aboutsummaryrefslogtreecommitdiff
path: root/id/server/stork2-saml-engine/src/test/resources
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2015-08-27 12:07:52 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2015-08-27 12:07:52 +0200
commit1051a42329a603821f415383343d253724d4cd65 (patch)
treef8a0b6e8445b7034dfe38d6ba3a61f1429a75a6e /id/server/stork2-saml-engine/src/test/resources
parentbb1b12ac5b240629e16ea1c7a50891e99f4adc14 (diff)
parenteb0cf88708f3d689c2cb6bb0dbf83dd290bee887 (diff)
downloadmoa-id-spss-1051a42329a603821f415383343d253724d4cd65.tar.gz
moa-id-spss-1051a42329a603821f415383343d253724d4cd65.tar.bz2
moa-id-spss-1051a42329a603821f415383343d253724d4cd65.zip
Merge STORK-SAML-Engine 1.5.1 and STORK-Commons 1.5.1
Conflicts: id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/CustomAttributeQueryValidator.java id/server/stork2-saml-engine/src/main/java/eu/stork/peps/auth/engine/core/validator/MultipleAssertionResponseValidator.java
Diffstat (limited to 'id/server/stork2-saml-engine/src/test/resources')
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml124
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml28
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml14
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml14
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml14
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml13
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml187
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml184
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml151
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml144
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml148
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml69
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml126
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml242
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml138
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml88
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml88
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/logback-test.xml26
-rw-r--r--id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg30
19 files changed, 999 insertions, 829 deletions
diff --git a/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml
index 171e05f12..fadef82b2 100644
--- a/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/SamlEngine.xml
@@ -1,67 +1,85 @@
<?xml version="1.0" encoding="UTF-8"?>
<instances>
- <!-- Configuration name -->
- <instance name="CONF0">
- <!-- Configurations parameters StorkSamlEngine -->
- <configuration name="SamlEngineConf">
- <parameter name="fileConfiguration" value="StorkSamlEngine_Conf0.xml" />
- </configuration>
+ <!-- Configuration name -->
+ <instance name="CONF0">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf0.xml" />
+ </configuration>
- <!-- Settings module signature -->
- <configuration name="SignatureConf">
- <!-- Specific signature module -->
- <parameter name="class"
- value="eu.stork.peps.auth.engine.core.impl.SignSW" />
- <!-- Settings specific module -->
- <parameter name="fileConfiguration" value="SignModule_Conf0.xml" />
- </configuration>
- </instance>
+ <!-- Settings module signature -->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class"
+ value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_Conf0.xml" />
+ <parameter name="softTrustStoreConfig" value="SignModule_Conf0.xml" />
+ </configuration>
+ </instance>
- <!-- ******************** CONF1 ******************** -->
- <!-- Configuration name -->
- <instance name="CONF1">
- <!-- Configurations parameters StorkSamlEngine -->
- <configuration name="SamlEngineConf">
- <parameter name="fileConfiguration" value="StorkSamlEngine_Conf1.xml" />
- </configuration>
+ <!-- ******************** CONF1 ******************** -->
+ <!-- Configuration name -->
+ <instance name="CONF1">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf1.xml" />
+ </configuration>
- <!-- Settings module signature -->
- <configuration name="SignatureConf">
- <!-- Specific signature module -->
- <parameter name="class"
- value="eu.stork.peps.auth.engine.core.impl.SignSW" />
- <!-- Settings specific module -->
- <parameter name="fileConfiguration" value="SignModule_Conf1.xml" />
- </configuration>
- </instance>
+ <!-- Settings module signature -->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class"
+ value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_Conf1.xml" />
+ </configuration>
+ </instance>
- <!-- ******************** CONF2 ******************** -->
+ <!-- ******************** CONF2 ******************** -->
- <instance name="CONF2">
- <configuration name="SamlEngineConf">
- <parameter name="fileConfiguration" value="StorkSamlEngine_Conf2.xml" />
- </configuration>
+ <instance name="CONF2">
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf2.xml" />
+ </configuration>
- <configuration name="SignatureConf">
- <parameter name="class"
- value="eu.stork.peps.auth.engine.core.impl.SignSW" />
- <parameter name="fileConfiguration" value="SignModule_Conf2.xml" />
- </configuration>
- </instance>
+ <configuration name="SignatureConf">
+ <parameter name="class"
+ value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <parameter name="fileConfiguration" value="SignModule_Conf2.xml" />
+ </configuration>
+ </instance>
- <!-- ******************** CONF3 ******************** -->
+ <!-- ******************** CONF3 ******************** -->
- <instance name="CONF3">
- <configuration name="SamlEngineConf">
- <parameter name="fileConfiguration" value="StorkSamlEngine_Conf3.xml" />
- </configuration>
+ <instance name="CONF3">
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf3.xml" />
+ </configuration>
- <configuration name="SignatureConf">
- <parameter name="class"
- value="eu.stork.peps.auth.engine.core.impl.SignSW" />
- <parameter name="fileConfiguration" value="SignModule_Conf3.xml" />
- </configuration>
- </instance>
+ <configuration name="SignatureConf">
+ <parameter name="class"
+ value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <parameter name="fileConfiguration" value="SignModule_Conf3.xml" />
+ </configuration>
+ </instance>
+
+ <!-- ******************** CONF4 ******************** -->
+ <instance name="CONF4">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_Conf0.xml" />
+ </configuration>
+
+ <!-- Settings module signature -->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignHW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_P11.xml" />
+ <parameter name="softTrustStoreConfig" value="SignModule_Conf0.xml" />
+ </configuration>
+ </instance>
</instances> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml
index a9f2038b8..295258bb2 100644
--- a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf0.xml
@@ -2,20 +2,20 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<!-- properties>
- <comment>SWModule sign with JKS.</comment>
- <entry key="keystorePath">C:\opt\keystores\keyStoreCountry0.jks</entry>
- <entry key="keyStorePassword">local-demo</entry>
- <entry key="keyPassword">local-demo</entry>
- <entry key="issuer">CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS</entry>
- <entry key="serialNumber">524D4C6C</entry>
- <entry key="keystoreType">JKS</entry>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\keyStoreCountry0.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=saml-demo-cert,OU=STORK2,O=Advania,L=Reykjavik,ST=Reykjavik,C=IS</entry>
+ <entry key="serialNumber">524D4C6C</entry>
+ <entry key="keystoreType">JKS</entry>
</properties-->
<properties>
- <comment>SWModule sign with JKS.</comment>
- <entry key="keystorePath">C:\opt\keystores\storkDemoKeysTest.jks</entry>
- <entry key="keyStorePassword">local-demo</entry>
- <entry key="keyPassword">local-demo</entry>
- <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
- <entry key="serialNumber">4BA89DB2</entry>
- <entry key="keystoreType">JKS</entry>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\storkDemoKeysTest.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml
index e556a7331..ffd41cb61 100644
--- a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf1.xml
@@ -2,11 +2,11 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
- <comment>SWModule sign with JKS.</comment>
- <entry key="keystorePath">C:\opt\keystores\storkDemoKeysTest.jks</entry>
- <entry key="keyStorePassword">local-demo</entry>
- <entry key="keyPassword">local-demo</entry>
- <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
- <entry key="serialNumber">4BA89DB2</entry>
- <entry key="keystoreType">JKS</entry>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\storkDemoKeysTest.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml
index 3da1e33df..21b73d49d 100644
--- a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf2.xml
@@ -2,11 +2,11 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
- <comment>SWModule sign with JKS.</comment>
- <entry key="keystorePath">C:\opt\keystores\keyStoreCountry2.jks</entry>
- <entry key="keyStorePassword">local-demo</entry>
- <entry key="keyPassword">local-demo</entry>
- <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
- <entry key="serialNumber">4BA89DB2</entry>
- <entry key="keystoreType">JKS</entry>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\keyStoreCountry2.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml
index 4c14a1711..f9ebc85cc 100644
--- a/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_Conf3.xml
@@ -2,11 +2,11 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
- <comment>SWModule sign with JKS.</comment>
- <entry key="keystorePath">C:\opt\keystores\keyStoreCountry3.jks</entry>
- <entry key="keyStorePassword">local-demo</entry>
- <entry key="keyPassword">local-demo</entry>
- <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
- <entry key="serialNumber">4BA89DB2</entry>
- <entry key="keystoreType">JKS</entry>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">C:\opt\keystores\keyStoreCountry3.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml
index c683d97c3..0e95da1f2 100644
--- a/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/SignModule_P11.xml
@@ -2,10 +2,11 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
- <comment>HWModule sign with interface PKCS11.</comment>
- <entry key="configurationFile">p11Config.cfg</entry>
- <entry key="keyPassword">*******</entry>
- <entry key="issuer">CN=XXXXXXXXX</entry>
- <entry key="serialNumber">xxxxxxxxxxxxxx</entry>
- <entry key="keystoreType">PKCS11</entry>
+ <comment>HWModule sign with interface PKCS11.</comment>
+ <entry key="configurationFile">p11Conf.cfg</entry>
+ <entry key="keyPassword">12345</entry>
+ <entry key="issuer">CN=Test Certificate</entry>
+ <entry key="serialNumber">147d4b07db8</entry>
+ <entry key="keystoreType">PKCS11</entry>
+ <entry key="trustStoreConfig">SignModule_Conf0.xml</entry>
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml
index 8c3a94601..2a266a975 100644
--- a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf0.xml
@@ -2,86 +2,111 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
- <comment>SAML constants for AuthnRequests and Responses.</comment>
-
- <!-- Types of consent obtained from the user for this authentication and
- data transfer. Allow values: 'unspecified'. -->
- <entry key="consentAuthnRequest">unspecified</entry>
-
- <!-- Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit',
- 'unspecified'. -->
- <entry key="consentAuthnResponse">obtained</entry>
-
- <!--URI representing the classification of the identifier Allow values:
- 'entity'. -->
- <entry key="formatEntity">entity</entry>
-
- <!--Only HTTP-POST binding is only supported for inter PEPS -->
- <!--The SOAP binding is only supported for direct communication between
- SP-MW and VIdP -->
- <entry key="protocolBinding">HTTP-POST</entry>
-
-
-
-
- <!--URI representing the classification of the identifier Allow values:
- 'entity'. <entry key="eIDSectorShare">true</entry> <entry key="eIDCrossSectorShare">true</entry>
- <entry key="eIDCrossBorderShare">true</entry> -->
-
-
-
- <!-- A friendly name for the attribute that can be displayed to a user -->
- <entry key="friendlyName">false</entry>
-
- <!-- A friendly name for the attribute that can be displayed to a user -->
- <entry key="isRequired">true</entry>
-
- <!--PEPS in the Service Provider's country -->
- <entry key="requester">http://S-PEPS.gov.xx</entry>
-
- <!--PEPS in the citizen's origin country -->
- <entry key="responder">http://C-PEPS.gov.xx</entry>
-
- <!--Subject cannot be confirmed on or after this seconds time (positive
- number) -->
- <entry key="timeNotOnOrAfter">300</entry>
-
- <!--Validation IP of the response -->
- <entry key="ipAddrValidation">false</entry>
-
-
- <!--Subject Attribute Definitions -->
- <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
- <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
- <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
- <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
- <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
- <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
- <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
- <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
- <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
- <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
- <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
- <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
- <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
- <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
- <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
- <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
-
- <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
- <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
-
- <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
- <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
-
- <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
- <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
-
- <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
- <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
- <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
- <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
-
- <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!-- Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. <entry key="eIDSectorShare">true</entry> <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry> -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!-- Format -->
+ <entry key="format">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive
+ number) -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="placeOfBirth">http://www.stork.gov.eu/1.0/placeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+ <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry>
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+
+ <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry>
+ <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry>
+ <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry>
+ <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry>
+ <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry>
+ <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry>
+ <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry>
+ <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry>
+ <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry>
+ <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry>
+
+ <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry>
+ <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry>
+ <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry>
+ <entry key="type">http://www.stork.gov.eu/1.0/type</entry>
+ <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry>
+ <entry key="status">http://www.stork.gov.eu/1.0/status</entry>
+ <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry>
+ <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry>
+ <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry>
+ <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry>
+ <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry>
+ <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry>
+ <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
+
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml
index ad04cc3df..a65717a05 100644
--- a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf1.xml
@@ -2,84 +2,110 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
- <comment>SAML constants for AuthnRequests and Responses.</comment>
-
- <!-- Types of consent obtained from the user for this authentication and
- data transfer. Allow values: 'unspecified'. -->
- <entry key="consentAuthnRequest">unspecified</entry>
-
- <!-- Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit',
- 'unspecified'. -->
- <entry key="consentAuthnResponse">obtained</entry>
-
- <!--URI representing the classification of the identifier Allow values:
- 'entity'. -->
- <entry key="formatEntity">entity</entry>
-
- <!--Only HTTP-POST binding is only supported for inter PEPS -->
- <!--The SOAP binding is only supported for direct communication between
- SP-MW and VIdP -->
- <entry key="protocolBinding">HTTP-POST</entry>
-
-
-
-
- <!--URI representing the classification of the identifier Allow values:
- 'entity'. <entry key="eIDSectorShare">true</entry> <entry key="eIDCrossSectorShare">true</entry>
- <entry key="eIDCrossBorderShare">true</entry> -->
-
-
-
- <!-- A friendly name for the attribute that can be displayed to a user -->
- <entry key="friendlyName">false</entry>
-
- <!-- A friendly name for the attribute that can be displayed to a user -->
- <entry key="isRequired">true</entry>
-
- <!--PEPS in the Service Provider's country -->
- <entry key="requester">http://S-PEPS.gov.xx</entry>
-
- <!--PEPS in the citizen's origin country -->
- <entry key="responder">http://C-PEPS.gov.xx</entry>
-
- <!--Subject cannot be confirmed on or after this seconds time (positive
- number) -->
- <entry key="timeNotOnOrAfter">300</entry>
-
- <!--Validation IP of the response -->
- <entry key="ipAddrValidation">false</entry>
-
-
- <!--Subject Attribute Definitions -->
- <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
- <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
- <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
- <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
- <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
- <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
- <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
- <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
- <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
- <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
- <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
- <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
- <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
- <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
- <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
- <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
-
- <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
- <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
-
- <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
- <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
-
- <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
- <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
-
- <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
- <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
- <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
- <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!-- Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. <entry key="eIDSectorShare">true</entry> <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry> -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!-- Format -->
+ <entry key="format">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive
+ number) -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="placeOfBirth">http://www.stork.gov.eu/1.0/placeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+ <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry>
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+
+ <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry>
+ <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry>
+ <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry>
+ <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry>
+ <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry>
+ <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry>
+ <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry>
+ <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry>
+ <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry>
+ <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry>
+
+ <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry>
+ <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry>
+ <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry>
+ <entry key="type">http://www.stork.gov.eu/1.0/type</entry>
+ <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry>
+ <entry key="status">http://www.stork.gov.eu/1.0/status</entry>
+ <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry>
+ <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry>
+ <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry>
+ <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry>
+ <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry>
+ <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry>
+ <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml
index fd1db92ac..a0a5bea10 100644
--- a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf2.xml
@@ -2,59 +2,100 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
- <comment>SAML constants for AuthnRequests and Responses.</comment>
-
- <!-- Types of consent obtained from the user for this authentication and
- data transfer. Allow values: 'unspecified'. -->
- <entry key="consentAuthnRequest">unspecified</entry>
- <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit',
- 'unspecified'. -->
- <entry key="consentAuthnResponse">obtained</entry>
-
- <!--URI representing the classification of the identifier Allow values:
- 'entity'. -->
- <entry key="formatEntity">entity</entry>
-
- <!--Only HTTP-POST binding is only supported for inter PEPS -->
- <!--The SOAP binding is only supported for direct communication between
- SP-MW and VIdP -->
- <entry key="protocolBinding">HTTP-POST</entry>
-
- <entry key="eIDSectorShare">false</entry>
- <entry key="eIDCrossSectorShare">false</entry>
- <entry key="eIDCrossBorderShare">false</entry>
-
- <!--PEPS in the Service Provider's country -->
- <entry key="requester">http://S-PEPS.gov.xx</entry>
-
- <!--PEPS in the citizen's origin country -->
- <entry key="responder">http://C-PEPS.gov.xx</entry>
-
- <!--Subject cannot be confirmed on or after this seconds time -->
- <entry key="timeNotOnOrAfter">300</entry>
-
- <!--Validation IP of the response -->
- <entry key="ipAddrValidation">false</entry>
-
- <!-- A friendly name for the attribute that can be displayed to a user -->
- <entry key="isRequired">false</entry>
-
-
- <!--Subject Attribute Definitions -->
- <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
- <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
- <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
- <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
- <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
- <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
- <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
- <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
- <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
- <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
- <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
- <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
- <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
- <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
- <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
- <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+ <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+ <entry key="eIDSectorShare">false</entry>
+ <entry key="eIDCrossSectorShare">false</entry>
+ <entry key="eIDCrossBorderShare">false</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!-- Format -->
+ <entry key="format">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="placeOfBirth">http://www.stork.gov.eu/1.0/placeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+ <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry>
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+
+ <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry>
+ <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry>
+ <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry>
+ <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry>
+ <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry>
+ <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry>
+ <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry>
+ <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry>
+ <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry>
+ <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry>
+
+ <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry>
+ <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry>
+ <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry>
+ <entry key="type">http://www.stork.gov.eu/1.0/type</entry>
+ <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry>
+ <entry key="status">http://www.stork.gov.eu/1.0/status</entry>
+ <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry>
+ <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry>
+ <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry>
+ <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry>
+ <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry>
+ <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry>
+ <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
+
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml
index bea40d274..61c6cd6d6 100644
--- a/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/StorkSamlEngine_Conf3.xml
@@ -2,56 +2,96 @@
<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
<properties>
- <comment>SAML constants for AuthnRequests and Responses.</comment>
-
- <!-- Types of consent obtained from the user for this authentication and
- data transfer. Allow values: 'unspecified'. -->
- <entry key="consentAuthnRequest">unspecified</entry>
- <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit',
- 'unspecified'. -->
- <entry key="consentAuthnResponse">obtained</entry>
-
- <!--URI representing the classification of the identifier Allow values:
- 'entity'. -->
- <entry key="formatEntity">entity</entry>
-
- <!--Only HTTP-POST binding is only supported for inter PEPS -->
- <!--The SOAP binding is only supported for direct communication between
- SP-MW and VIdP -->
- <entry key="protocolBinding">HTTP-POST</entry>
-
- <entry key="eIDSectorShare">false</entry>
- <entry key="eIDCrossSectorShare">false</entry>
- <entry key="eIDCrossBorderShare">false</entry>
-
- <!--PEPS in the Service Provider's country -->
- <entry key="requester">http://S-PEPS.gov.xx</entry>
-
- <!--PEPS in the citizen's origin country -->
- <entry key="responder">http://C-PEPS.gov.xx</entry>
-
- <!--Subject cannot be confirmed on or after this seconds time -->
- <entry key="timeNotOnOrAfter">300</entry>
-
- <!--Validation IP of the response -->
- <entry key="ipAddrValidation">false</entry>
-
- <!--Subject Attribute Definitions -->
- <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
- <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
- <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
- <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
- <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
- <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
- <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
- <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
- <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
- <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
- <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
- <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
- <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
- <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
- <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
- <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
- <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!-- Types of consent obtained from the user for this authentication and
+ data transfer. Allow values: 'unspecified'. -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+ <!-- Allow values: 'obtained', 'prior', 'curent-implicit', 'curent-explicit',
+ 'unspecified'. -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier Allow values:
+ 'entity'. -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS -->
+ <!--The SOAP binding is only supported for direct communication between
+ SP-MW and VIdP -->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+ <entry key="eIDSectorShare">false</entry>
+ <entry key="eIDCrossSectorShare">false</entry>
+ <entry key="eIDCrossBorderShare">false</entry>
+
+ <!--PEPS in the Service Provider's country -->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country -->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!-- Format -->
+ <entry key="format">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time -->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response -->
+ <entry key="ipAddrValidation">false</entry>
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="placeOfBirth">http://www.stork.gov.eu/1.0/placeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizenQAALevel">http://www.stork.gov.eu/1.0/citizenQAALevel</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+ <entry key="unknown">http://www.stork.gov.eu/1.0/unknown</entry>
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+
+ <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry>
+ <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry>
+ <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry>
+ <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry>
+ <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry>
+ <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry>
+ <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry>
+ <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry>
+ <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry>
+ <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry>
+
+ <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry>
+ <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry>
+ <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry>
+ <entry key="type">http://www.stork.gov.eu/1.0/type</entry>
+ <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry>
+ <entry key="status">http://www.stork.gov.eu/1.0/status</entry>
+ <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry>
+ <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry>
+ <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry>
+ <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry>
+ <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry>
+ <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry>
+ <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
+
</properties> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml
index 3764389e4..d4f6f89da 100644
--- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequest.xml
@@ -1,82 +1,68 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
- Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_939726f0a02072f40b548de378612a50"
- IssueInstant="2013-10-04T16:57:55.547Z" Version="2.0">
- <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:SignedInfo>
- <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <ds:Reference URI="#_939726f0a02072f40b548de378612a50">
- <ds:Transforms>
- <ds:Transform
- Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
- <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
- PrefixList="xs" />
- </ds:Transform>
- </ds:Transforms>
- <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <ds:DigestValue>BgPDTVCv7BhiWIs6HsC06jaHaag=</ds:DigestValue>
- </ds:Reference>
- </ds:SignedInfo>
- <ds:SignatureValue>dIC61bGi6Jqp1zSVojpjaVq9WaZcDtNImXgo1Dyze5/hJA07Sy4TaHu+/IuLEC99aLjM6rxh2UUNqpPaQCFlF5eVkVv/c4gHEZVyevhjJKTidqmnuhlI78PGMx2thfxFsHsPcqHqOzy1Z6w18K1ds6APQP+aXI9TNKis+pykn4nJititYuiSseD0VY0F4QnXx+U6k3raoi1CAFE5fe7EuI/KfxuhhQLAbLq90Vm8R94ITBjfSS25mXstXNe9zppTSjDB42ld1TjDovDwXAn5OxiZasIEb5m68sRlxgoQ/2/+ZdYNNINFLAwkCbb8MiCbGASd626Bme0Kx+ropeWdxw==</ds:SignatureValue>
- <ds:KeyInfo>
- <ds:X509Data>
- <ds:X509Certificate>MIIDXjCCAkagAwIBAgIEUk1MbDANBgkqhkiG9w0BAQUFADBxMQswCQYDVQQGEwJJUzESMBAGA1UE
- CAwJUmV5a2phdmlrMRIwEAYDVQQHDAlSZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNV
- BAsMBlNUT1JLMjEXMBUGA1UEAwwOc2FtbC1kZW1vLWNlcnQwHhcNMTMxMDAzMTA1MzEyWhcNMjMx
- MDAzMTA1MzEyWjBxMQswCQYDVQQGEwJJUzESMBAGA1UECAwJUmV5a2phdmlrMRIwEAYDVQQHDAlS
- ZXlramF2aWsxEDAOBgNVBAoMB0FkdmFuaWExDzANBgNVBAsMBlNUT1JLMjEXMBUGA1UEAwwOc2Ft
- bC1kZW1vLWNlcnQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCkSgTxZkNRXZTKLB0c
- 4oz7/8Dh56FX+0cYg7hjw4e8vn+ITXkxzrmUH57FtsvKln4mq1H0FHXL80u3IiWX8qY+QLgNeKeB
- m85lXuyOb3wWpKAaQvpLAkejGLCx22AN2L0WZkKZV2puwRQVsRHCq6U6vToJXDZ6Ui6ltKsAl/ZS
- 8qUFpiIvqD5ea4ohz4JsFE/uApRc7pbJ4VbOmAAeH/tQTayptq2kPb2vvUVk+2cH5J7UD+GCI88E
- e+mS+C33tV9NmWUHL69mYEe8FXjumbKA5e9i1ejn9i0/BLUtHFonHnL9YFMim0foI7NNc5mNg9aw
- vm0PuByVU3kuibQkqGBLAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBAA9X5B4NBmVuhjECi+KOnRRX
- 5oUV+jbYKhGZODDPi+F4Uo7ZtPFQ6sS3tE54+8AoDl5zQ5q5fDDVXhB42IIIjDxHKo8cBXie5FZ6
- mJtErvWZWYWdO0uV2OQAUALq2LieidqSFDJ+Pjl8w1New8oi3migwyE0jZo4Q97lJGDfJTruV0A2
- JE/Gt6QAAcWhhN2hZl92pYkIi5OeqHXyzBUp5vg8LLfNmeyziCAiXDC1Sy/aQU/cllZ3zFJMrqZM
- s2xBpmB4sF1YRbIrr2OqEVE6M6DUx+pAQOd2uogV3AMT9D5MYpckI1jx/o/Tto7ju74nIVOskDiN
- K0FR8izxcT0HixM=</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </ds:Signature>
- <saml2p:Extensions>
- <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
- <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
- <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
- <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
- <storkp:RequestedAttributes>
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="false" />
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true">
- <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">16</stork:AttributeValue>
- <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">18</stork:AttributeValue>
- </stork:RequestedAttribute>
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true">
- <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">Sveinbjorn</stork:AttributeValue>
- </stork:RequestedAttribute>
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true">
- <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue>
- </stork:RequestedAttribute>
- </storkp:RequestedAttributes>
- </saml2p:Extensions>
- <saml2:Subject>
- <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer" />
- </saml2:Subject>
+<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_bf999e47edabb47770eb406a5d37f24e" IssueInstant="2014-04-25T12:49:39.398Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <ds:Reference URI="#_bf999e47edabb47770eb406a5d37f24e">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+ </ds:Transform>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <ds:DigestValue>NwBXMUys6XjoR7Ddbr6JI5gB+O8=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>MFoAC5mncGKFyvZKygSIH7+9JrXWMJ18jolBHZ0WisxpIrDldS+K+Mf6uwOirL5mal2uktpIT2RRiT1Twk+fS5t94wnobaLpktpv+uoZCzd2BAqFpBBHnImwC/UEy7hCF9htsW8CCx97wRXHA4IGx5OX9Fg4f+ZJdPPFLrGpdfJ3bJXvQeQPwGLqhjWio/XnAYwJYQ8YGQvRywZDDodTZDWHsKMHAsrIdmNJz93wmMPceRtgcUceZdN4jDkPE8SPNrApe2ksd3dEKauyyJQ2DR5jryVQpGM7sJzQhP9Z57XIJta+c/nJ7bttw+M+QsZn/E+CLQpcI8MeuuhBb1+mGA==</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDIjCCAgqgAwIBAgIES6idsjANBgkqhkiG9w0BAQUFADBTMQswCQYDVQQGEwJFUzEOMAwGA1UE
+ CAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxvY2Fs
+ LWRlbW8wHhcNMTMwODI4MTY0NzM1WhcNMTUwODI4MTY0NzM1WjBTMQswCQYDVQQGEwJFUzEOMAwG
+ A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxv
+ Y2FsLWRlbW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+7zEQUbt8Ot9dByR5TuY
+ NPmTwaKhECtnkxYAx9tl+Ga3kFiv+dOSeDoQOhxkICG1ZMaG0Gtk0EQWjscC1cLwDXpAOdhOm5xh
+ ndFHxa3V3Y3zomFZA7A3nwP8wt17wDrc1xi2Ye8VrwO7Vjb/F8Rgutlcrvq+LF4g9nQLoRiKUq8w
+ NFvDlvhBbLr8hMVBMY/jY7tSQ85qLqKUkWRcoDttJjgWZoO1vpBS4m+FywtYdOoHnN6fv4Dvf1r2
+ rNLgebgBvSfwznxiulwW6FBLasYX0rYKP7RfwG8TJ+FumOgAjADj2LdwK25RZNg44XU2V1z1Fp37
+ fNXhfo08LpdD1ueFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADMRGTWOmadZyCoJNluV+M7LopjC
+ 9WpFUj76X0cAoNXmt12zYqYe8hjRmBr6l2V/FXT3/TyWET1nILG46zwwAxslw3b2LvkhU+9QcuB8
+ yC8TCJJ0kgsTZ/EUZPSbwUG7Nn2jkMiyjlyKcjSCQOzEKQyR1xYwyZG40+BPeGbYjmRgm6kcmCxY
+ USWoPwNyfke9gNT80f0pUj7wJ9YwWbTIz1rhf/h7rxoMYypXo+JXwaXW/Ra8v1uDcwfKpE5ZgwAU
+ nubLXF4A+H7/N7ZvB5XDwJ4W+99nuPsKfwacD8m1sflTXcEPzzhOq6iQ9anJT94/pMctnp827zXA
+ y66jvDrin5I=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <stork:spCountry>IS</stork:spCountry>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">Sveinbjorn</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/fiscalNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">fiscalNumber</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">16</stork:AttributeValue>
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">18</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/LPFiscalNumber" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">LPFiscalNumber</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
+ <saml2:Subject>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/>
+ </saml2:Subject>
</saml2p:AttributeQuery> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml
index d64572829..fadc86d14 100644
--- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestSdoc.xml
@@ -1,15 +1,54 @@
-<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_334488599e0c2781ff34857c4964debb" IssueInstant="2014-02-06T22:09:18.113Z" Version="2.0"><saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="#_334488599e0c2781ff34857c4964debb"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>X1nUVB6qXdoKbJzNekiSo9ExLdw=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ExCPHHC/9OhdhOl1Ou+43Qw1nvskpbMYMu9vqa7m16doxM2PIUmK7LUw7hZiKtjIdBxuhpca3OrjO8O6MuTDN1FksWoj+7B1KTLFtmspucT5O7Cu2OqhK5WIVuCaLuA7CD0N2UfFouRwR5NlLHyzn9Trd7IM5OjA41dGb5jqYl7Ir+62+MgjhZRlLooDzb5fDAczbxv9LHGiKRBpgnk40w3gDAvoSPNdEuKhZi8LPQWWNBvVi3N5ZmJmAIacZWBqePywXTjygmChWAc8p7ptAX6tw0hpBxyxoW3aaZZzWQNcwobTRYbn89fcM11gqIz/YK7VXtiQ7WEQt1enQD/GAA==</ds:SignatureValue><ds:KeyInfo><ds:X509Data><ds:X509Certificate>MIIDIjCCAgqgAwIBAgIES6idsjANBgkqhkiG9w0BAQUFADBTMQswCQYDVQQGEwJFUzEOMAwGA1UE
-CAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxvY2Fs
-LWRlbW8wHhcNMTMwODI4MTY0NzM1WhcNMTUwODI4MTY0NzM1WjBTMQswCQYDVQQGEwJFUzEOMAwG
-A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxv
-Y2FsLWRlbW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+7zEQUbt8Ot9dByR5TuY
-NPmTwaKhECtnkxYAx9tl+Ga3kFiv+dOSeDoQOhxkICG1ZMaG0Gtk0EQWjscC1cLwDXpAOdhOm5xh
-ndFHxa3V3Y3zomFZA7A3nwP8wt17wDrc1xi2Ye8VrwO7Vjb/F8Rgutlcrvq+LF4g9nQLoRiKUq8w
-NFvDlvhBbLr8hMVBMY/jY7tSQ85qLqKUkWRcoDttJjgWZoO1vpBS4m+FywtYdOoHnN6fv4Dvf1r2
-rNLgebgBvSfwznxiulwW6FBLasYX0rYKP7RfwG8TJ+FumOgAjADj2LdwK25RZNg44XU2V1z1Fp37
-fNXhfo08LpdD1ueFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADMRGTWOmadZyCoJNluV+M7LopjC
-9WpFUj76X0cAoNXmt12zYqYe8hjRmBr6l2V/FXT3/TyWET1nILG46zwwAxslw3b2LvkhU+9QcuB8
-yC8TCJJ0kgsTZ/EUZPSbwUG7Nn2jkMiyjlyKcjSCQOzEKQyR1xYwyZG40+BPeGbYjmRgm6kcmCxY
-USWoPwNyfke9gNT80f0pUj7wJ9YwWbTIz1rhf/h7rxoMYypXo+JXwaXW/Ra8v1uDcwfKpE5ZgwAU
-nubLXF4A+H7/N7ZvB5XDwJ4W+99nuPsKfwacD8m1sflTXcEPzzhOq6iQ9anJT94/pMctnp827zXA
-y66jvDrin5I=</ds:X509Certificate></ds:X509Data></ds:KeyInfo></ds:Signature><saml2p:Extensions><stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel><stork:spCountry>IS</stork:spCountry><storkp:eIDSectorShare>false</storkp:eIDSectorShare><storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare><storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare><storkp:RequestedAttributes><stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/docRequest" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true"><stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">IS/IS/fbea6e68-0393-401b-b616-f767fff9418c</stork:AttributeValue></stork:RequestedAttribute></storkp:RequestedAttributes></saml2p:Extensions><saml2:Subject><saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/></saml2:Subject></saml2p:AttributeQuery> \ No newline at end of file
+<?xml version="1.0" encoding="UTF-8"?><saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol" xmlns:xs="http://www.w3.org/2001/XMLSchema" AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://A-PEPS.gov.xx/PEPS/AttributeColleagueRequest" ID="_0b74cf761d490383ac5127629a39a458" IssueInstant="2014-04-25T12:49:39.848Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+ <ds:Reference URI="#_0b74cf761d490383ac5127629a39a458">
+ <ds:Transforms>
+ <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+ </ds:Transform>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <ds:DigestValue>2WMvsIXoH1VpwqbNiXG8lWS2ZPc=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>nMfUZiYHyHgSky4NHfDGch8a6UxWupS1Dhk2mu3L065Vq2eKLfDwWjgNkKPDoLcEkgAiDpNlLsS0+nDk8IexAMSq+T54Mlt4AhMRIrDP3SlWya5mqQ0VnxFENGlhi7kSKK2oIMfkiaeIBART7QBZggSZFnk0mw/BzmJM5bJ4Dipymndx7tv98BDlWFZEKH7iSc9uUuMpVygTNDxtEsdMcBKpqYiyVyTln8/xKsqXSL4RA10MYmqfvFsMZWUwQUgdl5tor910/XrAXHXJY50zH0CwekUXszOdvO7s3WvrG4lt3goqq2WDcaeDzizV93+Ih+lVl9PebTtMxCyO4fxw7Q==</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDIjCCAgqgAwIBAgIES6idsjANBgkqhkiG9w0BAQUFADBTMQswCQYDVQQGEwJFUzEOMAwGA1UE
+ CAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxvY2Fs
+ LWRlbW8wHhcNMTMwODI4MTY0NzM1WhcNMTUwODI4MTY0NzM1WjBTMQswCQYDVQQGEwJFUzEOMAwG
+ A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExEzARBgNVBAMMCmxv
+ Y2FsLWRlbW8wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCx+7zEQUbt8Ot9dByR5TuY
+ NPmTwaKhECtnkxYAx9tl+Ga3kFiv+dOSeDoQOhxkICG1ZMaG0Gtk0EQWjscC1cLwDXpAOdhOm5xh
+ ndFHxa3V3Y3zomFZA7A3nwP8wt17wDrc1xi2Ye8VrwO7Vjb/F8Rgutlcrvq+LF4g9nQLoRiKUq8w
+ NFvDlvhBbLr8hMVBMY/jY7tSQ85qLqKUkWRcoDttJjgWZoO1vpBS4m+FywtYdOoHnN6fv4Dvf1r2
+ rNLgebgBvSfwznxiulwW6FBLasYX0rYKP7RfwG8TJ+FumOgAjADj2LdwK25RZNg44XU2V1z1Fp37
+ fNXhfo08LpdD1ueFAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBADMRGTWOmadZyCoJNluV+M7LopjC
+ 9WpFUj76X0cAoNXmt12zYqYe8hjRmBr6l2V/FXT3/TyWET1nILG46zwwAxslw3b2LvkhU+9QcuB8
+ yC8TCJJ0kgsTZ/EUZPSbwUG7Nn2jkMiyjlyKcjSCQOzEKQyR1xYwyZG40+BPeGbYjmRgm6kcmCxY
+ USWoPwNyfke9gNT80f0pUj7wJ9YwWbTIz1rhf/h7rxoMYypXo+JXwaXW/Ra8v1uDcwfKpE5ZgwAU
+ nubLXF4A+H7/N7ZvB5XDwJ4W+99nuPsKfwacD8m1sflTXcEPzzhOq6iQ9anJT94/pMctnp827zXA
+ y66jvDrin5I=</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <stork:spCountry>IS</stork:spCountry>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/docRequest" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:anyType">IS/IS/fbea6e68-0393-401b-b616-f767fff9418c</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
+ <saml2:Subject>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"/>
+ </saml2:Subject>
+</saml2p:AttributeQuery> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml
index becc689fe..5c04f5c93 100644
--- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryRequestTagDelete.xml
@@ -1,66 +1,66 @@
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AttributeQuery xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
- Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_f6c8fc355b9f125cb5283f038e1b3cdf"
- IssueInstant="2013-10-03T10:28:15.449Z" Version="2.0">
- <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:SignatureValue>hhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==</ds:SignatureValue>
- <ds:KeyInfo>
- <ds:X509Data>
- <ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw
- YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v
- LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG
- A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv
- Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab
- ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU
- 0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n
- 6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5
- y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z
- 9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F
- 6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM
- pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT
- /NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq
- yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7
- Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </ds:Signature>
- <saml2p:Extensions>
- <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
- <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
- <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
- <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
- <storkp:RequestedAttributes>
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="false" />
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true">
- <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">16</stork:AttributeValue>
- <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">18</stork:AttributeValue>
- </stork:RequestedAttribute>
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true">
- <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">Sveinbjörn</stork:AttributeValue>
- </stork:RequestedAttribute>
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true">
- <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue>
- </stork:RequestedAttribute>
- </storkp:RequestedAttributes>
- </saml2p:Extensions>
- <saml2:Subject>
- <saml2:SubjectConfirmation
- Method="urn:oasis:names:tc:SAML:1.0:cm:sender-vouches" />
- </saml2:Subject>
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified"
+ Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_f6c8fc355b9f125cb5283f038e1b3cdf"
+ IssueInstant="2013-10-03T10:28:15.449Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignatureValue>hhQXDKNrJJ3Yy/pkZNZF4GlWrA/Xsx4CH9chgVa5HK4qZQvFXvZwegdw6U7rm7qv0zmI4xaLTv/bpmqJzEPfY3sIvrDRu9EouEKwtjbMbcvVQsx7I+j0yy7/cBcQJe3lRwQwyvazfYVbnSeGFxBN6WOHPqv6uInaQO/hXkicT3tBtm8o3UgUDY6c8wIMuD5A0hWTkL6z6f893AbdN85OQYAdHItNsQWeLOIeiGC918X7qqTfhFtBAB2oGVjlsSEqWox1jNqrPl1jjA0dP76m5SIVSqF8XcDR306ZB9GLJywOHKba0lxGLsXOAzJ+8u9jeixJ6VZKFqZg2Fhl/saKbg==</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw
+ YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v
+ LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG
+ A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv
+ Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab
+ ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU
+ 0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n
+ 6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5
+ y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z
+ 9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F
+ 6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM
+ pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT
+ /NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq
+ yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7
+ Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="false" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">16</stork:AttributeValue>
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">18</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">Sveinbjörn</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">ES/IS/1234567890</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
+ <saml2:Subject>
+ <saml2:SubjectConfirmation
+ Method="urn:oasis:names:tc:SAML:1.0:cm:sender-vouches" />
+ </saml2:Subject>
</saml2p:AttributeQuery> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml
index 7ea486812..79c59f5ed 100644
--- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AttrQueryResponse.xml
@@ -1,124 +1,124 @@
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained"
- Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_483140d440fc4eef8e949ace49669f2e"
- InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" IssueInstant="2013-10-08T09:11:17.255Z"
- Version="2.0">
- <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer>
- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:SignedInfo>
- <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <ds:Reference URI="#_483140d440fc4eef8e949ace49669f2e">
- <ds:Transforms>
- <ds:Transform
- Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
- <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
- PrefixList="xs" />
- </ds:Transform>
- </ds:Transforms>
- <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <ds:DigestValue>yMOVS1T/yRiVh3L6IBM9rR9Ie3w=</ds:DigestValue>
- </ds:Reference>
- </ds:SignedInfo>
- <ds:SignatureValue>d8e/RyNNPmnHRIzTIuRSnW6B60oWGBGxjRua/HvNxTuod0qSarYJxEedhY9Wl1Z9WYXlry28FuKjp3DA3HhzNaVd7A7QpFqNC4dnizSVWFjxlhmoE/Uv3Y/ha9P/fk6nbtHCSKW4kHSX7QfFLeggcLmUG0IULRF8UmRdQ0WerCl0aSZZeSp8J3LsFBPeWCRSwXgfiLn+RehggzZmQU6g0ssxrpnsYEAtjAiOli+YVQGuumsZGaJ8zHA/DgJ2FTGovNUyfuSUFLhd9nLlSqFs2Avnx0Ck7Q1dxDO5truOm6e285YLHqLaGdetFyPQAj/Z4w4RJ5u5X6d7rhBjTfRAAw==</ds:SignatureValue>
- <ds:KeyInfo>
- <ds:X509Data>
- <ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw
- YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v
- LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG
- A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv
- Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab
- ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU
- 0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n
- 6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5
- y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z
- 9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F
- 6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM
- pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT
- /NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq
- yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7
- Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </ds:Signature>
- <saml2p:Status>
- <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
- <saml2p:StatusMessage>urn:oasis:names:tc:SAML:2.0:status:Success</saml2p:StatusMessage>
- </saml2p:Status>
- <saml2:Assertion ID="_9ed05849dee5c154e62fa9e3ba53e9f3"
- IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0">
- <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer>
- <saml2:Subject>
- <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
- NameQualifier="http://C-PEPS.gov.xx">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</saml2:NameID>
- <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
- <saml2:SubjectConfirmationData
- Address="111.222.333.444" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed"
- NotOnOrAfter="2013-10-08T09:16:17.255Z" />
- </saml2:SubjectConfirmation>
- </saml2:Subject>
- <saml2:Conditions NotBefore="2013-10-08T09:11:17.255Z"
- NotOnOrAfter="2013-10-08T09:16:17.255Z">
- <saml2:AudienceRestriction>
- <saml2:Audience>http://S-PEPS.gov.xx</saml2:Audience>
- </saml2:AudienceRestriction>
- <saml2:OneTimeUse />
- </saml2:Conditions>
- <saml2:AuthnStatement AuthnInstant="2013-10-08T09:11:17.255Z">
- <saml2:SubjectLocality Address="111.222.333.444" />
- <saml2:AuthnContext>
- <saml2:AuthnContextDecl />
- </saml2:AuthnContext>
- </saml2:AuthnStatement>
- <saml2:AttributeStatement>
- <saml2:Attribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- stork:AttributeStatus="Available">
- <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">16/12/2008</saml2:AttributeValue>
- </saml2:Attribute>
- <saml2:Attribute
- Name="http://www.stork.gov.eu/1.0/canonicalResidenceAddress"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- stork:AttributeStatus="Available">
- <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">
- <stork:postalCode xsi:type="xs:anyType">105</stork:postalCode>
- <stork:state xsi:type="xs:anyType">IS</stork:state>
- <stork:streetNumber xsi:type="xs:anyType">10</stork:streetNumber>
- <stork:streetName xsi:type="xs:anyType">Gudrunartun</stork:streetName>
- <stork:town xsi:type="xs:anyType">Reykjavik</stork:town>
- </saml2:AttributeValue>
- </saml2:Attribute>
- <saml2:Attribute Name="http://www.stork.gov.eu/1.0/newAttribute2"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- stork:AttributeStatus="Available">
- <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">
- <stork:value3 xsi:type="xs:anyType">value3</stork:value3>
- <stork:value4 xsi:type="xs:anyType">value4</stork:value4>
- <stork:value1 xsi:type="xs:anyType">value1</stork:value1>
- <stork:value2 xsi:type="xs:anyType">value2</stork:value2>
- </saml2:AttributeValue>
- </saml2:Attribute>
- <saml2:Attribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- stork:AttributeStatus="Available">
- <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">16</saml2:AttributeValue>
- <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">18</saml2:AttributeValue>
- </saml2:Attribute>
- <saml2:Attribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- stork:AttributeStatus="Available">
- <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:type="xs:anyType">123456789IS</saml2:AttributeValue>
- </saml2:Attribute>
- </saml2:AttributeStatement>
- </saml2:Assertion>
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ xmlns:xs="http://www.w3.org/2001/XMLSchema" Consent="urn:oasis:names:tc:SAML:2.0:consent:obtained"
+ Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest" ID="_483140d440fc4eef8e949ace49669f2e"
+ InResponseTo="_0a22c1120bf2de912714c24e99dd38ed" IssueInstant="2013-10-08T09:11:17.255Z"
+ Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <ds:Reference URI="#_483140d440fc4eef8e949ace49669f2e">
+ <ds:Transforms>
+ <ds:Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
+ PrefixList="xs" />
+ </ds:Transform>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>yMOVS1T/yRiVh3L6IBM9rR9Ie3w=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>d8e/RyNNPmnHRIzTIuRSnW6B60oWGBGxjRua/HvNxTuod0qSarYJxEedhY9Wl1Z9WYXlry28FuKjp3DA3HhzNaVd7A7QpFqNC4dnizSVWFjxlhmoE/Uv3Y/ha9P/fk6nbtHCSKW4kHSX7QfFLeggcLmUG0IULRF8UmRdQ0WerCl0aSZZeSp8J3LsFBPeWCRSwXgfiLn+RehggzZmQU6g0ssxrpnsYEAtjAiOli+YVQGuumsZGaJ8zHA/DgJ2FTGovNUyfuSUFLhd9nLlSqFs2Avnx0Ck7Q1dxDO5truOm6e285YLHqLaGdetFyPQAj/Z4w4RJ5u5X6d7rhBjTfRAAw==</ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIDJzCCAg8CBEuonbIwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UEBhMCRVMxDjAMBgNVBAgMBVNw
+ YWluMQ8wDQYDVQQHDAZNYWRyaWQxDjAMBgNVBAoMBUluZHJhMRgwFgYDVQQDDA9sb2NhbC1kZW1v
+ LWNlcnQwHhcNMTAwMzIzMTA1MzM4WhcNMTAwNjAxMTA1MzM4WjBYMQswCQYDVQQGEwJFUzEOMAwG
+ A1UECAwFU3BhaW4xDzANBgNVBAcMBk1hZHJpZDEOMAwGA1UECgwFSW5kcmExGDAWBgNVBAMMD2xv
+ Y2FsLWRlbW8tY2VydDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJfdQ1/mkM9sqqab
+ ri8qqqX4s0J6UEEXyF+0AjLU8RC4WMeYFSZ5tfwnyLsoXY0/9bZLXnBxSibQYaf4SnpZJhlVA4sU
+ 0d8qyEWA2OvXGDCm7uspGHG3CRQa7fpHsmHmfIAqho9XDlwpwJdx5gK4Edc6aArcMQfjqMhy1s1n
+ 6Of1i1lMGGsGrERIRY7biIQu/8nITbHH18sUAZMG1u/Q0Avi9O3LWyswHXUouZ818fWwG6xru2N5
+ y6vtVO/SL3doRSdqYkEms93TgxTtaKg8XNe24zhNTte6nvWLaKesi2KzZGC57HU47HBFEs8NWk7z
+ 9BDf8uLyPz9VDahwVKzMto8CAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAgpuReXQ7Dsfdoe5zzy2F
+ 6kn1qqtMkRGsBPKnDFCI/GkIZpBiqlfwdh6sipnFKWfKEDlPKN1kEhbkDR2GA1Cp4F4ZSL/HumZM
+ pWabRhDxhTPvHIFbbShPDJY93+jw/yQeaWgMuhw3WzdH9TrVoRZH0Q7sG1pIJo5/6IogIZwFvJHT
+ /NDutKmurU6Lw8Vnde8PfnQd+FTEhz0SEGyKkWjAuhGbJfseBy/z3L+MJq1rdSQ9PF7wXDvWNzJq
+ yaNBUWWBV1TskvkNZXcaguroVPy2XhA1aixlAajWEXLk6Uuj5UYqalrV/reNYvDvY0BV2CIn51r7
+ Ppm8IFVTk8mYfX8/jw==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Status>
+ <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" />
+ <saml2p:StatusMessage>urn:oasis:names:tc:SAML:2.0:status:Success</saml2p:StatusMessage>
+ </saml2p:Status>
+ <saml2:Assertion ID="_9ed05849dee5c154e62fa9e3ba53e9f3"
+ IssueInstant="2013-10-08T09:11:17.255Z" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://C-PEPS.gov.xx</saml2:Issuer>
+ <saml2:Subject>
+ <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"
+ NameQualifier="http://C-PEPS.gov.xx">urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</saml2:NameID>
+ <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
+ <saml2:SubjectConfirmationData
+ Address="111.222.333.444" InResponseTo="_0a22c1120bf2de912714c24e99dd38ed"
+ NotOnOrAfter="2013-10-08T09:16:17.255Z" />
+ </saml2:SubjectConfirmation>
+ </saml2:Subject>
+ <saml2:Conditions NotBefore="2013-10-08T09:11:17.255Z"
+ NotOnOrAfter="2013-10-08T09:16:17.255Z">
+ <saml2:AudienceRestriction>
+ <saml2:Audience>http://S-PEPS.gov.xx</saml2:Audience>
+ </saml2:AudienceRestriction>
+ <saml2:OneTimeUse />
+ </saml2:Conditions>
+ <saml2:AuthnStatement AuthnInstant="2013-10-08T09:11:17.255Z">
+ <saml2:SubjectLocality Address="111.222.333.444" />
+ <saml2:AuthnContext>
+ <saml2:AuthnContextDecl />
+ </saml2:AuthnContext>
+ </saml2:AuthnStatement>
+ <saml2:AttributeStatement>
+ <saml2:Attribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">16/12/2008</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute
+ Name="http://www.stork.gov.eu/1.0/canonicalResidenceAddress"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">
+ <stork:postalCode xsi:type="xs:anyType">105</stork:postalCode>
+ <stork:state xsi:type="xs:anyType">IS</stork:state>
+ <stork:streetNumber xsi:type="xs:anyType">10</stork:streetNumber>
+ <stork:streetName xsi:type="xs:anyType">Gudrunartun</stork:streetName>
+ <stork:town xsi:type="xs:anyType">Reykjavik</stork:town>
+ </saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute Name="http://www.stork.gov.eu/1.0/newAttribute2"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">
+ <stork:value3 xsi:type="xs:anyType">value3</stork:value3>
+ <stork:value4 xsi:type="xs:anyType">value4</stork:value4>
+ <stork:value1 xsi:type="xs:anyType">value1</stork:value1>
+ <stork:value2 xsi:type="xs:anyType">value2</stork:value2>
+ </saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">16</saml2:AttributeValue>
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">18</saml2:AttributeValue>
+ </saml2:Attribute>
+ <saml2:Attribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ stork:AttributeStatus="Available">
+ <saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:type="xs:anyType">123456789IS</saml2:AttributeValue>
+ </saml2:Attribute>
+ </saml2:AttributeStatement>
+ </saml2:Assertion>
</saml2p:Response> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml
index c48bfde95..93e778113 100644
--- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequest.xml
@@ -1,72 +1,72 @@
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse"
- Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest"
- ForceAuthn="true" ID="_e54eee285e7b8e2772875c406ec39674" IsPassive="false"
- IssueInstant="2010-06-08T07:37:54.533Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
- ProviderName="University of Oxford" Version="2.0">
- <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:SignedInfo>
- <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
- <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <ds:Reference URI="#_e54eee285e7b8e2772875c406ec39674">
- <ds:Transforms>
- <ds:Transform
- Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
- <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
- <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
- PrefixList="ds saml2 saml2p stork storkp xs" />
- </ds:Transform>
- </ds:Transforms>
- <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
- <ds:DigestValue>yzsqaxBNicOrixBUno5cL0CBOpE=</ds:DigestValue>
- </ds:Reference>
- </ds:SignedInfo>
- <ds:SignatureValue>
- Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC
- wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi
- YIN/BUEtXkoYTjPtkmA=
- </ds:SignatureValue>
- <ds:KeyInfo>
- <ds:X509Data>
- <ds:X509Certificate>MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw
- MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG
- 9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu
- h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r
- /WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk
- 3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K
- eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq
- KAoZgbUK0Zld3Dsheg==</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </ds:Signature>
- <saml2p:Extensions>
- <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
- <stork:spSector>EDU001</stork:spSector>
- <stork:spInstitution>OXF001</stork:spInstitution>
- <stork:spApplication>APP001</stork:spApplication>
- <stork:spCountry>EN</stork:spCountry>
- <storkp:eIDSectorShare>true</storkp:eIDSectorShare>
- <storkp:eIDCrossSectorShare>true</storkp:eIDCrossSectorShare>
- <storkp:eIDCrossBorderShare>true</storkp:eIDCrossBorderShare>
- <storkp:RequestedAttributes>
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true">
- <stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">16</stork:AttributeValue>
- <stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">18</stork:AttributeValue>
- </stork:RequestedAttribute>
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="false" />
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true" />
- </storkp:RequestedAttributes>
- </saml2p:Extensions>
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:assertion" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ AssertionConsumerServiceURL="http://S-PEPS.gov.xx/PEPS/ColleagueResponse"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://C-PEPS.gov.xx/PEPS/ColleagueRequest"
+ ForceAuthn="true" ID="_e54eee285e7b8e2772875c406ec39674" IsPassive="false"
+ IssueInstant="2010-06-08T07:37:54.533Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ ProviderName="University of Oxford" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignedInfo>
+ <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+ <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+ <ds:Reference URI="#_e54eee285e7b8e2772875c406ec39674">
+ <ds:Transforms>
+ <ds:Transform
+ Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+ <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+ <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
+ PrefixList="ds saml2 saml2p stork storkp xs" />
+ </ds:Transform>
+ </ds:Transforms>
+ <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+ <ds:DigestValue>yzsqaxBNicOrixBUno5cL0CBOpE=</ds:DigestValue>
+ </ds:Reference>
+ </ds:SignedInfo>
+ <ds:SignatureValue>
+ Xycll1PF7hh3Xdykpr6nIr8Q6PQ6OxLIBBBugoGpAm/V4Hu7tKakHJp8TgtRWZ30jG5eolOXnJkC
+ wiaTVUFaQz7cNn27syRJkdA+eYlz9doiwUJ5eD1cAyddZYsNPpSeAj5UK45oN0qCH+/pI9mRw8Oi
+ YIN/BUEtXkoYTjPtkmA=
+ </ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIBmDCCAQECBEuWisIwDQYJKoZIhvcNAQEFBQAwEzERMA8GA1UEAxMIY291bnRyeTEwHhcNMTAw
+ MzA5MTc1MjAyWhcNMTAwNjA3MTc1MjAyWjATMREwDwYDVQQDEwhjb3VudHJ5MTCBnzANBgkqhkiG
+ 9w0BAQEFAAOBjQAwgYkCgYEAnb2gcchwxvJBclcsfCBWJnYefLJYQnDGCQ3RUtYZc26JznnLXclu
+ h1XfLJlWgYk/pFKz7B9KfJztal47c6mBfisnxjhdcLqcbXOuRIm7E8TZPzdbHEd60WHPDv20jr+r
+ /WkOQs12tKQMbgDX2wtBBcJODLYCDiYa1oQsnyhdOGkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQBk
+ 3luVRc0EqEE1zZeYvRPi5a2yOZfI9H+/rXI1qNLwmICnuJX++ukUbqJHm/FV1iSPM9O9oqzifJ/K
+ eKL5EcUugJ76Tu5XO8za2FoJvYr+jIZDsEkCg+OSzcp/eljiWAIh2enZcQ/ON6QxWXeSNJPH0xOq
+ KAoZgbUK0Zld3Dsheg==</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <stork:spSector>EDU001</stork:spSector>
+ <stork:spInstitution>OXF001</stork:spInstitution>
+ <stork:spApplication>APP001</stork:spApplication>
+ <stork:spCountry>EN</stork:spCountry>
+ <storkp:eIDSectorShare>true</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>true</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>true</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/isAgeOver"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true">
+ <stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">16</stork:AttributeValue>
+ <stork:AttributeValue xmlns:xs="http://www.w3.org/2001/XMLSchema"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">18</stork:AttributeValue>
+ </stork:RequestedAttribute>
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="false" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/eIdentifier"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
</saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml
index 8766f9a8b..cca0dbc27 100644
--- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDelete.xml
@@ -1,47 +1,47 @@
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage"
- Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://locahost:8080/PEPS/ServiceProvider"
- ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false"
- IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
- ProviderName="PT-SP" Version="2.0">
- <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:SignatureValue>
- S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR
- Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC
- Xt8p8tK3EoMocZse2hw=
- </ds:SignatureValue>
- <ds:KeyInfo>
- <ds:X509Data>
- <ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw
- OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA
- A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl
- lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK
- ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl
- r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w
- kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS
- 3cyl/wz8</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </ds:Signature>
- <saml2p:Extensions>
- <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
- <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
- <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
- <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
- <storkp:RequestedAttributes>
- <stork:RequestedAttribute
- Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true" />
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true" />
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true" />
- </storkp:RequestedAttributes>
- </saml2p:Extensions>
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://locahost:8080/PEPS/ServiceProvider"
+ ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false"
+ IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ ProviderName="PT-SP" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignatureValue>
+ S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR
+ Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC
+ Xt8p8tK3EoMocZse2hw=
+ </ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw
+ OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA
+ A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl
+ lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK
+ ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl
+ r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w
+ kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS
+ 3cyl/wz8</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute
+ Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
</saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml
index 1b1e1646c..db606145c 100644
--- a/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/data/eu/stork/STORKSAMLEngine/AuthnRequestTagDeleteEncoded.xml
@@ -1,47 +1,47 @@
<?xml version="1.0" encoding="UTF-8"?>
<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol"
- xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
- AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage"
- Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://localhost:8080/PEPS/ServiceProvider"
- ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false"
- IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
- ProviderName="PT-SP" Version="2.0">
- <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:SignatureValue>
- S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR
- Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC
- Xt8p8tK3EoMocZse2hw=
- </ds:SignatureValue>
- <ds:KeyInfo>
- <ds:X509Data>
- <ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw
- OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA
- A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl
- lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK
- ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl
- r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w
- kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS
- 3cyl/wz8</ds:X509Certificate>
- </ds:X509Data>
- </ds:KeyInfo>
- </ds:Signature>
- <saml2p:Extensions>
- <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
- <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
- <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
- <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
- <storkp:RequestedAttributes>
- <stork:RequestedAttribute
- Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true" />
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true" />
- <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
- NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
- isRequired="true" />
- </storkp:RequestedAttributes>
- </saml2p:Extensions>
+ xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"
+ xmlns:stork="urn:eu:stork:names:tc:STORK:1.0:stork" xmlns:storkp="urn:eu:stork:names:tc:STORK:1.0:protocol"
+ AssertionConsumerServiceURL="http://localhost:8080/SP/ReturnPage"
+ Consent="urn:oasis:names:tc:SAML:2.0:consent:unspecified" Destination="http://localhost:8080/PEPS/ServiceProvider"
+ ForceAuthn="true" ID="_0c64ff85-1323-4618-847b-12d1983b86e4" IsPassive="false"
+ IssueInstant="2010-04-07T16:45:03.593Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
+ ProviderName="PT-SP" Version="2.0">
+ <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://S-PEPS.gov.xx</saml2:Issuer>
+ <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+ <ds:SignatureValue>
+ S6nY97RSCUJXq3HZ5obSLCI341LvtAA3vHjR1FWxrIMDPACQMqlNWBYNnRP1RiZiJV6x0RieH+SR
+ Vkiy03jYyhr0XkwAE5Wd6Huf+zIbeTXjZkdQj7JpAXoB+ky4G/+L0deamvsP3eO7ZJ4grady4gmC
+ Xt8p8tK3EoMocZse2hw=
+ </ds:SignatureValue>
+ <ds:KeyInfo>
+ <ds:X509Data>
+ <ds:X509Certificate>MIIBkTCB+wIESpT8bTANBgkqhkiG9w0BAQUFADAQMQ4wDAYDVQQDEwVzdG9yazAeFw0wOTA4MjYw
+ OTEyMTNaFw0wOTExMjQwOTEyMTNaMBAxDjAMBgNVBAMTBXN0b3JrMIGfMA0GCSqGSIb3DQEBAQUA
+ A4GNADCBiQKBgQDK/QL8NuMd41I1lObObeRA6DaM8bjeYqIz5mg5WnnZv4jlcK7Gq89Lk6htXRFl
+ lAXpDYhI3zolMIMHEMZ3zQQPc7lgTV6Bbz9uD2YTJ9Kx55e8Y6Y49DO+TiiejGJxTzTFUcuBJHaK
+ ipuvLVd1a8N3RAnaGSUOozhrTqxba82mEwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBAFJgeS18nhUl
+ r7WnvSn9FlkI94U//Hk3iZLc3/cScTu7D7Y/J0eUq4TF8PsSzWX5khGuqrTkswNgfEtl2IpACQ2w
+ kB8+RxeRNdddQlGHlO4ZqnpvxXBwSouiy2yUeAo0y++vMFm6DO4sxfk8eTtimPDo5SzBtjtGtbqS
+ 3cyl/wz8</ds:X509Certificate>
+ </ds:X509Data>
+ </ds:KeyInfo>
+ </ds:Signature>
+ <saml2p:Extensions>
+ <stork:QualityAuthenticationAssuranceLevel>3</stork:QualityAuthenticationAssuranceLevel>
+ <storkp:eIDSectorShare>false</storkp:eIDSectorShare>
+ <storkp:eIDCrossSectorShare>false</storkp:eIDCrossSectorShare>
+ <storkp:eIDCrossBorderShare>false</storkp:eIDCrossBorderShare>
+ <storkp:RequestedAttributes>
+ <stork:RequestedAttribute
+ Name="http://www.stork.gov.eu/1.0/nationalityCode" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/dateOfBirth"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ <stork:RequestedAttribute Name="http://www.stork.gov.eu/1.0/givenName"
+ NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
+ isRequired="true" />
+ </storkp:RequestedAttributes>
+ </saml2p:Extensions>
</saml2p:AuthnRequest> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/logback-test.xml b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml
index 99d7d353a..84d48c00e 100644
--- a/id/server/stork2-saml-engine/src/test/resources/logback-test.xml
+++ b/id/server/stork2-saml-engine/src/test/resources/logback-test.xml
@@ -2,20 +2,20 @@
<!-- Basic configuration used until the IdP can load the real configuration -->
<configuration>
- <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
- <layout class="ch.qos.logback.classic.PatternLayout">
- <Pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
- </Pattern>
- </layout>
- </appender>
+ <appender name="STDOUT" class="ch.qos.logback.core.ConsoleAppender">
+ <layout class="ch.qos.logback.classic.PatternLayout">
+ <Pattern>%d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n
+ </Pattern>
+ </layout>
+ </appender>
- <logger name="eu.stork">
- <level value="DEBUG" />
- </logger>
+ <logger name="eu.stork">
+ <level value="DEBUG" />
+ </logger>
- <root>
- <appender-ref ref="STDOUT" />
- <level value="INFO" />
- </root>
+ <root>
+ <appender-ref ref="STDOUT" />
+ <level value="INFO" />
+ </root>
</configuration> \ No newline at end of file
diff --git a/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg
index bd9f357ce..84f7050d1 100644
--- a/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg
+++ b/id/server/stork2-saml-engine/src/test/resources/p11Conf.cfg
@@ -1,21 +1,15 @@
-//ATTRIBUTE VALUE
-//name name suffix of this provider instance
-//library pathname of PKCS#11 implementation
-//slotListIndex slot index
-
-//PREFIX DESCRIPTION
-//CKO_ Object class
-//CKA_ Attribute
-//CKK_ Key type
-
-//attributes(operation, keytype, keyalgorithm) = {
-// name1 = value1
-// [...]
-//}
-
-name=nameProvider
-library=library.dll
-slotListIndex=0
+name=OpenDNSSEC
+library = /usr/lib/softhsm/libsofthsm.so
+slot = 0
+attributes(generate, *, *) = {
+ CKA_TOKEN = true
+}
+attributes(generate, CKO_CERTIFICATE, *) = {
+ CKA_PRIVATE = false
+}
+attributes(generate, CKO_PUBLIC_KEY, *) = {
+ CKA_PRIVATE = false
+}
attributes(*,CKO_PUBLIC_KEY,CKK_RSA)={
CKA_VERIFY=true
}