McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 26

↗ View in doc context
page
26
source
cucm/v15/saml-sso/saml-sso.md
chunk_id
cucm::v15::saml-sso::saml-sso::22

<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://cucm0a.identitylab20.ciscolabs.com:8443/ssosp/saml/SSO/alias/cucm0a.identitylab20.ciscolabs.com" index="0"/> <md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://cucm0a.identitylab20.ciscolabs.com:8443/ssosp/saml/SSO/alias/cucm0a.identitylab20.ciscolabs.com" index="1"/> </md:SPSSODescriptor> </md:EntityDescriptor> Following is an example of a metadata file that was generated from an Identity Provide (Active Directory Federation Service) Metadata File from Identity Provider (Active Directory Federation Service) <?xml version="1.0"? <!--entityID=IdP Entity ID--> <EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" ID="_b12fe1b5-6866-40cc-94be-9d9d8cb71916" entityID="http://WIN-2019SSO.cisco-dod.com/adfs/services/trust"> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> ds:SignedInfo <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <ds:Reference URI="#_b12fe1b5-6866-40cc-94be-9d9d8cb71916"> ds:Transforms <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <!--Sign the metadata provided to the SP for extra security--> <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/> ds:DigestValueVAcIv2uw6zG8YVVWP0IDYMZ/e7CN9o4oR8XBGiysujY=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> ds:SignatureValue44RAgZ17YfwLdcRodZPcZ5PH05sLVbkDx4uAYq+EC4K+ZhiTs8aUZQ/......... </ds:SignatureValue> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <X509Data> <IDPSSODescriptor protocolSupportEnumeration="http://docs.oasis-open.org/ws-sx/ws-trust/200512 http://schemas.xmlsoap.org/ws/2005/02/trust http://docs.oasis-open.org/wsfed/federation/200706" ServiceDisplayName="administrator.cisco-dod.com"> <KeyDescriptor use="encryption"> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <X509Data> <X509Certificate>MIIGHzCCBQegAwIBAgITHAAADUerWbVHyqoM.......... </X509Certificate> </X509Data> </KeyInfo> </KeyDescriptor> <KeyDescriptor use="signing"> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"> <X509Data> <!--Cert for signing and/or encrypting the SAML Assertion--> <X509Certificate>MIIC7jCCAdagAwIBAgIQJH7di/..........</ds:X509Certificate> </KeyInfo> </KeyDescriptor> <!--Single Sign On Service details for HTTP-Redirect and HTTP-POST--> <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://win-2019sso.cisco-dod.com/adfs/ls/"/ <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" SAML SSO Deployment Guide for Cisco Unified Communications Applications, Release 15 and SUs 16 SAML SSO Requirements for Identity Providers Metadata Exchange