Document nameid.encryption.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2891 44740490-163a-0410-bde0-09ae8108e29a

Document nameid.encryption.
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2891 44740490-163a-0410-bde0-09ae8108e29a
8a23124a · Olav Morken · 476fc1a8 · 8a23124a · 8a23124a · 8a23124a
Commit 8a23124a authored 13 years ago by Olav Morken
--- a/docs/simplesamlphp-reference-idp-hosted.txt
+++ b/docs/simplesamlphp-reference-idp-hosted.txt
@@ -168,6 +168,12 @@ The following SAML 2.0 options are available:
    This certificate will be added to the generated metadata of the IdP,
    which is required by some SPs when using the HTTP-Artifact binding.
+`nameid.encryption`
+:   Whether NameIDs sent from this IdP should be encrypted. The default
+    value is `FALSE`.
+:   Note that this option can be set for each SP in the [SP-remote metadata](./simplesamlphp-reference-sp-remote).
 `SingleSignOnService`
 :   Override the default URL for the SingleSignOnService for this
    IdP. This is an absolute URL. The default value is

--- a/docs/simplesamlphp-reference-idp-remote.txt
+++ b/docs/simplesamlphp-reference-idp-remote.txt
@@ -101,6 +101,14 @@ SAML 2.0 options
 The following SAML 2.0 options are available:
+`nameid.encryption`
+:   Whether NameIDs sent to this IdP should be encrypted. The default
+    value is `FALSE`.
+:   Note that this option also exists in the SP configuration. This
+    entry in the IdP-remote metadata overrides the option in the
+    [SP configuration](./saml:sp).
 `saml2.relaxvalidation`
 :   Can be used to relax some parts of the validation of assertions received from this IdP. This is an array, and can include one or more of the following flags:

--- a/docs/simplesamlphp-reference-sp-remote.txt
+++ b/docs/simplesamlphp-reference-sp-remote.txt
@@ -173,6 +173,14 @@ The following SAML 2.0 options are available:
    specified in the `simplesaml.nameidattribute`-option as the value
    of the ID.
+`nameid.encryption`
+:   Whether NameIDs sent to this SP should be encrypted. The default
+    value is `FALSE`.
+:   Note that this option also exists in the IdP-hosted metadata. This
+    entry in the SP-remote metadata overrides the option in the
+    [IdP-hosted metadata](./simplesamlphp-reference-idp-hosted).
 `SingleLogoutService`
 :   The URL of the SingleLogoutService endpoint for this SP.
    This option is required if you want to implement single logout for

--- a/modules/saml/docs/sp.txt
+++ b/modules/saml/docs/sp.txt
@@ -216,6 +216,14 @@ Options
 :   *Note*: You must also specify at least one attribute in the `attributes` option for this element to be added to the metadata.
+`nameid.encryption`
+:   Whether NameIDs sent from this SP should be encrypted. The default
+    value is `FALSE`.
+:   Note that this option can be set for each IdP in the [IdP-remote metadata](./simplesamlphp-reference-idp-remote).
+:   *Note*: SAML 2 specific.
 `NameIDPolicy`
 :   The format of the NameID we request from the IdP.
    Defaults to the transient format if unspecified.