From 8a23124a0bf23271ca0b01a959c6dab520b11162 Mon Sep 17 00:00:00 2001 From: Olav Morken <olav.morken@uninett.no> Date: Tue, 6 Sep 2011 12:02:33 +0000 Subject: [PATCH] Document nameid.encryption. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2891 44740490-163a-0410-bde0-09ae8108e29a --- docs/simplesamlphp-reference-idp-hosted.txt | 6 ++++++ docs/simplesamlphp-reference-idp-remote.txt | 8 ++++++++ docs/simplesamlphp-reference-sp-remote.txt | 8 ++++++++ modules/saml/docs/sp.txt | 8 ++++++++ 4 files changed, 30 insertions(+) diff --git a/docs/simplesamlphp-reference-idp-hosted.txt b/docs/simplesamlphp-reference-idp-hosted.txt index 02bfcc3d8..08fa994aa 100644 --- a/docs/simplesamlphp-reference-idp-hosted.txt +++ b/docs/simplesamlphp-reference-idp-hosted.txt @@ -168,6 +168,12 @@ The following SAML 2.0 options are available: This certificate will be added to the generated metadata of the IdP, which is required by some SPs when using the HTTP-Artifact binding. +`nameid.encryption` +: Whether NameIDs sent from this IdP should be encrypted. The default + value is `FALSE`. + +: Note that this option can be set for each SP in the [SP-remote metadata](./simplesamlphp-reference-sp-remote). + `SingleSignOnService` : Override the default URL for the SingleSignOnService for this IdP. This is an absolute URL. The default value is diff --git a/docs/simplesamlphp-reference-idp-remote.txt b/docs/simplesamlphp-reference-idp-remote.txt index 0edad94e6..71478f112 100644 --- a/docs/simplesamlphp-reference-idp-remote.txt +++ b/docs/simplesamlphp-reference-idp-remote.txt @@ -101,6 +101,14 @@ SAML 2.0 options The following SAML 2.0 options are available: +`nameid.encryption` +: Whether NameIDs sent to this IdP should be encrypted. The default + value is `FALSE`. + +: Note that this option also exists in the SP configuration. This + entry in the IdP-remote metadata overrides the option in the + [SP configuration](./saml:sp). + `saml2.relaxvalidation` : Can be used to relax some parts of the validation of assertions received from this IdP. This is an array, and can include one or more of the following flags: diff --git a/docs/simplesamlphp-reference-sp-remote.txt b/docs/simplesamlphp-reference-sp-remote.txt index 7a5a841e6..20a6fda34 100644 --- a/docs/simplesamlphp-reference-sp-remote.txt +++ b/docs/simplesamlphp-reference-sp-remote.txt @@ -173,6 +173,14 @@ The following SAML 2.0 options are available: specified in the `simplesaml.nameidattribute`-option as the value of the ID. +`nameid.encryption` +: Whether NameIDs sent to this SP should be encrypted. The default + value is `FALSE`. + +: Note that this option also exists in the IdP-hosted metadata. This + entry in the SP-remote metadata overrides the option in the + [IdP-hosted metadata](./simplesamlphp-reference-idp-hosted). + `SingleLogoutService` : The URL of the SingleLogoutService endpoint for this SP. This option is required if you want to implement single logout for diff --git a/modules/saml/docs/sp.txt b/modules/saml/docs/sp.txt index 90b1f0dab..5e5c66a0c 100644 --- a/modules/saml/docs/sp.txt +++ b/modules/saml/docs/sp.txt @@ -216,6 +216,14 @@ Options : *Note*: You must also specify at least one attribute in the `attributes` option for this element to be added to the metadata. +`nameid.encryption` +: Whether NameIDs sent from this SP should be encrypted. The default + value is `FALSE`. + +: Note that this option can be set for each IdP in the [IdP-remote metadata](./simplesamlphp-reference-idp-remote). + +: *Note*: SAML 2 specific. + `NameIDPolicy` : The format of the NameID we request from the IdP. Defaults to the transient format if unspecified. -- GitLab