Alter trust engine test to leverage KeyInfoReference.

[shibboleth/cpp-opensaml.git] / samltest / data / security / example-metadata.xml

diff --git a/samltest/data/security/example-metadata.xml b/samltest/data/security/example-metadata.xml
index 9cd8666..290ffc8 100644 (file)
--- a/samltest/data/security/example-metadata.xml
+++ b/samltest/data/security/example-metadata.xml
@@ -1,13 +1,14 @@
 <EntitiesDescriptor
        xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
-       xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+       xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
+    xmlns:ds11="http://www.w3.org/2009/xmldsig11#">
 
 <EntityDescriptor 
        entityID="https://idp.example.org">
        
        <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
                <KeyDescriptor use="signing">
-                   <ds:KeyInfo>
+                   <ds:KeyInfo Id="examplekey">
                        <ds:KeyName>sp.example.org</ds:KeyName>
                        <ds:X509Data>
                                <ds:X509Certificate>
@@ -50,4 +51,19 @@
        
 </EntityDescriptor>
 
+<EntityDescriptor 
+    entityID="https://idp3.example.org">
+    
+    <IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
+        <KeyDescriptor use="signing">
+            <ds:KeyInfo>
+                <ds11:KeyInfoReference URI="#examplekey"/>
+            </ds:KeyInfo>
+        </KeyDescriptor>
+        
+        <SingleSignOnService Binding="foo" Location="foo"/>
+    </IDPSSODescriptor>
+    
+</EntityDescriptor>
+
 </EntitiesDescriptor>
\ No newline at end of file