Skip to content
Snippets Groups Projects
Normal view History Permalink
simplesamlphp-upgrade-notes-1.5.md 1.23 KiB
Newer Older
Jaime Perez Crespo's avatar
s/simpleSAMLphp/SimpleSAMLphp/g  
Jaime Perez Crespo committed
1 
Upgrade notes for SimpleSAMLphp 1.5
Olav Morken's avatar
docs: Upgrade notes for version 1.5.
Olav Morken committed
2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 
===================================

  * `SimpleSAML_Session::isValid()`

    If your code calls `$session->isValid()` without an argument, you will now have to update it to pass an argument (probably `saml2`).
    The reason for this change is that calling `$session->isValid()` without an argument can easily create a security hole.


  * We have introduced a new module for SAML authentication.
    This authentication module supports both SAML 1.1 and SAML 2.0 IdPs.

    We have also added a new authentication framework which should replace the previous redirects to the initSSO-scripts.
    Relating to this change, we have also deprecated the `initSSO`-scripts for SAML 1.1 and SAML 2.0 authentication.
    The old methods will still be supported for a while, but new code should probably use the new code.
Andreas Åkre Solberg's avatar
Update internal linking between documents to support the new documentation portal  
Andreas Åkre Solberg committed
17 
    See the [migration guide](simplesamlphp-sp-migration) for more information about this.
Olav Morken's avatar
docs: 1.5 upgrade notes - request.signing removed.  
Olav Morken committed
18 19 20 

  * The `request.signing` option has been removed.
    That option was replaced with the `redirect.sign` and `redirect.validate` options, and has been depreceated for one year.
Olav Morken's avatar
docs: Document changes to aggregator module.  
Olav Morken committed
21 22 23 

  * The `aggregator` module's configuration file has changed name.
    It was changed from `aggregator.php` to `module_aggregator.php`.