module: satosa.frontends.saml2.SAMLUnsolicitedFrontend name: idpfrontend config: acr_mapping: "": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" unsolicited: endpoint: profile/SAML2/Unsolicited/SSO allowed_relay_state_urls: "https://federation.portal.at/sp_metadata.xml": - https://fedsapuni.portal.at/sap/bc/ui2/flp "https://federation2.portal.at/sp_metadata.xml": - https://fedsapuni2.portal.at/sap/bc/ui2/flp endpoints: single_sign_on_service: 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST': profile/SAML2/POST/SSO 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': profile/SAML2/Redirect/SSO entityid_endpoint: true enable_metadata_reload: true idp_config: organization: display_name: - [ University of Graz, en ] - [ Universität Graz, de ] name: - [ University of Graz, en ] - [ Universität Graz, de ] url: - [ 'https://www.uni-graz.at/en/', en ] - [ 'https://www.uni-graz.at/de/', de ] contact_person: - contact_type: technical given_name: Technical email_address: 'mailto:shibboleth@uni-graz.at' - contact_type: support given_name: IT-Support email_address: 'mailto:servicedesk@uni-graz.at' - contact_type: other given_name: Security Response Team email_address: 'mailto:security@uni-graz.at' extension_attributes: 'xmlns:remd': 'http://refeds.org/metadata' 'remd:contactType': 'http://refeds.org/metadata/contactType/security' assurance_certification: - https://refeds.org/sirtfi - https://refeds.org/sirtfi2 entity_category_support: - http://www.geant.net/uri/dataprotection-code-of-conduct/v1 - http://refeds.org/category/research-and-scholarship - https://myacademicid.org/entity-categories/esi key_file: ssl/idp.key cert_file: ssl/idp.crt encryption_keypairs: - key_file: ssl/idp-encryption.key cert_file: ssl/idp-encryption.crt metadata: local: - metadata/federation.portal.at.xml - metadata/federation2.portal.at.xml - metadata/exam-extern.uni-graz.at.xml - metadata/mobility.uni-graz.at.xml - metadata/ubgalma-metadata.xml mdq: - url: http://127.0.0.1:8087 freshness_period: P0Y0M0DT1H0M0S disable_ssl_certificate_validation: True entityid: /idp/shibboleth accepted_time_diff: 60 attribute_map_dir: attributemaps service: idp: endpoints: single_sign_on_service: [] name: SATOSA Proxy IdP (Frontend) ui_info: display_name: - { text: University of Graz, lang: en } - { text: Universität Graz, lang: de } keywords: - { text: [ 'uni+graz', 'kfu+graz', 'kfug' ], lang: en } - { text: [ 'uni+graz', 'kfu+graz', 'kfug' ], lang: de } logo: - { text: 'https://zididp.uni-graz.at/logo_4c.png', width: '250', height: '213' } - { text: 'https://zididp.uni-graz.at/favicon.ico', width: '16', height: '16' } scope: - uni-graz.at - edu.uni-graz.at - ubpublic.uni-graz.at - public.ad.uni-graz.at name_id_format: - urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress - urn:oasis:names:tc:SAML:2.0:nameid-format:persistent - urn:oasis:names:tc:SAML:2.0:nameid-format:transient policy: default: name_qualifier: https://zididp.uni-graz.at/idp/shibboleth fail_on_missing_requested: false lifetime: {minutes: 15} name_form: urn:oasis:names:tc:SAML:2.0:attrname-format:uri sign_response: true sign_assertion: false encrypt_assertion: false encrypted_advice_attributes: false attribute_restrictions: null signing_algorithm: http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 digest_algorithm: http://www.w3.org/2001/04/xmlenc#sha256