmzCCA4OgAwIBAgILAQAAAAABH0aCSWowDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5MDIwNTExNTU1NloXDTEyMDIwNTExNTU1NlowTDELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxEzARBgNVBAMTCmlkcC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVztW5Apmw/AKx1SCpyKwGlkz89avgV9fkEwb6IANRMhcI3ftUOJ5BUVD3tsgyzGgZYNGgzYoGHvE3uvUGUHSGObLQv5Wy4a4yN36a2UCgGsaDxXBdAZDT6W9NOLDI86WbIQbKRSWZaeRPSWNkn46q3hE4q6NGh1b2ZY04y9VdvuDSqk3+8Z6w4wC+S2VPAG6hHbbG4gaEakCv/i4hA2haAI9vUP2RVu6aAdydoZR/DdI/GvIwHJsHl1QvmE9tkkAHmNwYhmykIFsMrOeQ8CCZbRswkemiuCWa0d0KyxH2eoJrVo6aAFIdz5yTALHsIli7n6YgSP/PC9TMAobUVU/AgMBAAGjggFpMIIBZTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBQ44Zw5BzMzy6v5KrfuIjONSiDc8DA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwFQYDVR0RBA4wDIIKaWRwLnVtdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAXNruvuq2mX23lgcwb7FoQXC9RGMkLnvU2+LF3QXZeGDg7VSzrfxFDEHPX6FuVH8E9KSfCemmkh/rb52oa/YXP97nLWf6tLAB6LHYp34Lx8z6FPWXi93X0vgRKrAkr8fCwk6kNO3yTyvBC8hxPX+zkMcB2Xxh281CjOE8WLTG5ORLC8Em/o4/DC+d1pu1aj24MmVdGcCKsfzXaVFiKhaB+1S8fJi539X0A/R0ig7lqzs46QzaimgcnbcFBIE4lxI0YLfl2YcOyI87jm7SPuBjDjEmNUhONbm896M82PMG4enEh47q76YYkei9ozIynoQ5kefpeSt6ru9GsnScD4eAdA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.umu.se/saml2/idp/SingleLogoutService.php"/>
+ <NameIDFormat>urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
+ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp.umu.se/saml2/idp/SSOService.php"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UmU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Umeå university (New SAML2)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <SurName>UMDAC</SurName>
+ <EmailAddress>datordrift@umdac.umu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+ <EntityDescriptor entityID="https://idp.umu.se/shib13/idp/metadata.php" xml:base="swamid-1.0/idp.umu.se-saml1.xml">
+ <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+ <Extensions>
+ <shibmeta:Scope>umu.se</shibmeta:Scope>
+ </Extensions>
+ <KeyDescriptor>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIEmzCCA4OgAwIBAgILAQAAAAABH0aCSWowDQYJKoZIhvcNAQEFBQAwXzELMAkGA1UEBhMCQkUxEzARBgNVBAoTCkN5YmVydHJ1c3QxFzAVBgNVBAsTDkVkdWNhdGlvbmFsIENBMSIwIAYDVQQDExlDeWJlcnRydXN0IEVkdWNhdGlvbmFsIENBMB4XDTA5MDIwNTExNTU1NloXDTEyMDIwNTExNTU1NlowTDELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGTAXBgNVBAoTEFVtZWEgdW5pdmVyc2l0ZXQxEzARBgNVBAMTCmlkcC51bXUuc2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDTVztW5Apmw/AKx1SCpyKwGlkz89avgV9fkEwb6IANRMhcI3ftUOJ5BUVD3tsgyzGgZYNGgzYoGHvE3uvUGUHSGObLQv5Wy4a4yN36a2UCgGsaDxXBdAZDT6W9NOLDI86WbIQbKRSWZaeRPSWNkn46q3hE4q6NGh1b2ZY04y9VdvuDSqk3+8Z6w4wC+S2VPAG6hHbbG4gaEakCv/i4hA2haAI9vUP2RVu6aAdydoZR/DdI/GvIwHJsHl1QvmE9tkkAHmNwYhmykIFsMrOeQ8CCZbRswkemiuCWa0d0KyxH2eoJrVo6aAFIdz5yTALHsIli7n6YgSP/PC9TMAobUVU/AgMBAAGjggFpMIIBZTBQBgNVHSAESTBHMEUGByqGSLE+AQAwOjA4BggrBgEFBQcCARYsaHR0cDovL3d3dy5nbG9iYWxzaWduLm5ldC9yZXBvc2l0b3J5L2Nwcy5jZm0wDgYDVR0PAQH/BAQDAgWgMB8GA1UdIwQYMBaAFGVloz3XOxGjCgclN8lCSlt2d1DhMB0GA1UdDgQWBBQ44Zw5BzMzy6v5KrfuIjONSiDc8DA6BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdsb2JhbHNpZ24ubmV0L2VkdWNhdGlvbmFsLmNybDBPBggrBgEFBQcBAQRDMEEwPwYIKwYBBQUHMAKGM2h0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5uZXQvY2FjZXJ0L2VkdWNhdGlvbmFsLmNydDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwFQYDVR0RBA4wDIIKaWRwLnVtdS5zZTANBgkqhkiG9w0BAQUFAAOCAQEAXNruvuq2mX23lgcwb7FoQXC9RGMkLnvU2+LF3QXZeGDg7VSzrfxFDEHPX6FuVH8E9KSfCemmkh/rb52oa/YXP97nLWf6tLAB6LHYp34Lx8z6FPWXi93X0vgRKrAkr8fCwk6kNO3yTyvBC8hxPX+zkMcB2Xxh281CjOE8WLTG5ORLC8Em/o4/DC+d1pu1aj24MmVdGcCKsfzXaVFiKhaB+1S8fJi539X0A/R0ig7lqzs46QzaimgcnbcFBIE4lxI0YLfl2YcOyI87jm7SPuBjDjEmNUhONbm896M82PMG4enEh47q76YYkei9ozIynoQ5kefpeSt6ru9GsnScD4eAdA==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </KeyDescriptor>
+ <NameIDFormat>urn:mace:shibboleth:1.0:nameIdentifier</NameIDFormat>
+ <SingleSignOnService Binding="urn:mace:shibboleth:1.0:profiles:AuthnRequest" Location="https://idp.umu.se/shib13/idp/SSOService.php"/>
+ </IDPSSODescriptor>
+ <Organization>
+ <OrganizationName xml:lang="en">UmU</OrganizationName>
+ <OrganizationDisplayName xml:lang="en">Umeå university (New SAML1)</OrganizationDisplayName>
+ <OrganizationURL xml:lang="en">http://www.umu.se</OrganizationURL>
+ </Organization>
+ <ContactPerson contactType="technical">
+ <SurName>UMDAC</SurName>
+ <EmailAddress>datordrift@umdac.umu.se</EmailAddress>
+ </ContactPerson>
+</EntityDescriptor>
+</EntitiesDescriptor>
diff --git a/tests/vo_metadata.xml b/tests/vo_metadata.xml
new file mode 100644
index 00000000..c6167ab2
--- /dev/null
+++ b/tests/vo_metadata.xml
@@ -0,0 +1,18 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor
+ name="urn:mace:example.com:votest"
+ validUntil="2010-11-28T09:10:09Z"
+ xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata">
+ <ns0:EntityDescriptor
+ entityID="urn:mace:example.com:it:tek">
+ <ns0:AffiliationDescriptor
+ affiliationOwnerID="http://vo.example.org/vo">
+ <ns0:AffiliateMember>
+ urn:mace:example.com:saml:aa
+ </ns0:AffiliateMember>
+ <ns0:AffiliateMember>
+ urn:mace:example.com:saml:idp
+ </ns0:AffiliateMember>
+ </ns0:AffiliationDescriptor>
+ </ns0:EntityDescriptor>
+</ns0:EntitiesDescriptor>
View Lorry Controller Status