To generate ws-federation metadata for your own STS use the following tool. Federation metadata generation tool on GitHub or you just download a copy of the source here from my site.
The tool will not create a federation metdata file for a relying party (RP). To create a federation metadata file for a RP use the XML format below.
<?xml version="1.0" encoding="utf-8"?> <EntityDescriptor ID="_5b6cd05c-a5e3-470d-a2fc-6c6f66633d1b" entityID="https://RPAddress" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> <RoleDescriptor xsi:type="fed:ApplicationServiceType" xmlns:fed="http://docs.oasis-open.org/wsfed/federation/200706" protocolSupportEnumeration="http://docs.oasis-open.org/wsfed/federation/200706" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <fed:ClaimTypesRequested> <auth:ClaimType Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier" Optional="false" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" /> <auth:ClaimType Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress" Optional="false" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" /> <auth:ClaimType Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname" Optional="false" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" /> <auth:ClaimType Uri="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname" Optional="false" xmlns:auth="http://docs.oasis-open.org/wsfed/authorization/200706" /> </fed:ClaimTypesRequested> <fed:TargetScopes> <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> <Address>https://RPAddress</Address> </EndpointReference> </fed:TargetScopes> <fed:PassiveRequestorEndpoint> <EndpointReference xmlns="http://www.w3.org/2005/08/addressing"> <Address>https://RPAddress</Address> </EndpointReference> </fed:PassiveRequestorEndpoint> </RoleDescriptor> </EntityDescriptor>
Leave a Reply