<?xml version="1.0" encoding="UTF-8"?>

<!--
 This is example metadata only. Do *NOT* supply it as is without review,
and do *NOT* provide it in real time to your partners.
This metadata is not dynamic - it will not change as your configuration changes.
On Demand Metadata Generation available from the metadatagen plugin. -->

<md:EntityDescriptor entityID="https://idp-dev.mhb-fontane.de/idp/shibboleth" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">

<!-- Beschreibung und Logo aktivieren -->
        <md:Extensions>
            <shibmd:Scope regexp="false">mhb-fontane.de</shibmd:Scope>
            <mdui:UIInfo>
                <mdui:DisplayName xml:lang="en">Brandenburg Medical School</mdui:DisplayName>
		<mdui:DisplayName xml:lang="de">Die Medizinische Hochschule Brandenburg </mdui:DisplayName>
                <mdui:Description xml:lang="en">Identity Provider of the Brandenburg Medical School</mdui:Description>
		<mdui:Description xml:lang="de">Identity Provider der Medizinische Hochschule Brandenburg</mdui:Description>
		<mdui:Logo height="16" width="16">https://idp-dev.mhb-fontane.de/idp/images/favicon.ico</mdui:Logo>
                <mdui:Logo  width="80" height="80">https://idp-dev.mhb-fontane.de/idp/images/logo.png</mdui:Logo>

            </mdui:UIInfo>
        </md:Extensions>


<!-- First signing certificate is BackChannel, the Second is FrontChannel -->
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>
MIIH4jCCBkqgAwIBAgIQLDOotjGIrFTcNznpa8D+YzANBgkqhkiG9w0BAQsFADBgMQswCQYDVQQG
EwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9u
cyBDQTEYMBYGA1UEAwwPR0VBTlQgVExTIFJTQSAxMB4XDTI1MTExMjEyMjgyOVoXDTI2MTExMjEy
MjgyOVowfjELMAkGA1UEBhMCREUxFDASBgNVBAgMC0JyYW5kZW5idXJnMTgwNgYDVQQKDC9NZWRp
emluaXNjaGUgSG9jaHNjaHVsZSBCcmFuZGVuYnVyZyBDQU1QVVMgR21iSDEfMB0GA1UEAwwWaWRw
LWRldi5taGItZm9udGFuZS5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANR1Bgp5
bIbtAvRqNBXhGpXvRM0bKWYvepIi+ShbG2k/goaESr1gjqS7WmMDpaR92r1AayUwbJEhaNY9sZbh
2LS4GfvmUspZ/liLwN4VAPTyu9Y9HC5Lj7CsLBJPWFk9+D1MndkE0N4WTmM8ya7cxZICU2PxBvPD
kxakeqIwGwjaCzbIxRfSdKEjLa2iUz8YOSzh73dEIynSY1HmZlcNkMKdmKvL8PkXZdM/Ak+tcUcz
CADYmgKtZYH4TbFT88t9i2wqi+ZKZUSXKxCj+oOfR1UQIRBBveLUgq4/WuIwGRv337o0Rjj3nELs
a4Qyk7uMcPPUFTHp3r2sPbXZ1zvSq04FRki1zEprNC9hjb04Km+bXC/NMs83NFvzN2t+wqJ4Jtme
01vYFkIy1I9uleiwZPTlYaa9BPLse7CLK9QWpeKKGtyKOsUHddAcgOVeKmvXm041yTAXnWprXmRG
XJG9H02tCPwyfMztCdPj4RqwISCvXUZXKRkfQFpxY2rjq8ZU/9TtOEEImq3lgCr3IUlB3JUml9Fh
BymPDS8+o5WxW87279uheJmN1pjyhN70UqY3KpwxLnm86jwVQqfsVd4I1uVvNGHqWyBEDzfRRv5I
qrRfdFn8A5HDFoxkFEw45g/oo1BAs06I/Ejt8fSUAPq0/oKJXAQgxPoE+pFl8ypzLKu1AgMBAAGj
ggL4MIIC9DAfBgNVHSMEGDAWgBSGAXI/jKlw4jEGUxbOAV9becg8OzBvBggrBgEFBQcBAQRjMGEw
OAYIKwYBBQUHMAKGLGh0dHA6Ly9jcnQuaGFyaWNhLmdyL0hBUklDQS1HRUFOVC1UTFMtUjEuY2Vy
MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC10bHMuaGFyaWNhLmdyMCEGA1UdEQQaMBiCFmlkcC1k
ZXYubWhiLWZvbnRhbmUuZGUwLQYDVR0gBCYwJDAIBgZngQwBAgIwCAYGBACPegEHMA4GDCsGAQQB
gc8RAQEBAjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwPQYDVR0fBDYwNDAyoDCgLoYs
aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLUdFQU5ULVRMUy1SMS5jcmwwHQYDVR0OBBYEFOI+
TxByN8BU1LdDG54DO/xPeUA0MA4GA1UdDwEB/wQEAwIFoDCCAX8GCisGAQQB1nkCBAIEggFvBIIB
awFpAHYAr2eIO1ewTt2Pptl+9i6o64EKx3Fg8CReVdYML+eFhzoAAAGaeBMiLgAABAMARzBFAiEA
iKzUc1Cd5J1PQnDD/HmekqKJBmrZt/A7bCMsyJHsa/oCIHZlSZdhZAreHgAmD/8mKs9Vujl5Zd3T
+XaQU3VF31v4AHYA2AlVO5RPev/IFhlvlE+Fq7D4/F6HVSYPFdEucrtFSxQAAAGaeBMh/QAABAMA
RzBFAiApP9mzFF0dwuPPC+aqxui4w0BkFv86r/Rbzei7Xo4jMwIhAOLJ03IggoXcvHphXtxd8lOU
xmTVOQqXVUbnkPepnuTwAHcArKswcGzr7IQx9BPS9JFfER5CJEOx8qaMTzwrO6ceAsMAAAGaeBMi
MAAABAMASDBGAiEAp3xeladpjz1FNWGO6Ztg+VJbiv2Spz4YhrW6ASY1iUoCIQDqum3G4gthlPQx
n23WVXok2f9ERUaRx9J10agnVTw/rzANBgkqhkiG9w0BAQsFAAOCAYEAFe+j9/ohSwYHYzyAbtg3
lurE37nDgqyMMpGopRgajWJH+oXpeacIBCX988M6/bNAB52VDGtniyFPz5lrgTq80hy1oWcCRYrQ
GIqBOAyF28Jxui1DeRqHTVNHZQbD16AHYo4GkCOEX6jHPq6XXuhKKxDGUqP8Nbw7sBQAB5OrGThT
Ai1Xco2vAxaxul2xRYuWcMLiJRrH6oWW9XHo0xH78nkKJnzCMQ8m7mo0C3xBn+k5JbetMROeLW56
M5jBjrrvgp4bA+fcu9jB2DKI8geNzD06H/m2V5lI+wbQBdzRA2TIIoSRAxWh3plbEioDRSaoj5eJ
Cur6gCFe7zNvGfSmiJo/bIY/rKYd7yCz/z4UPM9q0hGBrnMTPYulyiq8O7k5ZZZn9RBgeXDg+5cu
fDwThULv5Q60rVKDi0FkqbgFjqj9aoXKeGUcbFMWaQnJ8wxjwQS0CrZ/gKVlME5SJL2pqktqZpWE
/BUcpz0UaZeynkNQD96H2htuEZZXWQWV3tRz
                    </ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="signing">
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>
MIIH4jCCBkqgAwIBAgIQLDOotjGIrFTcNznpa8D+YzANBgkqhkiG9w0BAQsFADBgMQswCQYDVQQG
EwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9u
cyBDQTEYMBYGA1UEAwwPR0VBTlQgVExTIFJTQSAxMB4XDTI1MTExMjEyMjgyOVoXDTI2MTExMjEy
MjgyOVowfjELMAkGA1UEBhMCREUxFDASBgNVBAgMC0JyYW5kZW5idXJnMTgwNgYDVQQKDC9NZWRp
emluaXNjaGUgSG9jaHNjaHVsZSBCcmFuZGVuYnVyZyBDQU1QVVMgR21iSDEfMB0GA1UEAwwWaWRw
LWRldi5taGItZm9udGFuZS5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANR1Bgp5
bIbtAvRqNBXhGpXvRM0bKWYvepIi+ShbG2k/goaESr1gjqS7WmMDpaR92r1AayUwbJEhaNY9sZbh
2LS4GfvmUspZ/liLwN4VAPTyu9Y9HC5Lj7CsLBJPWFk9+D1MndkE0N4WTmM8ya7cxZICU2PxBvPD
kxakeqIwGwjaCzbIxRfSdKEjLa2iUz8YOSzh73dEIynSY1HmZlcNkMKdmKvL8PkXZdM/Ak+tcUcz
CADYmgKtZYH4TbFT88t9i2wqi+ZKZUSXKxCj+oOfR1UQIRBBveLUgq4/WuIwGRv337o0Rjj3nELs
a4Qyk7uMcPPUFTHp3r2sPbXZ1zvSq04FRki1zEprNC9hjb04Km+bXC/NMs83NFvzN2t+wqJ4Jtme
01vYFkIy1I9uleiwZPTlYaa9BPLse7CLK9QWpeKKGtyKOsUHddAcgOVeKmvXm041yTAXnWprXmRG
XJG9H02tCPwyfMztCdPj4RqwISCvXUZXKRkfQFpxY2rjq8ZU/9TtOEEImq3lgCr3IUlB3JUml9Fh
BymPDS8+o5WxW87279uheJmN1pjyhN70UqY3KpwxLnm86jwVQqfsVd4I1uVvNGHqWyBEDzfRRv5I
qrRfdFn8A5HDFoxkFEw45g/oo1BAs06I/Ejt8fSUAPq0/oKJXAQgxPoE+pFl8ypzLKu1AgMBAAGj
ggL4MIIC9DAfBgNVHSMEGDAWgBSGAXI/jKlw4jEGUxbOAV9becg8OzBvBggrBgEFBQcBAQRjMGEw
OAYIKwYBBQUHMAKGLGh0dHA6Ly9jcnQuaGFyaWNhLmdyL0hBUklDQS1HRUFOVC1UTFMtUjEuY2Vy
MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC10bHMuaGFyaWNhLmdyMCEGA1UdEQQaMBiCFmlkcC1k
ZXYubWhiLWZvbnRhbmUuZGUwLQYDVR0gBCYwJDAIBgZngQwBAgIwCAYGBACPegEHMA4GDCsGAQQB
gc8RAQEBAjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwPQYDVR0fBDYwNDAyoDCgLoYs
aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLUdFQU5ULVRMUy1SMS5jcmwwHQYDVR0OBBYEFOI+
TxByN8BU1LdDG54DO/xPeUA0MA4GA1UdDwEB/wQEAwIFoDCCAX8GCisGAQQB1nkCBAIEggFvBIIB
awFpAHYAr2eIO1ewTt2Pptl+9i6o64EKx3Fg8CReVdYML+eFhzoAAAGaeBMiLgAABAMARzBFAiEA
iKzUc1Cd5J1PQnDD/HmekqKJBmrZt/A7bCMsyJHsa/oCIHZlSZdhZAreHgAmD/8mKs9Vujl5Zd3T
+XaQU3VF31v4AHYA2AlVO5RPev/IFhlvlE+Fq7D4/F6HVSYPFdEucrtFSxQAAAGaeBMh/QAABAMA
RzBFAiApP9mzFF0dwuPPC+aqxui4w0BkFv86r/Rbzei7Xo4jMwIhAOLJ03IggoXcvHphXtxd8lOU
xmTVOQqXVUbnkPepnuTwAHcArKswcGzr7IQx9BPS9JFfER5CJEOx8qaMTzwrO6ceAsMAAAGaeBMi
MAAABAMASDBGAiEAp3xeladpjz1FNWGO6Ztg+VJbiv2Spz4YhrW6ASY1iUoCIQDqum3G4gthlPQx
n23WVXok2f9ERUaRx9J10agnVTw/rzANBgkqhkiG9w0BAQsFAAOCAYEAFe+j9/ohSwYHYzyAbtg3
lurE37nDgqyMMpGopRgajWJH+oXpeacIBCX988M6/bNAB52VDGtniyFPz5lrgTq80hy1oWcCRYrQ
GIqBOAyF28Jxui1DeRqHTVNHZQbD16AHYo4GkCOEX6jHPq6XXuhKKxDGUqP8Nbw7sBQAB5OrGThT
Ai1Xco2vAxaxul2xRYuWcMLiJRrH6oWW9XHo0xH78nkKJnzCMQ8m7mo0C3xBn+k5JbetMROeLW56
M5jBjrrvgp4bA+fcu9jB2DKI8geNzD06H/m2V5lI+wbQBdzRA2TIIoSRAxWh3plbEioDRSaoj5eJ
Cur6gCFe7zNvGfSmiJo/bIY/rKYd7yCz/z4UPM9q0hGBrnMTPYulyiq8O7k5ZZZn9RBgeXDg+5cu
fDwThULv5Q60rVKDi0FkqbgFjqj9aoXKeGUcbFMWaQnJ8wxjwQS0CrZ/gKVlME5SJL2pqktqZpWE
/BUcpz0UaZeynkNQD96H2htuEZZXWQWV3tRz
                    </ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>
        <md:KeyDescriptor use="encryption">
            <ds:KeyInfo>
                <ds:X509Data>
                    <ds:X509Certificate>
MIIH4jCCBkqgAwIBAgIQLDOotjGIrFTcNznpa8D+YzANBgkqhkiG9w0BAQsFADBgMQswCQYDVQQG
EwJHUjE3MDUGA1UECgwuSGVsbGVuaWMgQWNhZGVtaWMgYW5kIFJlc2VhcmNoIEluc3RpdHV0aW9u
cyBDQTEYMBYGA1UEAwwPR0VBTlQgVExTIFJTQSAxMB4XDTI1MTExMjEyMjgyOVoXDTI2MTExMjEy
MjgyOVowfjELMAkGA1UEBhMCREUxFDASBgNVBAgMC0JyYW5kZW5idXJnMTgwNgYDVQQKDC9NZWRp
emluaXNjaGUgSG9jaHNjaHVsZSBCcmFuZGVuYnVyZyBDQU1QVVMgR21iSDEfMB0GA1UEAwwWaWRw
LWRldi5taGItZm9udGFuZS5kZTCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCCAgoCggIBANR1Bgp5
bIbtAvRqNBXhGpXvRM0bKWYvepIi+ShbG2k/goaESr1gjqS7WmMDpaR92r1AayUwbJEhaNY9sZbh
2LS4GfvmUspZ/liLwN4VAPTyu9Y9HC5Lj7CsLBJPWFk9+D1MndkE0N4WTmM8ya7cxZICU2PxBvPD
kxakeqIwGwjaCzbIxRfSdKEjLa2iUz8YOSzh73dEIynSY1HmZlcNkMKdmKvL8PkXZdM/Ak+tcUcz
CADYmgKtZYH4TbFT88t9i2wqi+ZKZUSXKxCj+oOfR1UQIRBBveLUgq4/WuIwGRv337o0Rjj3nELs
a4Qyk7uMcPPUFTHp3r2sPbXZ1zvSq04FRki1zEprNC9hjb04Km+bXC/NMs83NFvzN2t+wqJ4Jtme
01vYFkIy1I9uleiwZPTlYaa9BPLse7CLK9QWpeKKGtyKOsUHddAcgOVeKmvXm041yTAXnWprXmRG
XJG9H02tCPwyfMztCdPj4RqwISCvXUZXKRkfQFpxY2rjq8ZU/9TtOEEImq3lgCr3IUlB3JUml9Fh
BymPDS8+o5WxW87279uheJmN1pjyhN70UqY3KpwxLnm86jwVQqfsVd4I1uVvNGHqWyBEDzfRRv5I
qrRfdFn8A5HDFoxkFEw45g/oo1BAs06I/Ejt8fSUAPq0/oKJXAQgxPoE+pFl8ypzLKu1AgMBAAGj
ggL4MIIC9DAfBgNVHSMEGDAWgBSGAXI/jKlw4jEGUxbOAV9becg8OzBvBggrBgEFBQcBAQRjMGEw
OAYIKwYBBQUHMAKGLGh0dHA6Ly9jcnQuaGFyaWNhLmdyL0hBUklDQS1HRUFOVC1UTFMtUjEuY2Vy
MCUGCCsGAQUFBzABhhlodHRwOi8vb2NzcC10bHMuaGFyaWNhLmdyMCEGA1UdEQQaMBiCFmlkcC1k
ZXYubWhiLWZvbnRhbmUuZGUwLQYDVR0gBCYwJDAIBgZngQwBAgIwCAYGBACPegEHMA4GDCsGAQQB
gc8RAQEBAjAdBgNVHSUEFjAUBggrBgEFBQcDAgYIKwYBBQUHAwEwPQYDVR0fBDYwNDAyoDCgLoYs
aHR0cDovL2NybC5oYXJpY2EuZ3IvSEFSSUNBLUdFQU5ULVRMUy1SMS5jcmwwHQYDVR0OBBYEFOI+
TxByN8BU1LdDG54DO/xPeUA0MA4GA1UdDwEB/wQEAwIFoDCCAX8GCisGAQQB1nkCBAIEggFvBIIB
awFpAHYAr2eIO1ewTt2Pptl+9i6o64EKx3Fg8CReVdYML+eFhzoAAAGaeBMiLgAABAMARzBFAiEA
iKzUc1Cd5J1PQnDD/HmekqKJBmrZt/A7bCMsyJHsa/oCIHZlSZdhZAreHgAmD/8mKs9Vujl5Zd3T
+XaQU3VF31v4AHYA2AlVO5RPev/IFhlvlE+Fq7D4/F6HVSYPFdEucrtFSxQAAAGaeBMh/QAABAMA
RzBFAiApP9mzFF0dwuPPC+aqxui4w0BkFv86r/Rbzei7Xo4jMwIhAOLJ03IggoXcvHphXtxd8lOU
xmTVOQqXVUbnkPepnuTwAHcArKswcGzr7IQx9BPS9JFfER5CJEOx8qaMTzwrO6ceAsMAAAGaeBMi
MAAABAMASDBGAiEAp3xeladpjz1FNWGO6Ztg+VJbiv2Spz4YhrW6ASY1iUoCIQDqum3G4gthlPQx
n23WVXok2f9ERUaRx9J10agnVTw/rzANBgkqhkiG9w0BAQsFAAOCAYEAFe+j9/ohSwYHYzyAbtg3
lurE37nDgqyMMpGopRgajWJH+oXpeacIBCX988M6/bNAB52VDGtniyFPz5lrgTq80hy1oWcCRYrQ
GIqBOAyF28Jxui1DeRqHTVNHZQbD16AHYo4GkCOEX6jHPq6XXuhKKxDGUqP8Nbw7sBQAB5OrGThT
Ai1Xco2vAxaxul2xRYuWcMLiJRrH6oWW9XHo0xH78nkKJnzCMQ8m7mo0C3xBn+k5JbetMROeLW56
M5jBjrrvgp4bA+fcu9jB2DKI8geNzD06H/m2V5lI+wbQBdzRA2TIIoSRAxWh3plbEioDRSaoj5eJ
Cur6gCFe7zNvGfSmiJo/bIY/rKYd7yCz/z4UPM9q0hGBrnMTPYulyiq8O7k5ZZZn9RBgeXDg+5cu
fDwThULv5Q60rVKDi0FkqbgFjqj9aoXKeGUcbFMWaQnJ8wxjwQS0CrZ/gKVlME5SJL2pqktqZpWE
/BUcpz0UaZeynkNQD96H2htuEZZXWQWV3tRz
                    </ds:X509Certificate>
                </ds:X509Data>
            </ds:KeyInfo>
        </md:KeyDescriptor>

	<!--
	<ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-dev.mhb-fontane.de:8443/idp/profile/SAML2/SOAP/ArtifactResolution" index="2"/>
	-->

<!-- vier Single-Logout-Services aktiveren -->
        <md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-dev.mhb-fontane.de/idp/profile/SAML2/SOAP/ArtifactResolution" />
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign" Location="https://idp-dev.mhb-fontane.de/idp/profile/SAML2/POST-SimpleSign/SSO" />
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://idp-dev.mhb-fontane.de/idp/profile/SAML2/Redirect/SSO" />
        <md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp-dev.mhb-fontane.de/idp/profile/SAML2/POST/SSO" />

<!-- den fehlenden ECP-Endpoint hinzufügen -->
	<!--
        <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://idp-dev.mhb-fontane.de/idp/profile/SAML2/SOAP/ECP"/>
	-->
    </md:IDPSSODescriptor>

 <!-- Protocol-Support für SAML2-Queries im Attribute Authority-Descriptor aktivieren -->
    <!--
    <AttributeAuthorityDescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
    -->

<!-- SAML2-Attribute-Service einkommentieren -->
        <!-- 
	<AttributeService Binding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding" Location="https://idp-dev.mhb-fontane.de:8443/idp/profile/SAML1/SOAP/AttributeQuery"/>
    </AttributeAuthorityDescriptor>
        -->
</md:EntityDescriptor>