From a48376b1f5d665a6cd1a659a511ce2247cf822fb Mon Sep 17 00:00:00 2001 From: Olav Morken <olav.morken@uninett.no> Date: Thu, 20 May 2010 07:05:30 +0000 Subject: [PATCH] Changelog and upgrade notes for version 1.6. git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2310 44740490-163a-0410-bde0-09ae8108e29a --- docs/index.txt | 3 +- docs/simplesamlphp-changelog.txt | 101 ++++++++++++++++++++++- docs/simplesamlphp-upgrade-notes-1.6.txt | 22 +++++ 3 files changed, 124 insertions(+), 2 deletions(-) create mode 100644 docs/simplesamlphp-upgrade-notes-1.6.txt diff --git a/docs/index.txt b/docs/index.txt index 8dc9caf2c..2a4f1df7a 100644 --- a/docs/index.txt +++ b/docs/index.txt @@ -2,8 +2,9 @@ SimpleSAMLphp Documentation =========================== * [Installing simpleSAMLphp](simplesamlphp-install) + * [Upgrade notes for version 1.6](simplesamlphp-upgrade-notes-1.6) + * [Upgrade notes for version 1.5](simplesamlphp-upgrade-notes-1.5) * [Installation from Subversion](simplesamlphp-subversion) - * [Upgrading SimpleSAMLphp to version 1.5](simplesamlphp-upgrade-notes-1.5) * [Changelog](simplesamlphp-changelog) * [Using simpleSAMLphp as a SAML Service Provider](simplesamlphp-sp) * [Hosted SP Configuration Reference](./saml:sp) diff --git a/docs/simplesamlphp-changelog.txt b/docs/simplesamlphp-changelog.txt index 01334ee6b..2cea44f03 100644 --- a/docs/simplesamlphp-changelog.txt +++ b/docs/simplesamlphp-changelog.txt @@ -3,7 +3,106 @@ simpleSAMLphp changelog <!-- {{TOC}} --> -Here is changes between simpleSAMLphp versions. Look here if you are upgrading, to see if there are any changes to the config format. +This document lists the changes between versions of simpleSAMLphp. +See the upgrade notes for specific information about upgrading. + + +## Version 1.6 + +Released 2010-05-XX. + +[Upgrade notes](./simplesamlphp-upgrade-notes-1.6) + + * Detection of cookies disabled on the IdP. + * New IdP core, which makes it simpler to share code between different IdPs, e.g. between SAML 1.1 and SAML 2.0. + * Dictionaries moved to JSON format. + * New authentication module: [`cas:CAS`](./cas:cas). + * All images that doesn't permit non-commercial use have been replaced. + * Better support for OrganizationName, OrganizationDisplayName and OrganizationURL in metadata. + * Cookie secure flag no longer automatically set. + * Cross-protocol logout between ADFS and SAML 2. + * New experimental module for aggregating metadata: [`aggregator2`](./aggregator2:aggregator2) + * Metadata support for multiple endpoints with [multiple bindings](./simplesamlphp-metadata-endpoints). + * The metadata generation is using a new set of classes. + As a result, all generated metadata elements now have a `md:`-prefix. + * The deprecated functions `init(...)` and `setAuthenticated(...) in the `SimpleSAML_Session` class have been removed. + * Configuration check and metadata check was removed, as they were often wrong. + +### SAML 2 SP + + * SAML 2.0 HTTP-Artifact support on the [SP](./simplesamlphp-artifact-sp). + +### SAML 2 IdP + + * SAML 2.0 HTTP-Artifact support on the [IdP](./simplesamlphp-artifact-idp). + * Support for sending PartialLogout status code in logout response. + * Set AuthnInstant to the timestamp for authentication. + * Combine normal and iframe versions of the logout handlers into a single endpoint. + * The SessionIndex is now unique per SP. + * Statistics for logout failures. + * Better generation of persistent NameID when `nameid.attribute` isn't specified. + +### The SP API + + * Support for handling errors from the IdP. + * Support for passing parameters to the authentication module. + This can be used to specify SAML 2 parameters, such as isPassive and ForceAuthn. + +### `adfs` + + * Move to new IdP core. + + +### `casserver` + + * Collect all endpoints in a single file. + * Fix prefix on the tickets. + +### `consent` + + * Support for deactivating consent for specific services. + +### `consentAdmin` + + * Support for the SAML SP module. + +### `core` + + * New filter: [`core:PHP`](./core:authproc_php), which allows processing of attributes with arbitrary PHP code. + * Support for multiple target attributes in [`core:AttributeMap`](./core:authproc_attributemap). + * New filter: [`core:ScopeFromAttribute`](./core:authproc_scopefromattribute), which allows the creation an attribute based on the scope of another attribute. + * Support for a target attribute in [`core:AttributeAlter`](./core:authproc_attributealter). + +### `discoPower` + + * Support for new scoring algorithm. + +### `ldap` + + * SASL support in LDAPMulti + +### `ldapstatus` + + * This module was removed, as it was very specific for Feide. + +### `multiauth` + + * Support for specifying the target authentication source through a request parameter. + +### `oauth` + + * Configurable which authentication source should be used. + +### `openidProvider` + + * OpenID 2.0 support. + * XRDS generation support. + +### `saml` + + * Support for specifying parameters for authentication request. + * Add AttributeConsumingService to generated metadata. + * The two SPSSODescriptor elements in the metadata has been merged. ## Version 1.5.1 diff --git a/docs/simplesamlphp-upgrade-notes-1.6.txt b/docs/simplesamlphp-upgrade-notes-1.6.txt new file mode 100644 index 000000000..210ffec59 --- /dev/null +++ b/docs/simplesamlphp-upgrade-notes-1.6.txt @@ -0,0 +1,22 @@ +Upgrade notes for simpleSAMLphp 1.6 +=================================== + + * This release requires PHP version >= 5.2.0, as that was the first version to include `json_decode()`. + It is possible that it may work with version of PHP >= 5.1.2 if the [JSON PECL extesion](http://pecl.php.net/package/json) is enabled, but this is untested. + + * The secure-flag is no longer automatically set on the session cookie. + This was changed to avoid hard to diagnose session problems. + There is a new option `session.cookie.secure` in `config.php`, which can be used to enable secure cookies. + + * Dictionaries have moved to JSON format. + The PHP format is still supported, but all dictionaries included with simpleSAMLphp are in JSON format. + + * The iframe-specific logout endpoints on the IdP have been merged into the normal logout endpoints. + This means that the metadata no longer needs to be changed when switching between logout handlers. + The old iframe logout endpoints are now deprecated, and the generated metadata will only include the normal logout endpoint. + + * As a result of the changed metadata classes, all metadata elements now have a `md:`-prefix. + This does not change the content of the metadata, just its expression. + + * The deprecated functions `init(...)` and `setAuthenticated(...)` in the `SimpleSAML_Session` class have been removed. + Code which relies on those functions should move to using `SimpleSAML_Session::getInstance()` and `$session->doLogin(...)`. -- GitLab