Changelog and upgrade notes for version 1.6.
git-svn-id: http://simplesamlphp.googlecode.com/svn/trunk@2310 44740490-163a-0410-bde0-09ae8108e29a
This commit is contained in:
parent
9b27b407c7
commit
f2914f645f
|
@ -2,8 +2,9 @@ SimpleSAMLphp Documentation
|
|||
===========================
|
||||
|
||||
* [Installing simpleSAMLphp](simplesamlphp-install)
|
||||
* [Upgrade notes for version 1.6](simplesamlphp-upgrade-notes-1.6)
|
||||
* [Upgrade notes for version 1.5](simplesamlphp-upgrade-notes-1.5)
|
||||
* [Installation from Subversion](simplesamlphp-subversion)
|
||||
* [Upgrading SimpleSAMLphp to version 1.5](simplesamlphp-upgrade-notes-1.5)
|
||||
* [Changelog](simplesamlphp-changelog)
|
||||
* [Using simpleSAMLphp as a SAML Service Provider](simplesamlphp-sp)
|
||||
* [Hosted SP Configuration Reference](./saml:sp)
|
||||
|
|
|
@ -3,7 +3,106 @@ simpleSAMLphp changelog
|
|||
|
||||
<!-- {{TOC}} -->
|
||||
|
||||
Here is changes between simpleSAMLphp versions. Look here if you are upgrading, to see if there are any changes to the config format.
|
||||
This document lists the changes between versions of simpleSAMLphp.
|
||||
See the upgrade notes for specific information about upgrading.
|
||||
|
||||
|
||||
## Version 1.6
|
||||
|
||||
Released 2010-05-XX.
|
||||
|
||||
[Upgrade notes](./simplesamlphp-upgrade-notes-1.6)
|
||||
|
||||
* Detection of cookies disabled on the IdP.
|
||||
* New IdP core, which makes it simpler to share code between different IdPs, e.g. between SAML 1.1 and SAML 2.0.
|
||||
* Dictionaries moved to JSON format.
|
||||
* New authentication module: [`cas:CAS`](./cas:cas).
|
||||
* All images that doesn't permit non-commercial use have been replaced.
|
||||
* Better support for OrganizationName, OrganizationDisplayName and OrganizationURL in metadata.
|
||||
* Cookie secure flag no longer automatically set.
|
||||
* Cross-protocol logout between ADFS and SAML 2.
|
||||
* New experimental module for aggregating metadata: [`aggregator2`](./aggregator2:aggregator2)
|
||||
* Metadata support for multiple endpoints with [multiple bindings](./simplesamlphp-metadata-endpoints).
|
||||
* The metadata generation is using a new set of classes.
|
||||
As a result, all generated metadata elements now have a `md:`-prefix.
|
||||
* The deprecated functions `init(...)` and `setAuthenticated(...) in the `SimpleSAML_Session` class have been removed.
|
||||
* Configuration check and metadata check was removed, as they were often wrong.
|
||||
|
||||
### SAML 2 SP
|
||||
|
||||
* SAML 2.0 HTTP-Artifact support on the [SP](./simplesamlphp-artifact-sp).
|
||||
|
||||
### SAML 2 IdP
|
||||
|
||||
* SAML 2.0 HTTP-Artifact support on the [IdP](./simplesamlphp-artifact-idp).
|
||||
* Support for sending PartialLogout status code in logout response.
|
||||
* Set AuthnInstant to the timestamp for authentication.
|
||||
* Combine normal and iframe versions of the logout handlers into a single endpoint.
|
||||
* The SessionIndex is now unique per SP.
|
||||
* Statistics for logout failures.
|
||||
* Better generation of persistent NameID when `nameid.attribute` isn't specified.
|
||||
|
||||
### The SP API
|
||||
|
||||
* Support for handling errors from the IdP.
|
||||
* Support for passing parameters to the authentication module.
|
||||
This can be used to specify SAML 2 parameters, such as isPassive and ForceAuthn.
|
||||
|
||||
### `adfs`
|
||||
|
||||
* Move to new IdP core.
|
||||
|
||||
|
||||
### `casserver`
|
||||
|
||||
* Collect all endpoints in a single file.
|
||||
* Fix prefix on the tickets.
|
||||
|
||||
### `consent`
|
||||
|
||||
* Support for deactivating consent for specific services.
|
||||
|
||||
### `consentAdmin`
|
||||
|
||||
* Support for the SAML SP module.
|
||||
|
||||
### `core`
|
||||
|
||||
* New filter: [`core:PHP`](./core:authproc_php), which allows processing of attributes with arbitrary PHP code.
|
||||
* Support for multiple target attributes in [`core:AttributeMap`](./core:authproc_attributemap).
|
||||
* New filter: [`core:ScopeFromAttribute`](./core:authproc_scopefromattribute), which allows the creation an attribute based on the scope of another attribute.
|
||||
* Support for a target attribute in [`core:AttributeAlter`](./core:authproc_attributealter).
|
||||
|
||||
### `discoPower`
|
||||
|
||||
* Support for new scoring algorithm.
|
||||
|
||||
### `ldap`
|
||||
|
||||
* SASL support in LDAPMulti
|
||||
|
||||
### `ldapstatus`
|
||||
|
||||
* This module was removed, as it was very specific for Feide.
|
||||
|
||||
### `multiauth`
|
||||
|
||||
* Support for specifying the target authentication source through a request parameter.
|
||||
|
||||
### `oauth`
|
||||
|
||||
* Configurable which authentication source should be used.
|
||||
|
||||
### `openidProvider`
|
||||
|
||||
* OpenID 2.0 support.
|
||||
* XRDS generation support.
|
||||
|
||||
### `saml`
|
||||
|
||||
* Support for specifying parameters for authentication request.
|
||||
* Add AttributeConsumingService to generated metadata.
|
||||
* The two SPSSODescriptor elements in the metadata has been merged.
|
||||
|
||||
|
||||
## Version 1.5.1
|
||||
|
|
|
@ -0,0 +1,22 @@
|
|||
Upgrade notes for simpleSAMLphp 1.6
|
||||
===================================
|
||||
|
||||
* This release requires PHP version >= 5.2.0, as that was the first version to include `json_decode()`.
|
||||
It is possible that it may work with version of PHP >= 5.1.2 if the [JSON PECL extesion](http://pecl.php.net/package/json) is enabled, but this is untested.
|
||||
|
||||
* The secure-flag is no longer automatically set on the session cookie.
|
||||
This was changed to avoid hard to diagnose session problems.
|
||||
There is a new option `session.cookie.secure` in `config.php`, which can be used to enable secure cookies.
|
||||
|
||||
* Dictionaries have moved to JSON format.
|
||||
The PHP format is still supported, but all dictionaries included with simpleSAMLphp are in JSON format.
|
||||
|
||||
* The iframe-specific logout endpoints on the IdP have been merged into the normal logout endpoints.
|
||||
This means that the metadata no longer needs to be changed when switching between logout handlers.
|
||||
The old iframe logout endpoints are now deprecated, and the generated metadata will only include the normal logout endpoint.
|
||||
|
||||
* As a result of the changed metadata classes, all metadata elements now have a `md:`-prefix.
|
||||
This does not change the content of the metadata, just its expression.
|
||||
|
||||
* The deprecated functions `init(...)` and `setAuthenticated(...)` in the `SimpleSAML_Session` class have been removed.
|
||||
Code which relies on those functions should move to using `SimpleSAML_Session::getInstance()` and `$session->doLogin(...)`.
|
Reference in New Issue