Download   Report
  1. No category

Vetuma SAML-sanomaesimerkit

Vetuma SAMLsanomaesimerkit
Sivu 1
Tekninen kuvaus
Versio: 3.5 4.11.2015
4.11.2015
VETUMA SAML-SANOMAESIMERKIT
 Copyright Fujitsu Finland Oy
1 (7)
Sivu
Vetuma SAMLsanomaesimerkit
Sivu 2
Tekninen kuvaus
Versio: 3.5 4.11.2015
4.11.2015
Sisällysluettelo
1.
Johdanto ........................................................................................................................ 3
2.
Tunnistaminen............................................................................................................... 4
2.1 Kertakirjaus ............................................................................................................ 4
2.1.1 Kutsuviesti ................................................................................................................................. 4
2.1.2 Vastausviesti.............................................................................................................................. 4
2.2
Uloskirjaus ............................................................................................................. 6
2.2.1 Kutsuviesti ................................................................................................................................. 6
2.2.2 Vastausviesti.............................................................................................................................. 7
2.3
Tunnistuslähdekysely ............................................................................................. 7
2.3.1 Kutsuviesti ................................................................................................................................. 7
2.3.2 Vastausviesti.............................................................................................................................. 7
 Copyright Fujitsu Finland Oy
2 (7)
Sivu
Vetuma SAMLsanomaesimerkit
Sivu 3
Tekninen kuvaus
Versio: 3.5 4.11.2015
4.11.2015
1. JOHDANTO
Tämä dokumentti kuvaa Vetuma SAML-rajapinnan sanomaesimerkkejä. Dokumentti on
Vetuma-palvelun SAML-kutsurajapinnan määrittely –dokumentin liite 3.
Dokumentissa ei pyritä kuvaamaan kaikkia eri Vetuma-rajapinnan viestivaihtoehtoja, vain
riittävän kattava otos rajapinnan käyttöä helpottamaan.
 Copyright Fujitsu Finland Oy
3 (7)
Sivu
Vetuma SAMLsanomaesimerkit
Sivu 4
Tekninen kuvaus
Versio: 3.5 4.11.2015
4.11.2015
2. TUNNISTAMINEN
2.1 Kertakirjaus
2.1.1 Kutsuviesti
Viesti
<?xml version="1.0" encoding="UTF-8" standalone="no"?><samlp:AuthnRequest
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
AssertionConsumerServiceURL="https://localhost/app/samlReturn.jsp?A=3&amp;B=REJECT
" Destination="https://testitunnistus.suomi.fi/VETUMASSO/app" ID="mPC_vsm2b3i62sa3-9g6x-k8nu-wzsnfy2w3y" IssueInstant="2009-02-11T13:51:19.693Z" Version="2.0">
<saml:Issuer>https://localhost/app</saml:Issuer>
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationM
ethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference
URI="#mPC_vsm2b3i6-2sa3-9g6x-k8nu-wzsnfy2w3y"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ds:InclusiveNamespaces
xmlns:ds="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default ds saml
samlp xs xsi"/></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>xAI+TNK1KlV5DK
xRN+vp57/fUog=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>I
xEl75h76h//4wTLhS40d99JO/1tv0ZqUiXVMt5ynNddRd94GB0u4oSiVNj3zUk4uQ4oxCpdfBbK
k9Pc5WmXz3hebKJd22decHmnEhbQ5f/jMHTEsloHnGIijw/Qb85bnOWd8BPianxAmjSz+plgON7e
aoSN7i8t2Thb4GbalEV00lM9je36qfVsTJYYHXf92SBaTJWioqoJ994u9o83AGIWfENGV6o6Wf3H
+H4ZJVZ6yDPgYHpFePcwS0J2PRUrRXG/lgMdRoRGPShm99o6tKBVaiBtMF7MdvMBVPhssygFKh5q
sDOAwwpum3Q3x1C7ywuv7PVlaTc1v/S5wtYH+g==</ds:SignatureValue><ds:KeyInfo><ds:X509Da
ta><ds:X509Certificate>[Sertifikaatti]</ds:X509Certificate></ds:X509Data></ds:KeyI
nfo></ds:Signature><samlp:Extensions><vetuma
xmlns="urn:vetuma:SAML:2.0:extensions"><LG>fi</LG></vetuma></samlp:Extensions>
</samlp:AuthnRequest>
2.1.2 Vastausviesti
Viesti
<?xml version="1.0" encoding="UTF-8" standalone="no"?><samlp:Response
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Destination="https://localhost/app/samlReturn.jsp?A=3&amp;B=REJECT"
ID="MPL_fcfe337dd7b3-f0350774-b663-4686-8c14-57214e4e06e7-22eae623fa40"
InResponseTo="mPC_vsm2b3i6-2sa3-9g6x-k8nu-wzsnfy2w3y" IssueInstant="2009-0211T13:52:43.238Z" Version="2.0">
<saml:Issuer>https://testitunnistus.suomi.fi/VETUMASSO/app</saml:Issuer>
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationM
ethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod
 Copyright Fujitsu Finland Oy
4 (7)
Sivu
Vetuma SAMLsanomaesimerkit
Sivu 5
Tekninen kuvaus
Versio: 3.5 4.11.2015
4.11.2015
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference
URI="#MPL_fcfe337dd7b3-f0350774-b663-4686-8c14-57214e4e06e722eae623fa40"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ds:InclusiveNamespaces
xmlns:ds="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default ds saml
samlp xs xsi"/></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>KsbQ3bxvRpjBfA
NOYgpWJjwPboE=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>d
3h4q79e8MP0/qk/uQrVAI9BLom41+qgArChVb35M97gugXluQJXIOVNIzyvGb8LtaTXbZtcB+5/
vtjfgV5lKIX/Ua6IQ8hKvkQkXjv9QwP264GJcTN3/xoBspoqGJqFHeuSspEDO8hezoANqwQmztAF
weLwBepSp4jfOcoQIi8rpbiTpiWtmAcf18AC2FSQE7C60sflJl7bo6e8tlOENT/QhkE6RHqd0H0Z
Tb41/YGGvlp96eFal2UdKmpK0WX5XzPW2c2xmCCN87UKB3cv2pjGmKgIUKfZsw1MG3jOELPdx3Vp
K4aJSPrNQZK+yniu4UGusI9Emc/PwEO3uJPcCQ==</ds:SignatureValue><ds:KeyInfo><ds:X509Da
ta><ds:X509Certificate>[Sertifikaatti]</ds:X509Certificate></ds:X509Data></ds:KeyI
nfo></ds:Signature><samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
<saml:Assertion ID="MPL_fcfe337dd7b3-a7c2ad85-8e02-495b-a13c-c2895e3290e42457ff07ce16" IssueInstant="2009-02-11T13:52:43.230Z" Version="2.0">
<saml:Issuer>https://testitunnistus.suomi.fi/VETUMASSO/app</saml:Issuer>
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationM
ethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference
URI="#MPL_fcfe337dd7b3-a7c2ad85-8e02-495b-a13c-c2895e3290e42457ff07ce16"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ds:InclusiveNamespaces
xmlns:ds="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default ds saml
samlp xs xsi"/></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>7VX4qgK0JU+jp1
CakwBnIO0Bn3s=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>H
2R56VHJ0QKNn67BnY96yr+1BUUqHVv69qZE+5KsXzMhpdg4OM9LO6fl734SL7/DUjPLHEKLjK6x
ohonUw2ejbB19VoUTj+y2WQo4ntlTCYy0j37xbqZR9JnkSWsGt9YzvTlP5PazxRkKdHOhssURd3C
r8XtvqUiz8RVQgw2J9glYFf3IBkXbMfPF82OVuFxAPI2R7f03L+r+GBQCA9qNDmg7DXLyiRnJIZ8
HhvTI/ayHnk5i4e4I05V+G1R379l20gPWs5pIXlnMWD5RjuKCG5s3W2A70JZvynb0SqVwh59gIkE
OjwlLwymwlkOAKEk5lMrtbvt6F2SlhZ1H1C/1w==</ds:SignatureValue><ds:KeyInfo><ds:X509Da
ta><ds:X509Certificate>[Sertifikaatti]</ds:X509Certificate></ds:X509Data></ds:KeyI
nfo></ds:Signature><saml:Subject>
<saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameidformat:transient">_adc07330da05-f663ab2b-1422-4bbd-b348-b22a0388ea4569b9c9e5eef1</saml:NameID>
<saml:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
<saml:SubjectConfirmationData InResponseTo="mPC_vsm2b3i6-2sa3-9g6x-k8nuwzsnfy2w3y" NotOnOrAfter="2009-02-11T14:02:43.212Z"
Recipient="https://localhost/app/samlReturn.jsp?A=3&amp;B=REJECT"/>
</saml:SubjectConfirmation>
</saml:Subject>
<saml:AuthnStatement AuthnInstant="2009-02-11T13:52:43.194Z"
SessionIndex="1ddcb1f3-3842-4103-ac0d-fdf01a0e37fb-54e75e4cca8c">
<saml:AuthnContext><saml:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:class
es:TextBasedChallengeResponse</saml:AuthnContextClassRef>
 Copyright Fujitsu Finland Oy
5 (7)
Sivu
Vetuma SAMLsanomaesimerkit
Sivu 6
Tekninen kuvaus
Versio: 3.5 4.11.2015
4.11.2015
</saml:AuthnContext>
</saml:AuthnStatement>
<saml:AttributeStatement>
<saml:Attribute FriendlyName="cn" Name="urn:oid:2.5.4.3"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue>TESTI ANNA</saml:AttributeValue>
</saml:Attribute>
<saml:Attribute FriendlyName="HETU" Name="urn:oid:1.2.246.21"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
<saml:AttributeValue>010101-1119</saml:AttributeValue>
</saml:Attribute>
</saml:AttributeStatement>
</saml:Assertion>
</samlp:Response>
2.2 Uloskirjaus
2.2.1 Kutsuviesti
Viesti
<?xml version="1.0" encoding="UTF-8" standalone="no"?><samlp:LogoutRequest
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Destination="https://testitunnistus.suomi.fi/VETUMASSO/app/SLO" ID="mPC_v1b9gu8k1qq3-jjny-p11d-boptjbxgo5" IssueInstant="2009-02-11T13:55:43.553Z" Version="2.0">
<saml:Issuer>https://localhost/app</saml:Issuer>
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationM
ethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference
URI="#mPC_v1b9gu8k-1qq3-jjny-p11d-boptjbxgo5"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ds:InclusiveNamespaces
xmlns:ds="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default ds saml
samlp xs xsi"/></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>X34ygUiwIOatOb
7aZD5oWgw9oLg=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>R
z5cBgECwvnIdlDCe8/sCAznDD6I1F42q8lg0nbzBjAHrQTHkz5NmaFNGG/nMxzfueqAGKggGUa5
t7LnDY5tKmAHeqG6eR786xhFLSvE+6l0gk0pjeo4aDhnRWEZlM1dTRD73A8Z4MSPfxSuhxgWi+lt
a/bbJLgbuMuepQCrZhLZqU+vk0iy8hz8Axz/2vQB5S0aC3PVOtPG2sWlyAfe0MRbhTPy1h4MHW1Q
q/tGZUkh/xkHT/Ce1jmNnfhGgwIPWSOdrNkow9y6Nh+D4yktVM8DT6ygeXL6xV1reE6hdOcu/d7a
cGvTsLvP18Kqogc7cT4/oHiYZjetw9+5MxQgGA==</ds:SignatureValue><ds:KeyInfo><ds:X509Da
ta><ds:X509Certificate>[Sertifikaatti]</ds:X509Certificate></ds:X509Data></ds:KeyI
nfo></ds:Signature><samlp:Extensions><vetuma
xmlns="urn:vetuma:SAML:2.0:extensions"><LG>fi</LG></vetuma></samlp:Extensions><sam
l:NameID Format="urn:oasis:names:tc:SAML:2.0:nameidformat:transient">_adc07330da05-f663ab2b-1422-4bbd-b348-b22a0388ea4569b9c9e5eef1</saml:NameID><samlp:SessionIndex>80debe0b-a1d7-4b9d-85b2c825054ee68c-fc8eb4693fd0</samlp:SessionIndex>
</samlp:LogoutRequest>
 Copyright Fujitsu Finland Oy
6 (7)
Sivu
Vetuma SAMLsanomaesimerkit
Sivu 7
Tekninen kuvaus
Versio: 3.5 4.11.2015
4.11.2015
2.2.2 Vastausviesti
Viesti
<?xml version="1.0" encoding="UTF-8" standalone="no"?><samlp:LogoutResponse
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
Destination="https://localhost/app/singlelogoutReturn.jsp" ID="MPL_fcfe337dd7b378d0216a-53a4-427c-8d05-a0ba66e9f018-8bd81291f4d0" InResponseTo="mPC_v1b9gu8k1qq3-jjny-p11d-boptjbxgo5" IssueInstant="2009-02-11T13:58:37.728Z" Version="2.0">
<saml:Issuer>https://testitunnistus.suomi.fi/VETUMASSO/app</saml:Issuer>
<ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationM
ethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference
URI="#MPL_fcfe337dd7b3-78d0216a-53a4-427c-8d05-a0ba66e9f0188bd81291f4d0"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ds:InclusiveNamespaces
xmlns:ds="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="#default ds saml
samlp xs xsi"/></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>GIs5Ub+h96IuTy
0p9sRCPNeZNo0=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>j
cbve/w+9e+0ce8RpaiJm+eFfg2XmRvqnPgOdwh887A18y9Qx05VUlIcdN+uN4asWLj1CIuOedbP
OWD0pOtBYG7pNjuBGXywg5roN00AmMXvcdD8Il2G+5O0tM6gjOUy/BheFcDfAOJdlUujEmlptifQ
fhfqdVt6KeNzyIR58rSQu3wQhWaj0EIB8172p8ikQivnKQOPTdbc7rD/BJr6elD2YKtAVI7yX+BD
Z9MvvRT1LwMPD43XZDq0xl5p851v8De0YTreTV57xxiiEyJa75UvTye5qfarGRIeL9MAwEh9Z/9g
OMJKl1PW4qXPSKyt++jeDUpwVEAI8MeyzQLOtg==</ds:SignatureValue><ds:KeyInfo><ds:X509Da
ta><ds:X509Certificate>[Sertifikaatti]</ds:X509Certificate></ds:X509Data></ds:KeyI
nfo></ds:Signature><samlp:Status>
<samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/>
</samlp:Status>
</samlp:LogoutResponse>
2.3 Tunnistuslähdekysely
2.3.1 Kutsuviesti
Viesti
https://leijuke.testifederointi.suomi.fi/DS/disco?entityID=https%3A%2F%2Flocalhost
%2Fapp&return=https%3A%2F%2Flocalhost%2Fapp%2FSuccessDisco
2.3.2 Vastausviesti
Viesti
https://localhost/app?entityID=https%3A%2F%2Ftestitunnistus.suomi.fi%2FVETUMASSO%2
Fapp
 Copyright Fujitsu Finland Oy
7 (7)
Sivu
Vetuma SAML Sanomaesimerkit

Vetuma SAML Sanomaesimerkit

abcdocz.com

© Copyright 2025