An open discussion list for topics related to the eduGAIN interfederation service.

[Peter Schober <peter.schober AT univie.ac.at>]

* Peter Schober <peter.schober AT univie.ac.at> [2020-05-15 17:30]:
> > I am asking for an example entity as cannot find one myself
> 
> Again, if you have (or anyone else you care about has) such a system
> at hand then this system should be able to produce its own SAML 2.0
> Metadata including the stuff for WS-*.
> According to SO the well-known URL to get the metadata from is
> https://FQDN/federationmetadata/2007-06/federationmetadata.xml

To make this even easier:

Here' a list of likely MS-ADFS implementations:
https://met.refeds.org/met/search_service/?entityid=%2Fadfs%2F
(Many of them have the string /adfs/ as part of their entityID which
I'm using here to guess at the implementation.)

For any entityID value here remove everything after the host name and
add /federationmetadata/2007-06/federationmetadata.xml at the end.
For good measure also replace the http scheme with https.
This is where each of those servers will (likely) provide you with the
SAML 2.0 Metadata containing also the non-SAML stuff you so much
desire but could not find anywhere.

Here's a script that will try to automate the above, outputting
metadata from currently 246 of such entities, if successful:

```sh
curl -sSo mds.xml https://mds.edugain.org
xmlstarlet sel -t -v 
'//_:EntityDescriptor[contains(@entityID,"/adfs/")]/@entityID' -n mds.xml > 
mds.adfs
sed -r 
's|^https?://([^/]+)/adfs/.*|https://\1/federationmetadata/2007-06/federationmetadata.xml|'
 < mds.adfs > mds.adfs.mdurl
while read host; do curl -m3 -k $host ; done < mds.adfs.mdurl
```

Cheers,
-peter