1 |
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
|
2 |
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
|
3 |
<wsa:To>https://localhost:7443/PDP/services/ADRProvider</wsa:To>
|
4 |
<wsa:MessageID>urn:uuid:8b646cfa-4837-4d6c-a0a0-2555adab0c96</wsa:MessageID>
|
5 |
<wsa:Action>urn:e-health-suisse:2015:policy-enforcement:AuthorizationDecisionRequest</wsa:Action>
|
6 |
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
|
7 |
<saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsd="http://www.w3.org/2001/XMLSchema" ID="_2f09a828-c9b7-4030-a29c-fb7d582e82f6" IssueInstant="2022-09-15T16:02:21.127Z" Version="2.0">
|
8 |
<saml2:Issuer>http://ith-icoserve.com/eHealthSolutionsSTS</saml2:Issuer>
|
9 |
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
10 |
<ds:SignedInfo>
|
11 |
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
|
12 |
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
|
13 |
<ds:Reference URI="#_2f09a828-c9b7-4030-a29c-fb7d582e82f6">
|
14 |
<ds:Transforms>
|
15 |
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
|
16 |
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
|
17 |
<ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xsd"/>
|
18 |
</ds:Transform>
|
19 |
</ds:Transforms>
|
20 |
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
21 |
<ds:DigestValue>RtK9iiqPrRldhHf1YB2s+ryaO9MtalhcICz9zl5jwbQ=</ds:DigestValue>
|
22 |
</ds:Reference>
|
23 |
</ds:SignedInfo>
|
24 |
<ds:SignatureValue>goBcFoPrAOMKjFb3A05wLJLuettea01XvpVkFhyWa2QQhxcHhtP5Sp4TNTGJdp0uMOoc0YbNAGRVy+7gzMX7aM1J26bkdpR1EPKAAvtoe8huMFUMYSGycNv/gCwT5xzOyIUwYiCUJjW+kryOgpHfrs4cY+wgmmUc9OKyW7PAA5lj8Gq46gGcs8gBhwtzUesouygxDfCrIIpvPQnYbbaoODC71dPhCuThaXkL7y8G6hsxusi+ZQ80Q35N6cj2SWjJCxmN9GhkD/MAxOEl3FVqO01pN3w50CFWuWpQjY6EgFgDRYKfycyRikXTndiP0lmrHlbjSCIIEVStOhq7ff0Vew==</ds:SignatureValue>
|
25 |
<ds:KeyInfo>
|
26 |
<ds:X509Data>
|
27 |
<ds:X509Certificate>MIIEATCCA2qgAwIBAgICALEwDQYJKoZIhvcNAQENBQAwRTELMAkGA1UEBhMCQ0gxDDAKBgNVBAoM
|
28 |
A0lIRTEoMCYGA1UEAwwfZWhlYWx0aHN1aXNzZS5paGUtZXVyb3BlLm5ldCBDQTAeFw0xOTA5MTEx
|
29 |
MTU5NDFaFw0yOTA5MTExMTU5NDFaMDUxCzAJBgNVBAYTAkNIMRMwEQYDVQQKDApQb3N0IENIIEFH
|
30 |
MREwDwYDVQQDDAhwb3N0LXh1YTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKL02fNN
|
31 |
kWBX4qG20yxN2TaHUx7w7xG+VKN6CyX8RBOzWlzf++lGPPEPeCQWLTsKc9HrnkxT01mCj8i0+dzY
|
32 |
wrR+nhEkQZ1limKdvdzGfIYsjhEtK7JfI1TG2JUI76aAtnKnB8tdaDAzVm3KkTRTz0t2IRpfMqoF
|
33 |
qrn8YOoMqCRx4qgrWd7E9rqsh/18NBtzt0CKWPJeoWSVUjYetXAmW+0qKrSsHVMmHOXYHPtDkJpj
|
34 |
4S8oS4eERmP4yO8fBg7tjIavBHD0uIrjf4EStgBbGtYbrtr1liaKwwqRrQIpLzmKW2Pd+493+oIW
|
35 |
5doQi/H1BR8S6fwlKAsffBST40whU2ECAwEAAaOCAYowggGGMEoGA1UdHwRDMEEwP6A9oDuGOWh0
|
36 |
dHBzOi8vZWhlYWx0aHN1aXNzZS5paGUtZXVyb3BlLm5ldC9nc3MvY3JsLzIyL2NhY3JsLmNybDBI
|
37 |
BglghkgBhvhCAQQEOxY5aHR0cHM6Ly9laGVhbHRoc3Vpc3NlLmloZS1ldXJvcGUubmV0L2dzcy9j
|
38 |
cmwvMjIvY2FjcmwuY3JsMEgGCWCGSAGG+EIBAwQ7FjlodHRwczovL2VoZWFsdGhzdWlzc2UuaWhl
|
39 |
LWV1cm9wZS5uZXQvZ3NzL2NybC8yMi9jYWNybC5jcmwwDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQU
|
40 |
SnscIRQ2QxCLiUxULChEbQgNuDIwHwYDVR0jBBgwFoAUKJfv3d4xWGxW8oZG4hHkPjhxXy8wDgYD
|
41 |
VR0PAQH/BAQDAgTwMBEGCWCGSAGG+EIBAQQEAwIF4DAzBgNVHSUELDAqBggrBgEFBQcDAgYIKwYB
|
42 |
BQUHAwQGCisGAQQBgjcUAgIGCCsGAQUFBwMBMA0GCSqGSIb3DQEBDQUAA4GBALaxmWBZMFpixBBU
|
43 |
pYKX3LnEut6UXaB2zjtN0Fxemjfz9hO6cdu4y1qs9Deo8X2rgLtJbPPBm0jUhVkNVjGNrMN0plCI
|
44 |
R0GjOBngLG1rKfT732/uT/keAq6qNBw1fA9dq1i//SJo4UsigPKCdu0ZFFulUzdGi1uT0r4lKuFH
|
45 |
zhxy</ds:X509Certificate>
|
46 |
</ds:X509Data>
|
47 |
</ds:KeyInfo>
|
48 |
</ds:Signature>
|
49 |
<saml2:Subject>
|
50 |
<saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:gs1:gln">7601000050717</saml2:NameID>
|
51 |
<saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
|
52 |
<saml2:SubjectConfirmationData InResponseTo="_d7c5a4c392c7e25939526fca5b09b2f4" NotOnOrAfter="2022-09-15T16:17:21.127Z" Recipient="C=AT,O=CGM,CN=CGM Clinical"/>
|
53 |
</saml2:SubjectConfirmation>
|
54 |
</saml2:Subject>
|
55 |
<saml2:Conditions NotBefore="2022-09-15T16:02:20.127Z" NotOnOrAfter="2022-09-15T16:17:21.127Z">
|
56 |
<saml2:AudienceRestriction>
|
57 |
<saml2:Audience>urn:e-health-suisse:token-audience:all-communities</saml2:Audience>
|
58 |
</saml2:AudienceRestriction>
|
59 |
</saml2:Conditions>
|
60 |
<saml2:AuthnStatement AuthnInstant="2022-09-15T16:02:21.127Z">
|
61 |
<saml2:AuthnContext>
|
62 |
<saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</saml2:AuthnContextClassRef>
|
63 |
</saml2:AuthnContext>
|
64 |
</saml2:AuthnStatement>
|
65 |
<saml2:AttributeStatement>
|
66 |
<saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization">
|
67 |
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Spital X</saml2:AttributeValue>
|
68 |
</saml2:Attribute>
|
69 |
<saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:organization-id">
|
70 |
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:anyURI">urn:oid:1.2.453.13232.12233</saml2:AttributeValue>
|
71 |
</saml2:Attribute>
|
72 |
<saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:subject-id">
|
73 |
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">Marc Loris Agpar</saml2:AttributeValue>
|
74 |
</saml2:Attribute>
|
75 |
<saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:subject:role">
|
76 |
<saml2:AttributeValue>
|
77 |
<Role xmlns="urn:hl7-org:v3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" code="HCP" codeSystem="2.16.756.5.30.1.127.3.10.6" codeSystemName="eHealth Suisse EPR Actors" displayName="Healthcare Professional" xsi:type="CE"/>
|
78 |
</saml2:AttributeValue>
|
79 |
</saml2:Attribute>
|
80 |
<saml2:Attribute Name="urn:oasis:names:tc:xspa:1.0:subject:purposeofuse">
|
81 |
<saml2:AttributeValue>
|
82 |
<PurposeOfUse xmlns="urn:hl7-org:v3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" code="NORM" codeSystem="2.16.756.5.30.1.127.3.10.5" xsi:type="CE"/>
|
83 |
</saml2:AttributeValue>
|
84 |
</saml2:Attribute>
|
85 |
<saml2:Attribute Name="urn:oasis:names:tc:xacml:2.0:resource:resource-id">
|
86 |
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:string">761337610411353650^^^&2.16.756.5.30.1.127.3.10.3&ISO</saml2:AttributeValue>
|
87 |
</saml2:Attribute>
|
88 |
<saml2:Attribute Name="urn:ihe:iti:xca:2010:homeCommunityId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri">
|
89 |
<saml2:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xsd:anyURI">urn:oid:1.3.6.1.4.1.21367.2017.2.6.19</saml2:AttributeValue>
|
90 |
</saml2:Attribute>
|
91 |
</saml2:AttributeStatement>
|
92 |
</saml2:Assertion>
|
93 |
</wsse:Security>
|
94 |
<sense:context xmlns:sense="http://sense.ith-icoserve.com/context/" xmlns:wsctx="http://docs.oasis-open.org/ws-caf/2005/10/wsctx">
|
95 |
<wsctx:context-identifier>urn:uuid:8fb88951-2921-490d-9b97-c7b5bbc7a24d</wsctx:context-identifier>
|
96 |
<wsctx:context-service>
|
97 |
<sense:service>Repository</sense:service>
|
98 |
</wsctx:context-service>
|
99 |
</sense:context>
|
100 |
</soapenv:Header>
|
101 |
<soapenv:Body>
|
102 |
<xacml-samlp:XACMLAuthzDecisionQuery xmlns:xacml-samlp="urn:oasis:names:tc:xacml:2.0:profile:saml2.0:v2:schema:protocol" xmlns:hl7="urn:hl7-org:v3" ID="_bfd79c50-41f9-4998-bd02-178e8eed23a3" InputContextOnly="false" IssueInstant="2022-09-15T16:03:18.273Z" ReturnContext="false" Version="2.0">
|
103 |
<xacml-context:Request xmlns:xacml-context="urn:oasis:names:tc:xacml:2.0:context:schema:os">
|
104 |
<xacml-context:Subject SubjectCategory="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject">
|
105 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" DataType="http://www.w3.org/2001/XMLSchema#string">
|
106 |
<xacml-context:AttributeValue>7601000050717</xacml-context:AttributeValue>
|
107 |
</xacml-context:Attribute>
|
108 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id-qualifier" DataType="http://www.w3.org/2001/XMLSchema#string">
|
109 |
<xacml-context:AttributeValue>urn:gs1:gln</xacml-context:AttributeValue>
|
110 |
</xacml-context:Attribute>
|
111 |
<xacml-context:Attribute AttributeId="urn:ihe:iti:xca:2010:homeCommunityId" DataType="http://www.w3.org/2001/XMLSchema#anyURI">
|
112 |
<xacml-context:AttributeValue>urn:oid:1.3.6.1.4.1.21367.2017.2.6.19</xacml-context:AttributeValue>
|
113 |
</xacml-context:Attribute>
|
114 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:2.0:subject:role" DataType="urn:hl7-org:v3#CV">
|
115 |
<xacml-context:AttributeValue>
|
116 |
<CodedValue xmlns="urn:hl7-org:v3" code="HCP" codeSystem="2.16.756.5.30.1.127.3.10.6" codeSystemName="eHealth Suisse EPR Actors" displayName="Healthcare Professional"/>
|
117 |
</xacml-context:AttributeValue>
|
118 |
</xacml-context:Attribute>
|
119 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xspa:1.0:subject:purposeofuse" DataType="urn:hl7-org:v3#CV">
|
120 |
<xacml-context:AttributeValue>
|
121 |
<CodedValue xmlns="urn:hl7-org:v3" code="NORM" codeSystem="2.16.756.5.30.1.127.3.10.5"/>
|
122 |
</xacml-context:AttributeValue>
|
123 |
</xacml-context:Attribute>
|
124 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xspa:1.0:subject:organization-id" DataType="http://www.w3.org/2001/XMLSchema#anyURI">
|
125 |
<xacml-context:AttributeValue>urn:oid:1.2.453.13232.12233</xacml-context:AttributeValue>
|
126 |
</xacml-context:Attribute>
|
127 |
</xacml-context:Subject>
|
128 |
<xacml-context:Resource>
|
129 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#anyURI">
|
130 |
<xacml-context:AttributeValue>urn:e-health-suisse:2015:epr-subset:761337610411353650:restricted</xacml-context:AttributeValue>
|
131 |
</xacml-context:Attribute>
|
132 |
<xacml-context:Attribute AttributeId="urn:e-health-suisse:2015:epr-spid" DataType="urn:hl7-org:v3#II">
|
133 |
<xacml-context:AttributeValue>
|
134 |
<InstanceIdentifier xmlns="urn:hl7-org:v3" extension="761337610411353650" root="2.16.756.5.30.1.127.3.10.3"/>
|
135 |
</xacml-context:AttributeValue>
|
136 |
</xacml-context:Attribute>
|
137 |
<xacml-context:Attribute AttributeId="urn:ihe:iti:xds-b:2007:confidentiality-code" DataType="urn:hl7-org:v3#CV">
|
138 |
<xacml-context:AttributeValue>
|
139 |
<CodedValue xmlns="urn:hl7-org:v3" code="263856008" codeSystem="2.16.840.1.113883.6.96" displayName="restricted"/>
|
140 |
</xacml-context:AttributeValue>
|
141 |
</xacml-context:Attribute>
|
142 |
</xacml-context:Resource>
|
143 |
<xacml-context:Resource>
|
144 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#anyURI">
|
145 |
<xacml-context:AttributeValue>urn:e-health-suisse:2015:epr-subset:761337610411353650:secret</xacml-context:AttributeValue>
|
146 |
</xacml-context:Attribute>
|
147 |
<xacml-context:Attribute AttributeId="urn:e-health-suisse:2015:epr-spid" DataType="urn:hl7-org:v3#II">
|
148 |
<xacml-context:AttributeValue>
|
149 |
<InstanceIdentifier xmlns="urn:hl7-org:v3" extension="761337610411353650" root="2.16.756.5.30.1.127.3.10.3"/>
|
150 |
</xacml-context:AttributeValue>
|
151 |
</xacml-context:Attribute>
|
152 |
<xacml-context:Attribute AttributeId="urn:ihe:iti:xds-b:2007:confidentiality-code" DataType="urn:hl7-org:v3#CV">
|
153 |
<xacml-context:AttributeValue>
|
154 |
<CodedValue xmlns="urn:hl7-org:v3" code="1141000195107" codeSystem="2.16.756.5.30.1.127.3.4" displayName="secret"/>
|
155 |
</xacml-context:AttributeValue>
|
156 |
</xacml-context:Attribute>
|
157 |
</xacml-context:Resource>
|
158 |
<xacml-context:Resource>
|
159 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" DataType="http://www.w3.org/2001/XMLSchema#anyURI">
|
160 |
<xacml-context:AttributeValue>urn:e-health-suisse:2015:epr-subset:761337610411353650:normal</xacml-context:AttributeValue>
|
161 |
</xacml-context:Attribute>
|
162 |
<xacml-context:Attribute AttributeId="urn:e-health-suisse:2015:epr-spid" DataType="urn:hl7-org:v3#II">
|
163 |
<xacml-context:AttributeValue>
|
164 |
<InstanceIdentifier xmlns="urn:hl7-org:v3" extension="761337610411353650" root="2.16.756.5.30.1.127.3.10.3"/>
|
165 |
</xacml-context:AttributeValue>
|
166 |
</xacml-context:Attribute>
|
167 |
<xacml-context:Attribute AttributeId="urn:ihe:iti:xds-b:2007:confidentiality-code" DataType="urn:hl7-org:v3#CV">
|
168 |
<xacml-context:AttributeValue>
|
169 |
<CodedValue xmlns="urn:hl7-org:v3" code="17621005" codeSystem="2.16.840.1.113883.6.96" displayName="normal"/>
|
170 |
</xacml-context:AttributeValue>
|
171 |
</xacml-context:Attribute>
|
172 |
</xacml-context:Resource>
|
173 |
<xacml-context:Action>
|
174 |
<xacml-context:Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" DataType="http://www.w3.org/2001/XMLSchema#anyURI">
|
175 |
<xacml-context:AttributeValue>urn:ihe:iti:2007:RegisterDocumentSet-b</xacml-context:AttributeValue>
|
176 |
</xacml-context:Attribute>
|
177 |
</xacml-context:Action>
|
178 |
<xacml-context:Environment/>
|
179 |
</xacml-context:Request>
|
180 |
</xacml-samlp:XACMLAuthzDecisionQuery>
|
181 |
</soapenv:Body>
|
182 |
</soapenv:Envelope>
|