venice-dynamo-rewrite/conf-sso/idp/sourceid-sso-providers.xml

228 lines
18 KiB
XML
Raw Normal View History

<?xml version="1.0"?>
<ProviderDirectory xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns="http://www.sourceid.org/schemas/sso/providers/2002/11">
<lib:SPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<lib:ProviderID>Venice-SSO-SP</lib:ProviderID>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICbjCCAdcCBD7AlmwwDQYJKoZIhvcNAQEEBQAwfjELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNPMQ8wDQYDVQQHEwZEZW52ZXIxIzAhBgNVBAoTGlNpbHZlcndyaXN0IERlc2lnbiBTdHVkaW9zMRQwEgYDVQQLEwtEZXZlbG9wbWVudDEWMBQGA1UEAxMNRXJpYyBCb3dlcnNveDAeFw0wMzA1MTMwNjUzMzJaFw0wMzA4MTEwNjUzMzJaMH4xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJDTzEPMA0GA1UEBxMGRGVudmVyMSMwIQYDVQQKExpTaWx2ZXJ3cmlzdCBEZXNpZ24gU3R1ZGlvczEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFjAUBgNVBAMTDUVyaWMgQm93ZXJzb3gwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALvjYZPJwt16vTVIKleltTVDyvswVr2vCd9aHg7rKPhNKN+iVS2XY+Y5IopgcVtshQx/SbWnPNldtpGtFewaSQzCud/Lhja1xoGO/nTbjRr7MrPlR3yub8KO90tgslZ9yjEPZDWDEr3Y59ieDpMtAnYjS2GQ2LFRHq63kzd4AXg1AgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAVhJqkLZd59BiTjvRF0ZtBKXe+kxnvyclc0MeIzkzGFmnpMuSpSyZ3LlYp0uvFn5OADM6KkXj7DgXIqb1bqIvXmlwDds+oO3KL+WdHBO9KHW0KjR2jpIujpmJ8Eaf/cefcOxxA00CMrwBeL8EXyAaynpcT78nrT5iN3FZwMkBi9o=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<lib:AssertionConsumerServiceURL>http://localhost:8080/venice-sp/sso/authnRequest</lib:AssertionConsumerServiceURL>
<lib:SoapEndpoint>http://localhost:8080/venice-sp/sso/soap/endpoint</lib:SoapEndpoint>
<lib:SingleLogoutServiceURL>http://localhost:8080/venice-sp/sso/logout</lib:SingleLogoutServiceURL>
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/venice-sp/sso/logout</lib:SingleLogoutServiceReturnURL>
<lib:FederationTerminationServiceURL>http://localhost:8080/venice-sp/sso/fedterm</lib:FederationTerminationServiceURL>
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/venice-sp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</lib:FederationTerminationNotificationProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</lib:FederationTerminationNotificationProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http-get</lib:SingleLogoutProtocolProfile>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</lib:RegisterNameIdentifierProtocolProfile>
<lib:RegisterNameIdentifierServiceURL>http://localhost:9080/sourceid-sso/sso/rni</lib:RegisterNameIdentifierServiceURL>
<lib:RegisterNameIdentifierServiceReturnURL>http://localhost:9080/sourceid-sso/sso/rni</lib:RegisterNameIdentifierServiceReturnURL>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-http</lib:RegisterNameIdentifierProtocolProfile>
<lib:AuthnRequestsSigned>false</lib:AuthnRequestsSigned>
</lib:SPDescriptor>
<!--
Sample Service Provider Descriptor. If this instance of SourceID-SSO is configured to
operate in the "idp" role, then the entry below describes a Service Provider with which
we are federated. If this instance is configured to operate in the "sp" role, then the entry
below will be ignored.
-->
<lib:SPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<!--
Customize the following line to match the ProviderID of the remote provider; if the other
provider is SourceID-SSO, then the ProviderID below should match the <provider-id> element
in the other deployment's sourceid-sso.xml.
-->
<lib:ProviderID>SourceID-Sample-SP</lib:ProviderID>
<!--
The following KeyInfo represents the public key contained in the sample "sourceid.keystore"
file bundled with SourceID-SSO
-->
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICSjCCAbMCBD4coSAwDQYJKoZIhvcNAQEEBQAwbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjAeFw0wMzAxMDgyMjA3MjhaFw0wMzA0MDgyMjA3MjhaMGwxEDAOBgNVBAYTB1Vua25vd24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoTB1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJhokczPBJlZe48d5oKZiX6vo7DBU5b54t9JjSHLOEZd0XK5w81BY4iX8QADMc7GyTrqDDrehfh4S5eQO89Fll50D4f6HpSI2QGtionDrj3kuET9nW9n98IzWc3eiLLH+5q3VGm04rylo4PTnJCeMYmDRqYJkWR1xQbNsrv9HHJAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAI16O969XJkYRJaTiPXMcJg8XRM9oHKqc4L6YEDXGvnQ8NfTPDuJEzKIcU8QWNnprcY+MOue+O2YvP7u9NQuKK4zDA14CcIRb8G+VMLFa2A+BYiD66yIBWsb89YNFYnvH379wGp+ankQBTdljpgFo6Bt+fXmZxB6mToBdXy0h5b8=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<!--
The endpoints in the following URL's are correct for services offered by SourceID-SSO.
If federating this installation with another instance of SourceID-SSO, then all you need to do
is customize the URL's to match your deployment (e.g. replace "http://localhost:9080/sso-sample-sp"
with your server name and servlet context).
-->
<lib:AssertionConsumerServiceURL>http://localhost:8080/sso-sample-sp/sso/authnRequest</lib:AssertionConsumerServiceURL>
<lib:SoapEndpoint>http://localhost:8080/sso-sample-sp/sso/soap/endpoint</lib:SoapEndpoint>
<lib:SingleLogoutServiceURL>http://localhost:8080/sso-sample-sp/sso/logout</lib:SingleLogoutServiceURL>
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/sso-sample-sp/sso/logout</lib:SingleLogoutServiceReturnURL>
<lib:FederationTerminationServiceURL>http://localhost:8080/sso-sample-sp/sso/fedterm</lib:FederationTerminationServiceURL>
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/sso-sample-sp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
<!--
The following profile declarations indicate the variants of the Liberty Protocol which
this provider can speak.
-->
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</lib:FederationTerminationNotificationProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</lib:FederationTerminationNotificationProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http-get</lib:SingleLogoutProtocolProfile>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</lib:RegisterNameIdentifierProtocolProfile>
<lib:RegisterNameIdentifierServiceURL>http://localhost:8080/sourceid-sso/sso/rni</lib:RegisterNameIdentifierServiceURL>
<lib:RegisterNameIdentifierServiceReturnURL>http://localhost:8080/sourceid-sso/sso/rni</lib:RegisterNameIdentifierServiceReturnURL>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-http</lib:RegisterNameIdentifierProtocolProfile>
<lib:AuthnRequestsSigned>false</lib:AuthnRequestsSigned>
</lib:SPDescriptor>
<!--
Sample Identity Provider Descriptor. If this instance of SourceID-SSO is configured to
operate in the "sp" role, then the entry below describes an Identity Provider with which
we are federated. If this instance is configured to operate in the "idp" role, then the entry
below will be ignored.
-->
<lib:IDPDescriptor xmlns:lib="http://projectliberty.org/schemas/core/2002/12" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<!--
Customize the following line to match the ProviderID of the remote provider; if the other
provider is SourceID-SSO, then the ProviderID below should match the <provider-id> element
in the other deployment's sourceid-sso.xml.
-->
<lib:ProviderID>SourceID-Sample-IDP</lib:ProviderID>
<!--
The following KeyInfo represents the public key contained in the sample "sourceid.keystore"
file bundled with SourceID-SSO
-->
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Certificate xmlns:ds="http://www.w3.org/2000/09/xmldsig#">MIICSjCCAbMCBD4coSAwDQYJKoZIhvcNAQEEBQAwbDEQMA4GA1UEBhMHVW5rbm93bjEQMA4GA1UECBMHVW5rbm93bjEQMA4GA1UEBxMHVW5rbm93bjEQMA4GA1UEChMHVW5rbm93bjEQMA4GA1UECxMHVW5rbm93bjEQMA4GA1UEAxMHVW5rbm93bjAeFw0wMzAxMDgyMjA3MjhaFw0wMzA0MDgyMjA3MjhaMGwxEDAOBgNVBAYTB1Vua25vd24xEDAOBgNVBAgTB1Vua25vd24xEDAOBgNVBAcTB1Vua25vd24xEDAOBgNVBAoTB1Vua25vd24xEDAOBgNVBAsTB1Vua25vd24xEDAOBgNVBAMTB1Vua25vd24wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJhokczPBJlZe48d5oKZiX6vo7DBU5b54t9JjSHLOEZd0XK5w81BY4iX8QADMc7GyTrqDDrehfh4S5eQO89Fll50D4f6HpSI2QGtionDrj3kuET9nW9n98IzWc3eiLLH+5q3VGm04rylo4PTnJCeMYmDRqYJkWR1xQbNsrv9HHJAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAI16O969XJkYRJaTiPXMcJg8XRM9oHKqc4L6YEDXGvnQ8NfTPDuJEzKIcU8QWNnprcY+MOue+O2YvP7u9NQuKK4zDA14CcIRb8G+VMLFa2A+BYiD66yIBWsb89YNFYnvH379wGp+ankQBTdljpgFo6Bt+fXmZxB6mToBdXy0h5b8=</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
<!--
The endpoints in the following URL's are correct for services offered by SourceID-SSO.
If federating this installation with another instance of SourceID-SSO, then all you need to do
is customize the URL's to match your deployment (e.g. replace "http://localhost:8080/sso-sample-idp"
with your server name and servlet context).
-->
<lib:SoapEndpoint>http://localhost:8080/sso-sample-idp/sso/soap/endpoint</lib:SoapEndpoint>
<lib:SingleLogoutServiceURL>http://localhost:8080/sso-sample-idp/sso/logout</lib:SingleLogoutServiceURL>
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/sso-sample-idp/sso/logout</lib:SingleLogoutServiceReturnURL>
<lib:FederationTerminationServiceURL>http://localhost:8080/sso-sample-idp/sso/fedterm</lib:FederationTerminationServiceURL>
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/sso-sample-idp/sso/fedterm</lib:FederationTerminationServiceReturnURL>
<lib:SingleSignOnServiceURL>http://localhost:8080/sso-sample-idp/sso/authn</lib:SingleSignOnServiceURL>
<!--
The following profile declarations indicate the variants of the Liberty Protocol which
this provider can speak.
-->
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</lib:RegisterNameIdentifierProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</lib:FederationTerminationNotificationProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</lib:FederationTerminationNotificationProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</lib:SingleLogoutProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</lib:SingleSignOnProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</lib:SingleSignOnProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/wml-post</lib:SingleSignOnProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/lecp</lib:SingleSignOnProtocolProfile>
</lib:IDPDescriptor>
<!--
The following IDPDescriptor and two SPDescriptors are commented out. They represent the parameters
needed to federate with the Sun IPL, not included with this distribution.
-->
<!-- Sun IPL IDP, commented out by default -->
<!--
<lib:IDPDescriptor>
<lib:ProviderID>http://localhost:8080/idp</lib:ProviderID>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>sbYgCsImOgGr2Ynd3sp88UiIjKglM4nmNz+OdJJvJON5ov8ncuj9Gqnf0/huBASUW1fPFLoy9pGDydZlF4jneMp5PZ+7DjcZQrffiQkA+FO28CtviRgj1m8qGGHynP1XEoseBxHKYVtCmyvyN72q8zO6ANq/WdqSBB8hOqqtpFk=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
<lib:SoapEndpoint>http://localhost:8080/idp/soap</lib:SoapEndpoint>
<lib:SingleLogoutServiceURL>http://localhost:8080/idp/logout</lib:SingleLogoutServiceURL>
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/idp/logout-completion</lib:SingleLogoutServiceReturnURL>
<lib:FederationTerminationServiceURL>http://localhost:8080/idp/fedterm</lib:FederationTerminationServiceURL>
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/idp/federate.jsp</lib:FederationTerminationServiceReturnURL>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-soap</lib:FederationTerminationNotificationProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-sp-http</lib:FederationTerminationNotificationProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-soap</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-sp-http</lib:SingleLogoutProtocolProfile>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</lib:RegisterNameIdentifierProtocolProfile>
<lib:SingleSignOnServiceURL>http://localhost:8080/idp/authn</lib:SingleSignOnServiceURL>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-post</lib:SingleSignOnProtocolProfile>
<lib:SingleSignOnProtocolProfile>http://projectliberty.org/profiles/brws-art</lib:SingleSignOnProtocolProfile>
</lib:IDPDescriptor>
-->
<!-- Sun IPL SP (1), commented out by default -->
<!--
<lib:SPDescriptor>
<lib:ProviderID>http://localhost:8080/sp</lib:ProviderID>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>sbYgCsImOgGr2Ynd3sp88UiIjKglM4nmNz+OdJJvJON5ov8ncuj9Gqnf0/huBASUW1fPFLoy9pGDydZlF4jneMp5PZ+7DjcZQrffiQkA+FO28CtviRgj1m8qGGHynP1XEoseBxHKYVtCmyvyN72q8zO6ANq/WdqSBB8hOqqtpFk=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
<lib:SoapEndpoint>http://localhost:8080/sp/soap</lib:SoapEndpoint>
<lib:SingleLogoutServiceURL>http://localhost:8080/sp/logout</lib:SingleLogoutServiceURL>
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/sp/logout-completion</lib:SingleLogoutServiceReturnURL>
<lib:FederationTerminationServiceURL>http://localhost:8080/sp/fedterm</lib:FederationTerminationServiceURL>
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/sp/federate.jsp</lib:FederationTerminationServiceReturnURL>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</lib:FederationTerminationNotificationProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</lib:FederationTerminationNotificationProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http-get</lib:SingleLogoutProtocolProfile>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</lib:RegisterNameIdentifierProtocolProfile>
<lib:AssertionConsumerServiceURL>http://localhost:8080/sp/assertion</lib:AssertionConsumerServiceURL>
<lib:AuthnRequestsSigned>false</lib:AuthnRequestsSigned>
</lib:SPDescriptor>
-->
<!-- Sun IPL SP (2), commented out by default -->
<!--
<lib:SPDescriptor>
<lib:ProviderID>http://localhost:8080/sp2</lib:ProviderID>
<ds:KeyInfo>
<ds:KeyValue>
<ds:RSAKeyValue>
<ds:Modulus>sbYgCsImOgGr2Ynd3sp88UiIjKglM4nmNz+OdJJvJON5ov8ncuj9Gqnf0/huBASUW1fPFLoy9pGDydZlF4jneMp5PZ+7DjcZQrffiQkA+FO28CtviRgj1m8qGGHynP1XEoseBxHKYVtCmyvyN72q8zO6ANq/WdqSBB8hOqqtpFk=</ds:Modulus>
<ds:Exponent>AQAB</ds:Exponent>
</ds:RSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
<lib:SoapEndpoint>http://localhost:8080/sp2/soap</lib:SoapEndpoint>
<lib:SingleLogoutServiceURL>http://localhost:8080/sp2/logout</lib:SingleLogoutServiceURL>
<lib:SingleLogoutServiceReturnURL>http://localhost:8080/sp2/logout-completion</lib:SingleLogoutServiceReturnURL>
<lib:FederationTerminationServiceURL>http://localhost:8080/sp2/fedterm</lib:FederationTerminationServiceURL>
<lib:FederationTerminationServiceReturnURL>http://localhost:8080/sp2/federate.jsp</lib:FederationTerminationServiceReturnURL>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-soap</lib:FederationTerminationNotificationProtocolProfile>
<lib:FederationTerminationNotificationProtocolProfile>http://projectliberty.org/profiles/fedterm-idp-http</lib:FederationTerminationNotificationProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http</lib:SingleLogoutProtocolProfile>
<lib:SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-http-get</lib:SingleLogoutProtocolProfile>
<lib:RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-idp-soap</lib:RegisterNameIdentifierProtocolProfile>
<lib:AssertionConsumerServiceURL>http://localhost:8080/sp2/assertion</lib:AssertionConsumerServiceURL>
<lib:AuthnRequestsSigned>false</lib:AuthnRequestsSigned>
</lib:SPDescriptor>
-->
</ProviderDirectory>