From 4e552537357855348fd35a40d03cdac70ef93699 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Wed, 30 Jan 2008 09:46:41 +0000
Subject: [PATCH] Template metadata for SAML 2.0 IdP was wrong about where to
 put the configuration for base64attributes. This should be in spremote and
 not in idphosted

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@219 44740490-163a-0410-bde0-09ae8108e29a
---
 metadata-templates/saml20-idp-hosted.php |  5 -----
 metadata-templates/saml20-sp-remote.php  | 14 ++++++++++----
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/metadata-templates/saml20-idp-hosted.php b/metadata-templates/saml20-idp-hosted.php
index cbb8d96c9..3d46c4c2f 100644
--- a/metadata-templates/saml20-idp-hosted.php
+++ b/metadata-templates/saml20-idp-hosted.php
@@ -19,11 +19,6 @@ $metadata = array(
 		'privatekey'		=>	'server.pem',
 		'certificate'		=>	'server.crt',
 		
-		/* If base64attributes is set to true, then all attributes will be base64 encoded. Make sure
-		 * that you set the SP to have the same value for this.
-		 */
-		'base64attributes'	=>	false,
-		
 		// Authentication plugin to use. login.php is the default one that uses LDAP.
 		'auth'				=>	'auth/login.php',
 		
diff --git a/metadata-templates/saml20-sp-remote.php b/metadata-templates/saml20-sp-remote.php
index d1b759362..20d943523 100644
--- a/metadata-templates/saml20-sp-remote.php
+++ b/metadata-templates/saml20-sp-remote.php
@@ -28,10 +28,16 @@ $metadata = array(
 		'ForceAuthn'					=>	'false',
 		'NameIDFormat'					=>	'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
 		
+		/* If base64attributes is set to true, then all attributes will be base64 encoded. Make sure
+		 * that you set the SP to have the same value for this.
+		 */
+		'base64attributes'	=>	false,
 		'simplesaml.attributes'			=>	true,
-//		'attributemap'					=>	'test',
-//		'attributes'					=>	array('mail')
-		 /*
+		//'attributemap'				=>	'test',
+		//'attributes'					=>	array('mail')
+		
+		
+		/*
 		 * When request.signing is true the certificate of the sp 
 		 * will be used to verify all messages received with the HTTPRedirect binding.
 		 * 
@@ -39,7 +45,7 @@ $metadata = array(
 		 * before verification can be done.  
 		 */
 		'request.signing' => false,
-		'certificate' => "saml2sp.example.org.crt",
+		'certificate' => "saml2sp.example.org.crt"
 	),
 	
 	/*
-- 
GitLab