Módosítások

AA Testing

353 bájt hozzáadva, 2017. szeptember 15., 21:36
Source: Add argument for AA cert, remove redundancy
You need a valid principal (eduPersonPrincipalName) and the X.509 credentials of an existing Service Provider to use this script.
----== Source ==
<source lang="bash">
 
#!/bin/bash
Options:
-a uri Attribute Authority URI. Defaults to 'https://hexaa$AA_URI' -C certfile Attribute Authority metadata certificate in PEM format.eduidDefaults to '$AACert'.hu:8443/simplesaml/module.php/aa/attributeserver.php' -p principal Testing principal (user name / subject). Defaults to 'bajnokk@niif.hu$Principal'. -s entity EntityID of the SP on behalf of which the request is made. Defaults to 'https://sp.hexaa.eduid.hu/test$ReqSP' -k keyfile Key file in PEM format containing the key of the SP used for the request. Defaults to 'keys/test.sp.hexaa.eduid.hu-fed.key$ReqKey' -c certfile Cert file in PEM format containing the certificate of the SP used for the request. Defaults to 'keys/test.sp.hexaa.eduid.hu-fed.crt$ReqCert'
EOS
exit 3
a)
AA_URI=$OPTARG
;;
C)
AACert=$OPTARG
;;
p)
curl --silent --show-error --cacert $AACert --cert $ReqCert --key $ReqKey \
--header "Content-Type: text/xml;charset=UTF-8" --data @- $AA_URI
</source>
<== Validation of response ==Signature validation: xmlsec1 --verify --id-attr:ID "urn:oasis:names:tc:SAML:2.0:protocol:Response" --trusted-pem $aacert $response 2>/dev/null Content validation: xmllint --xpath "/source>/*[local-name()='Attribute'][@Name='$attribute']/*[local-name()='AttributeValue']/text()" $response
[[Category: HOWTO]]
A lap eredeti címe: „https://wiki.niif.hu/index.php?title=Speciális:MobileDiff/4215...4217

Navigációs menü