New external SAML2 idp support

acctest-data/iamtf_idp_saml2/idp_saml2.tf

@@ -0,0 +1,83 @@
+resource "iamtf_identity_appliance" "test" {
+  name        = "testacc-replace_with_uuid"
+  namespace   = "com.atricore.idbus.test.testacc.replace_with_uuid"
+  description = "Appliance #replace_with_uuid"
+  location    = "http://localhost:8081"
+}
+
+resource "iamtf_idp_saml2" "test1" {
+  ida  = iamtf_identity_appliance.test.name // Required, no default
+  name = "idp-replace_with_uuid"            // Required, no default
+  metadata = filebase64("../../acctest-data/iamtf_app_saml2/md.xml")
+}
+
+resource "iamtf_execenv_tomcat" "test" {
+  name                       = "tc-replace_with_uuid"
+  description                = "Tomcat Tomcat-Exect-Env"
+  version                    = "9"
+  activation_remote_target   = "http://remote-josso:8081"
+  activation_install_samples = true
+  activation_path            = "/opt/atricore/josso-ee-2/Tomcat-Exect-Env"
+  activation_override_setup  = true
+  ida                        = iamtf_identity_appliance.test.name
+  depends_on = [
+    iamtf_idp.test1
+  ]
+
+}
+
+resource "iamtf_app_agent" "test" {
+
+  # Referenced resources MUST be provided as dependencies
+  depends_on = [
+    iamtf_idp.test1,
+    iamtf_execenv_tomcat.test
+  ]
+
+  ida                      = iamtf_identity_appliance.test.name
+  app_slo_location         = "http://myapp-replace_with_uuid:8080/partnerapp/slo"
+  app_location             = "http://myapp-replace_with_uuid:8080/partnerapp"
+  ignored_web_resources    = ["*.ico"]
+  default_resource         = "http://myapp-replace_with_uuid:8080/partnerapp/home"
+  description              = "desc app-a"
+  name                     = "app-agent-replace_with_uuid"
+  dashboard_url            = "http://myapp-replace_with_uuid:8080/partnerapp/dashboard"
+
+  error_binding            = "JSON"
+
+  exec_env = iamtf_execenv_tomcat.test.name
+
+  keystore {
+    resource          = filebase64("../../acctest-data/sp.p12")
+    password = "changeme"
+  }
+
+  saml2 {
+      message_ttl           = 400
+      message_ttl_tolerance = 410
+
+      sign_authentication_requests = true
+      //sign_requests                 = true
+      signature_hash       = "SHA-256"
+      want_assertion_signed = true
+      //want_slo_response_signed      = false
+
+      // Use validation function to restrict possible values  
+      account_linkage      = "ONE_TO_ONE" // EMAIL, UID, ONE_TO_ONE, CUSTOM, Optional, Default = ONE_TO_ONE
+
+      // Use validation function to restrict possible values
+      identity_mapping      = "REMOTE"        // LOCAL, REMOTE, MERGED, CUSTOM, Optinal, Default REMOTE
+
+      bindings {
+        http_post = true
+        http_redirect = false
+      }
+  }
+
+  idp {
+    name = iamtf_idp_saml2.test1.name
+    is_preferred = true
+  }
+
+}
+

acctest-data/iamtf_idp_saml2/idp_saml2_update.tf

@@ -0,0 +1,83 @@
+resource "iamtf_identity_appliance" "test" {
+  name        = "testacc-replace_with_uuid"
+  namespace   = "com.atricore.idbus.test.testacc.replace_with_uuid"
+  description = "Appliance #replace_with_uuid"
+  location    = "http://localhost:8081"
+}
+
+resource "iamtf_idp_saml2" "test1" {
+  ida  = iamtf_identity_appliance.test.name // Required, no default
+  name = "idp-replace_with_uuid"            // Required, no default
+  metadata = filebase64("../../acctest-data/iamtf_app_saml2/md_update.xml")
+}
+
+resource "iamtf_execenv_tomcat" "test" {
+  name                       = "tc-replace_with_uuid"
+  description                = "Tomcat Tomcat-Exect-Env"
+  version                    = "9"
+  activation_remote_target   = "http://remote-josso:8081"
+  activation_install_samples = true
+  activation_path            = "/opt/atricore/josso-ee-2/Tomcat-Exect-Env"
+  activation_override_setup  = true
+  ida                        = iamtf_identity_appliance.test.name
+  depends_on = [
+    iamtf_idp.test1
+  ]
+
+}
+
+resource "iamtf_app_agent" "test" {
+
+  # Referenced resources MUST be provided as dependencies
+  depends_on = [
+    iamtf_idp.test1,
+    iamtf_execenv_tomcat.test
+  ]
+
+  ida                      = iamtf_identity_appliance.test.name
+  app_slo_location         = "http://myapp-replace_with_uuid:8080/partnerapp/slo"
+  app_location             = "http://myapp-replace_with_uuid:8080/partnerapp"
+  ignored_web_resources    = ["*.ico"]
+  default_resource         = "http://myapp-replace_with_uuid:8080/partnerapp/home"
+  description              = "desc app-a"
+  name                     = "app-agent-replace_with_uuid"
+  dashboard_url            = "http://myapp-replace_with_uuid:8080/partnerapp/dashboard"
+
+  error_binding            = "JSON"
+
+  exec_env = iamtf_execenv_tomcat.test.name
+
+  keystore {
+    resource          = filebase64("../../acctest-data/sp.p12")
+    password = "changeme"
+  }
+
+  saml2 {
+      message_ttl           = 400
+      message_ttl_tolerance = 410
+
+      sign_authentication_requests = true
+      //sign_requests                 = true
+      signature_hash       = "SHA-256"
+      want_assertion_signed = true
+      //want_slo_response_signed      = false
+
+      // Use validation function to restrict possible values  
+      account_linkage      = "ONE_TO_ONE" // EMAIL, UID, ONE_TO_ONE, CUSTOM, Optional, Default = ONE_TO_ONE
+
+      // Use validation function to restrict possible values
+      identity_mapping      = "REMOTE"        // LOCAL, REMOTE, MERGED, CUSTOM, Optinal, Default REMOTE
+
+      bindings {
+        http_post = true
+        http_redirect = false
+      }
+  }
+
+  idp {
+    name = iamtf_idp_saml2.test1.name
+    is_preferred = true
+  }
+
+}
+

acctest-data/iamtf_idp_saml2/md.xml

@@ -0,0 +1,76 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ns6:EntityDescriptor xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+    xmlns:ns7="urn:org:atricore:idbus:common:sso:1.0:protocol"
+    xmlns:ns6="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns5="urn:oasis:names:tc:SAML:2.0:idbus"
+    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:enc="http://www.w3.org/2001/04/xmlenc#"
+    xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    ID="_934F8DE5-980E-4147-8917-054AD7D9D123"
+    entityID="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/MD">
+    <ns6:IDPSSODescriptor WantAuthnRequestsSigned="false"
+        protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
+        ID="_934F8DE5-980E-4147-8917-054AD7D9D123idp">
+        <ns6:KeyDescriptor use="signing">
+            <ds:KeyInfo>
+                <ds:X509Data>
+                    <ds:X509Certificate>
+                        MIIEBzCCAu+gAwIBAgICEA4wDQYJKoZIhvcNAQELBQAwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xETAPBgNVBAoMCEF0cmljb3JlMQwwCgYDVQQLDANJRE0xFDASBgNVBAMMC2F0cmljb3JlLWNhMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGF0cmljb3JlLmNvbTAeFw0yMTA2MzAxNjA2MjZaFw0zMTA2MjgxNjA2MjZaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhBdHJpY29yZTEMMAoGA1UECwwDSURNMRYwFAYDVQQDDA1zYW1sLXByb3ZpZGVyMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGF0cmljb3JlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMI7TFu+kcgSuP1CsNIWcoRVwJGbxpR7d6d5OaMQ3v+ijZG4HiCnFybWhVNkcikHLmiQInpFFlsJIFwQ7f3K+c2BWickN1szfjvw+eH6iivkkoinPf1p9h0ts6oDTDeTvOvqxfM1yMav22kzTvNn5PRgSzertuV69Q6G6xf+0YvIu+lxZWyIED4opI6lzPRCbQEY7/d9azAoHsiEgeV5Z+WuUljEOiToKeWeDayhbWS6N46SViJl7LtvIWEi2CBNAzeyVnllGNzC7V/Lp3ZHE7DZBj3UBRfgQrioHUNS+CAJWKXB6NOqjD9Nx2kIFdckC9DCxUIXyJN0B0uL2JB/vLECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFE2zu0gZWNJP/ByHW99iy7BtSrLoMB8GA1UdIwQYMBaAFOR6HpU8AyOm+s6IleHWp5MhErriMA0GCSqGSIb3DQEBCwUAA4IBAQCOyxg+4rHFKNFff1pLRQvaj6taQ7L4yGN6pBomDaO9eq77QK3ZUfduoPVSEvgfFwqjs6j6q8Z4GVVJ0Oeoo4HomiSgT0v+L1A/i4RumkpAGoQKxqR1OWXU5Y/mo+pS+Puyh2APhB9Stsq3guuuGxHrj8J6p6J+9wVDrinaiTDkl7lbyQ2Zxxq9jEDYN8thokY0OC4I+yyasQdhauE0AVp+YSzJO17bP06vZaIRlnUqn6CxyH6lgZd5MfrQ2MaJQeQK5VtTGBlch3Cl1qlY/rCNdi52OI0ceT/qS+4ULCek3Y9+xYMtCYRp4T6oVX+HCEgLGk9yZ9X8qfotyyVwasoO</ds:X509Certificate>
+                </ds:X509Data>
+            </ds:KeyInfo>
+        </ns6:KeyDescriptor>
+        <ns6:KeyDescriptor use="encryption">
+            <ds:KeyInfo>
+                <ds:X509Data>
+                    <ds:X509Certificate>
+                        MIIEBzCCAu+gAwIBAgICEA4wDQYJKoZIhvcNAQELBQAwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xETAPBgNVBAoMCEF0cmljb3JlMQwwCgYDVQQLDANJRE0xFDASBgNVBAMMC2F0cmljb3JlLWNhMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGF0cmljb3JlLmNvbTAeFw0yMTA2MzAxNjA2MjZaFw0zMTA2MjgxNjA2MjZaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhBdHJpY29yZTEMMAoGA1UECwwDSURNMRYwFAYDVQQDDA1zYW1sLXByb3ZpZGVyMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGF0cmljb3JlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMI7TFu+kcgSuP1CsNIWcoRVwJGbxpR7d6d5OaMQ3v+ijZG4HiCnFybWhVNkcikHLmiQInpFFlsJIFwQ7f3K+c2BWickN1szfjvw+eH6iivkkoinPf1p9h0ts6oDTDeTvOvqxfM1yMav22kzTvNn5PRgSzertuV69Q6G6xf+0YvIu+lxZWyIED4opI6lzPRCbQEY7/d9azAoHsiEgeV5Z+WuUljEOiToKeWeDayhbWS6N46SViJl7LtvIWEi2CBNAzeyVnllGNzC7V/Lp3ZHE7DZBj3UBRfgQrioHUNS+CAJWKXB6NOqjD9Nx2kIFdckC9DCxUIXyJN0B0uL2JB/vLECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFE2zu0gZWNJP/ByHW99iy7BtSrLoMB8GA1UdIwQYMBaAFOR6HpU8AyOm+s6IleHWp5MhErriMA0GCSqGSIb3DQEBCwUAA4IBAQCOyxg+4rHFKNFff1pLRQvaj6taQ7L4yGN6pBomDaO9eq77QK3ZUfduoPVSEvgfFwqjs6j6q8Z4GVVJ0Oeoo4HomiSgT0v+L1A/i4RumkpAGoQKxqR1OWXU5Y/mo+pS+Puyh2APhB9Stsq3guuuGxHrj8J6p6J+9wVDrinaiTDkl7lbyQ2Zxxq9jEDYN8thokY0OC4I+yyasQdhauE0AVp+YSzJO17bP06vZaIRlnUqn6CxyH6lgZd5MfrQ2MaJQeQK5VtTGBlch3Cl1qlY/rCNdi52OI0ceT/qS+4ULCek3Y9+xYMtCYRp4T6oVX+HCEgLGk9yZ9X8qfotyyVwasoO</ds:X509Certificate>
+                </ds:X509Data>
+            </ds:KeyInfo>
+            <ns6:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc">
+                <enc:KeySize>256</enc:KeySize>
+            </ns6:EncryptionMethod>
+        </ns6:KeyDescriptor>
+        <ns6:ArtifactResolutionService isDefault="true" index="0"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/ARTIFACT/SOAP"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" />
+        <ns6:ArtifactResolutionService isDefault="true" index="0"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML11/ARTIFACT/SOAP"
+            Binding="urn:oasis:names:tc:SAML:1.1:bindings:SOAP" />
+        <ns6:SingleLogoutService
+            ResponseLocation="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SLO_RESPONSE/POST"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SLO/POST"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" />
+        <ns6:SingleLogoutService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SLO/ARTIFACT"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" />
+        <ns6:SingleLogoutService
+            ResponseLocation="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SLO_RESPONSE/REDIR"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SLO/REDIR"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" />
+        <ns6:ManageNameIDService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/MNI/SOAP"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" />
+        <ns6:ManageNameIDService
+            ResponseLocation="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/MNI_RESPONSE/SOAP"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/RNI"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" />
+        <ns6:ManageNameIDService
+            ResponseLocation="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/MNI_RESPONSE/REDIR"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/RNI/REDIR"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" />
+        <ns6:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</ns6:NameIDFormat>
+        <ns6:SingleSignOnService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SSO/POST"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" />
+        <ns6:SingleSignOnService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SSO/REDIR"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" />
+        <ns6:SingleSignOnService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SSO/ARTIFACT"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" />
+    </ns6:IDPSSODescriptor>
+    <ns6:Organization>
+        <ns6:OrganizationName xml:lang="en">Atricore JOSSO 2 IDP</ns6:OrganizationName>
+        <ns6:OrganizationDisplayName xml:lang="en">Atricore, Inc.</ns6:OrganizationDisplayName>
+        <ns6:OrganizationURL xml:lang="en">http://www.atricore.org</ns6:OrganizationURL>
+    </ns6:Organization>
+    <ns6:ContactPerson contactType="other" />
+</ns6:EntityDescriptor>

acctest-data/iamtf_idp_saml2/md_update.xml

@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<ns6:EntityDescriptor xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+    xmlns:ns7="urn:org:atricore:idbus:common:sso:1.0:protocol"
+    xmlns:ns6="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ns5="urn:oasis:names:tc:SAML:2.0:idbus"
+    xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:enc="http://www.w3.org/2001/04/xmlenc#"
+    xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
+    ID="_934F8DE5-980E-4147-8917-054AD7D9D123"
+    entityID="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/MD">
+    <ns6:IDPSSODescriptor WantAuthnRequestsSigned="false"
+        protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"
+        ID="_934F8DE5-980E-4147-8917-054AD7D9D123idp">
+        <ns6:KeyDescriptor use="signing">
+            <ds:KeyInfo>
+                <ds:X509Data>
+                    <ds:X509Certificate>
+                        MIIEBzCCAu+gAwIBAgICEA4wDQYJKoZIhvcNAQELBQAwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xETAPBgNVBAoMCEF0cmljb3JlMQwwCgYDVQQLDANJRE0xFDASBgNVBAMMC2F0cmljb3JlLWNhMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGF0cmljb3JlLmNvbTAeFw0yMTA2MzAxNjA2MjZaFw0zMTA2MjgxNjA2MjZaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhBdHJpY29yZTEMMAoGA1UECwwDSURNMRYwFAYDVQQDDA1zYW1sLXByb3ZpZGVyMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGF0cmljb3JlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMI7TFu+kcgSuP1CsNIWcoRVwJGbxpR7d6d5OaMQ3v+ijZG4HiCnFybWhVNkcikHLmiQInpFFlsJIFwQ7f3K+c2BWickN1szfjvw+eH6iivkkoinPf1p9h0ts6oDTDeTvOvqxfM1yMav22kzTvNn5PRgSzertuV69Q6G6xf+0YvIu+lxZWyIED4opI6lzPRCbQEY7/d9azAoHsiEgeV5Z+WuUljEOiToKeWeDayhbWS6N46SViJl7LtvIWEi2CBNAzeyVnllGNzC7V/Lp3ZHE7DZBj3UBRfgQrioHUNS+CAJWKXB6NOqjD9Nx2kIFdckC9DCxUIXyJN0B0uL2JB/vLECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFE2zu0gZWNJP/ByHW99iy7BtSrLoMB8GA1UdIwQYMBaAFOR6HpU8AyOm+s6IleHWp5MhErriMA0GCSqGSIb3DQEBCwUAA4IBAQCOyxg+4rHFKNFff1pLRQvaj6taQ7L4yGN6pBomDaO9eq77QK3ZUfduoPVSEvgfFwqjs6j6q8Z4GVVJ0Oeoo4HomiSgT0v+L1A/i4RumkpAGoQKxqR1OWXU5Y/mo+pS+Puyh2APhB9Stsq3guuuGxHrj8J6p6J+9wVDrinaiTDkl7lbyQ2Zxxq9jEDYN8thokY0OC4I+yyasQdhauE0AVp+YSzJO17bP06vZaIRlnUqn6CxyH6lgZd5MfrQ2MaJQeQK5VtTGBlch3Cl1qlY/rCNdi52OI0ceT/qS+4ULCek3Y9+xYMtCYRp4T6oVX+HCEgLGk9yZ9X8qfotyyVwasoO</ds:X509Certificate>
+                </ds:X509Data>
+            </ds:KeyInfo>
+        </ns6:KeyDescriptor>
+        <ns6:KeyDescriptor use="encryption">
+            <ds:KeyInfo>
+                <ds:X509Data>
+                    <ds:X509Certificate>
+                        MIIEBzCCAu+gAwIBAgICEA4wDQYJKoZIhvcNAQELBQAwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRUwEwYDVQQHDAxTYW5GcmFuY2lzY28xETAPBgNVBAoMCEF0cmljb3JlMQwwCgYDVQQLDANJRE0xFDASBgNVBAMMC2F0cmljb3JlLWNhMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGF0cmljb3JlLmNvbTAeFw0yMTA2MzAxNjA2MjZaFw0zMTA2MjgxNjA2MjZaMH0xCzAJBgNVBAYTAlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMREwDwYDVQQKDAhBdHJpY29yZTEMMAoGA1UECwwDSURNMRYwFAYDVQQDDA1zYW1sLXByb3ZpZGVyMSAwHgYJKoZIhvcNAQkBFhFpbmZvQGF0cmljb3JlLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMI7TFu+kcgSuP1CsNIWcoRVwJGbxpR7d6d5OaMQ3v+ijZG4HiCnFybWhVNkcikHLmiQInpFFlsJIFwQ7f3K+c2BWickN1szfjvw+eH6iivkkoinPf1p9h0ts6oDTDeTvOvqxfM1yMav22kzTvNn5PRgSzertuV69Q6G6xf+0YvIu+lxZWyIED4opI6lzPRCbQEY7/d9azAoHsiEgeV5Z+WuUljEOiToKeWeDayhbWS6N46SViJl7LtvIWEi2CBNAzeyVnllGNzC7V/Lp3ZHE7DZBj3UBRfgQrioHUNS+CAJWKXB6NOqjD9Nx2kIFdckC9DCxUIXyJN0B0uL2JB/vLECAwEAAaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFE2zu0gZWNJP/ByHW99iy7BtSrLoMB8GA1UdIwQYMBaAFOR6HpU8AyOm+s6IleHWp5MhErriMA0GCSqGSIb3DQEBCwUAA4IBAQCOyxg+4rHFKNFff1pLRQvaj6taQ7L4yGN6pBomDaO9eq77QK3ZUfduoPVSEvgfFwqjs6j6q8Z4GVVJ0Oeoo4HomiSgT0v+L1A/i4RumkpAGoQKxqR1OWXU5Y/mo+pS+Puyh2APhB9Stsq3guuuGxHrj8J6p6J+9wVDrinaiTDkl7lbyQ2Zxxq9jEDYN8thokY0OC4I+yyasQdhauE0AVp+YSzJO17bP06vZaIRlnUqn6CxyH6lgZd5MfrQ2MaJQeQK5VtTGBlch3Cl1qlY/rCNdi52OI0ceT/qS+4ULCek3Y9+xYMtCYRp4T6oVX+HCEgLGk9yZ9X8qfotyyVwasoO</ds:X509Certificate>
+                </ds:X509Data>
+            </ds:KeyInfo>
+            <ns6:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc">
+                <enc:KeySize>256</enc:KeySize>
+            </ns6:EncryptionMethod>
+        </ns6:KeyDescriptor>
+        <ns6:ArtifactResolutionService isDefault="true" index="0"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/ARTIFACT/SOAP"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" />
+        <ns6:ArtifactResolutionService isDefault="true" index="0"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML11/ARTIFACT/SOAP"
+            Binding="urn:oasis:names:tc:SAML:1.1:bindings:SOAP" />
+        <ns6:SingleLogoutService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SLO/ARTIFACT"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" />
+        <ns6:SingleLogoutService
+            ResponseLocation="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SLO_RESPONSE/REDIR"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SLO/REDIR"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" />
+        <ns6:ManageNameIDService
+            ResponseLocation="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/MNI_RESPONSE/SOAP"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/RNI"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" />
+        <ns6:ManageNameIDService
+            ResponseLocation="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/MNI_RESPONSE/REDIR"
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/RNI/REDIR"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" />
+        <ns6:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</ns6:NameIDFormat>
+        <ns6:SingleSignOnService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SSO/POST"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" />
+        <ns6:SingleSignOnService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SSO/REDIR"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" />
+        <ns6:SingleSignOnService
+            Location="http://localhost:8081/IDBUS/DEVSSO-01/IDP-1/SAML2/SSO/ARTIFACT"
+            Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" />
+    </ns6:IDPSSODescriptor>
+    <ns6:Organization>
+        <ns6:OrganizationName xml:lang="en">Atricore JOSSO 2 IDP</ns6:OrganizationName>
+        <ns6:OrganizationDisplayName xml:lang="en">Atricore, Inc.</ns6:OrganizationDisplayName>
+        <ns6:OrganizationURL xml:lang="en">http://www.atricore.org</ns6:OrganizationURL>
+    </ns6:Organization>
+    <ns6:ContactPerson contactType="other" />
+</ns6:EntityDescriptor>