From 0ee87b681842cd79ae06c741f847af29712a5f17 Mon Sep 17 00:00:00 2001
From: Olav Morken <olav.morken@uninett.no>
Date: Mon, 6 Sep 2010 06:52:51 +0000
Subject: [PATCH] docs: Document metadata changes for artifact support.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2523 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/simplesamlphp-artifact-idp.txt | 39 +++++++++++++++++++++++++++++
 1 file changed, 39 insertions(+)

diff --git a/docs/simplesamlphp-artifact-idp.txt b/docs/simplesamlphp-artifact-idp.txt
index 88fd5e15e..496ec83ef 100644
--- a/docs/simplesamlphp-artifact-idp.txt
+++ b/docs/simplesamlphp-artifact-idp.txt
@@ -39,6 +39,45 @@ To enable the IdP to send artifacts, you must add the `saml20.sendartifact` opti
     );
 
 
+Add new metadata to SPs
+-----------------------
+
+After enabling the Artifact binding, your IdP metadata will change to add a ArtifactResolutionService endpoint.
+You therefore need to update the metadata for your IdP at your SPs.
+`saml20-idp-remote` metadata for simpleSAMLphp SPs should contain something like:
+
+    'ArtifactResolutionService' => array(
+        array(
+            'index' => 0,
+            'Location' => 'https://idp.example.org/simplesaml/saml2/idp/ArtifactResolutionService.php',
+            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP',
+        ),
+    ),
+
+
+SP metadata on the IdP
+----------------------
+
+An SP using the HTTP-Artifact binding must have an AssertionConsumerService endpoint supporting that binding.
+This means that you must use the complex endpoint format in `saml20-sp-remote` metadata.
+In general, that should look something like:
+
+    'AssertionConsumerService' => array (
+        array(
+            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
+            'Location' => 'https://sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
+            'index' => 0,
+        ),
+        array(
+            'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact',
+            'Location' => 'https://sp.example.org/simplesaml/module.php/saml/sp/saml2-acs.php/default-sp',
+            'index' => 2,
+        ),
+    ),
+
+(The specific values of the various fields will vary depending on the SP.)
+
+
 Certificate in metadata
 -----------------------
 
-- 
GitLab