diff --git a/docs/simplesamlphp-advancedfeatures.txt b/docs/simplesamlphp-advancedfeatures.txt index 6d1226291b3114e05cf70fd2cf87adc580872ca8..8935185fe7602d901e614c393ed03c97f883c7d5 100644 --- a/docs/simplesamlphp-advancedfeatures.txt +++ b/docs/simplesamlphp-advancedfeatures.txt @@ -26,32 +26,24 @@ step :) Bridging between protocols -------------------------- -A bridge between two protocols is built using both an IdP and an -SP, connected together. To let a SAML 2.0 SP talk to a Shibboleth -IdP, you build a simpleSAMLphp bridge from a SAML 2.0 IdP and a -Shibboleth SP.The SAML 2.0 SP talks to the SAML 2.0 IdP, which -hands the request over to the Shibboleth 1.3 SP, which forwards it -to the Shibboleth IdP. This is configured in the IdP hosted -metadata, and is controlled by the `auth` and `authority` -parameters. - -**Example 1. Example of bridge configuration** - -A bridge configured with a SAML 2.0 IdP and a Shibboleth 1.3 SP: In -the `saml20-idp-hosted.php` metadata you configure the -authentication to use Shibboleth 1.3 SP like this: - - 'auth' => 'shib13/sp/initSSO.php', - 'authority' => 'shib13' - -As no specific Shibboleth IdP is specified as parameter to the -`initSSO.php` script, the discovery service page will be shown. If -you want to connect the SAML 2.0 IdP to a specific Shibboleth 1.3 -IdP, give the entity id as a parameter to the `initSSO.php` -script: - - 'auth' => 'shib13/sp/initSSO.php?idpentityid=shib13idp.example.org', - 'authority' => 'shib13' +A bridge between two protocols is built using both an IdP and an SP, connected together. +To let a SAML 2.0 SP talk to a SAML 1.1 IdP, you build a simpleSAMLphp bridge from a SAML 2.0 IdP and a SAML 1.1 SP. +The SAML 2.0 SP talks to the SAML 2.0 IdP, which hands the request over to the SAML 1.1 SP, which forwards it to the SAML 1.1 IdP. + +If you have followed the instructions for setting up an SP, and have configured an authentication source, all you need to do is to add that authentication source to the IdP. + +**Example of bridge configuration** + +In `metadata/saml20-idp-hosted.php`: + + 'auth' => 'default-sp', + +In `config/authsources.php`: + + 'default-sp' => array( + 'saml:SP', + ), + Attribute control