source: TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/attributeCertificateLog/ac.xml @ 6440

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_test/ndg/security/test/config/attributeauthority/sitea/attributeCertificateLog/ac.xml@6440
Revision 6440, 2.9 KB checked in by pjkersha, 11 years ago (diff)
  • #1088 Important fix to AuthnRedirectResponseMiddleware? to set redirect ONLY when SSL client authentication has just succeeded in the upstream middleware AuthKitSSLAuthnMiddleware. This bug was causing the browser to redirect to the wrong place following OpenID sign in in the case where the user is already logged into their provider and selects a new relying party to sign into.
    • Improvements to Provider decide page interface: leave out messages about attributes that the provider can't retrieve for the RP. Also included NDG style help icon.
Line 
1<?xml version="1.0" encoding="utf-8"?>
2<attributeCertificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" targetNamespace="urn:ndg:security:attributeCertificate">
3    <acInfo>
4        <version>1.0</version>
5        <holder></holder>
6        <issuer>/CN=AttributeAuthority/O=NDG Security Test/OU=Site A</issuer>
7        <issuerName>Site A</issuerName>
8        <issuerSerialNumber>253</issuerSerialNumber> 
9        <userId>ndg-user</userId>
10        <validity>
11            <notBefore>2010 01 20 08 54 54</notBefore> 
12            <notAfter>2010 01 20 16 54 54</notAfter> 
13        </validity>
14        <attributes>
15            <roleSet>
16                <role>
17                    <name>urn:siteA:security:authz:1.0:attr:postdoc</name>
18                </role>
19                <role>
20                    <name>urn:siteA:security:authz:1.0:attr:staff</name>
21                </role>
22                <role>
23                    <name>urn:siteA:security:authz:1.0:attr:undergrad</name>
24                </role>
25                <role>
26                    <name>urn:siteA:security:authz:1.0:attr:coapec</name>
27                </role>
28                <role>
29                    <name>urn:siteA:security:authz:1.0:attr:rapid</name>
30                </role>
31            </roleSet>
32        </attributes>
33        <provenance>original</provenance> 
34    </acInfo>
35<ds:Signature><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="ds"></ec:InclusiveNamespaces></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod><ds:Reference URI=""><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="xmlns"></ec:InclusiveNamespaces></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>s1dB/p8Cl1SmY0/Jcq+2z2biXHs=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>Sw36kLKRjSro9409KGZ5YPsQrU9FcvkzwO5n3WJ1WQkgDTS2IhGHCW5OB64bL8e3Ub3gdM1WlHC4
36ybGYfPOuuVfQ4ZHHfLqQMWA9p5ALRmUTAglSt9/uTPYzc8yk7wCWHNYqMDVPHbHwy5MWyAToCHGx
37rqJRs9WgozMJMugslJk=</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIICBTCCAW6gAwIBAgICAP0wDQYJKoZIhvcNAQEEBQAwLzEMMAoGA1UEChMDTkRH
38MQ0wCwYDVQQLEwRCQURDMRAwDgYDVQQDEwdUZXN0IENBMB4XDTA4MTIxNTE2MzUy
39NFoXDTEzMTIxNDE2MzUyNFowSjEaMBgGA1UEChMRTkRHIFNlY3VyaXR5IFRlc3Qx
40DzANBgNVBAsTBlNpdGUgQTEbMBkGA1UEAxMSQXR0cmlidXRlQXV0aG9yaXR5MIGf
41MA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCntf+hUxFKXx/KY3LXy/RYc/yqhfIL
42M8h95c14n/WdSqh8rK3VxkUu5gujlEgCHafI2AjNZJZqJfKG7ZucYmRcnXbCX1qP
43IGKa+TllbIWdsa5y/IF/Do2AoPMJnTNJ2U1IBfPQXbO5Sd49OvfTi4Cldk89872R
44IuzPmLIDcFydgQIDAQABoxUwEzARBglghkgBhvhCAQEEBAMCBPAwDQYJKoZIhvcN
45AQEEBQADgYEAWD04scBB91kWT8qXKZyN2EZ5nBFqs6REXtI+ddOaZt7VtiaHYMXA
46mcRW/kCw8YgS+Ull+mZpAwpWUU9kR/A5dbiIDDRbxlz4BJCeMgkO/OxU31zmvqqa
4723UyGXPhtaTuo8DG2uSr5XDk6GnJ5sb0WB3UgsRh7V4ryWkStImCSGY=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature></attributeCertificate>
Note: See TracBrowser for help on using the repository browser.