From db22742794bbfa8a686741cb749a63a64f03c5cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Wed, 19 Dec 2007 11:14:36 +0000
Subject: [PATCH] Ive remove the compiled documentation, and updated README to
point at online documentation instead
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@133 44740490-163a-0410-bde0-09ae8108e29a
---
docs/README | 30 ++--
docs/html.css | 223 --------------------------
docs/icons/caution.png | Bin 2369 -> 0 bytes
docs/icons/example.png | Bin 2449 -> 0 bytes
docs/icons/home.png | Bin 654 -> 0 bytes
docs/icons/important.png | Bin 2592 -> 0 bytes
docs/icons/next.png | Bin 472 -> 0 bytes
docs/icons/note.png | Bin 2520 -> 0 bytes
docs/icons/prev.png | Bin 459 -> 0 bytes
docs/icons/tip.png | Bin 2288 -> 0 bytes
docs/icons/up.png | Bin 406 -> 0 bytes
docs/icons/warning.png | Bin 3249 -> 0 bytes
docs/simplesamlphp-bridge.html | 15 --
docs/simplesamlphp-googleapps.html | 123 --------------
docs/simplesamlphp-idp.html | 107 ------------
docs/simplesamlphp-install.html | 92 -----------
docs/simplesamlphp-install.pdf | Bin 43359 -> 0 bytes
docs/simplesamlphp-sp.html | 154 ------------------
docs/source/simplesamlphp-idp.xml | 8 +-
docs/source/simplesamlphp-install.xml | 23 +--
docs/source/simplesamlphp-sp.xml | 8 +-
21 files changed, 30 insertions(+), 753 deletions(-)
delete mode 100755 docs/html.css
delete mode 100755 docs/icons/caution.png
delete mode 100755 docs/icons/example.png
delete mode 100755 docs/icons/home.png
delete mode 100755 docs/icons/important.png
delete mode 100755 docs/icons/next.png
delete mode 100755 docs/icons/note.png
delete mode 100755 docs/icons/prev.png
delete mode 100755 docs/icons/tip.png
delete mode 100755 docs/icons/up.png
delete mode 100755 docs/icons/warning.png
delete mode 100644 docs/simplesamlphp-bridge.html
delete mode 100644 docs/simplesamlphp-googleapps.html
delete mode 100644 docs/simplesamlphp-idp.html
delete mode 100644 docs/simplesamlphp-install.html
delete mode 100644 docs/simplesamlphp-install.pdf
delete mode 100644 docs/simplesamlphp-sp.html
diff --git a/docs/README b/docs/README
index 5c9503318..4403e3046 100644
--- a/docs/README
+++ b/docs/README
@@ -1,29 +1,17 @@
-README
+Updated: December 19th, 2007
-Installation instructions:
-==========================
+All you need to know to install and configure simpleSAMLphp is available at:
+http://rnd.feide.no/view/simplesamlphpdocs
-Store the simplesamlphp directory somewhere...
+simpleSAMLphp homepage:
+http://rnd.feide.no/simplesamlphp
-In there there is a www directory, it have to be accessible from web, on the root of a vhost. The www can be moved outside the simplesamlphp folder. You can in example drop the content of the www folder into your existing web site folder.
+simpleSAMLphp mailinglist (for support):
+http://rnd.feide.no/content/simplesamlphp-users-mailinglist
-IF you decide to move the www folder out of the simplesamlphp folder, then you need to update the www/_include.php file properly.
-Next, configure config.php:
-- set the path and hostnames.
-- Use sam.feide.no as default idp.
-- Set the default duration of a session to be in example 3 hours.
-
-
-Then, configure saml20-sp-hosted to match your SP metadata. Change dev.andreas.feide.no to your hostname. Contact feide to ensure that your meta data is added to the Feide IdP.
-
-Then configure the saml20-idp-remote to match Feide. If there exists an entry for sam.feide.no it is probably already there.
-
-Then test the /example-simple/saml2-example.php log in with the feide test user, and look at the attributes. then test sp initated logout.
-
-Look at the example code of how to integrate with a service.
-
-Contact Andreas for questions:
+To contact the author team:
andreas@uninett.no
+(please use the mailinglist as often as possible for support questions and feature requests)
diff --git a/docs/html.css b/docs/html.css
deleted file mode 100755
index 22bb75d61..000000000
--- a/docs/html.css
+++ /dev/null
@@ -1,223 +0,0 @@
-/* General layout */
-
-body {
- background: #FFFFFF;
- margin: 1em;
- padding: 2px .3em .3em .3em;
- border: thin solid #eee;
-}
-
-body > div.article, body > div.section {
- margin: 1em;
-}
-div {
- margin: 0; padding: 0;
-}
-div.literallayout {
- font-family: "Monaco" monospace;
- border-bottom: 1px solid #ccc;
- border-left: 1px solid #ccc;
- padding-left: 1em;
-}
-.application {
- color: #030;
- font-weight: bold;
-}
-
-h1, h2, h3, h4, h5 {
- color: #800000;
- font-family: sans-serif;
-}
-h1 {
- margin: .3em 0px 0px 2px;
-}
-h2, h3 {
- margin: 2em 0px 0px 2px;
-}
-div.figure p.title {
- text-align: center;
-}
-
-div.note {
- background-color: #FF9;
- background-image: url('icons/note.png');
- background-repeat: no-repeat;
-
- border: thin solid #444;
- padding: .2em .2em .2em 60px;
- margin: 0px ! important;
-}
-div.note .title {
- color: #444; margin: 0.1em;
-}
-
-div.example {
- background-color: #9cb;
- background-image: url('icons/example.png');
- background-repeat: no-repeat;
-
- border: thin solid #444;
- padding: .2em .2em .2em 60px;
- margin: 0px ! important;
-}
-div.example .title {
- color: #444; margin: 0.1em;
-}
-
-div.tip {
- background-color: #FC0;
- background-image: url('icons/tip.png');
- background-repeat: no-repeat;
-
- border: thin solid #444;
- padding: .2em .2em .2em 60px;
- margin: 0px ! important;
-}
-div.tip .title {
- color: #444; margin: 0.1em;
-}
-
-
-div.important {
- background-color: #FF3;
- background-image: url('icons/important.png');
- background-repeat: no-repeat;
-
- border: thin solid #444;
- padding: .2em .2em .2em 60px;
- margin: 0px ! important;
-}
-div.important .title {
- color: #444; margin: 0.1em;
-}
-
-div.warning {
- background-color: #C90;
- background-image: url('icons/warning.png');
- background-repeat: no-repeat;
-
- border: thin solid #444;
- padding: .2em .2em .2em 60px;
- margin: 0px ! important;
-}
-div.warning .title {
- color: #444; margin: 0.1em;
-}
-
-
-div.caution {
- background-color: #3C9;
- background-image: url('icons/caution.png');
- background-repeat: no-repeat;
-
- border: thin solid #444;
- padding: .2em .2em .2em 60px;
- margin: 0px ! important;
-}
-div.caution .title {
- color: #444; margin: 0.1em;
-}
-
-
-
-
-
-div.sidebar {
- background: #F0F0F0;
- border: 1px solid gray;
- padding: 5px;
- margin: 20px;
-}
-
-div.table {
-}
-
-div.table table td,div.table table th {
- padding: .1em .1em .1em 1em;
- border-top: thin solid #ccc;
- border-left: thin solid #ccc;
-
-}
-div.table table th {
- border-bottom: 2px solid #999;
-}
-div.table table {
- width: 90%;
- border: 2px solid #333;
- border-collapse: collapse;
-}
-img {
- max-width: 90%;
- margin-bottom: 1em;
-}
-
-.navheader > table, .navfooter > table {
- font-family: sans-serif;
- background: #eee;
-}
-.navheader > table {
- border-bottom: thin solid #666;
-}
-.navfooter table {
- position: fixed;
- height: 3em;
- bottom: 0px;
- border-top: thin solid #666;
-}
-hr {
- display: none;
-}
-
-.navfooter hr {
- display: block;
- visibility: hidden;
- height: 3em;
-}
-a {
- color: #020;
-}
-a:hover {
- color: #060;
-}
-
-/* Layout bound to specific docbook tags */
-span.term {
- font-weight: bold;
-}
-span.strong {
- font-weight: bold;
-}
-
-
-pre.programlisting {
- background: #F0e0e0;
- border: 1px solid #666;
- color: #300;
- padding: 2px;
- font-size: 10pt;
- white-space: pre;
-}
-pre.screen {
- background: #F0F0F0;
- border: 1px solid gray;
- padding: 2px;
- font-size: 10pt;
- white-space: pre;
-}
-
-tt.filename {
- font-weight: bold;
- color: #600;
-}
-
-
-
-dl dt {
- color: #060;
- font-weight: bold;
-}
-dl dl dt {
- font-weight: normal;
-}
-
-
diff --git a/docs/icons/caution.png b/docs/icons/caution.png
deleted file mode 100755
index e3897db8771158c562faec8dfa675633ba677007..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 2369
zcmV-H3BLA;P)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3labT3lag+-G2N4000McNliru(+Cm{92SZr)$#xU06ug@
zSad^gZEa<4bO1wgWnpw>WFU8GbZ8({Xk{QrNlj1+3MgYKATls8GayP~Yjt8ECu(VJ
zZDC_4AX9W@X>Mh5Co}I@000PtNkl<Zc-rlmdvH|M9mhX+HwjC~hDV?Q!YlHWTA;w#
zB8UQlg)(RnQy5xj>Oe)EaXOtUV~0X#`fx}c-j6a`ML+~QO&?<0_?T*;0SZPDgb;=|
zl3+r@X0yA=?!D*qk9+R!*~=!`NVGV^ojG&&p1tSX@Avon{(k3o?}1y#t>f15l|GCw
zXx=_RzIJ^DsQRi97!DKxbF{t_z@LD>-s~QI5NHNu3+?AOGx)hcv=#79d-i4o|1cnQ
zpu-CD<))QS$vM;RNJV1l%>;fv5YquZFnzR)Tq>33`CZbiDU(ZoJS7#0r#s@|-Wwdh
z5ZDf6I33@cF^1h+i}6M(zzjn80@Loji%4S~Wgni`$4&=AK-vF`z$3s`eU5oE$MV|C
zEAfOXKne_LfwUmjz_ck72nVmS|D%ig95a9*u>Z>@@G!7LA73<kJg>g^9G*}Gh7=&J
zH~~Xi5DReM)Vl};YT19}Q+=-cfdFve%ObD{cm?n{9Si2%$+j)O!P{5?Sa^C2!tmul
zMkhR7dLkoNL7HG*WBQbd1nWQJz{gc?64!u(Uo?TofGs-sc{9hd{e|D!;H8C;nT_l|
zh@UQdnSJFKsJu|mj*>DakI5&~E0M8!W=x$(pst#ON3ZA$>is|+@Za_T%4o;EPXHVA
z)qCE|aqRrVb9h20kywBQhM>H>f^{4Jm^Ap?BXarvcZS>Y3ZLcqWeX6(V#BUuI*GL^
z9dAq*lqb#mo^peKv}lqIzOe#?iQxpTWfF}xUpK*R{c-^lDJ`V5Abgfp%jWY$(e3Wi
zX1y|2hY@&EStbsC@q)YAvUUYV=p-O)P{KqC0Wylum#j>~fRVR#Q~z7>ASZl=HNPlg
z$wR~3BsKs`I)cE@)MW8v$-;Zsv}!p<@C1f1L72AJrLZMrM(C2Al{86VL07VUo_I!*
z(zNfFCWKD2ZuvtzHg~X_#3mJUpPRtl!0+^q$A54y>z`kSp#oMa>mw{ckujt6>Y0-?
z(a6C);_HHxrt*MkdqG+dI?ej!b6NbrAUBE4z_`ytpbxOv4St;iUf5d3u_UHVLILXG
z&mb!^ksn4Dc26v7QjwO*YfgXTDK@NlkVSL)yGhJec-lqa>%b44i%H{$*p_cNZa*A>
zfdHXfQb|af5Nn`cL0){ap#yUh!P`QU!h&EW8<)@Fo5TD%mS4JFj@qAv)~+sw;E9CA
zlm`ry9E1X{ydWb1Mhq`VWT3t|F2JTnT>VC!8!PzkggiPljqcvDS!v$1b&L&Kii8{z
z78Z!cD|~DGkofq1`JEG%mKIXUM+!Ao2n^wPP!J5oZkWI)z+vZNTggF6_kNP7afGF5
z+P0j5Wy?yM5D75*o&oX6dUegR!C{XxWWs~CBrT-+@4fOGcD!{($FjY(SKpROiAEp~
zxDTK)+)UXAXPGp9AiaBLD=@ajq*U=BEr@%>BHtIG^87VoF^iupygez%WjuIAoDkBY
z?BlCEv-uonE;qRe{JA9(MjKxijsU%!j=o>>v!i$(lgIV9ONV$0wWVP=>C~Hv(KQb;
zvj|mPptBiB4%q9~1B=5a>Uet78On|YbquvCq10%7GTmaX5!j<%)N=uXp(t;@U&*N9
zy%=2J*HWmH<CRRZ{alLrS@XhPUMx9|Pc|{Ee|7>qiInPqFWz~PcMb>i=LdmVz-gDE
zjrM$2F@Qqg5YWTv?CS5t)?d$J_T)kp+_v@OYlFu_$x*@lAH4*CKRbi!zt1AWD^={6
zaT$GBS;wZ5Dz=q=raw2P!0%I9b(-!0*;W>E$ejbmsBb#}1cJ>hT>1vDmmas{K{#?y
zR<)X$QWzyS$1W-6O)Vh9E8`Y-z#lnvja~25xWSw1o#T+Imc0t6*M-YyO+tq290E#!
zX+Up)m?_xv{uu`K&0*BgZt<XYB<1tQm_EK2ciz#B$L9{DODB@zpsF^^)_+v7YWHPa
z`hFJpn_KHH%g6DhL%?C*4EzO{2owNVLb7M?Ir6$@QP8s!{%ns5YTLqn^D-GdB$qB(
zB(1_#wGm!@tD0ZEa?$<VHNfi{SVIFWQ;<sO0Uf-d?(qUy%DsDlvA{sEtBHS>U1HdP
zT>9j7!r$2w&-o<PJa(X0*M@oHKQ%n_`*X--I6GC!bbo#kF6$=|@up#YkEX>;^<OFQ
z4Io}VzPaxb1wDNX=<UPrGm;B6O*a4jsGcWRpT@G1o>>aKlmd%zkr3&m(Uv^m5Xn&e
zZz}>roq=y3tR}yE7KOci<aG9^jAL8Bsy0md$p#)>d5Y#}5{CWiokOU3oor)i%?YsU
zNTfr+<MM=leoqDU2xsuShidFMutA;en2;vbwGmET3{$k?1mPy3KkKOW9_)bkXlXO1
zWUG@&BGFn98?JT2lY)>(<?37|DF6-}t0&xKF?w(|XD>HWc`?MI;#1TIP5l{XfYm@m
z1EgC!ral(ORMWj7+ggc@HV7H6b_nq6B+5@V@a_k7)CFP`zjlc$bx9Rw6|hpJXQ6?N
zscaWf=VnDBsyv~`LYphG4%VyAnMyvHDl0k7r`jXxi$ZJjUImI3i6#wnNF&jtKu1(_
z?$KogAiZgn64x!?E&P_M_-g<rv_K-Dz+X^+L#pNps@lsT;((88QW7arYFb-Nx^z66
zCp?-boOQzS&?xowxxePUPl11_3bPpqYf@>_q+}(QbWAOfg=-I@-FswuRx(@}DMKUS
zTo))pUUhv{E7W3|zIA}6E1*qR;9j>Hw|A4TrA5x8Svo`Wj{d*YGK|o`xvlFyTP~U2
z@GfO4Ng1x+UKc5^3zV5+aiW!yL3HFcYdR^`vA8!yVdj*~GDV?gw2>@2Y@gUjvka%b
nfZB0Shir6r#74Qik-`51XnnY|(@{Ta00000NkvXXu0mjf07q)(
diff --git a/docs/icons/example.png b/docs/icons/example.png
deleted file mode 100755
index 2e68475feb328759e494c3badc4b65cd3e364d57..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 2449
zcmV;C32yd@P)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm00006VoOIv00000
z008+zyMF)x010qNS#tmY3ljhU3ljkVnw%H_000McNliru(+Up~9Wac#=Xd}B2_8vA
zK~#9!?U`F_6xSWbf3q{YUVH5YjFWIlD^iM5Xpo#pO+;0c#!XW!qNJfpBPC5}#7k(?
zm$VP@zErJBAwVh>DwIlnXx@6u1r?VjA&MZEHY6$yP`g}gH(+dvjc@B+@6NgPVb07B
z1h3a7O{Iz>9nb8{xqRRMKF4saU2E6cwf4Vk&U7y}Zrqsa>FGIp>eQ*GWHPBgX<$N#
z#G*xuO0BJ}cRc_6^QWd8=T%vwC6mcqpUdUAaN)uy3f^GAz?rjW>y=VVfH@Ip21uvV
z^!NAw7f>1uV2lYMo8aCUa4;CHv1-4e+A@hM?-tgIWy_W=RiqgJ(^{jHMk$4q5-EeL
zQUc*igpdd!kWwIoz?Tv!B|?g-1iYCD<n#F%2`pW@G?HHM2Q((QH(*d`9SYtACZa=A
zsc1r@3B+#fdJY(U{agt&1B{Q4Ut*hqieo^mbfuIQq^^L90X2ZJEW&Y>H9}44;6`hd
z35hT_4Rm*P-@f!yOUdW+D5aP;Zyt|7{y2?|jU<yvcI?=}=-4PmM^S^;)>clOI6<*c
zz*u3XQZC<r>IZ!0rki--rI+|qXD7z`fYv&?4@l_97XqSsMj!C1M1pL6x<0bWTrS7K
zg9kZ$_%JJ0tl+^1A7sy-J!q|&n3$lWBgd_`wlXj<z>e+P>Fw>qV0if9M>&1^G(A1N
zd~wYh_P+e`r6#07qayRGICh{ZW7PF?a$?7EvYAW<DFSDDI`=e7mMkHc%Q1iceD1pI
zE`$&$r5G9-;@M|^#sgn}fOp@0m#y2jA*4VG!JT)0nZ0}W(z$;hsk%CZ5C~r&tYCsJ
zBSFc~k$r(uK0>LvMImEMRtUl1`SS=N*l_;_mMvSx)~#DPdh{rc<3s>l*JXJ40)^5P
z2M!z{olYZ!KpSXjX<>MHn89;{eDBHc26N)zl|V{~?+b*K_?A#v3d&`P^viQ2Af?P^
z8Z-F9M+m_^U%Q9hyLZ#o)y)S-J_yDLfiDEvY!;;yN(fG#JQ?}K)KrnKt}e9J_`cxP
zS6`#8?JJa~N|Z_^gzqED0^j!|4G0mCQ9=YER>+3d*4D;3X&~E_McVl6c^-=wFGffo
zH<<*$7Xm4KE?&II#>XDR7|rtKpQT(bM-uMt?xwxHoj2b+gi?yzZ~p?rL&J<*9AP4#
zr|1`hxbIs6(hs_@#C#v6rq2b_I<eNeNy-4cF@~Mb?j+ZdqrJVI*I$3#N?8F4V+`MV
z^idwzumONqUU>x}1Q^)0YZr$O9YSl(xpU{(v}qHCLIGn8_4V~MH8xR~uCub#kpmkH
zMq6iA+yL~{OknNWwa&=MSd&o(UrNxL&Oh$s__5=Rj*K!kK1Mp7M#?fqLr+f+n>Rm!
z>w0LZ8J!r5LgV504s+zl5zd@BLq|skT1%UO6<TYw)};M3NiT`(x!^bf31fnsrd8Ek
zaK&nL&6+jYhWh&PTW(p+JAeHPj?J=RA|uMI=90J_UX?O{=J@gBy#N0D96NfH?K^j3
zw5CujFqxkWG-R9WCU8BEbX}TcGD*U5!h9BL<%$0O{$JLt0pW{gkxY`$=aJTgjEMoZ
zc~;wORmr9Xbnv#jyPFdyPSDra$4|Fy0~3&TU6+PT1}OyPa@j^8NkS@=RHTwglBpC<
z!U1EGnK85T0U`W_EiIo$T6M=WW(XDxM%junRClbN*}nZ5Zu$Ib_Uze%^nII|H3mZh
z2hZ~`I;?q26uE?uc)pM4c{m9NCn#KIN5GeIq0*XSp+K=%#C6@Mvczr}r1?q#rz-={
zO0#?SFJfk8PzDkjw9%0%Y6m<oiJM3ul(O2^2%(Wm;y4KsjsviGRs_xu4zB&&%{O!5
z!Vr!z2q^+najdkgf$CU+7ZHo9wU~csP<C`^V&QYpXk&1K>|YU%0gS?N92|#5vkjx!
zR5FE>lClt&)F@H$g+{B2KbVTWhKjJ{LTwR6m#9)zfmuakshE^jI*KyJnCoUmKq-}V
zJvT~5p^b(c1wLUNHwH=vqK-u?b4i^aJkycJRHe3#0)>fvM`#m$inrKAVM0T#N<eF!
zRZ7y=+sD4neXLrwiloiH5gFix7hmK%n>Sxl9$zuEhV{Jzn6PB7M77H>#S6;tcD^wt
z0~BH(det=`l|o3Ll`B`$+uKXASp3Mix8HmVAw}g&EcA<*R)UIIPls_f?MC1<pyC9s
zn8?<zUmpz^85x;z<>uz*Pvo?sv$L}S@GXhzwa~!8K+Ox!X6#kABp~AioEj#%Knkb_
z8f~w)<Ue)uZOeY2NN5TZdjFY|{XeM{$sOxfzkUA05mu~TzV*QG4(+RQsG)!okOwBL
zACzi2R*7q=4rs988-O%Wci*OUKlVJA`o<>Coa}$bN~osZkePQVok=qI;Xua>V^enj
zI{VwL^;{@yq4YEMnhqDrkBzQuT+qn;g$s6CqVeul>u<d9){mAfyAChu()Nun-5Yy%
zrTJcrkXzH)Xsj&&vOtrSehNsed!+4$<#N6)m8t`0?nkGEi895>5`TN+A8i&-C{!Km
zK2QY4Z6B-UTqsV`Sm!C*Ya)|Pwk1oAoIKWd)t;GY%J9{P?!5c8-yYl_!z2M=eL%$a
z*0mmNMa3yFWhYJn?l+&jZ^!uPFg?f4ar)?ow^^;Yv5kGZp|JC&%>ws+`<{pD>Yc6q
zJ?C@4AFQoo=TF%+LNX<LKPw;ji29T&Z;(P!7%#qNB@}9B(yDhP)<>)LeZPM7IlmkP
zmGzI^-EKio*{Cya$Bo(FA)#3j2$@d-#fP8Tu*)x(xHve$O{<puJr?Fd@Zp9N_SvKj
zebe?#(}K-6E?>m(`JpXVSd*8{E!zG4xo9ACBn7Da*u_VLZ}|7w;Xl8#|Gnp8;KyU2
zr(z}~XX?NC`OClZ%O!*m+`nnv{T6V^0v564r7kzeM2&tHR)KnIGSAtb0S5myl(QR!
z2_}D;lyq#~OkFo-o1bXDE=^C@KX=%5L#H)YszPTIMlT<qu<_W7X(*JAuC`eX>w2-W
zSzbxvS4$winRA(T<^udm>&8vj)H3Pg_~+o&7t0@A_v2dgTD#W%uiJkB(0Fa4`u^T$
P00000NkvXXu0mjf_5`8`
diff --git a/docs/icons/home.png b/docs/icons/home.png
deleted file mode 100755
index 17003611d9df2b066afc682cbde962f3a575002d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 654
zcmV;90&)F`P)<h;3K|Lk000e1NJLTq000;O000;W1^@s6;CDUv00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3labT3lag+-G2N4000McNliru(g+^~F$eY9OLhPN0vkz0
zK~#90)s?Yp6LB2HKi_gghu`3E!wDUJLxc_;Zg9MzLqS1G3ob$}Tqj3|4qZCjpp$=s
zgG0v(EhvaMwBV2ofgaR=5Fv$T2t=@ufB}W)(vxd!Vp7||2XA@&c<=k}%kOt^!>~yY
zO1cF+0vxb!W?!x?K+*#62Jq)nA4q`)5S6sgX4ao{=)(Mgq+YMr)7sjak|a^9)zS!j
zlk{-n29mabXYF=7SYBQx&vO8xC}MYams+hxqtO7sImhPaCf@rq;I^3!#u*2aUP)55
zT2&N90xmEJ0s&fGT~(T<3d2xYmK9C>IP*x-M@ib*+0pFm>>uW37N2Wzaq-fCnIZE9
zpb8}0+uN+KuQM2oZVHfP8U6kQdo3?>Wo2dT)WeM9So8Dq<pxiO&9@}|I6Xa89LH0c
zm+8IN(a}*6@={WOq$lH+IW3)Y+S}VJLS7*0L$}+NbMBwb%RFz=41hD|97{_}bUGbs
zwHlR5g(OM-zPJ+dJSWd{;yA{8kM|y+gQUBXdXm&?wFD?l(@{5dB(f|Mpo4>hLi#T0
z-i(>mfjhvbsYV`;4sgfJ-p>G-SqJ!fjR6BQYs1h*y9xaN0l{VB;o%`08yiy@)$8@~
z2PD1gcDuiy;j1tR0v#V8OH%W)25-YKyx(j#IXO9*YWf0mb8}QG6@b@;cHxh9{t7+@
o!Yd`f8L$sLH?yBt^q3C6015TtIu@BS5dZ)H07*qoM6N<$f*igdr~m)}
diff --git a/docs/icons/important.png b/docs/icons/important.png
deleted file mode 100755
index 2e1a2a3646189a9d424282765234187f63dbbc26..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 2592
zcmV+*3g7jKP)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm00006VoOIv0RI60
z0RN!9r;`8x3DrqNK~#9!?V4+Bo7EY|fA9PH9w#Qgq)8l_CZiqBlJpXibPcVRs;eMX
znOX=HBn*T=8;dF~s*n&L`hlv_K8y+pO?1$yX!`)FR#6zL3KcC3stO9FqFq8*+pTHS
z=GLUS*iPd3-G}$Q&WYnVj>*_Q>_|s`b8H{~|Ih6_&vOF*AOGE<Eb?CFerk%nbs#QY
z_5URT3ZOg=OI^^cz)v;UCZWDI1!p4g&H?xfFab<078zxcfInw}o%4O+7WCePKOceL
z0>eN|kkNl=0t%qD!E;svOh!WoB0w1WdZ6t?I0lRZli6xR%L2UmIFzo3qZW8feq$1d
z3b87}5t3P30Sn~Vpt&6SJD^<xum7htptiy?AAF)fP<|t7NEVmhPq3kZKt%;Ehl5+E
zPjm6;Q5020kH-_A9|y(^lE)9iBfyAQUXV#C-xs_tfJ}M4RBqqSU5`A1*XzaYcB3f9
z_9NZhoPX;rI*%M-w6~YZNMr_S6+Su$zZ8C9Dp6ld0x7{yh+iz-vW3mhKTly{Ar6OQ
z&P~F-y?nA~57$2boROX$^msf$LV*)+!lS^@LP%)e2YkfqWy9{>Y<%Jgii(P`*=#6^
zGUv3p-7IfvVz{e|=-?m|V`FIXIEsO`><+NB!<Pbld@%?pfMo-`p+TJte!}OY>6KTg
z-@F-*$AhY>X~E00Y~x1q%gVTR`ZVJsBUsF^2KA-T`z?Gch1jeKn4xl?)v!+xyH5K3
zY<~G=LTlELo12?4aCzpJl`%CwPVa>a#G+9wLNIn%qr=BNFqnxZv^3z=$6>t-elI)h
z2(YrPjoN$e!Rz&A1>T$`_4Pyt2Ix6|o_H*V#Rx;r5~w>1M?_>cNi2wf3RpM5#|q?`
zizC2Ko_vz^k3PzhB}?W6wtxSAUVr^{4j(?u)vH&judh$}IaO8hheGt6J<ITo8z}KO
zn&H9za?m;qf0#@cTD7@M=hv{yD&;g0ATJc6@r4&CE-uDmv7`jGZ{I!!2L}m<!(6<0
zkz>b>F*GzpV`JkC;O4X4?IuuB!R3!WB04;bCXm{pb{szFgMoDZpr#`50F*gkuemTK
zLS5tT-2?&w91h2v((mZ#pufMLlP6Eo(a}L95@G-T{R!ZyoV~ERnpLf>xV&BfT*78*
zVIPnWIE@2*egX=h1>hNZaRjJ%-~o!4FURlqr+3c$d@fzO#L&>t%paO3N;N$DEP)j(
zP%Q>dy8&*+-LL`36-!$3*_BK{-411T_>FwzI|Bh4ckQB}pdc-XzP>&bMIjoE&XUyi
z>(|qM7huz#J$On=Kv8fAQ!0gBz->YcX$dHRwgjF|&T*=D?7-!6r8ONzQ79@ZA`*!Z
z4u@wE2nK`mMx~;aD=Dn3B**7N5vF8;AFYM;k``tZOKOtzm&wwP0d~KiRV^*}e7<=B
z0N8A{)Nwh((7NvFr?KVa7<&nkmm4PSk$hnm0R>R~@Syyo<3L4oGkJM=^Ge^e@lYs)
z+wGnKzP7eDV*<gN8iF-7Xm&eHBQ9SH4S-wlN@zhQV0FM#vh=k;fHf^GX&pB?viN*H
z%FD|W8d)d-MNwF{b0==UA4L720VPH@-~k+R_&1rTt*}moVma=YH8zr)o0~F8n=2$%
zRaN0~xhO0wOc2<%ZQFtf6t7;*(zR<7T5th5aF-yEBY3HRVroEh!~JsHp9EI!*fGoY
z=K?Mh7#kbIE`B^13{qEDx8O9Rs=1lmf`Wt=RA4>)LJ%;`D4_w1&3H3W8kSU5QBYPk
zBU#HN;{@2UWeZNH6PwLOTU%RJdD5LtO;{X`ghN|^g6T8CG$Ta?)FvoZp-6V#(v2Gv
zjys>!lV?jy3)R)tY~8w*ojZ4Co$M`Jw~id)3pNA!YC*s$6r)%GH2~{m^N9l$_uh-o
z=R;N1tlAa_4jjn7Un4Ym$EHpE^VBI6RmCdm>APX;r|<{CDXIdRT`E>$Ku#clr?@y#
z*Zxp5S<}_`-%l(W#hIU<(1O(nG^QVDDxhjosTczSRaIFRDxIC3y!hga+;`u7w6?a=
z-rl}o;PPC)X;UIUvKaQWLIfropjiM-Ps)h`6%}|qo*A(`)A8DCuhHGzO?!Jg!^6Y$
z_V#l8`0=!+l5V&IfrJ^WhIy;Pi4z1=T{@a$Kz=ZY)9K8Lz^PNG=<o06`t|DoeD>LA
zDfh{A?_f<0U%&l!qIhvbiO7j;fNB90Jt@PxcJ5r(&RbGaLU(s};_rrrh8bWNDij4!
zH7)V%G%7?hC(>rM!7ad*bLWV~Vp;jX-o1MXg+dANufF<fR-xFOSHJucU7xNdhoM_2
zLo>su9)_=7u-QzWZnU>^^3WlE{_w*KmRMzFB_~dt$Xepb<MOAU5*;3%?nS|<u=Hua
z=!dW51uyW&#~$OImtI=5khsu!<%=))(?bt2aOo1^fq_JAG7A5a?-vwtvMu=)yz7LJ
zNyO}9<OhSSY;I=5GtZEJ`|TMYLfMY54;|u*g9jP7e3@I<t}#9`k_axtz%kg<V{|Jz
zfo`+#@veZ{P4I@zP(aF2T3^q~2Op%Yp@Gu6x<vs#*wsbXnKN8?|9v_?{1B_d!DKYb
zSYO|aCh!<=9^N|(M}dC;mw;YnI?bSX8Qj$bzq1*gfYcJ!G;(}C?76uFSFIwixR|2K
zO7e<|&~=^LYihVH7@YOJZ{B@3@qFRE_fS-o?~We_MM00pnFxo`r=|$syonx<qYFD3
z6}9m<@Yk>4Z@?7+z6%%>ElC{0^n<|C?eNr6_*q6bBsLpXrxUBwNqlN5v(Tuj#3v`2
z2#1M{kAoCtVj`KG5dJs<z31SA@8AM(LlEc!`hYR>X3=7r5=K^9Tm(O^goZny!7g>@
z7IT<Vj!89$d9yPJ7th1#PPk}XuhEYYLc0a{5nw{T7PX2fnh*GafOz$UAhZHj=fl$5
zq^d2`5tpXi^q-jSN)v;z5x8*${(c6|OQt^z+!UaD#q+38R9s1Fu~>vTxkWF=oF1{3
z132%5au0ZyK#2n0Nzgn{;4t1#Nx(eU`wja=1-%P8ED-zLFprqvG%gx}qXPUbLm><a
zsfWeq5@B>!XHGb_W4atASIiu-=9Kag$MoG@;)F~-;p0-9d`hyMn6R9Q>2r#Rko>3s
zJSsp(1i6@eA*iIean}Sen*i$&z#U@RB@#A4z?|wFd&ed4lS$ymh1o;}So3*8>QK+>
zQY#t!>wqfA$N;SpXln}a=?KInzm<thO7{Vi(r4n*xvFP#$*0JPVG=1-nzHFAX#$U)
zWKQuUpz)-8V|}r2>Xjr7DJj<Hi=N4^dW!Xo#=ilH_Wwlj$m-t!0000<MNUMnLSTZV
CZrl3+
diff --git a/docs/icons/next.png b/docs/icons/next.png
deleted file mode 100755
index 92832e3a4566e59d6e4092010e08d28f3be3a68d..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 472
zcmV;}0Vn>6P)<h;3K|Lk000e1NJLTq000;O000;W1^@s6;CDUv00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3labT3lag+-G2N4000McNliru(g+^~G7L#2!94%~0cA-<
zK~#90t&|~e!ax{?pDrgVDi9MB6HPEA7{mku!6Xj9KQVq4qIOATMG<w7Ol%GT$tIT6
zG#P^AouJJQwnDqzo1D3P_df5J`|hBHB;B^DZ(}@^w9!GSq#M_OSd#KQFBy7q3XzmZ
zQor9<nx^g{6(9^l1wr5*VgrD`K_uNtib}K7mD_;U5J^F0a!xj&Da0!QV<1_rR?KFz
z+8|k$vD@vA_JSZFj$=ln5x^^O?|I()X$NCTN|NL#VbgW4ldIaeEmRZ*lgWg|Vgb+t
zVoAO;fDOsA3}66EodW9Q3{YM6a5#j+Wj{Fs)J#$VVC+KQ_X)$W)@ZxkvfuBUnEx2l
zYe}DNADS`d;zKh4p67i?ngWl2|4aA*&^bD24D<Q?eDbD}w6r@g#wd!SD*3w6XLkXx
zt^g<IZ<2cdGPeQUZr8ne33!&I<#OrXyaYU0!?bZ~Zb5qGuiLp?{jD!|Y5)O~pG*G$
O0000<MNUMnLSTZ|2*tJl
diff --git a/docs/icons/note.png b/docs/icons/note.png
deleted file mode 100755
index df1e0a9265dc6ce7602d3da91195b2a84d278e01..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 2520
zcmV;}2`Bc6P)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3labT3lag+-G2N4000McNliru(+Cm{3_9{Tt3Ut%06ug@
zSad^gZEa<4bO1wgWnpw>WFU8GbZ8({Xk{QrNlj1+3MgYKATls8GayP~Yjt8ECu(VJ
zZDC_4AX9W@X>Mh5Co}I@000RaNkl<Zc-rlmS&ST46^6fa?!8sj-7}uC%`6_<!HE+m
z*a_HXadzX7m?&642#a{&0gyoOz#<|*h-Y|Uc|bx4ApsH~2p|v-2?+@VB_u2fOA>4#
ziMJu+u|4+K<IK|2U3Cu+RXsDAfFO1UA>kt(b>Hsls`KCTpY1lBm-BL7{(q&>XuPx0
zX#BF#Xv|gm%SNN|&i|$jat_9S{+3nA$3C^^MrsqsC{9l@IXBIhMyI%Ivh{_TnVH-F
z8vxwd?))vQk}rJbhSwnDM`#_~4`-&R=WT9Wo$&WIS0Bptsdl^l#ET6;&+>Qg|MV@p
zu=#n4!w2xr2=#!k2b@<ve(3-r^1jN$^1ldRM_-na|7|a!9tgES$O1_g2wB3K_3Hq3
zEV=)S2E@O>>rF&3Gm2xQgnB@|qE2x^QSWeG(Y0$avkb_e7jz<s2+lp1y-AXgrYYW+
zCgpiftJPw9dRn>$Ktwow>@nVS+j}`Vah$=dq>P3VgnEbTU&#~+Jv}vk^|P<Ba^(to
zdun7^imD<~*&|B<#L`)!h?Gt<gLRke?f|f^0Px<^I<uEI-*f?=``Rz~{N_G<Jwd(V
zyx>PRPz+qeSMPtEGgD`nKK=lHK0|wJ#4O;PQ~;JSR~%@9Xog5A0brzQ+M#*Tl^7`9
ztK4$q74%%Yh1>T{F_8y!a1HJiJ2}-@%O}5oAJb3oC0eA_E{G9|7%?k1F`8gFOtVFm
z0Fr_vpb5AP(R3+*?ocR%K*XUw<%93Ofp<N6fcO4pl&9}M2>g~Shx^%6&)K*-@NhQ7
z^h}Ety&2JzA}S7F#<DoDxaa^)5DleD0-~724gd$VyW)Xbt%j<@`-C*h_{jTj;<2e&
zzPq`X-@kelUtX_l%!ECEIL^+iH!?F<&}<rcTZkx#uQVXqSWpNcq4Gcg@d%+4(B1Pu
znx?3DoKJAxxct)feCAWP@`)cj%)UR2VFq~-*>&~B^wcxvTajklcy^{uNE4ib^NJIP
zEupn&Qf{>PD!3KII+;qkN+I<g(SW*0NHboxX&oQ?z;33Wo#w7z?BmJ($La0O2;QUW
zF%(nBT+>honJA))^UEH+V0=Y0Y%ybX3xIPD5szp>@IsQdsnu$%=$%K!*uC>IUcPxP
zd2Xy+)k~5D1c%pv4*@fwT|gA5`G3LaPL{GrjIp~OaL$1^oGU35e4tU!D2f_Rg?cSx
zXmAyI9uZM$^|Ck_N}dZ&l_U+zY5?H+Kx>%vf;B-Dgbsl2c_79JR(1u!CnRa0C{oPo
zq`}e7bE1KwsB<L2<5Wqr3=u`0Cq^ZxFH^hgTlR!jX*`0V-3Kr`JBzBKA~+``KEcuy
ztRM}Zq9_1Cv@{|FPm%=EGy$q=?Hn$om?j|gB~40EF+W2nmQtw89uPsDqliLC92Nsk
zQeq4gF`}wCb;M|(TE>k!g7=)7n&rsRQ*7V1t?Ug9o;onb<mqW%xpfPPOA%2F1MEKn
z@Pg`qsv=ru3l}_26Mp^Z(?nDL{MT{zk2dM)TSI-tFu&h>g0Fn@K_1`t49+Kv9X-QC
zkBoB9{eR)W;bVv<eB(R!^32#I{VP`Rjc?zDXlZ&`=-fi}?izp<y>&!A>QlTAsCrJG
zn&l@y{UbB;j;S-VJoxLqj2}D2#EB_x|IphxFgnZlgfQJqNzyu3?%2vj7p}*EiIb;!
z?e*Ka?9vMv8D5QvB9wK&)OFtj&+Dzt7#!&1FHargrq^!gbvw86)c!Gk_vqia?y4&g
z5#I8~tGMUBhq&Tp>)3qRg$r%8;py+|<FjA<9(Vlc0j|Gh$5{=Co^zC;!G8MtdluF!
z`+M1c=m=Nu*t`I;D5{;bHm&(N0Pec`0k*w-Bipxb;;&EsopwGC^t^Zz*&TP>vF>?4
z_H~AbMrgMe=a!*?eqOot5`KK=!`%PCpZNN>?&b|QUsrXrj=APM0MAa((rDCh&awHj
z4YU^SAuos+|FH)S9Xhn;f(wQb2{@Nf6b0&9tX^5?qaWCVy0VYodF?hpxbCX096vF|
z_1A18%MwJCp~2OxIx>lf^42%+=ANJbhCe=jfLIh<e)%Rw)~o>)5QFHt3*eDQ9vOVe
z%D$?K2Ap$5DW|F4-X1K@VOC}l5l50XST{0IPFYo5$g&#OUbz)eLV!ItU(@O4DisVV
zdku=Ju3%lE(DCEPFCAGkPy!HNVRwK-v~2K@fLU2>i@Zruw6NI1iZ;Ze8m!{t6xLA$
z!6TJ9QqHg4ZRTcXW;P8B^p!K~La`}JzQuAKEm9bCvY)Dy9zcOkiu6^pX3y<JRm;tg
zsuQ)c`|TQl`T4mEFIYcPx)=dt@x3S(jTnU@Mq;rDPQ+Eie3jp;{YL%s4+%ThnPFxm
zNz$DxblYvWy}Q|L?cTNP#?mk|tTX2tl}AcCm}#Z5u*qgis4R+!Vip&)q@hEqMp2Ne
zY3x!EA3S()<=bxEMZK2No;`_)RdFT@#iu;)iKtp-R7oL`^1Du-FQ%Z1YHeAg1*jm^
z?qdtR&^e8i0@&o_<d)aJ{^p7nV9_8NMqJog5kXZ;hHLputv*`}Mk`aKL0mScs|c7Q
zN(sQMV0L!4D+7%*o6YyUYTFiCb0;v196dTgk+*na?~_cNIK>nD_G2;9+tZ-0uffI*
zYq)&##fZS#k%7_+3#UC1AtLd)hjvjtYHiGnXU31RZ|{Dlrlz_BAWc)u3V!&L`>>+m
z?t35NnIjYTI<cu^Cr%%ZMQ&M^9&5Mr%m=rsIX7RdUfp-Yy5W~>uh%nrRy0^YGR&rn
z*K@^|OBfy=z-)1-KQcba(TS5hy?>O$qvMQ@9_8r7Bx#y{crovu-Twmu=+Mwmp67Yz
zO!L7sP48?rn}=s-XHU<~&E-W=<UmqAtX&00TCMBAH6esKGrPn&_YPHM!-khGJY;O_
z$RQCq0_+<c92^TF{HfJyjm^x=%#4qZ9|Y#k<qwWd)v5tmWvDKxkh*N$35>j|T%A{|
zzLV-c`7%4I0)bT5w<?|cXNSaR(~ZU@JIoT}Y?;Qzh+SAOKikZgQNt?Z-LiYN{vCzR
i%Xv93=jFVdll%j8Fn<i1$3OZ20000<MNUMnLSTYQH^wCZ
diff --git a/docs/icons/prev.png b/docs/icons/prev.png
deleted file mode 100755
index 2d05b3d5b4aeec9384bbfe404bfc4ed0897051c4..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 459
zcmV;+0W|)JP)<h;3K|Lk000e1NJLTq000;O000;W1^@s6;CDUv00006VoOIv0RI60
z0RN!9r;`8x010qNS#tmY3labT3lag+-G2N4000McNliru(g+^~F($dQTPOek0a!^y
zK~#90wUr@H!%!GS@7pR7h>40xL?wO*>WZ(J#ML5j2<9jD6A%Q&kC<R{2;7#CrE*JV
zmb8MT;vi_30c~lQ$4Q=gefQk2N&BRh04{La_FR)-2YBR*42W!pKLc#HTe2(zNUVpi
z*K0h_BaUML{v}+J9YIxiTY*!vH<lD`HXHfAujO*N-{|#vMTv)!b03nPj4`vi_LH*a
z#cDtXoR>}jOeEc;X{s;`zcnxLeZR6?6h#^ihmNF6NpGdilO$m<82oD9WQ|6nVv1`?
z>KufRi{?QPXg;4;wroQu4?mN1Ydd@|kaQ|ZyWLK!)yi7<USN!Ql{D-3`<hOta$VQ1
zAm>Wb%=0{}lD)tfliHAUyWRQ+fD_;aV6j->y6!O_8bENg<bb$jy#x1uj#?)vX!zFJ
zORNd1Bvu7KCB<EUtt+!kl5=NOkV_okBL8<a;uAAZ0JjyD-0}bb002ovPDHLkV1kj6
B!Ug~U
diff --git a/docs/icons/tip.png b/docs/icons/tip.png
deleted file mode 100755
index 33aa88b5efa86b5023277cd229062893d3cc5403..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 2288
zcmV<M2oLv(P)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm00006VoOIv00000
z008+zyMF)x2&G9xK~#9!?U`$gRn-;8f9HMflYyB*z-f@-p+yaY6t&crLZrdi^Z}Tt
zu`P-9gJ}~@T0WS5X&TcSo76;-+BBvTAJwKot2Cvp@ij6n6hR##2*WTBocG*2b02eG
z=bm%=fqlnw&)nDGgP5?Bm3d_Dn)To7zy5pewc+x*ye_XV^pZXUUy|?p(sDgtUEl96
zDF6wOJ*EhgJmz}L7Up=&y%Yev0jt1vU^B2DXa|}B1IPn0pdaW44gs$MmdCt+K63!2
z9an)B!2Q78t2=IKS-JKGu2^~{;b;U?H&7HA*LBGk3Z&C%#z%+fIdP2B$2()di@=k>
zIRUZ&6z7`}=^}Pr0W{#3z@9BT?q$u|4kF<o$(bz4REBgWN3LLD6>V@`WLd`0H3Fti
zG!#VBWCqWk<lle!1Hco&Bft!h^=0H!1yI`c8-cwWx9#fK_|<O`444d$#~F(y$Q3Lk
zNvdp6_H)40Sr`p+w)+TO2VXb|`~o;EfaE>d_*4Ltg5Lq``~H0o8SU*WnVd>8I5J7W
z7dX{GQ~+Wc8g^!i15Z6#0Dca<1f)bZ>Vi<_6TG77&)@UF!)jYw8|TiCGB`4c<G4t&
ze8EIevd_u@`2N;$Tu@EcuHU5eo;Y%w<Jf~hpNB?nt(s68$dC%$1ibiz2Od^iT3a~P
z`w_83dhYJZGDwh$$B9pjl8nd6XEW%!fu`%_fP6qublSh%LC<?#TY+Q1SR+MUk3x!&
z!mb_nJ=D>@aup|g21%qdRp}BN8^JE*`N{5`?7V$53!@P}=;`NA`(Nkm`SCfR@lh)^
zKEUgL{rzcR7cdDVMNQcA&44V_=2siH?b^A1!%g&_A0?hhSEY;VI>g7vdHmrAx%0cX
z5)KAX6osXWo4Iw<I*xXqWjd8912Fq}Sw@y+R3k(%7-|_EI1>bp3RNmrqmo=l>sJ7K
zHg4Li^;SfVPIB}qb&6{6t~-}=Ula~$fL#$Dh3diCNKrW+=$%dY|04Xg%2fG*;Z
z<^w<h?%%re$Ap3b&W}u1{-+)wvMghS!{qXXicVK8Uor=DB@0KJ*>LL}0QUf4L1SgU
z05st4tFK+h$aoyfDppn%ACSm`MLhGjH!3<k{C>|YU1|Z*43nnTHbi?81_B};sgW8e
z?f&g+*59&w-G-a#JwJx+xDCtXhke5w?e4+QH5N5R$QLZ0JJ87s|L7|BA$VVDQ|zLJ
zYg=Y~?4ur_7s!cvD60dt27t{guiZduCOh|p^&LjVqD5|I2FtRri$!e5W~jf9*Wc_y
za$RIqrR}N}sH$3<KEf}Ogb@hR(zc4T-T&PP{7Ym&5o+Yt10VzImn^-qOfoC|Lx9PV
zVV1ToV%xTxS+$~#Wmhz_xOpMbNRVK_L{n9gGZ`NE^*+*>T-_Rw09`i;1S0@f17@{C
zR%_^gdn6hqK0G;_;%Y5|qNx1w(LF40TT)e%qoE+Wrq&N$n5yd+4n|lef>$e1Uapb>
z31~JAgM6V_m-}WYL?&0RJcGj%?A`YgCq6s}z?(-uU^<m4<Gox1fGjKEx&RAA@alXr
zAOnV?s93ghK{0&1_gZu7Vm{~{qP4k+cTe^6+Tjzt(Rr9PS1seGKl&cF?XdsV|J7~o
zycq_!6sqRAJk3!dwZ=)DcU{-OA9xiYPrv*Y&%Dx!BuV6RIr8~D58k^INs<^GnP4KG
zY^Z=gR-vK*f>nVjrE6-{a{wS#C=^iqdR<4uB}pQcNYJr%6&tQ!1Hj0{RDIt2{MuFl
zRZ$VWkiVsN>m6hc(4S7HF?6*u_p1PL9f!=!40nEK%dE43;mL-0@AX^AXG&3y)Vlmv
z0#It2y2nO`2pGoP0`r3L0m){wgo7qqH+9T9oJ!4<1y}PR6qe6r$Ys)qL#$Y>wXT){
z8#vU{{SJ|Eu;z~WyUBbm$EL4bhpuU}&T{!;O}h926|Fpl><pv*rvTpfT=?xqGvENP
zo_yzxn5M}M@qU)Ow#^OKtuAvIF!hFbU$RUhj;d;$d9N!W?#ZR8MMD`V4WBIF#etra
z1WmmnT`C#CmzK4bIb7PZpf>kCer>BjYI>67^aQ|Lq6hL$E8IpiU;$4ad~PpIk-!|f
zR0Cp~CaPMl&TUIt>NkM`NMdRnMb$WT;Aw!DedCsfYrqvBI0rm&=Dq)5=-OQFSLi0A
zO-=L;jFdUMa`D27+4BQRCt_rh(@YHY0qh3`fV2ld!#A=Ljq<=FoqzxH$>L0`CIw1B
zOvB*NyJxV9#aU-dS{8iV2UW>lE|X$<YzWu2Ir`fEK470X1Ja&5v3oIN6$v=|;qkY3
zT)W{GMN*BrT+Uk#gCj9kw6&sZDsLV=#rvnvSLJ;!lVW11A6Zd2`0QgA@Eei+7?2Pd
zs0g6ZsYDdGL(`4NZ~NgMj7W21U1gQF!`t(u6EUX7K0=li{`ve~Y%Bj;(f^Nq(y4@>
zQhknX51u~WxwWnR8bvq5^)Dz@=pqZXnI0b|86U@S91cGFnB_Y5@5JPK5{QclU7=d=
z^9A6DiP^E<6GyHOhC(f>5k%8;R8?zOCX0nUsi|>dBZD}0k;&l!I$wFJPtc~z6MRxg
zsQpO>TmJE40Ehrhz|Vl)H*LR*g^SxT%n)WEgl3qinuaVZxVSiWk)l<gkjs+KrYU4I
zD5^qgYLd=Z_LbCTpWylwFg>5y=*3K@4Kb^Uin+}_!1mSazSeZb@-+m45hPj0bsVG%
zMS!BH7v2f7X@>hwar*e%32{ihETl3i03<)F>2#&{fq(!K7PcAKDDJS!#7#;Q`kfSA
zWv}RM4vQVm2$@WO9`6H{UTAcYk$^B${A~EHfTbELilWSUT7>N9`9f3ejZE{H?z_W!
z?-)f7h)ecHR%rkrdBDh?F`yrS>j~CB|93AofG_kr@#S@?*Z%?BoK~b<njo|Q0000<
KMNUMnLSTY}%T2!k
diff --git a/docs/icons/up.png b/docs/icons/up.png
deleted file mode 100755
index 85b3e2a2755fece72d0d09fbf1cf28d51fa71077..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 406
zcmeAS@N?(olHy`uVBq!ia0vp^5+KaM1|%Pp+x`GjY)RhkE)4%caKYZ?lYt_f1s;*b
z3=G^tAk28_ZrvZCAbW|YuPgf{4tZ81y*aK8HyIchl|5Y?Ln`LHoowrM#DT$We|~2y
zm!kHPIYzBV#iFCm$l5qa=|7aUX_&jTHR3kct+f-3dJW1pZtj?HsP%l7!S0-YWnmjW
zI3~>Cd4HCN^TYHBC0dz3r5|}*T3c5!K}0^NPTey!^rYo;W&eW{b1SE%dR-1ljcju-
zJITo5P_e{cPDWDszO|97o#m$fni3V4d%~7^?0HU4-k!+X`e~w55Q}HA=c?CM9`EK`
z^o5GF_RsnG`ey+9wOf8O4bzg>7W<vEH1&PFe460NtxLEWt}{HFJO2hpk73;owgT5r
zscZ}??>*;jU~M?g`OZAA$mNp|Lz<$s+~N9!2`ir8RcClo$(Q~19INM~9}j;&*|enC
yGd}kJak0wj?aUKd8;%}`i}SSew>!A-2iw}^5}Rh(M>+vRkipZ{&t;ucLK6U4uc96R
diff --git a/docs/icons/warning.png b/docs/icons/warning.png
deleted file mode 100755
index 3c8a37df51861ef31171987ef06c59fffa044f61..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 3249
zcmV;i3{LZjP)<h;3K|Lk000e1NJLTq001xm001xu1^@s6R|5Hm00006VoOIv0RI60
z0RN!9r;`8x3}#70K~#9!)tY;7RaKV8f9Kp6klZ97ukeylG<4fAjJ9oqjfj9KS{fk)
z7%2oTplLJKw6^68U;yn_svYDdjKQ%-nVLaBV5GzmC`|~E=^6-$jM!~R=#WH0NJ4IM
zbMHC#JocVHa+A(|B{xX_F{f%(QgwFr`M$N*{?^)i2mYTw%J=v?1yFCoTr&JqgnyTR
zX#z@VY3Z^}n>M{~+cvgscc75+hR{144(_?<p4VS_<(17qJ7D#dM4!NymzO{L{PWMt
z3l}cP&PNE*quI8d(CX^y<kL?-EmyBzy%iV^xW7j<dk4Q_#R_@l%9Wb}-nMONS(dD=
zt(8lbERk#0tl0)+{v}8#g@uJH^YZe#z;_3!>$=o5Ey9AqV3(PuDNWOi3%<MM=H~X9
zgp#D^m+joS^ZkN?f{1)K41+)*Kx1PgrfGKlfyd*)>2yX+qN*wb1`O!R`}Fj5gb=9e
zpLL+VzMhv~ewndj$G)?1<Hk3DX29%eO(;ote#M?Wd)_T5D2Q07nx@gv(7>hR$I(}=
z>~l!R=I1j$KR;HIq-5E$Wn^V#ZGQFDSKsQ5grhg`2M!!~cjwNX5#WQtAWcn8l<(e+
zc<H4Zk~QCn6IhDE;Azt$zyoAwXR~F?mdT43FIEc+3(J5|SZ0$ZpcEDsuGqVG@4Gv8
z?1=GvV`C%de)l^Z8#Z(acXt7oNm|Q^6PT*X;Hgt%0OaQ8QczGZIVUH_SyWVXE)j`%
z1eBvkkN*7N!Gr(2W5<q&7n-I~U0ux|_U=Vlzdm7A>Wle`iZBg>ArCziGuPa?bJ@Ce
z>ra<1UCI|<d{G{cL^J_q_wL=lEG{nIwr$(Ch!??NkSkZNP<ikm*4niR0aXJVfCAv7
zZ~~_RDS$Hp;g-{<F{NbagAc~6huqv;wr<@zW#PhwJw^gRIdbI4^Dn&cLX4IN0s&c3
zQ6UelTPHt;7~2l=p|E9ve0%Lm*;sQ?`kEW$hudD4!$D2~IRoT!kpB+yKpZ=_W{osW
zQyPX5WAo?Fmv6rL=08PCY-a?N0|yS|6%`e2-@JKq+_d@QM;~Es*bu||Pr&QI2SuMT
z;nA7A^YJJA;uov9bK-s2rirDsFz${~{Br9S=DqYQ&RZH^o-Jd1oQSlXJc-fX&ahdt
zV!ktF$`p3(+BGFQog4s%4jqaMJ{SyATU$%jp+jh4$%{^z-N2{irx<tFy$l&TjKLm*
zvA5kx=E%|Lt@T{HT8)95Nk5rNsyB_F-1|2amH!vM>J~=DSvM`e|2?K@GHm+v2rOQ&
zm-+MOvw8F8DT@{@a)i^#Pyya}<BjcGwrq*<d}U=Nm-g?cea#wVIPtn$r|Nk6ry?wa
zkiUt+1Jh7!4IxZyOGlLoZl@Dfbz&PD?JbSmJ$W)80_%V}z>b>t;>L}9wRUa9TIf{5
zO`A4x?AWot2W|yYRDdyK#zcTO41=1Q8ooPx7+-#V4De2~!z2_%5(@gzeOEC8K9Ckj
z2|}PM3X13$X#{<IQ+}Es+&zP;hVR&U<N)sgSE71p2~_^}w|uo`O-z?Nbm&l0Qc?g$
z0bVsa*DTATva*t@y?bfN&reDU9jXGtMhY7#LP%kEOAZ@hnMff(+BiKa{P@19xZM5u
z;e@|t`QJT<KRhzpK^1Sk#aFMrmZ%n{0PeU1oK7dr>(?jre0Pfovyj-9fo)kJ1xSHy
zTL{^?XMld5{y3D5aeB~CKndYbFt-FMe)Ah#E>}DPDxj#*y4zi!lOfO%1*KyuhXd8^
z>DXRLiERmNA+T+`D~~T;C`AYxVQ2)~nrZVjB<-Yl8z*O?7orcHpRgsm7C@jfe8lZI
z6esnUtFVlA+WZ<0)rqhzgjBFBtAn((k-|g>8#O_vCVK%-)SkB2mLOpSq(E3E4o@m0
zZv7#tgNEbx`>~{x)PbXLIGxm0UBEVVT&@8qC@4y&LmWv(Akmi9nTSAi1Wcd>2!vTX
z!X>dIGzw`$MlsOgV&v^AimHO5bgT*6M%UVDX}CgDb2GN;L?FSo5K<t7ffDC?$#%6#
z6Zmgn=C9WwZyCt7=4Q%|9p!ZK|4;`QT06qZ087K+@_@sIs=82B6^Fxv)8)eB8Gzr{
z#PE@Sh30R?<8dLRh=_Ji>60{p&czlz!C_#-Q*#+Sax_v(+7~Y3<bQt5x?kn<ZP{sl
zbkF_t>)#*ufHV}R8;8S2b-Ga<3Jz5Tx102VgPHu`Y_zsUg1%PFkWSFoNNS?)tgi&R
z=UMcGqkt<lm&q7D0+-W?_m)g%ELuX=9k=n`&c(oM+;-<g1`ZpICnW=^N^HwUqTo>6
zsHy|S?WTX)KwK^ddf+;(tu25SQPq1rM2cDqYELTE-6jL|*BY?&0KyC*gn_eP3L}4f
zKYyF|uT=iwD~=xeH+)SEgtTC|n28SY2NXp?K?NyM5U7fZ5E7wwmb*wxRBMt}p=hNU
z4{Us9IrVilm>~^mn<&!4-7l4_yQlL=&I-I4gZN<Qdd?PqPMhyKLfA+ty37_9wiyif
zNd|f-h!Ol#uZq``3dImm6eUJR1>gei1&;08hp7dzO#^9LAPiid{tOy9p8IEJle;*N
zTW`OEc3(5Wc0W=|gb*FY%QBI+iDiT^bPZh#g57)3?CFUi;C8!FRW<HJcK{!5dWW;8
zPNHi8Y%7Em76=o!+r`ka6B#^W90O9)NKH${se-UNdL!F15g|X8siOt_w6?a;+R}v3
z=_+K2tWN}_lw@RNFmm?nxSq%X@|XUci+{X;ZHADRiIg@73sn)M-ZBzz+8|sm7mCuc
z25iefgaVkRfuRM_g8|xnJ~Y3dp-M+rmdN{)^74`=(3xi$85#Waz4yqRIWxu^slYT~
z>EjEjyHr6a*cSG(3ATYMblm+txIO)FI8+cO(rCxf+cC5NdeBevwFZ3G8<0i-qarbZ
z3C}&p{adyW3Wa)Bq3#=o&Qr9^%uMbpC?IpjjF^c>0E>W}ho0h_^Jg*IeORFY!Ztd3
z94R|gM@nofL`V;y>j47(>onAV$JP28Y%|Egf_E{mcMynn)VRkUWBRULU2C#C`0l59
zPJp(ywz%OLGiD6z+QpgW%enmJml5wWfLtJN-U<c}f?c0|N?Q6LoNjlxMNqJ98^bWr
zwIF)HPh(>pE!XN%Y@K~Owqaa`ar{|EJD*8QmN4ss50Fw~7)FG16-7Y^(Iu1)fJ>Jy
zy<b*V_Ts{Y3uD%U*Xt#9+B90vpQp9DI$~k<1AYWJH2BAV`45H+@i1!CNQ7+@^taL0
zavgtb3&GYV+M2K8yLK7Pf1Q1=6yUtxp=!~ce%51;F=yYtxZta*s+c!#9;Z&7S_{+w
zb)E4^1;%D)XaDd1{rlr;ZcR-MCC@%fZE<njn$Zy68hXdVzG~2-#`FV5hoyKxxU##W
z#*Babak38|MoJlx_W<qf?PO<XQ&Lj$DsU0F08}g8)<P<9>l05raen*u?PO+V#sICW
ztK-Bo&+y&JlQ;d2Yy6x!JoV|P2q7>GBL@5<k37P;bLTq2e*;_w0*-FYp9yH+e*5j7
zs;a703l=Ph`Iy)1C1d(@+RDmksj2DnF=C=k%lJnhW$uw905P7gs;VL<Cnqj=z;;B<
zWdd47Ma7=7va(eVJn#TsuQx&g($mxNPMb#SxpVkxYx`7m;%$`1&z{Y^&prb{*Y$|8
zm6esOT)C1nXU@b0AMb25f<$Fy<*KZ#EQSpm7O6lP84R2;1Al2LEw!~be7O6AS+kh`
z`R572FI~EnGiT1M2CCwLPjosRLE`GwtE;9?o!S+N&L=G`jnUcJ_)1D>iW7<6EbC`K
zV?kJ&qrsPyl#rK~*O@j6!IMOrkp@h7^2sOV@#Dv3C=}{4UDvy;w~M@<F8I3Nr3HgQ
zSzKH!Crz3pfwjN_U_uy&qfcAPusXH_mp}RBlZjHw^8i!hTt;-iA4}%GIMJB1XV3ED
zi!V}MUcMT*l#J&cNvydpb<%Zxm2KPHb=O^e0+!7C!-o%(pPx@@X=$I*#+gJabwy(T
z{{0hOF4uXd)5)AUb8ZTFMNud$EadIC-=?&*G-=P@$iEtN6}yKYe)#;gYuC^;?Ryt8
zkH>=$g0H{+`X9m<JbhZQeZ39uBryiK4M^`iqx_ycY@jvl{hGe0&5e9m4YxDt;TA`^
j2?PY7he-tca?0|5+R4bmy*%S@00000NkvXXu0mjfi#s=4
diff --git a/docs/simplesamlphp-bridge.html b/docs/simplesamlphp-bridge.html
deleted file mode 100644
index aeb3faf9c..000000000
--- a/docs/simplesamlphp-bridge.html
+++ /dev/null
@@ -1,15 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Using simpleSAMLphp as a SAML bridge</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.69.1" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id721994"></a>Using simpleSAMLphp as a SAML bridge</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Andreas Ã…kre</span> <span class="surname">Solberg</span></h3><code class="email"><<a href="mailto:andreas.solberg@uninett.no">andreas.solberg@uninett.no</a>></code></div></div><div><p class="pubdate">Sun Oct 21 13:48:37 2007</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id856632">Setting up WebSSO bridges</a></span></dt><dd><dl><dt><span class="section"><a href="#id856643">Bridging SAML 2.0 <-> SAML 2.0</a></span></dt><dt><span class="section"><a href="#id856690">Bridging Shibboleth 1.3 <-> Shibboleth 1.3</a></span></dt><dt><span class="section"><a href="#id856701">Bridging Shibboleth 1.3 <-> SAML 2.0</a></span></dt><dt><span class="section"><a href="#id856712">Bridging SAML 2.0 <-> Shibboleth 1.3</a></span></dt><dt><span class="section"><a href="#id856721">Bridging SAML 2.0 <-> OpenID</a></span></dt><dt><span class="section"><a href="#id856731">Bridging Shibboelth 1.3 <-> OpenID</a></span></dt></dl></dd><dt><span class="section"><a href="#id856743">Support</a></span></dt></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856632"></a>Setting up WebSSO bridges</h2></div></div></div><p>simpleSAMLphp can be used to bridge between two WebSSO protocols.
- Here is some short descriptions of how to setup the different bridge
- configurations.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856643"></a>Bridging SAML 2.0 <-> SAML 2.0</h3></div></div></div><p>In this setup you can bridge between two federations using SAML
- 2.0.</p><p>To approach this, you must configure both saml 2.0 IdP and SP
- hosted metadata, and in the IdP hosted metadata configure the auth
- parameter to be the SP initialization endpoint, like this:</p><pre class="screen"> 'auth' => 'saml2/sp/initSSO.php?idpentityid=sam.feide.no'</pre><p>As you can see you specify the IdP in the remote federation as a
- parameter to the initalization endpoint.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>This section of the documentation is only a placeholder. There
- will be more detailed information added later. For now, ask the author
- if you want more details of such a setup.</p><p>Briding SAML 2.0 SLO is not implemented. Will be improved
- soon.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856690"></a>Bridging Shibboleth 1.3 <-> Shibboleth 1.3</h3></div></div></div><p>Documentation will be added.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856701"></a>Bridging Shibboleth 1.3 <-> SAML 2.0</h3></div></div></div><p>Documentation will be added.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856712"></a>Bridging SAML 2.0 <-> Shibboleth 1.3</h3></div></div></div><p>Documentation will be added.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856721"></a>Bridging SAML 2.0 <-> OpenID</h3></div></div></div><p>Documentation will be added.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856731"></a>Bridging Shibboelth 1.3 <-> OpenID</h3></div></div></div><p>Documentation will be added.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856743"></a>Support</h2></div></div></div><p>If you have problems to get this work, or want to discuss
- simpleSAMLphp with other users of the software you are lucky! Around
- simpleSAMLphp there is a great Open source community, and you are welcome
- to join! Both for asking question, answer other questions, request
- improvements or contribute with code or plugins of your own.</p><p>Visit the project page of simpleSAMLphp at: <a href="http://code.google.com/p/simplesamlphp/" target="_top">http://code.google.com/p/simplesamlphp/</a></p><p>And please join the mailinglist: <a href="???" target="_top">https://postlister.uninett.no/sympa/subscribe/simplesaml</a></p></div></div></body></html>
diff --git a/docs/simplesamlphp-googleapps.html b/docs/simplesamlphp-googleapps.html
deleted file mode 100644
index 6c1520ba9..000000000
--- a/docs/simplesamlphp-googleapps.html
+++ /dev/null
@@ -1,123 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Setting up a simpleSAMLphp SAML 2.0 IdP to use with Google Apps for
- Education</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.69.1" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id721994"></a>Setting up a simpleSAMLphp SAML 2.0 IdP to use with Google Apps for
- Education</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Andreas Ã…kre</span> <span class="surname">Solberg</span></h3><code class="email"><<a href="mailto:andreas.solberg@uninett.no">andreas.solberg@uninett.no</a>></code></div></div><div><p class="pubdate">Sun Oct 21 13:51:26 2007</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id856634">Introduction</a></span></dt><dt><span class="section"><a href="#id856660">Setting up a SSL signing certificate</a></span></dt><dt><span class="section"><a href="#sect.authmodule">Authentication modules</a></span></dt><dd><dl><dt><span class="section"><a href="#id856829">Configuring the LDAP authentication module</a></span></dt><dt><span class="section"><a href="#id856898">Configuring the multi-LDAP authenticaiton module</a></span></dt></dl></dd><dt><span class="section"><a href="#id856923">Configuring metadata for an SAML 2.0 IdP</a></span></dt><dd><dl><dt><span class="section"><a href="#id856944">Configuring SAML 2.0 IdP Hosted metadata</a></span></dt><dt><span class="section"><a href="#id857092">Configuring SAML 2.0 SP Remote metadata</a></span></dt></dl></dd><dt><span class="section"><a href="#id857145">Configure Google Apps for education</a></span></dt><dd><dl><dt><span class="section"><a href="#id857301">Add a user in Google Apps that is also in the IdP</a></span></dt></dl></dd><dt><span class="section"><a href="#id857317">Test to login to Google Apps for education</a></span></dt><dt><span class="section"><a href="#id857341">Security Considerations</a></span></dt><dt><span class="section"><a href="#id857358">Support</a></span></dt></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856634"></a>Introduction</h2></div></div></div><p>This article assumes that you have already read the simpleSAMLphp
- installation manual, and installed a version of simpleSAMLphp at your
- server.</p><p>In this example we will setup this server as an IdP for Google Apps
- for Education:</p><div class="literallayout"><p>dev2.andreas.feide.no</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856660"></a>Setting up a SSL signing certificate</h2></div></div></div><p>For test purposes, you can skip this section, and use the included
- certificate.</p><p>For a production system, uou must generate a new certificate for
- your IdP.</p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>There is a certificate that follows this package that you can use
- for test purposes, but off course <span class="emphasis"><em>NEVER</em></span> use this in
- production as the private key is also included in the package and can be
- downloaded by anyone.</p></div><p>Here is an examples of openssl commands to generate a new key and a
- selfsigned certificate to use for signing SAML messages:</p><pre class="screen">openssl genrsa -des3 -out googleappsidp.key 1024
-openssl rsa -in googleappsidp.key -out googleappsidp.pem
-openssl req -new -key googleappsidp.key -out googleappsidp.csr
-openssl x509 -req -days 1095 -in googleappsidp.csr -signkey googleappsidp.key -out googleappsidp.crt</pre><p>The certificate above will be valid for 1095 days (3 years).</p><p>Here is an example of what can be typed in when creating a
- certificate request:</p><pre class="screen">Country Name (2 letter code) [AU]:NO
-State or Province Name (full name) [Some-State]:Trondheim
-Locality Name (eg, city) []:Trondheim
-Organization Name (eg, company) [Internet Widgits Pty Ltd]:UNINETT
-Organizational Unit Name (eg, section) []:
-Common Name (eg, YOUR name) []:dev2.andreas.feide.no
-Email Address []:
-
-Please enter the following 'extra' attributes
-to be sent with your certificate request
-A challenge password []:
-An optional company name []:</pre><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>simpleSAMLphp will only work with RSA and not DSA
- certificates.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="sect.authmodule"></a>Authentication modules</h2></div></div></div><p>You will need to connect the IdP to your existing user storage. For
- different technologies of user storage, there are different authentication
- modules.</p><p>In the <code class="filename">www/auth</code> directory, you see multiple
- files, each representing an authentication module. In the IdP hosted
- metadata configuration you specify which authentication module that should
- be used for that specific IdP. You can implement your own authentication
- module, see the IdP documentation.</p><p>These authentication modules are included:</p><div class="glosslist"><dl><dt>auth/login.php</dt><dd><p>This is the standard LDAP backend authentication module, it
- uses LDAP configuration from the config.php file.</p></dd><dt>auth/login-ldapmulti.php</dt><dd><p>This authentication module lets you connect to multiple LDAPS
- depending on what organization the user selects in the login
- form.</p></dd><dt>auth/login-radius.php</dt><dd><p>This authentication module will authenticate users against an
- RADIUS server instead of LDAP.</p></dd><dt>auth/login-auto.php</dt><dd><p>This module will automatically login the user with some test
- details. You can use this to test the IdP functionality if you do
- not have</p><p>This module is not completed yet. Work in progress.</p></dd></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856829"></a>Configuring the LDAP authentication module</h3></div></div></div><p>The LDAP module is <code class="filename">auth/login.php</code>.</p><p>If you want to perform local authentication on this server, and
- you want to use the LDAP authenticaiton plugin, then you need to
- configure the following parameters in
- <code class="filename">config.php</code>:</p><div class="itemizedlist"><ul type="disc"><li><p><code class="literal">auth.ldap.dnpattern</code>: What DN should you
- bind to? Replacing %username% with the username the user types
- in.</p></li><li><p><code class="literal">auth.ldap.hostname</code>: The hostname of the
- LDAP server</p></li><li><p><code class="literal">auth.ldap.attributes</code>: Search parameter to
- LDAP. What attributes should be extracted?
- <code class="literal">objectclass=*</code> gives you all.</p></li></ul></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856898"></a>Configuring the multi-LDAP authenticaiton module</h3></div></div></div><p>The module is
- <code class="filename">auth/login-ldapmulti.php</code>.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Documentation will be added later. For now, contact the
- author.</p></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856923"></a>Configuring metadata for an SAML 2.0 IdP</h2></div></div></div><p>If you want to setup a SAML 2.0 IdP for Google Apps, you need to
- configure two metadata files: <code class="filename">saml20-idp-hosted.php</code>
- and <code class="filename">saml20-sp-remote.php</code>.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856944"></a>Configuring SAML 2.0 IdP Hosted metadata</h3></div></div></div><p>This is the configuration of the IdP itself. Here is some example
- config:</p><pre class="programlisting"> // The SAML entity ID is the index of this config.
- 'dev2.andreas.feide.no' => array(
-
- // The hostname of the server (VHOST) that this SAML entity will use.
- 'host' => 'sp.example.org',
-
- // X.509 key and certificate. Relative to the cert directory.
- 'privatekey' => 'googleappsidp.pem',
- 'certificate' => 'googleappsidp.crt',
-
- /* If base64attributes is set to true, then all attributes will be base64 encoded. Make sure
- * that you set the SP to have the same value for this.
- */
- 'base64attributes' => false,
-
- // Authentication plugin to use. login.php is the default one that uses LDAP.
- 'auth' => 'auth/login.php'
- )</pre><p>Here are some details of each of the parameters:</p><div class="glosslist"><dl><dt>index (index of array)</dt><dd><p>The entity ID of the IdP. In this example this value is set
- to: <code class="literal">dev2.andreas.feide.no</code>.</p></dd><dt>host</dt><dd><p>The hostname of the server running this IdP, in this case:
- <code class="literal">dev2.andreas.feide.no</code>.</p></dd><dt>privatekey</dt><dd><p>Pointing to the private key in PEM format, in the certs
- directory. Remeber we created the <code class="literal">googleappsidp</code>
- key?</p></dd><dt>certificate</dt><dd><p>Pointing to the certificate file in PEM format, in the certs
- directory. Remeber we created the <code class="literal">googleappsidp</code>
- key?</p></dd><dt>base64attributes</dt><dd><p>Google Apps do not want us to base64encode any attributes,
- so we set it to <code class="literal">false</code>.</p></dd><dt>auth</dt><dd><p>Which authentication module to use? Default is:
- <code class="filename">auth/login.php</code> which is the LDAP
- authentication module. See the <a href="#sect.authmodule" title="Authentication modules">the section called “Authentication modulesâ€</a>
- for more information on the authentication modules.</p></dd></dl></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id857092"></a>Configuring SAML 2.0 SP Remote metadata</h3></div></div></div><p>In the (saml20-sp-remote.php) file we will configure an entry for
- Google Apps for education. There is already an entry for Google Apps in
- the template, but we will change the domain name:</p><pre class="programlisting"> /*
- * This example shows an example config that works with Google Apps for education.
- * What is important is that you have an attribute in your IdP that maps to the local part of the email address
- * at Google Apps. In example, if your google account is foo.com, and you have a user that has an email john@foo.com, then you
- * must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
- */
- 'google.com' => array(
- 'AssertionConsumerService' => 'https://www.google.com/a/g.feide.no/acs',
- 'spNameQualifier' => 'google.com',
- 'ForceAuthn' => 'false',
- 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:email',
- 'simplesaml.nameidattribute' => 'uid',
- 'simplesaml.attributes' => false
- ),</pre><p>You also need to map some attribute from the IdP into the email
- field sent to Google Apps. The attributes comes from the authentication
- module, and in this example we have an LDAP that returns the uid
- attribute. The uid attribute contains the local part of </p><p>What you need to do is modify the
- <code class="literal">AssertionConsumerService</code> to include your Google Apps
- domain name instead of <code class="literal">g.feide.no</code>.</p><p>To understand what the different parameters mean, see in the
- <a href="simplesamlphp-idp.html" target="_top">simpleSAMLphp IdP
- documentation</a>.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857145"></a>Configure Google Apps for education</h2></div></div></div><p>Now, we are ready to configure Google Apps to use our IdP. We start
- by logging in to our Google Apps for education account panel. We then go
- to "Advanced tools":</p><div class="figure"><a id="id857158"></a><p class="title"><b>Figure 1. We go to advanced tools</b></p><div class="screenshot"><div class="mediaobject"><img src="resources/simplesamlphp-googleapps/googleapps-menu.png" alt="We go to advanced tools" /></div></div></div><p>Then we go to "Set up single sign-on (SSO)":</p><div class="figure"><a id="id857185"></a><p class="title"><b>Figure 2. We go to setup SSO</b></p><div class="screenshot"><div class="mediaobject"><img src="resources/simplesamlphp-googleapps/googleapps-sso.png" alt="We go to setup SSO" /></div></div></div><p>Then, we start off by uploading a certificate, and we upload the
- certificate we created in an earlier section, the googleappsidp.crt file:
- </p><div class="figure"><a id="id857213"></a><p class="title"><b>Figure 3. Uploading certificate</b></p><div class="screenshot"><div class="mediaobject"><img src="resources/simplesamlphp-googleapps/googleapps-cert.png" alt="Uploading certificate" /></div></div></div><p>Then we need to fill out the remaining fields:</p><p>The important field to fill out is the Sign-in page URL. Set it to
- something similar to:</p><div class="literallayout"><p>http://dev2.andreas.feide.no/simplesaml/saml2/idp/SSOService.php</p></div><p>but use the hostname of your IdP server.</p><p>The Sign-out page or change password url can be static pages on your
- server.</p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>Single Logout functionality with SAML 2.0 in simpleSAMlphp and
- Google Apps is not yet fully tested. We will do more testing about that,
- and then include a detailed descrition in this document.</p></div><p>The network mask, is which IP addresses that will be asked for SSO
- login. IP addresses that do not match this mask will be presented with the
- normal Google Apps login page.</p><div class="figure"><a id="id857278"></a><p class="title"><b>Figure 4. Fill out the remaining fields</b></p><div class="screenshot"><div class="mediaobject"><img src="resources/simplesamlphp-googleapps/googleapps-ssoconfig.png" alt="Fill out the remaining fields" /></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id857301"></a>Add a user in Google Apps that is also in the IdP</h3></div></div></div><p>Add a new user in Google Apps, before we can test login. This user
- needs to have the mail field to match the email prefix mapped from the
- attribute as described in the metadata section.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857317"></a>Test to login to Google Apps for education</h2></div></div></div><p>Go to the URL of your mail account for this domain, the URL is
- similar to the following:</p><div class="literallayout"><p>http://mail.google.com/a/yourgoogleappsdomain.com</p></div><p>but remember to replace with your own google apps domain
- name.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857341"></a>Security Considerations</h2></div></div></div><p>You should make sure that your IdP server runs on HTTPS (SSL). Check
- the Apache documentation if you need to know how to configure that.</p><p>And make sure you have switched away from the default certificate
- that follows the simpleSAMLphp distribution.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857358"></a>Support</h2></div></div></div><p>If you have problems to get this work, or want to discuss
- simpleSAMLphp with other users of the software you are lucky! Around
- simpleSAMLphp there is a great Open source community, and you are welcome
- to join! Both for asking question, answer other questions, request
- improvements or contribute with code or plugins of your own.</p><p>Visit the project page of simpleSAMLphp at: <a href="http://code.google.com/p/simplesamlphp/" target="_top">http://code.google.com/p/simplesamlphp/</a></p><p>And please join the mailinglist: <a href="???" target="_top">https://postlister.uninett.no/sympa/subscribe/simplesaml</a></p></div></div></body></html>
diff --git a/docs/simplesamlphp-idp.html b/docs/simplesamlphp-idp.html
deleted file mode 100644
index 7abad21e8..000000000
--- a/docs/simplesamlphp-idp.html
+++ /dev/null
@@ -1,107 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Using simpleSAMLphp as an identity provider</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.69.1" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id721993"></a>Using simpleSAMLphp as an identity provider</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Andreas Ã…kre</span> <span class="surname">Solberg</span></h3><code class="email"><<a href="mailto:andreas.solberg@uninett.no">andreas.solberg@uninett.no</a>></code></div></div><div><p class="pubdate">Sun Oct 21 13:49:41 2007</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id856631">Authentication modules</a></span></dt><dd><dl><dt><span class="section"><a href="#id856727">Configuring the LDAP authentication module</a></span></dt><dt><span class="section"><a href="#id856794">Configuring the multi-LDAP authenticaiton module</a></span></dt></dl></dd><dt><span class="section"><a href="#id856819">Setting up a SSL signing certificate</a></span></dt><dt><span class="section"><a href="#id856875">Configuring metadata for an SAML 2.0 IdP</a></span></dt><dd><dl><dt><span class="section"><a href="#id856896">Configuring SAML 2.0 IdP Hosted metadata</a></span></dt><dt><span class="section"><a href="#id857020">Configuring SAML 2.0 SP Remote metadata</a></span></dt></dl></dd><dt><span class="section"><a href="#id857152">Configuring metadata for a Shibboleth 1.3 IdP</a></span></dt><dt><span class="section"><a href="#id857176">Test IdP</a></span></dt><dt><span class="section"><a href="#id857198">Support</a></span></dt><dt><span class="appendix"><a href="#id857232">A. Writing your own authentication module</a></span></dt><dd><dl><dt><span class="section"><a href="#id857258">Authentication API</a></span></dt></dl></dd></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856631"></a>Authentication modules</h2></div></div></div><p>In the <code class="filename">www/auth</code> directory, you see multiple
- files, each representing an authentication module. In the IdP hosted
- metadata configuration you specify which authentication module that should
- be used for that specific IdP. You can implement your own authentication
- module, see ???.</p><p>These authentication modules are included:</p><div class="glosslist"><dl><dt>auth/login.php</dt><dd><p>This is the standard LDAP backend authentication module, it
- uses LDAP configuration from the config.php file.</p></dd><dt>auth/login-ldapmulti.php</dt><dd><p>This authentication module lets you connect to multiple LDAPS
- depending on what organization the user selects in the login
- form.</p></dd><dt>auth/login-radius.php</dt><dd><p>This authentication module will authenticate users against an
- RADIUS server instead of LDAP.</p></dd><dt>auth/login-auto.php</dt><dd><p>This module will automatically login the user with some test
- details. You can use this to test the IdP functionality if you do
- not have</p><p>This module is not completed yet. Work in progress.</p></dd></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856727"></a>Configuring the LDAP authentication module</h3></div></div></div><p>The LDAP module is <code class="filename">auth/login.php</code>.</p><p>If you want to perform local authentication on this server, and
- you want to use the LDAP authenticaiton plugin, then you need to
- configure the following parameters in
- <code class="filename">config.php</code>:</p><div class="itemizedlist"><ul type="disc"><li><p><code class="literal">auth.ldap.dnpattern</code>: What DN should you
- bind to? Replacing %username% with the username the user types
- in.</p></li><li><p><code class="literal">auth.ldap.hostname</code>: The hostname of the
- LDAP server</p></li><li><p><code class="literal">auth.ldap.attributes</code>: Search parameter to
- LDAP. What attributes should be extracted?
- <code class="literal">objectclass=*</code> gives you all.</p></li></ul></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856794"></a>Configuring the multi-LDAP authenticaiton module</h3></div></div></div><p>The module is
- <code class="filename">auth/login-ldapmulti.php</code>.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Documentation will be added later. For now, contact the
- author.</p></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856819"></a>Setting up a SSL signing certificate</h2></div></div></div><p>For test purposes, you can skip this section, and use the included
- certificate.</p><p>For a production system, uou must generate a new certificate for
- your IdP.</p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>There is a certificate that follows this package that you can use
- for test purposes, but off course <span class="emphasis"><em>NEVER</em></span> use this in
- production as the private key is also included in the package and can be
- downloaded by anyone.</p></div><p>Here is an examples of openssl commands to generate a new key and a
- selfsigned certificate to use for signing SAML messages:</p><pre class="screen">openssl genrsa -des3 -out server2.key 1024
-openssl rsa -in server2.key -out server2.pem
-openssl req -new -key server.key -out server2.csr
-openssl x509 -req -days 60 -in server2.csr -signkey server2.key -out server2.crt</pre><p>The certificate above will be valid for 60 days.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>simpleSAMLphp will only work with RSA and not DSA
- certificates.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856875"></a>Configuring metadata for an SAML 2.0 IdP</h2></div></div></div><p>If you want to setup a SAML 2.0 IdP you need to configure two
- metadata files: <code class="filename">saml20-idp-hosted.php</code> and
- <code class="filename">saml20-sp-remote.php</code>.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856896"></a>Configuring SAML 2.0 IdP Hosted metadata</h3></div></div></div><p>This is the configuration of the IdP itself. Here is some example
- config:</p><pre class="programlisting"> // The SAML entity ID is the index of this config.
- 'idp.example.org' => array(
-
- // The hostname of the server (VHOST) that this SAML entity will use.
- 'host' => 'sp.example.org',
-
- // X.509 key and certificate. Relative to the cert directory.
- 'privatekey' => 'server.pem',
- 'certificate' => 'server.crt',
-
- /* If base64attributes is set to true, then all attributes will be base64 encoded. Make sure
- * that you set the SP to have the same value for this.
- */
- 'base64attributes' => false,
-
- // Authentication plugin to use. login.php is the default one that uses LDAP.
- 'auth' => 'auth/login.php'
- )</pre><p>Here are some details of each of the parameters:</p><div class="glosslist"><dl><dt>index (index of array)</dt><dd><p>The entity ID of the IdP. In this example this value is set
- to: <code class="literal">idp.example.org</code>.</p></dd><dt>host</dt><dd><p>The hostname of the server running this IdP.</p></dd><dt>privatekey</dt><dd><p>Pointing to the private key in PEM format, in the certs
- directory.</p></dd><dt>certificate</dt><dd><p>Pointing to the certificate file in PEM format, in the certs
- directory.</p></dd><dt>base64attributes</dt><dd><p>Do you want to encode all attributes in base64? If so,
- remember to turn on the same option on the SP.</p></dd><dt>auth</dt><dd><p>Which authentication module to use? Default is:
- <code class="filename">auth/login.php</code> which is the LDAP
- authentication module.</p></dd></dl></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id857020"></a>Configuring SAML 2.0 SP Remote metadata</h3></div></div></div><p>Here (saml20-sp-remote.php) you configure all SPs that you trust.
- Here is an example:</p><pre class="programlisting"> /*
- * Example simpleSAMLphp SAML 2.0 SP
- */
- 'saml2sp.example.org' => array(
- 'AssertionConsumerService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/AssertionConsumerService.php',
- 'SingleLogoutService' => 'https://saml2sp.example.org/simplesaml/saml2/sp/SingleLogoutService.php',
- 'spNameQualifier' => 'dev.andreas.feide.no',
- 'ForceAuthn' => 'false',
- 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
- 'simplesaml.attributes' => true
- ),</pre><p>Here are some details about each of the parameters:;</p><div class="glosslist"><dl><dt>index (index of array)</dt><dd><p>The entity ID of the given SP. Here it is:
- <code class="literal">saml2sp.example.org</code>.</p></dd><dt>AssertionConsumerService</dt><dd><p>The URL of this SAML 2.0 endpoint. Ask the SP if you are
- unsure. If the SP sent you SAML 2.0 metadata, you can find the
- parameter in there.</p></dd><dt>SingleLogoutService</dt><dd><p>The URL of this SAML 2.0 endpoint. Ask the SP if you are
- unsure. If the SP sent you SAML 2.0 metadata, you can find the
- parameter in there.</p></dd><dt>spNameQualifier</dt><dd><p>The SP NameQualifier for this SP. If unsure, set it to the
- same as the entityID.</p></dd><dt>ForceAuthn</dt><dd><p>This basicly means you turn off SSO for this SP.</p></dd><dt>NameIDFormat</dt><dd><p>Set it to the default: transient.</p></dd><dt>simplesaml.attributes</dt><dd><p>Set to true to include attribtues, if not no attribute
- statements will be sent.</p></dd></dl></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857152"></a>Configuring metadata for a Shibboleth 1.3 IdP</h2></div></div></div><p>You need to configure the <code class="filename">shib13-idp-hosted.php</code>
- metadata, as well as the list of trusted SPs in the
- <code class="filename">shib13-sp-remote-php</code> metadata. This configuration is
- very similar to the SAML 2.0 metadata mentioned in the previous section,
- so go look there for now.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857176"></a>Test IdP</h2></div></div></div><p>To test the IdP, it is best to configure two hosts with
- simpleSAMLphp, and use the SP demo example to test the IdP.</p><div class="tip" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Tip</h3><p>To make the initial test up and running with minimal hassle, use
- the login-auto if you do not want to setup a user storage, and use the
- included cert so you do not need to create a new certificate.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857198"></a>Support</h2></div></div></div><p>If you have problems to get this work, or want to discuss
- simpleSAMLphp with other users of the software you are lucky! Around
- simpleSAMLphp there is a great Open source community, and you are welcome
- to join! Both for asking question, answer other questions, request
- improvements or contribute with code or plugins of your own.</p><p>Visit the project page of simpleSAMLphp at: <a href="http://code.google.com/p/simplesamlphp/" target="_top">http://code.google.com/p/simplesamlphp/</a></p><p>And please join the mailinglist: <a href="???" target="_top">https://postlister.uninett.no/sympa/subscribe/simplesaml</a></p></div><div class="appendix" lang="en" xml:lang="en"><h2 class="title" style="clear: both"><a id="id857232"></a>A. Writing your own authentication module</h2><p>You can write your own authentication module. Just copy one of the
- files in the www/auth directory and play with it, then configure an IdP to
- use that module with the auth parameter in the metadata. The file must
- support incoming URL parameters, massage the session object with login
- state information and return to the RelayState, and that is all you need
- to do!</p><div class="tip" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Tip</h3><p>Instead of changing the code of the builtin authentication module,
- copy it into a new file and edit that. That way, your module will not be
- replaced or in conflict when you upgrade simpleSAMLphp to a newer
- version.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id857258"></a>Authentication API</h3></div></div></div><p>The authentication plugin should be placed in the auth
- directory.</p><p>The following parameters must be accepted in the incomming
- URL:</p><div class="itemizedlist"><ul type="disc"><li><p><code class="literal">RelayState</code>: This is the URL that the user
- should be sent back to after authentication within the
- plugin.</p></li><li><p><code class="literal">RequestID</code>: This is the ID of an incomming
- request.</p></li></ul></div><p>The initSSO.php takes in addition the following parameters:</p><div class="itemizedlist"><ul type="disc"><li><p><code class="literal">idpentityid</code>: This is the entityid of the
- IdP to authenticate with. This parameter is optional, if not set the
- default for this host will be used.</p></li><li><p><code class="literal">spentityid</code>: This is which SP config to use.
- This parameter is optional, if not set the default for this host
- will be used.</p></li></ul></div><p>In hosted IdP metadata there is a config parameter auth that will
- tell simpleSAML which authentication plugin that can be used.</p><div class="tip" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Tip</h3><p>The authentication API is pretty basic. The easiest way to
- understand how it works is to look at one of the existing plugins that
- is located in the auth directory of your installation.</p></div></div></div></div></body></html>
diff --git a/docs/simplesamlphp-install.html b/docs/simplesamlphp-install.html
deleted file mode 100644
index d9409e3ad..000000000
--- a/docs/simplesamlphp-install.html
+++ /dev/null
@@ -1,92 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>simpleSAMLphp Installation and Configuration</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.69.1" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id721994"></a>simpleSAMLphp Installation and Configuration</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Andreas Ã…kre</span> <span class="surname">Solberg</span></h3><code class="email"><<a href="mailto:andreas.solberg@uninett.no">andreas.solberg@uninett.no</a>></code></div></div><div><p class="pubdate">Sun Oct 21 11:56:20 2007</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id856632">The history of simpleSAMLphp</a></span></dt><dd><dl><dt><span class="section"><a href="#id856684">Contributors</a></span></dt></dl></dd><dt><span class="section"><a href="#id856714">Changelog</a></span></dt><dd><dl><dt><span class="section"><a href="#id856725">Version 0.5</a></span></dt><dt><span class="section"><a href="#id856847">Version 0.4</a></span></dt></dl></dd><dt><span class="section"><a href="#id856961">News about simpleSAMLphp</a></span></dt><dt><span class="section"><a href="#id856990">Download and install simpleSAMLphp</a></span></dt><dd><dl><dt><span class="section"><a href="#id857010">Getting a working copy of simpleSAMLphp from subversion</a></span></dt></dl></dd><dt><span class="section"><a href="#id857049">Making configuration and metadata files</a></span></dt><dt><span class="section"><a href="#id857078">Configuring apache</a></span></dt><dt><span class="section"><a href="#id857177">The simpleSAMLphp installation webpage</a></span></dt><dt><span class="section"><a href="#id857241">Next steps</a></span></dt><dt><span class="appendix"><a href="#sect.altlocations">A. Installing simpleSAMLphp in alternative locations</a></span></dt></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856632"></a>The history of simpleSAMLphp</h2></div></div></div><p>simpleSAMLphp is an iteration of what was earlier referred to as
- lightbulb (<a href="https://opensso.dev.java.net/public/extensions/" target="_top">Sun OpenSSO
- Extensions</a>), written by <a href="http://blogs.sun.com/superpat/" target="_top">Pat Patterson, Sun</a>. There are
- not much code left from lightbulb, but credits go to Pat for introducing a
- new way of thinking when it comes to implementing federation protocols in
- a simple and elegant way.</p><p>The simpleSAMLphp project is currently led by <a href="http://claimid.com/erlang" target="_top">Andreas Åkre Solberg</a>, <a href="http://uninett.no" target="_top">UNINETT</a>.</p><p>The product is used to bridge AAI protocols in the GÉANT project,
- <a href="http://geant2.net" target="_top">http://geant2.net</a>.</p><p>We have received a bunch of external contributions.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856684"></a>Contributors</h3></div></div></div><p>Thank you very much for your contributions to
- simpleSAMLphp:</p><div class="itemizedlist"><ul type="disc"><li><p>Lukas Hammerle, SWITCH, Switzerland</p></li><li><p>Stefan Winter, Restena, Luxemborg</p></li></ul></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856714"></a>Changelog</h2></div></div></div><p>Here is changes between simpleSAML versions. Look here if you are
- upgrading, to see if there are any changes to the config format.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856725"></a>Version 0.5</h3></div></div></div><p>Released 2007-10-15. Revision 28.</p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>Both <code class="filename">config.php</code> and metadata format is
- changed. Look at the templates to understand the new format.</p></div><div class="itemizedlist"><ul type="disc"><li><p>Documentation is updated!</p></li><li><p>Metadata files have been more tidy. Removed unused entries.
- Look at the new templates on how to change your existing
- metadata.</p></li><li><p>Support for sending metadata on mail to Feide. Automatically
- detecting if you have configured Feide as the default IdP.</p></li><li><p>Improved SAML 2.0 Metadata generation</p></li><li><p>Added support for Shibboleth 1.3 IdP functionality (beta,
- contact me if any problems)</p></li><li><p>Added RADIUS authentication backend</p></li><li><p>Added support for HTTP-Redirect debugging when enable
- <code class="literal">debug=true</code></p></li><li><p>SAML 2.0 SP example now contains a logout page.</p></li><li><p>Added new authentication backend with support for multiple
- LDAP based on which organization the user selects.</p></li><li><p>Added SAML 2.0 Discovery Service</p></li><li><p>Initial proof of concept implementation of "User consent on
- attribute release"</p></li><li><p>Fixed some minor bugs.</p></li></ul></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856847"></a>Version 0.4</h3></div></div></div><p>Released 2007-09-14. Revision X.</p><div class="itemizedlist"><ul type="disc"><li><p>Improved documentation</p></li><li><p>Authentication plugin API. Only LDAP authenticaiton plugin is
- included, but it is now easier to implement your own plugin.</p></li><li><p>Added support for SAML 2.0 IdP to work with Google Apps for
- Education. Tested.</p></li><li><p>Initial implementation of SAML 2.0 Single Log-Out
- functionality both for SP and IdP. Seems to work, but not yet
- well-tested.</p></li><li><p>Added support for bridging SAML 2.0 to SAML 2.0.</p></li><li><p>Added some time skew offset to the NotBefore timestamp on the
- assertion, to allow some time skew between the SP and IdP.</p></li><li><p>Fixed Browser/POST page to automaticly submit, and have fall
- back functionality for user agents with no javascript
- support.</p></li><li><p>Fixed some bug with warning traversing Shibboleth 1.3
- Assertions.</p></li><li><p>Fixed tabindex on the login page of the LDAP authentication
- module to allow you to tab from username, to password and then to
- submit.</p></li><li><p>Fixed bug on autodiscovering hostname in multihost
- environments.</p></li><li><p>Cleaned out some debug messages, and added a debug option in
- the configuration file. This debug option let's you turn on the
- possibility of showing all SAML messages to users in the web
- browser, and manually submit them.</p></li><li><p>Several minor bugfixes.</p></li></ul></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856961"></a>News about simpleSAMLphp</h2></div></div></div><p>To get the latest news about simpleSAMLphp you can follow this url:
- <a href="http://rnd.feide.no/category/simplesamlphp/" target="_top">http://rnd.feide.no/category/simplesamlphp/</a>.</p><p>Currently simpleSAMLphp has a project page at Google Code:</p><p><a href="http://code.google.com/p/simplesamlphp/" target="_top">http://code.google.com/p/simplesamlphp/</a></p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856990"></a>Download and install simpleSAMLphp</h2></div></div></div><p>You can go to <a href="http://code.google.com/p/simplesamlphp/" target="_top">code.google.com/p/simplesamlphp/</a>
- to find the most recent release of simpleSAMLphp. Download the zipped
- file, and unzip it on your webserver. However I hightly reccomend running
- from a subversion checkout instead.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id857010"></a>Getting a working copy of simpleSAMLphp from subversion</h3></div></div></div><p>Go to the directory where you want to install
- simpleSAMLphp:</p><pre class="screen">cd /var</pre><p>Then do a subversion checkout:</p><pre class="screen">svn checkout http://simplesamlphp.googlecode.com/svn/trunk/ simplesamlphp</pre><p>If you know subversion you know how to view logs and review
- changes to the files. To update the version you have checked out,
- enter:</p><pre class="screen">cd /var/simplesamlphp
-svn up</pre></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857049"></a>Making configuration and metadata files</h2></div></div></div><p>Configuration and metadata files are stored in a template format,
- you need to copy them to have your local copies. The reason why it is done
- this way, is that when you upgrade you can do svn up in subversion or just
- copy the whole directory over your installation, without replacing your
- existing configuration. When you are updating, you should investigate
- whether the config format is changed, this should be documented in the
- changelog.</p><p>Here are the steps you need to do to create local configuration
- files:</p><pre class="screen">cd /var/simplesamlphp
-cp config/config-template.php config/config.php
-cp -r metadata-templates/*.php metadata/
-</pre></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857078"></a>Configuring apache</h2></div></div></div><p>In this example simpleSAMLphp is located in
- <code class="filename">/var/simplesamlphp</code>, that is the default location. If
- you want to modify this location, you can do so freely, but then you need
- to update the path in a few files. <a href="#sect.altlocations" title="A. Installing simpleSAMLphp in alternative locations">I
- wrote a separate chapter about that, read on</a>.</p><p>Of the folders inside simplesamlphp, only the www folder needs to be
- accessible from the web. There are several ways of putting the
- simpleSAMLphp depending on the way web sites are structured on your apache
- web server. Here is what I believe is the best configuration.</p><p>Find the apache configuration file for the virtual hosts that you
- want to run simpleSAML on. The configuration may look like this:</p><pre class="programlisting"><VirtualHost *>
- ServerName service.example.com
- DocumentRoot /var/www/service.example.com
-
- Alias /simplesaml /var/simplesamlphp/www
-</VirtualHost>
-</pre><p>What is special is the <code class="literal">Alias</code> directive. That
- directive will give control to simpleSAMLphp for all urls that matches
- <code class="literal">http(s)://service.example.com/simplesaml/*</code>.
- simpleSAMLphp will need to have several SAML interfaces available on the
- web, and all these interfaces are included in the <code class="filename">www</code>
- subdirectory of your simpleSAMLphp installation. You can set the alias to
- whatever you want, but this alias must be set in the
- <code class="filename">config.php</code> file of simpleSAML as described in ???. Here is an example of how this configuration may
- look like in <code class="filename">config.php</code>:</p><pre class="programlisting">$config = array (
-[...]
- 'baseurlpath' => 'simplesaml/',</pre></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857177"></a>The simpleSAMLphp installation webpage</h2></div></div></div><p>When you have installed simpleSAMLphp, you can access the homepage
- of your installation, which contains some information and a few links to
- the test services. The url of an installation can be in example:</p><div class="literallayout"><p>https://service.example.com/simplesaml/</p></div><p>The exact link depends on how you set it up with apache and off
- course your hostname.</p><div class="warning" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Warning</h3><p>Don't click on any of the links yet, because they require you to
- eigther have setup simpleSAMLphp as an Service Provider or as an
- Identity Provider.</p></div><p>Here is an example screenshot of what the simpleSAMLphp page looks
- like:</p><div class="figure"><a id="id857216"></a><p class="title"><b>Figure 1. Screenshot of the simpleSAMLphp installation page.</b></p><div class="screenshot"><div class="mediaobject"><img src="resources/simplesamlphp-install/screenshot-installationpage.png" alt="Screenshot of the simpleSAMLphp installation page." /></div></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857241"></a>Next steps</h2></div></div></div><p>You have now successfully installed simpleSAMLphp, and the next
- steps depends on whether you want to setup a service provider, to protect
- a website with authentication or if you want to setup an identity provider
- and connect it to a user storage. We will also provide documentation on
- bridging federation protocols in a separate document.</p><div class="itemizedlist"><ul type="disc"><li><p><a href="simplesamlphp-sp.html" target="_top">Setting up simpleSAMLphp as a
- service provider</a></p></li><li><p><a href="simplesamlphp-idp.html" target="_top">Setting up simpleSAMLphp as
- an identity provider</a></p></li><li><p><a href="simplesamlphp-bridge.html" target="_top">Setting up simpleSAMLphp
- as a bridge</a></p></li></ul></div></div><div class="appendix" lang="en" xml:lang="en"><h2 class="title" style="clear: both"><a id="sect.altlocations"></a>A. Installing simpleSAMLphp in alternative locations</h2><p>If you want to install simpleSAMLphp in an alternative directory,
- feel free to do so. You need to set the path of the installation directory
- in the config.php file:</p><pre class="programlisting">$config = array (
-[...]
- 'basedir' => '/usr/local/simplesaml/simplesamlphp',</pre><p>And you also need to modify the Alias directive in the apache
- configuration:</p><pre class="programlisting"> Alias /simplesaml /usr/local/simplesaml/simplesamlphp/www</pre></div></div></body></html>
diff --git a/docs/simplesamlphp-install.pdf b/docs/simplesamlphp-install.pdf
deleted file mode 100644
index aecd7d045e1c15b4f8840ed6fb1ff8a9fc2d4b30..0000000000000000000000000000000000000000
GIT binary patch
literal 0
HcmV?d00001
literal 43359
zcmd3tV|b>^*5}hnC+XO>ZQHhOcWm3XZQHgxwryLT&ZPI*`@DPRoSFBXYd*~TC0DBM
zs#@!=r|Mb1^{;w}WCew(=%^XNiOR|=D#00XX>qOfzk_pfg44*_SsOYU7}?>H^4aJa
zm>S^<%gEv?8`;^LSzF=KQnN9Tfzt@s8R<EEmId`3jBrT>+39I%S!mhl80l!4Xc?I(
zXz594X-UYyxw*lOtPFn-%=AwKxHQtZ4B#}9Mph;crnqzrpAY20X@t!z96n9b2wQxP
zC}?D0ZD@r1ySu%^rzJ~pmyFCLXGMh-<lw1JmQL9?*sz3Yb5nUhQK(MQSZZ=QFj(=P
z7yx``K}8!ux!9s_^rYK9`2w-E_+f!x<Z92pq6yC1+8|;ii5XU+ZFRU_O{8z(Jb9UC
zcTR1XTzM|G0mS_D2kw(p1@nQ-RYlx68VrdHH_-+C0(lJpWC5^kQ(w=I{45NZ3h1#M
zVUddPjMCW#jr;OOKF1T$3-FPh(5i+{2Oyggadi8<qKSqw%F3mZLDVcWn$pB5HAyQz
ziLd5IuN-fGOR3@Um}&&Wc1It;i8gLOxodR2zfQ6j$p+sQ5vz-aa`f%FmA;GEz~4bE
zh<C_(zZT6yni+sJZk_tjUcu0U${>!E-j8a}6<}L*ROfn@M)k)O!Z^&}<PUXfc*5ck
zG-6GKpvZWH@SUkCsiW}0AGFXckp#PR%c*E;m^*d=##2Al5M3?N>hL+1S=m@=EvYQK
zNaww^ex}DgIVEWacweFk;ym|1s(7VB0n`*3HLkn{TbdyOXq|nLZGR7*(4_$gtLt)v
z_O!)r^U#(b*rha~C|_UKl=zZuPDXQl^_mUsEuiBuCEvAib)e^R7tb2!KqsKhVrA@B
zBsefKxoh(Rd6*sij05`15gQrqCt+6zO@ff%c#$NoWKyHX2to*ODt{2~b9UM@O#iQf
zmDZ%t)n~ZrBvrsdJak?!YyeVnI9xDyLyGAuPlzEApqGj8nbefbw<*70o+>SpzebP=
zy`v071nFDg<tES5eyRg9;sOZq0-f?=90MWrd~NE1YXN}S1_I<G4f$%TOSkQZ81qFC
z7X{I$F$XoluTqz!1jI21j?tgl2GzmWV4IN@l-hS(_v`u>d0OZ!AF^xkAH1*ufg`X;
z^1%+c0wb7pfvPbW`#`_~aI%;Q--rbGMFEj`&vN8TFw25YbB&KRj!7NR+W?>hnsek#
z;a`#5KnZBUih9*+;4Faab!Aw;MFpVrj$YHV;!yiF_axc?dB9!<$n+;~!>NMv_!h(Y
zz{0WTh10?z_X+dIx)6fF;g!e07XX^^uEt;&;IxK`#ukrgAc6=9(aB0CK#bua1@7i0
z<tpbg=a<QW%4U{u&nwN7eg}VmlM*)1o0yqA25_KcN6QSS7FNkgpT;__KZd(!eMJKC
z&ozjki$e95#3V+l2dqb{$C!&^3q%`=&?~A{tzcioJPU&ww5!p#plbqmhjoW{2j+<K
z^e5PLuxVn|(d3j4p%_rwR<|LsQL#a2LF<6uguRM@8N9n5zcG3i_JHyF#uJr|M~V;u
zRuv%1Pp(Im8#gV?D$ye0!bb@I5F$NbljqYCq$<WK$SH$K)I}sGYD~yX=1YiYiFZMg
ziNAs0i5ovEYzSk=sV2F}Z$+Gqw?)z|mqV^f{+09^QJG?%)PY=6&ZQ_sg;DWdQL`eY
zS~b^2&{p)O6kdB&G_-O+PQ6eu-$C&tXtse~X+@Y#kxjt0-Y)zW_&@}aaxi39U`H;D
z^o`Vn)Ic$yOvXr|b>4Aa_*Ctb6-t1i2zXlFtgyk_)W3lYDJ(2gyg@umJaWtyi3}?j
zV+QE><evUj@73{@Ly1aBMyczRc!7C=qO5x1u*9|GW<h*@bwPN3vy@@pbAE2VxzxFI
zYmV0}#Vo*l|NHq2Yx#`>v}M#d=4D14Tkz5PVgS<wBLSm|>E#^ebjITB;_cknY}qV(
z{)1wA)kSV*S*O5Tz+(Zl(y)|BPQAcU!K6VDcz=BCWQpNDU6BKm<GUkK+e4dw8-v@B
zo19yq+lAZHJ=iPdJK;OlYv-#12s;QK2rx(`NHf$;5M@7NzgEzDP<3QPq<#c5sv{Z~
zy)pwd?Iep8Q<phEvn`97@vN@h1fszhy%fWSrP~T5b3Ka$T{#^FeeeX<58%W0iD0T}
zWNBpnaFB2eN%*<=)P4)2DD_z?e<}#7cFJruG}S>3%lgyiS5r&tOsfr3&*30_1XBgm
zIfJ|M%2cYQrlH4G&0Ec_*775#DNidCtKsG~1LwJ{?>PG1y<JPc{QdL&M{+0hW@mcn
zW@;C2K*EQ>4J?f_o%uOj*(#mb5APROdezQ7mS0d%iX_q`!pHMnhwh&5(2pWpPh0IY
z&$J4yAe#l7JFVoMwVb2e{ojCKJYlj#;)er@OHIm-_@+#>7q#)Lp{tiHOdiD_$*c#~
zrrHPGr-OG94iqlzw^XKBR+<-_$EG%|1GmV$8@yvam_IPSsDD}aIrJ&z9qvi=_2eta
z0p?ragYld26YAx{vk}!Dd5melgF1pZat`#H_L;uOed>$oPYU$Ji2{Rxs0Q;!)kBbj
zo$2;z(;f9o0<OmI#2?4M5=<2o%X7;|%16jc&(|4t8BQ1$HK^2A8PX1$3qcrg95&d?
z-%H;uMtP-NZ?)m<<<4c@dBxuoat)`ZTvW~IdVYo<B+4KXfu9Mb3#AIZV$00{nY^F%
zDQuJ|Zn3zezC_3ZwFb40yBec8k|As*P9)(Hcaqx7;!NGml8?Pr>_Jw9$SQs<UM%dA
zhLBpzek9`}?&JbWj!m&u6oo4Sd!uh;xT6oQ|4|=SUof7Le4)uq1P;$+B(M@**FMO&
zGBxirAXukOpSG8z5PwI^!u}+hWtT;3t=qbCD>Y7X>v`9$?W^9aHKUQEQPZUBP<S-<
zsx)0zSnj5BR!yzW)iq>2;oBI{XlCwB+CWW7<IzfOtR)kxJd>7J``~q^5snllG|0l-
zVo|advP!zl+G2KDR3?QZ;X;HWQ7J(ozGZ!A)%Bb>p^~WMxf<7CRP!U(VoLdk^3LMf
z+Ilk<sS5QJ4bB>NU8g;$fyii7GDq@xhpe88TyuDhM4f~>n&yg@k!)k*si&j(gJ`6R
zlzXM|MbYX~yK8&(`OWg2a<P(%`jb_)?$v}__v<7`eo&ZaiYMC}HnT9xqxZyXTdP=p
zX~Rjs*N)eTZwQd*MAXCtRT`C1rA>K(<E?IA@A#IB_uR&iMY(lxb22tyFkvvZclz_i
zLqA`zdvr}ygQv-}mL+IoegVR%<|f-h;w;fc)EPE6x=TazaAEPD`}oxp&K#Grz2<?-
z3Rqug9zwSCVRi<0qT}hw$^M){r-a*8MktqkB~6F*wZ-(x-I2#s=E>7JkL%{c&svB{
zlqhXOt@E~hn^OB8ube&5Hym~lED(-h%-}W}4y{YHEEbR5u(!lHmCov{c4V82*^!^I
zJ7;oB)|;X&c%7r|FUQKSl}F9?R#WS0_9&js`&qM{VQ*<q7+#F;wOXgRT->Kz?AN-z
z{u~DDwIn=7ANO7z$9OM#g8`F*cLZx9!^EB>G(6hRE<eQ<<5P<Vc_=<K-+t_`ICs1J
zq^CvVVEUzb|8uT7U8kgb`D6Cd=*nUF{#^yF+E_ceL(bcNo9fK+qdmnLfuZ%P_KJch
z#q0P5_5S9vI6@}d3+O4}?(H{f{)vl!LMQW|(5XQqCLqACXK!SP`<p}Mwf>?~mcLP{
zqN|M&E{&9tgPx(DgC01If}_5}A62SSlK+9Lzd>0Z{BLB+$>Z`#$>v55xcWvWW>#GI
zSMA;SxMqf2_$o|Nv{E(#My6(>ZgxfrZqkYdZsrDThWI?(;NYAt>@JozmY>#eT`VoE
z?Acwo@bx}P*@*q~|KHU#_}t)}c8136@`A#DHu)@Z;hQ=**s#;kI6FI2J2OyQ+nLbN
zv9Yny(9+Y;(^Gx6pt5(ha?o?3va%=mYXm_fdjmT&o8P?t=SVhx8_CL^`VYg@2G*7|
zpATs0s2OPRaetfE)3<hX;KKhs&gTR6&y?ZMG=TdvbKv~l`0sUpHu^Jr;Qrqv4}W(1
zs}(pW&2LM8bMepD{#(soGh}J=&)5H-oOaQ(`E;80U!DG(VfH^V6{FvI3it0Mg^HGq
zijGl{j+UK?mi>=Rg`Jj`ljeVE`G4V+p}{|$vT?Mt_~R2XG@voEFtRkVa<Kn&jP73@
zGc;iTTx9=8kN#@%Z(aFg&OR5$=UmbJb0K{e{<#)EHvkvD-5)FMU$+Gv?Y}I0J}WD0
zhrg|PNi!>Ra2k0d0|#6UTsk%uY8F-|TzWb-YI;TnHa1)a76xht1}0j1TzY!eKkKwU
zv%=5DzsIJ<{VecX+ZldlbbqVi!{y|}rBRX>!zKN5728=EQX3nY85&VrS<@JN&WMS%
zohyyKnWc?|k-eU!g^j5V&1bf$@Q+@f=^%|LE{)h9+wadUPDlT@clj%){9}{<S8_@<
zHT!)=Sg&lI9hRUn!5g+F*Kz8a0QKdbB35vh>*X{wI1PGk`T!l7@g{1CR4Bqkt+zAf
z@`Yq|yX}{2cdQ;BGi*1b`WJHqN!9JbT$BrA(oG|6)cgT+A9}9&IiQ~`@!LE5?;W`q
zTkg#-7cjWWSuhqy69YK6vEeZ>Fuz(}^zIJz?C%_RfxDh;REdFw{22MfP>)>CjYz{f
zf`{HL*W!yRZ-&>dHk*qd?XAyxx3DgP^QyvqX<u8Pf}gG{i3w%oGKjmn@A!4Z$xIs~
zJjaiHF^8pbel7qV8&+^bDKsp9jX@O}$1fUI=QNI|N(x4a1h^-Z+lwC;{+16g6bJ_1
zhv{Yf&<_!2M@1qBr(*-|H8=Q01AH6*=%O@7M6-Sme~QjK!__t<k1<um!=Hmw<B~l}
z?zCTK+fvNh;DB(AZ+UMgg02y4tdaQw%$bX|M1=W-%OINB&5pvYrq+acRd)xSt7*8Z
z<QtdvN`o&Oa)3^0-}d5SsUTnW5*;+Rxc&h_|E)Y7_vo#nG+lQGrs@(RP#hfW%{Q=m
zGkONQI)DST0bOR9ySei?p@`_+a6ZImu&{j9s9$hPEyuN@{nJl#<~-d&0je=LHwZKP
zAAXqS(0y3qw+>0q?x@7(Sz3m->r9rzS^E`86vH5My=rVNKT+d|Mm>4jI0wTnoW5$z
z`6h&~j|TGX5?Cqet~Ncm5K{MDykpt*;F!Lj`)ql;x?lM~uyLXNTDzx@hKfmgP~ABl
z<6DdNHxEE?7%e(K=f$J_c8U2Fd%Wo(e!b?GqEL$p3W<OhO<mJDWuF<dFGCSM&Vk<c
z+o(}?^|DpDc#slL6V=(k&luhDcyh}%*cbh~vdg7ZH{*?b7s7rsSC8T4T4XYhwWdy@
zkMi#s0@C}_K$oDJt;%SxIeZ`*V+SMJ^&4{ZF?m^o!)Uj6rP!qD=5W=qE4_XRRE)Cf
zLM8!j6iJo6S1UKK{vq5@JP{51?1)TgSyZQ4VD_g10bd@}uBb#GA<;o51s+u+(l_}7
zotZ-3UdD_ZOZ?gvjFR}eMoNZuPa@7<-CS1Y<ox<j!LJTnwCg*Gv!1X@al;3scOk9O
z=7|?d&FTbdvtN5j^z8<V%)kc$-Ks68&@BLf)V{nEaAN>)V7hUp_@}(M(F=J@1+k!7
z=uLf{Fr7=AJrR-<+S-c(y;vXu&gnNg`e>A13uymAn>!O{7U?$vSgDgmu=%K!ly8`<
z<CHOZ$MmA%LIpiNzjnC!C^bB(8=n3KgM&k<uYp+$Jk}r&d+rUXjxHZ2rI7!y*M--g
z$Q86YmJvqc-UZas3-~1TVrtJ$9xI$EB%)^!Z3&Ak6};(p6xmy6yAL`xq`1GCJ*Y5~
zjAbSSO@nrEYls+R!+U*4*?#<kDg97}iaOUJ^fc$f@F*|8%mPx2&he=%Dr3ZJ>O18N
z5MrpMjG_3IB3G1bl1TPy+mc1v=@MUBo{t7A@L(8MF4C_xK6$XpyYhxbSynALl;$vF
zh1;ElxQ9m>e+ZMOQaZ*8bn|3hB^w7@x0M+iM~l~jZ?pwKTn-hst|VfRSJwqOLjKi@
z7~&8{2u`wa4xe9B2i2)Z9nK(7CHo{d#q7CE>DX7~BL}vDOF3cpM3~I%NGl|ZFdkIn
z<sspg42wWJ0|!`hB(rp5805}5M`+;w3E9)sr51Lbfj}sUzFC)wBcsIHK#iS30u+=>
zW&Jfr53rN(iBfS^bi9`1i#sYZBkEL5Oc|`SiJa)FX-nMZx4!eJE7$#ES^5@ORByw+
z)oWYRY&*^D8YQ;b4<LDU-@R~#CNb;ca*$cNn=7tHvr4E$AURO0-$OHvRH;+emy?_?
z@QpzNlBIxCZpP{t3~`f@xc545y0SR{R5URAlk!&-h&&Xg;TpV|?X-~mhZ6beECA)w
zM&CkE>`W&f;RN`@fu@`A6q)+>ZUC704$s0-Y;4hUId9%^Glaarif7Z1oUk~?ki8vG
zTu-W??YKwdG}jS-l~Fg(!d^VHxq;5;$bz~VLfhE*lw&N?@|l4^gjKG{^iO-)+Rx2^
zW6_q<=ADBy5qTJH+)Z?pbeVovou62J?1&A0_LS2V^Nb9O>8-m)?V$hZ&=6a=<invk
zW*&f~*VbVt>yovSY%lxm9vJmfa}3g9pDh{At=wn&o4hO3TW|walbY+7_BvTK4RmIC
zSiM|)Z$?o?Y$$mZ3iNMiP+*W|`qk$cPKPfBJI=^<_``F!^y>Y+L`3J39#~DOx!lLb
zm%?R@srK!3#VO>7GDAehu6+mj>(IFly}4~A_YqzvR*Ygfi*M7=H1^&7{W*uo2)97p
z{1S^{aYSSFcXvVMa(-wEI0tg%;~`xsLL2iC`T|oMlM=Uxg|?T$5;%AD$AdcL<g~`a
z-5CRLAFvEt8+J#Oz1<SiRx6+jMp+<b0dqZ#JC5qXdN2e)ir><Sopt;_s$)yAB}kB%
z3ERZd?F<C+`URO!E*V-iPG{G^%ho6&WfO=jN*1$#4x{+{*Qd)NvC0obf@O^brYtO2
zk^CcX8{CZ%*AOjfWOLTt9BTT7jPmu-%rml|6irHDXeUWVjHfNiVe%7tLsx47cT)n`
zkP8>QEajZYcBn%P`hnk0Fjg}9PaW{mA>oqaL$icBQ@SSKA>g{}zx*5Wq5G2-G{FCW
zAbIeArUGn#<A{Hx0<wB0MxSc9p4}(M;r{OUDN{=s8Jg+wTf6*;HO!y*!NNxW8+R1#
z%q;)y1AYr5Bg23DMBd2W+R@Iy$R77k5nRC9%HcOO;{HK3pXUC+vd`i_tpA6a{)cM*
zTUMuMVq^X*nW6hj#Ajw<_-EZ;x;s5B9m_u}S^xH~e=*bV_y4cx@Re$3(R)pBA6?#o
zHM};`HAN3zm@y#fMai1BVl1sxe)yxHt9h1<bp^+I!|!Jd3D2nN4bJh8(C#F^L?<DS
zq^gcuuANVMdBhGm()%~6oi{^VrFS{_IQjH4*u6yYj{q3<MA*D~yyp--&NFeY$~cx@
zUN4Jvbm^TnRh`-}mfk#yad+<~aIU(#-)>*59;od&ms~f&i*Q4d1qpBaDIqcwzWUyI
z*m$Ws4Ca!p3=doLFuolsnC$dSy_KDrsm*qkl*?r5WE^!9;H&ZX5!!7m-)IR1Dz`4b
zEw!y8x91L~e>_6cqZP~i4EUA_03XMTssEGmz=Zvj-$PRg@P|n3CeDVkAC61SRCLIZ
z$+ZbQPX``p@~kwuWGwd71FadZsP8YoCP<iIV$eXvc2G!di<8F(*+W#aGJ>;LeGzy6
zWwWVQE_1rC2At~=!aXBRRxk}LA<jclT$N6g-n5}<=7)e)P*tv-XwVg>YF;OdIb{2k
zLPQ=yVpPk?4^gU3LEK;rTaKM(Z!D6h%I0XXr*4biY8!)4kPK!8-qbzzABgJAQfD9X
zDp(p45Q<cymzzk{o|H%0-ICST382L?K-7|?<E#t5l@nO1DC|4l%SOera5%xIr(*~t
zE!=O_neYM!5VLzk0uM-YN?i;j_f;Z;E-GBBm7zM6Pr<^lb;=*Xw1gsvnyZ4s3i-Tp
zo_v$0=i#Ll^-o0;jj0z(M-e8B+<=@t5k1qIaq25h_TuHYBr(p38IP#7L#DGb?Y@E(
zY&%YbGH;?N6UXAqd3Zb|#!LX*rM}m-Dx-O9pgK!aFH(6Ux4BzPDA<@Od#1Tv#K52Q
z=nsb%m}tnwK++~@N^&x|h;4+SM^pm#xi9FG2gQA!4qBnK3U{G#3_TO@iy{X5MKnt3
znH}NE0mL21TrTXGW1vVOX@GS`1<^Re_>Hadcq%ZkYO#3e7;|hT3A!+F<L##z^!Fo$
z<wnds5jw%-<iZ(A6ThQ464Wg%<d?{0a9lYpJbTye$AvmzF@D_hdde2+wJufn-r2)1
zsn+K$WL}t4i_tHcOci5}d2*?1q&XuZ!P2gz-<ql<REeL)7S_!NNo*R}s$rx;l20R^
zD)#hFVpUZ(%@kFJ3<Wg6N0r1`eAzT$I3Vxc)qWJ;_-5VMSjNmpabHwM%5k8EoBQ7+
zC1DYux^@o|6mn1$f94D@hq0=G!|Z0!{WNQ@U(rk+?xUlpm<!)(a~%wefX>+44C+Xx
z%>+u#W_a07kD&OiN8QfEqFh(!!h0iE+3LBt>Lfrw)uC)A>+jq2JY(2_4%9L!0+JXc
z6HLI6_`(xfuZNGAkJ&}v2wB>YI(BCVuZ`U<50AUJC-`FCE%u;|sGFyGvBPEEl)T2j
ze&?a<Y9iec9mglJ|7mN^)pY3qwFB+Aux0@(K!Y*FsS#xyBcwZn0(vsnf;R{%-`idC
z-Rwk8^+4uGV1wRol^mu@yp*G<TiE14048~myE_yuGjS%rtm9#)e3)d^V7qn^1*4;m
zELcl!!=f7yCJltemTP9XTVx{ODhfU?z^4bH@|7(t9W|7x;(#Ub<?Ht$Itvc)tY*ED
z<!?-FX#T*Loxfy;6$6J7#sR<AuS9Fz-%+r$AZgmvmJ*-gZzULadkVCf7RM@BpVd{!
zv^AAw<XH&@vFh>XscJTPKfWKoR+2&gSom2|@WV{t7W~y=+ooTvlaS82JF#uNPR<oO
z;31kFLGQWziZUnG{`#vOKtNUaSW`=NcTElt?IuFL#MiX9fTb94#@A4zTg8#4fqi=G
z!&dry$#MbtPNlk6`~2@lax33uW87?J?CTjlEBR=cP17&Ws<OYfS;<>B>8L6#bq5wP
zIGV4mfXV$z=ihjo-UcC@09=aHcC8tQdez-7wXDT<s~Rg8kvKw3=;!yIi0{JS9UnDq
zU(q0@hG5GQV8Mp6BZ7s95&-OdhOHN4V4NOEQ{#Qq*qVj9SJhcpE<r&%Em`_7PWMun
zt$O=ekC6u1xuR@!qGfA%*Nl7IG9odBjAs~23%&h{|0=fl#J&b~izawagVGEL#=SvV
ztOpMpT~3m;kx?PB^Q_OJh@m~7!*)FNjRm=}!cauXspy3Yy+j~7KfYDIZKMGTeOs$s
zyIWW?`#WY?d?bO!2^LAj7ojcA%P=ToS)GwpCm0uNBX?2Axe?j)rZaEymEu#0#IBZ`
zCUK9xN)5L_D+#z<sKf&}a9v>NlGD6z*zdTttS6*BM2cO}rFNyW6b0mz!{+Rr-_WZE
z!ZmqXAA_6{H$HZA<YM4y#_9wa;imd@c4Jz89%fIXe`ORf2|@niD~{T6eWDjcwufs`
zp8Ww^7U|RTD>|eqEC_E7a`ttIUTnfZX@n!kHS491fW`nTb*FB|ix1~QcA};&u2}-8
zf$L2u);uL0BL7uSr-K3A;I5KtU>&h1f{rlaQ4;bPt#OY)_q7gyX3>F5uznPyJ1w=k
z+QZ}F3l)S3sEYO4?n#Atk|qiz2@RL5NUgQ(?o~UzQI3vA2}jNt!#T@XwxH2u+(meV
zHrdR@7PFw4sNYC@_xvu#mAw;TjEIIXN1c(-q^QysL|OKSP@S2E+b>tWyHLt5!cp%{
z8_y0ne{-I&pBU+|*4UKi`YesL7&3rV0OqcxzUNC&po?A^W1~FY&$JxV?_F2v&E<)a
zH--yJOBLAFvirteC|Nuxu^;&6)VrQDjzH#DI{7f|auu)NJSgg`UZBytuRxEXng$)K
zyn_r_?{Z^%+S@j2L`Yv2#(xZn2nc!p%sjp75hFbLH(>U!O6>nn{Q3<@@_)O%K=&6N
z($mqg{)JKWf5GH$RqG$f_<xkq80qM#S!tPY85roPX+JwNG15}g;xaIPN|&Fd|B8G@
z|65x7gtY%v1f&1WkN>#7@n7<Uj{XnJzyE$(rekBEX8qLk=-K|?9r+7Ee^1GuWJ&*j
zp~l6pF~fT;Rc{NFQ5GBHZU$4>Dp3z_t`atyFBCQHa`GZF3I^dfau)pP-U11Y_d#T9
z8W!*XXv5fuyaa)D;r{6fx!qmyt@F0!b&EWure~a=M%;u{+MXstZWk-p<h7(2=9$U4
zSLEQm?YnZ<)81+GR<8Zk3+;Jb+EB0sF$sL#D2~d9x@WtV<tCB#w)+~83Ao=^HNQAo
z>agW;IYigB{HL|H;$a0TZm+vJ9+`!c#^%TEBY`=XmZ}@xwZq1z_U89s;erv_45F@V
zw_KXiZR4pUuO(*CS4OATeViuT_}W*>AFxYcxO8F9_(fCd9*6PN&%;VYyxwsoFQb-3
z0dfF$eP4m~zIYqo<YV~JlWi32YR>Hi1F7^#aNJfySb_Ws1)g`BYH;1HtmEpuo)TEX
zelg*>oGdsad5{7y1DWmI!MEB(f@Z_V3H16w<z_|b`AZI}ztp>ag%<@KV>L#PS86;h
z9Vpj*mg#Nc{2LedVmyJ3ag`7W-mU-olYsp}&T>VHLzzR4-jtMkZO?)F2Xy3^FH|LP
zCRy$9!i9ph?`$el1;ONtQD8cWe!R^!4!OP_C^)(Zaz~>{bTJpU1t4{veD2{8aDO2k
zDs<36{Z2x$^0Q>XlwyGgu|7-l-nC6P$|2ZTIPWYCFjBJl$sKON@m&H?^cWlgvK4(u
z8oSJLfu64)K%ZP+rY*GA_h_o!HK=CjIMhKoQvW`V)d!Ccz%w5;3D%+Yp~xBb%(lmQ
zIkO@(?u8acAAz+KDYM>ESE*LM*!-4}aQwOfP15ApFuj_qdMG!`R=vqb8^8}rx8SBA
zA0G!a9#jY-Z~dVg=+b;bfu8;+hVb#ji1u~?=`>9Of6PrpLo)FCgp=>+cM#Ds(LP6#
zRIx>lSQ#ptYgi2@c%rK<cpv^7Tg(sRnH@CA<4nF59e9RUunJ$Xu-4dIcIpT{Wt<x&
zK<Q!L8%GR-EgUprqgpEBj)IhINJROM#rcxI?jlz~o%`vy0hz)G-!Ve_ub*Hl<k_`3
zdG@<M?hB^9+jWfys*L!G8mFHlpM&U+Sx`9~580t|z!_|K;4wQxQw4Qdf4>Qkz{`yT
zPFTr2z}D_2;SXTC7+eMqU)=}#=p<kwGBGch2Y`gVfhC8i9J9CVqlL`v12>GlmL8fM
z&iRJ7j#2@+FkhbkS{4yCOG#bnl_aB8^R3nSntRR)wGii&OKA<JGd@bT@XPr5_nb0f
zMzaR!8VoISMd*v;j0nBlwXsHmeo|)1ec8)b(seBI!bdfaSrhzB|Ho!?KUy)^Z*qv7
zeBKY)YQ0w)Cz9t!<IU7yb3anf%n&qra7daz&~O4>EO4gdaI@-UNBz<#h$*<kC!Q?X
zuyZkAo!7#MBu^mqpAWgCVsSi?hpoSd4SH!BOAT%vFH52g9%54dsGT{#c{KJ!6p}4^
zX%+44CU2gyW0fBb=}mtRO;EHVJc3<j6V}im7I|zSIN+W7igxWZsu9I74N)oeOJ*Ey
z`%Yjf&0i5cb4jm!jSH40B~r_h%GoBBklLXW`v#y_X7Y#Zn3JuOWAuUS{4g0tE$#rc
zXZGTI@zVLWN&7*cR#%7B8)@qhpqhLY4|RY1V)2?lZbe$HT#=@Rl9_IWEVc$V(6StN
zdK!%cSf@yI8oK1l%priI+tu-aiKKZ&7*VGT5gye1ZCDV$otKTAikX~<dGbAPi*sxj
zmDf?0{Ni3#i_6@UYCOk)VXPG)>+V#0{e|EO;#WBEmP{kDVt@MwgWjsjk|%|WO>nl?
zk8=6CprjVt8+?DDh5MXb)o_iW<Hav^W8rKi?kiPbvh<v+*Bi%4F~DkTq~{h@5qT0B
zbrQo5wumn&K)3s}EQ#EQO%Cy`rHBm8NBV$d91}IlITJpNJV$jA*bE&pjxw)x`5Y%*
z)S;44g0(Q?(P|qV(*yF?SqHI;nwntJjk=FykOa01Y*=^}kto7#jFWh@98J{90wI<P
zgH0K3<x#`8ak4y#5{+f!beE`34_+pPA{Ykr_2(CTG|=D)hp{-<=A$%+p&4UK{J*N=
zBX}yYzDKOMiW2mLbgk}W@yfb77HYn}Qhm4_l!R+@wX_Vxrb7_gqM!`=8mT$^IWqX!
zJ)`F%V3!dw3?7e>FHfk(<i=!n`wt$dW(cIF0!&i;tmGVPwR$hLJ>%hvX^?&nUGIW=
zwBN5MFe5+Z$KNwk%n8|oFs+pmcz~?x)kI9pZr~QU4{m2OlhYPBDu)#bMm~15T_Z?E
z(swN7G!C29(%CF9TLPy>qM``CBg};<oBT<eNYeBLs5bR$K#QOvZzU_B8Ls6vrpNq`
z@`q7+!C}gMT&o_YilT{nDxVP#cEuHZs9Rw^6t7M3U2V;?6?V~{u3B0>2m@bePs(?#
zGfFH3C+bXf*k}N2&Bt&c#hy?ONX5X-Ev3x%kV3ez*%NSQ{KraC&_zX$A1s>qr{h|c
zc7ASOVotOsu!VG6rgPzU+}cw4yd5dB5l4Rt4j8?GVN`27J<44Li_mX#VGsDP-1FNp
z{3@7ZAe{U4<BTKSBVp~KDJYe)5qi=?jNecX>MXa7h}q~Awuc`CFiAO@1O3gcom;iV
z4NW11UGOA9143RV>a`^d^D4C>uaQj3#Me=y4k+av5GgRImKT%U`PBfn?kTVmyi=i_
zphX3=60A*;MmQbXxSl2Lt%;7TOkQ-lp9ZFx^jO716F^_QfGD$+D=Uk=gM?++lq_`I
zjPZaWh0rX_^pRReo^8F&Dt3;Qx#Bvw;vFdAgqxnpXgf<ixvcWxao2)Huaa|9QtALt
zVJ`OFcnsEfRSu<q;QT>S7#fA{mgEA|e&E(h-RVbSsN3-e&qn0f>%Y<{{a=TQ8sL9G
zo;>&;g!MPIknXRm1^>Z*{~vjk{vWpz{*nv-aR2Z4`UisjAs5oI(Ebx&|Bl>$vD!bt
z_dmald!a7zo7K9`RB8_OTfcw3`NCc9RNgVlo<&8H6`3Gj7>7xV&uEy6-$-aA^x=g;
zc!Q5S!CH)|?{2Yco-=a{^7>`jUh}#0cDtJOA#+3TraO>DHw)oS8a5I(3VwK))B&0o
zjk|0I=ogyUwHzxC&1vA7NAvT8Gwxv&#KvTJZugY1w4?{KOa1fJuFl%vtLL#xRsDuc
zydSPMX5RF$Sy<**VBdN!)^6(dTbqjG!;L4L=)s%HdWY?!+)Fokr2?At*UG#0`uFHQ
z!brF%fu%^yEhJ6ROc{f2vs2F(kM9e;ADe!XtEUD$!tv4oy`(9~bRNn-8PFW)JU?Z?
z>3-QL7;B1N7*5oq;E_9pXQnWmP1po6wi@xH3Y)%r)JVz<vv+5n7$DE*N6$HIQEwLC
zyKL{D@lV{1j*Br>=XK~qj%wZGDOB`0tw8dJ<?lV@XBzU(M3ra?8-%!^3_|;DRV0Bg
z7Z>mIGkL(MexCax@h@JcZtUU#2nm2VOU_B2d~QG;j3hv3VTXzbARRR2V*ul;^wDh2
zGY*IAZ*l5HUpCIe>b$&|bc&Syr_U`VETOI;_Iw~+%;y$TH6^u9h9_tZLkg9g4CR$m
z@|LkG+6jxhe36nlShG?5)8?`+-GI0uP7rPGOnE_9<1_9DaPK3(WU_zPl_|(?^<_RJ
z4=^KSzEIqYc`@^eBMiVU`_AoyRCl(<ac$}EfCesZw~C(UXw&y2Ftx0SQtw5tohcDK
zjNSxqiWaJFnI|eHIjE2By)SwV{F}?FK*1?GLM7Q!XV_y>R{N-sg2YoF;OQEFp^v#6
zQFQRnnZ@`k38c>DMGxY}!g5Q;9BacooD$1cBa@lSB~qVXe9Nv)sPtlt0^m|&50qQ}
z&PQ80IIY>1u|s#7`+;I<L$iZhj{8235fEh<*ye&3dOQV|qX*3g%k+l#9$VXFyUQRR
z<Su2mt-lmM=9NL-+VifWwVJfc`71`hG`*p$R<WeZ@XU5t^x{;e{@PR`I$1RG>S%8k
zgWoQXBc1iI$l}R-<-wciZ;nncdqMZLanQ)YvV42OMYN2zRC_Ao{W5Braq#7BPk04k
zw2yV|NUdWEpC?>2D4Rac5N<Nd4-yE;tw=4!q}4o`RMJXfpu;*qY^(WTuCzE4Pkt-w
zSVGM=xn(4>gE4b9t@2wQsl4>f^lbDXzzq-+V_TP5s|<Q+<Lt50<PvjNvJ2@AUVU$n
zp@)<4&6u-_?x>OkOw1@Qn!05zo<3ziqZm|@CgX@^3k=%o)-m)PB97+wHR#wSMvYT*
z`=9rF!(t+M61qaWbWMheXlV_T(NO1Am%oII{Tv3%+3GAcF7Z5%ONSH)uMO@rWl@(m
zbqSmLmMI&BA~oc6Myp1Jl9(sRn#zc~n9Vm-`wOo0rOLO$J!}V0bI8X0A~Hh{rQU~T
z)d(5MS*iCo2}8bB=pJki7}CxW($cAxfbkbp3Go-hyFq{wWpt4Grq!8y<YL$62${|7
z#Wuu<J$WQ|;BGEVBL`Gqr?1$<ut9h3l;E%7o(bRJSHdW=A4Gv_rFxUfy)b0PaoNTo
z?!w9xTUQ|jLW*gvK)88j!kqtb->gJd?6noApeM4@P(;x!(VxSEOQlhW^kbPn9$Z4j
zr6ae=NzR58Rs^kI1C5}Knqy4W2fmPWtdlo+{VFojE8>~UA`pi|L>g8@YSnH2Oc+Ur
z;j(llepTopBHGjXC5MoL0)MuixZW}!u|p2MP>gk~rw%H~g4gNG8kp2LZ~I{lHU%eg
z0xo1F$=G+nVb#XnjRjUDfwA05&ajLg2)Q`^iJZifCB;FIucegEg2&o?hqRhb1;X!a
zB+082QyJ=vpks_C@{@UsDl=sjJn1D4qTr;QL1ALe`8n~omsIBU*EP~f8tmd9<$eNE
zg;yX&htu)jliIKC_Bo{3<}g>YTY{2`o9bH2aG|#ug{jv-)h|HfPq5tqvPx!6i+?1Q
zakUs4<jcPKfAEPT+@98TsQ|=6LspKfh~l3e#R@xRSKk6lAE_7GA*m5&kwA<Y77@qG
z&Jnir)wk*{jJ{BZt!QN(?$Ejn(uS-=p7fXsylE5CjU#l^5Up1t9n2{x@SQS#!3IZ+
zc0Qwrb|)RoJ(C`N@89q2P+jn<SnRDJqQt~d;_?sqnZcRZSF$e;%_WnQlBPv58qXtb
zLu|Q8hJ}Rx4&>)8MIQPCsfRWfXfejtdYc;hnRIv3Y3D}+0!W&Z-Rgxd!*wMt(^u?M
zP8jInrj=egFDc&s&}hFNq{BnkZpK#aTT-R>Y!=VsKJ5P3k~8DMA#%Gwjx?FP*#VDL
z9}$FfEn`wd*Ytd!UCFYX4s@lN9jgWbV&AJnGzbI>nMN>XrtXt@xp2P}fT!vViB=l-
z4Z}mN%4E|df1r8oq63)0apm)?+){IGiu9l$b(-jTb+d0%gX$`02aEuxnzU-<{UEn~
zO3s>eQoXq@x$;p|KUz4&V>ufRpwe6E^QZ-hn^~&b`5`^IF8KB)5*!ZhA^ccp<!3`N
zpC%j@2eg7)p6M%*U+pJ>o}9IYzwZ?V0WD`jH*7>u&*^$fM2YpEUAA-$MW6hPyznE5
zs8OOdCZ`U#5CL}*VmOqvWz0S)bkC)gf_(&Bg8A^Gv-^;z5sp3jp7ipzAnMMPR(`ZV
zBXZ~4M(I7VluzpO6-1;e9d$}12B&7m_m>Bu+{24#UT0zPjYok44dwRF2SNFSqkI$>
z)YNGH_|#}XausiM>z8f9nQ$qIQ~$Z}S6S+lhRKny!?b4V&;}EByW}C+hpx+*zsmbQ
zz6eoH2K*Za`|m|qzhUWrLaM*cQ0eIy{)to!f4^AwCsHx|d2;-p{=lhF)!llH8TMl<
zo1av68BJgPO2h|pc@dQUzHw!cwqcN0!l6JYi7`|>&AK~ZP`*Ko<01*4%$4ve%6WKe
zW3<-dx!GY`CZR>SE&H9p9wf~`sOlh)U=+q+{6S9lLeB^_p&#HEMzU^<hWC%MRLjmR
z&sV_kRHOc;;FX#!BN8@*WGw9|uk`nh)JkpOBm<3fEEMoCRyiNQB^mgwu-GHD^v(yf
z8Kk!&!n5qnF0<RiK6TY=cLhhpWTGM=EiF}@iiv9QctU<J#APSb)~0>G@`&vB!YZdh
z%dN6t9V^~q|1}Y-fEFpAU4m#Gebgj<RG6l1|9D}a2i%lN(4)w0H|Pv|p#2uGpAo0Q
zCWuDr&=qk8%3eRtQKKlAH;z0tv@UGLtJ;G7irB>OC?X)l+1(N!oE?=2T4|3S+kVBu
z*sSdiPlX$}`@<R^O*dJZ#4(C$pe#_eRJBxYs^F~2+i-5PPmx)+l`ovC{wf;}zi6Tc
zn@AQ~tXMpIx|8s?nPP&F5tGpI1uU>!&C4_1A$w-)9i5DHj@lb^(j^&)0^D*ANiO88
zStEAA2<GOg1bgz7dOm{4E$nTzA%v9OU!JYM`mSCOa3)|cc_0gWH9~;1z+q`?1CE1|
z*(6D>E?et$2Pihd>0&VwDYAeBY)NqgyUruFE7uJ*5H#dOrPU7xeLFA<iuX!k4D(b$
zg;^9ZL3PuHZ1-Jidw6RrqlwSC0xHwN>YAz*@h!|#ZdX~nm7W#R4*;0XCAb?MITJPm
z%j~LGDntjo@WE?vcpNS#$i}gwaGB00agtk97T))Xjq+XXDW4rW2THTxa$FM6B9z`t
zOu2!uP;dj!f=SxW@k8qI3)vjYgQc7n`B$*e{_`6S#uMC%d8Ulb%zcOqY;wm&N}2Bw
zWR~HUFqd-yCrJ?*KoXayPSrv~rhwQ!a6VUj06}<!;jr2UKj@=eB2Dm-p<AT=0H^9N
zwhf)shjJX1!zCc+%8JG+&eDsll)@BUQ^Yt(8;UBOg~XsIbrT0~(lJ8<%LKQ+V3OZm
z<d@N|>~s}~;#r;=v@-zJ+!vtgMqd#kW3^h}$TmCg-i$u0D+&r;-_I&!C4`O!4yR+x
zl5cX;FXo-JYYwuBO2du&g5n+p#V~2A<gKU4l1J7b3uXEOm-u?WOba!Yt)SW1?|ox~
z<E0#K#)#4!9}$Lhv6QI|6aR6;HB+ie@&F*g&eV@+ZEK>Br(GoO(X&feuBc~`sC?x_
z><ThS>|Uy9#-2#}UJmc<ndry!U32W*v1A>{s$N<LSBK1uLi3aYvxh?g_=}#+c1gwv
zYXTXPtR%#KR0yR)2;Y{6MA$=4O9PgOeln?8@i#^J3vVzkni@G&U@`cS>q{bb*AWw8
zz2g|P5O;n$2)zDB@nT08oi=8Q=_J<;J}ds$EGcP7k{z%!!Bi~8JisUfxp_1hs|-L%
zC5~z#HxAwDN38d%aOa6SBKHyW5ydpXu@b8k$lNd5wk<tlpuQPKLBQCZE+o9rvM~6a
z4Ci`Q+XDOwmr;WpF6e;s^k2FGH&shD&%+QUU<2_r5fvN-%Bm<LpTa#2L1QgN_TII_
z;;xQ~Rp?cvsKTs4M_}>^qY{LHpBP2Xl}XE=jT(atH&Ip|>_PmHHsg<y)!aG>goKxK
z%4p8K(jJxMz6?ZD3^Dfw54#CN7%LGAspzX7{+uB@w6cqONnmw+e0a1jd6|WG-gtny
ztFPV+R>9#29Ys+<_H@7QczAjXsK!TWjroaHxRYwKzbO=>q3*}Qn3A!w^Gsa4CW6y<
zoO05WVpi~InPiMrZ<-I0Gs^(ZHd7#uHsu1Li`a;M-n{#MlI9Esdpjk`{?*At8nk43
z>*@aE7y$D$i@OvgK~VgHpwWl>1sfOORm#5phaIVzoWP?n1n6{V`ZD>kU6S>xJcEvD
zos@@KB*Lr7CUg!P9X%vJfxsi~R4~R`Ex8)OU<3!t4fLMDW;V@am-;bt?p}itL|v@d
z4}WrBPr$I@TO-EKE@maiS6@XZw6Qb`aOjj{#ytLzww!}-pi$Qu#(|vK1O-KMCaq@Q
zD7)|L*&XMLJ%F=*dPj;5qyv!fExn1k7nrO?Cu>EQAwODS9Z-gecC;5^!ZqY$oyJOP
zL_Az$pl;@8?=zLZ@%AS_oIJ<IC8ryJnU4+Rp5+lb#F4VTRskR>kpy^1>^Z8wOFg1X
z5V(51^QHAFQiYqs<2i7b2Aor<?-SE~9Ns4La`|vTU1ViWQS^h(dVe`2Ga&yrVf(L>
zvi}ys$R7du?_v9oX#86Vp=0@vgFJ@6AD{gdw*Qn={?o9XsjBfAwh_Ias$p;CK}8Wa
zXoi$=wbm*HmMR<DbB<p>!#1TLu~KZ<+50P&IKGft144xm{A~>95r+!)SR>}M_eI~Q
z22x?c^2Tkik!C)abs&O876LyGaX!7;E6zc>_T}eEl5S1orLp0mYWHN9m;d0po$i{~
z;^ou8XjUi*G>r+4Nwso)dUNgp`{MUG2w+?*%+*|!0yABrrYnu|%m>HGFfFCsgA1Ii
z&(zs$g6i2-1XaW+)P--f@L@vzy^2oEfFnd;IFxcqP7`+Yt-f2fj_fjBo#&@9aEkEi
zu(rh$^A~a5w@&zrnuPv>Mj;+nv#+W!{W~5mo8Pjo`q*e1v}gjov3@>7%KFwBC1Tfu
z!|M%~80bB`b}!2h>D<RF@bGjewA=qQ^}qQZk<!^K6lKY;qltxqMF?gf61CT2V7q$+
zNEc+TXHCm(?$n~a`&v74eI#>56GfzL!B&mT!b0530(l{R6{N({Ov1VfONgR^RSqV&
z#lYV|ifV4-d4uV$nWC$eat`;^Sg+#M$LZO?e@tH?Bk7fgFep}SS3}+8xoJn^wxI@!
z9F5s78lJ&9ccOg>*C6<L?q_-$C8<8J1}y6^GN(q!ytYfzoP5|%x4Am?YjikeUHla3
z9>O`@w<GzyF4r>wvf9pqwH%_a`w{WWa_D6PZ4-BX>rcnBA1b(UiNqh}IJLW3kQxkd
zp6U1km=vY)iXb`E1DbJdW@!$$UDLw1YqLcOLMPY=n#~=;yx%s{_Ztyu6?oXEi?Fv>
z!DS#9i~~r*C|M*eSU@;!gO8vWGL?%RU`^mlM5$F7&L=CHS}x@@1r~>;&5vArix?S+
zq!?#VUXX9d90kVXE}_m}76}{pSAg2QnV<X}M!yl^E9mz_N+#k6$I&u~mZi1jLDrX_
z%(l^;7pF&lL32sp*~@^n5`T|P=k9oUn<)O(amMb1i|W#b%&x>xC`}#WtGd8wU3d8_
zgAyMBql;;@;&j*c8<6M07aU1l$%<TEIfCm73%d*+m12Z%BDsw45|S0cH8Z8=@$H->
zn5`7W?(*^lxKm4@YEUD-@D}Npn#b~h-86pPP-<vJP0ksK=u*D(rq7`8o=JKv8>ps8
z#1V;eff1KZy68X{(!~w7D;Rtkaf)>Fp#nJ(_v6`vu{(AIW9-Zp*-51&4rsID1Wki_
zr_4N9>&#s$4dtL!A|SQH$YreQ=%2qUvgCQ3Yp`|@$$|r^O6`!Uvj5@1R#dm`gLEpQ
z>E1+tu<qEgJ-g2DTI(&GK`cR>>f6cZ6zEK>C*~rJ`imM3`f2|Gw`k8(+iED{moLeH
zSt}1eNg^f_Bpds^98Yvcys{~<lX>6GuxU1}g7RJcM$i@iaiCmU!D$iq3QrD`XTqMR
zocP6J+~YT>GD;zV>Rd&H(=2Nyk7FMJoSys2AyBs}6?o9RWodYq2f<<;FLZfvakDb6
zN}PF+u8ZL8q~<a|aj9>K%$}9XOlzj(nU{F)jCGy3ayzy1$(>nU(=*!Nx%Sbjfo<AB
zzjUa&3sk<I0`iqO!*3|MHDp5Vu9m{DO!A&5GE+G)-zuAuoDsmaJy&>BoyoswZ{cOd
zvp4sCxp3GQ#EQNZ<4{<*OI4T7)|fUu6V@E-;u>zpuIku(O`TU@xWRQ<7kk@v#0XEm
zCx!JJY2G81pLjQ6M!fZ%Ya<iqRs;k-zkD3mNY#NdTO$)?^J2xJ5c}Samq2{Q+Rx-P
z+pgY#Q-e7Qu9d4Ew+~hA%Y2|6DdFNDCR~tNr8w*o@nI;%_cFanD?S>J3@!A1Aa?Ju
zv}qs%hS`d+j-x}H`XgcX6u%oK@&_725T7Xt-2BU2;ZP$%WwyDAe6$lFT)Mden$*S+
za^ErGmO;gxyx9Dt1F$+^!*YgkgJF{}CVPhy`NWnq>c)xrbz8!v<&n*UiK84C3Ef<=
zKP~o(fY3nFSh`XnM877Q*SD08WeWi89RivW@N#c^cjZVZgpykAQ&v9E<3wE(i})b+
zx4DOLgmDvmJb2GGlmfBr{;Lpqsleu{S~n`_TDnEY{nOrwJE%!pYXG#a^924PZ60`?
z>Ysvzec}%}z84`hfnfV8z_$K%7Y;(E_Dn=D);f_b=JR_>`Pds@UuV<o{6%jnt;Cfs
zXG2dZ#zj+e!*N0+`h{(Q^!hik4oO8Y(e6J#&8xoH4aisY9dSg3;ZPdiv^~O#{B_x-
zIB~N15@nDuCO>=CCOvYrr8$FBKQhr?2-4Ayyq!|+VZv%tJ{Ri*S2a#ZO7MqeQy#_-
z(3|?Ov40KZ41b-0{Pzgt|F|LjA2*;G{<>*G$HMT>8_*1Y*9`s&<p0Rr|MMe_MpZTI
zb!J$vEuGwER$hLIc`Qb<xFRylmPici*kDGOhJnTq(Y(66HXCoxV0baPVBn(?D0jAg
zwA*z5{vEd{h;A9KXO!aQ(Xx%?%%wX{lA$OZs0v(hOw63=Qr#k)gm(b$ATm_M$zZKc
z`^+sT9G+go%NAUx)rVWv?`1+Yid~!Ut?rFmncZMmQ;v_Ijbs2fyRd<*qH{fBF;^UK
zV=pd?b!B8H593=j>3Oc_8En_ia?O4TL~s#H(U~%nzbYF=(erVkwOH(G%$4yRs~o&{
z9(*^PL^NKOxOCH0arRKjvH?hVyXf<9lH5}6yJY>{GXd`OSWko3q<gwR-B<;&rFTqx
zvMm4-N#6=*U*!4l-%+6?SjT>e6d()|2rYY0>6nHlDH3s8r`szt*m}N0`yP24y9${1
z4q%OE`vb7cCMhW1iGZ($k=1lx<t;;jex=c9?8Um8Cnab^Z%m*zUJEilw<#u-GYt*@
zDITfXnZh|61|fxMD(zU{4l;up@@g>>tEf1guN^|8oS=<M^tPlOyy)7mMio=b9keW6
z5sgn0Aqy)=9OixBb9sk6LPCuRH}c^UvxOqr8z>o75M2k?*Ru<nPM-owf25|uH$9?h
z-bPtH&XG>cJd;3}4@}b=J#u&j;g(_Hq;F(4#}dC1CR1on{*A(nn@<VnxmKNPemfme
z#zWv%(>$9GkM?+S(*|oSEjufv##=i;DGP{T96J1*BUZg+Cq(<pl3Kxr_o9;;-FQV(
zSQQ^dl8fwDeAkvlvg#;GlZQ(A_(W+aIy<Jj+f0zM=BifVB@|IKlQeS@587T@+ZcV3
zU(vSe<E~uB)i8r7I|Ghd)^Q1SZZD+Y_81>T8k&*U{WjLG<G?Muf<2gCPfo(6awF?@
zgure)rdv!WvYO1%y%2S*WzlmPzjgJesRb~f_bdy<hHGg7dKX}^I>_P99cT4a9LzWe
zeC<CtCk{P(;n_sodXNL(k?ymmJHXPEM5%7B#>>c|h5nVy`i#ejNk23yEIwn$P>8M1
z57^WnDjILi^5xWm^350QSI?as{BzwIdX-s8_-)bD`P=2e!XPpGw1`}o6#XTMkyEXv
zf>ZP1r4__x;>&u{uicsTM0f3~a&vl)zKM}&=kV_ou|nI;q}qH=+eV`@1_hE7IT98N
zjr!2xhG>=p$h68P9c4pCA8y_+7Emhiy!Nzi=hhJdd%HpuC@&C!PYs05OE#_6_lVfq
zr(75|T)^EU4t^eW=uqkHLkz~Nk~KC`aUr0m&Xrc(7FC(Z%pb-^fk}%L=^HWUci>;U
z_GA53{cDoiAAg31`c+=LQ<yw)f5nd^_C<y6Ri6yf_JgPKa<Te>v^htEWjUxUcGKaK
zTO{8<7F@ekvwF1@ZL$%4vU}9(jcHS{is~|=QHi=(E^sBqtpGIAaO*l*@jsgT4ydS(
z@Bdh$5k(UH+7MxrD3%D@cUi^72B?U{22vF1eV5(@RufB<7DYg*i3Ct-DpFPij0h+Q
zhzLkoP!XgEgx=vl^WHAHtVGsu&hPKxyywimnYnZ4-p|}SZ|1&BKS)}~mlx_SA6Vy=
zkyB3mx<&7<!?z`8u60r*E6qy$)Wo~ZG_W^puvrA(laY5_Hi+6){}B5&nQXW(V(4N)
zjf%?M`xm!;U%y!U!JL=Wc+afw@=`MEB^tw)ohoQLWgm&tqcD^4N9Qy4^qSTGa(a(n
zg0zA74z>Oz+0OCL=<DVNxZYcS?(e@uRBX40h(t*(-{S6W^quCI|JiKZnth9o6YsGC
zHRS_07rmi<BeC(J{7%=rM^<0y=cWH8-O)mGU$Bh*ExYN_?pmqZ$GMMFL^x+;E9r)u
zTQ@VFFUgmXQ2f<**S^_TaoPRfs7ut{I~8(4?G5QxLz{+qR0@9O)qMNoUO5)?HW_%;
z2CFWK+bK>>#Ihs1emVZ;{_ZZy4~ZF1HNBO`IHjzYt5eo}Vy5ApQThL4rh#(^pUcR5
zPmU+bks<ZaeIyFHx&ONN6Wwu1CX;2UG%AKb24S>l7&3)~B&V|VlgNEDKXL0PNyts8
zWFlx&j!L6oc*Ky2G+xeh(DSh`J%vrNT*i=y2q*9qc&;3fMwl{VNYGCC#GY6Z&p`Mf
zRsT9dkTEncHe@a-kS$1hI%pA;@PDNRPa=Vx!DJ#HWeN@4aUjS8vSS#^&r}3vQoej_
zBTZp|5WavNB|K^nzQ8otz5JhP;i=XX$A~K|APfPbMHH$m2`~jjAo$OO@ZRQ3kq}gi
zK-*kWP#u~kT7-obR9J8zMgtHHA`})mB8bdD##8<?U&tT7(3+yKkU*peGM5_27bHC$
zv<NyR|E@&HCU+8z3%Nv`ELlztDiLn#s7vO)yqk!+WFb)wRU!(8M-8e(0E4H479oKS
z1s9SWinv6)96($=pls@pJ1JL$ggHcus3Z)J7DS6+dOBzk66R27AyHAtCCHIwNmMGJ
zZ0aC4DOZF9IfN_VzzL5Qgex#T9kd9Eb6l>Fxqu6fs!%9I42d#z#GUNO3Ry^$8`mH%
zEj$gH4q7Neq8wL)NL<7P$9aepph4uR<LzWz0o4d~kOz?!9B7+M3nD8pJsq@s8Qu~<
z;4O`cM`)Wm-cHJwFTh(0nSdd2seyb!(qOKfs;w|7EnkMW1Rma!WeH%NiUg$QKU4Ar
zcuOYBVMttBAXkv|bkHIs%5ilF&&69RSr$hm1Inh3w-nS-6F3Y<5fbB|4na`kl7ff|
zNKOYOLSh_>wjjP1A{hh{MV25(02T`gH+8(7j4M<jF%IDhn9_LEpc({_WjbgP66H`?
zA<A*_7Dz7+_^(9T)bVywt_X>72v-Q;tR$Bfgex#T9khHAt`LFdKpY{^aEKj8l$$!j
zQPD+p0S%&l0j^LW7r3;Hb7eYc`64@x2-Xo0t`Lc`6eugysiW<rToDrC#x;mb3r~Zl
zg%%+(j;ldr9@;{Sg$8^?B4z4$J1Jj;L^;S8Dr}oe4de@wo(5Xvz6@C)1<-fKk%0~o
z!IA8#<E<RT)lV!x$$crZaA_IWq3NJSNb89!Ed&&A2?Vk%1)dKlP91M2<%*CPhsX->
z2#H);5Ltog>7YeOl;h6Mcplz@SqKkghA?%!os=s=V%#{gaA_Gwmg%5HNR;Dp1;@i%
z)Q%&9PzO`BZYSl6kQj%^3Y1eWEr_hZ^mNc7B*vi{M1X5?+_{+wr4~1Jw4IDAv@fya
zz}(EEWgJ(ggBBq%j>{D)7i|e3&@eE}2y#<LTiPV+aWo+j4$&aU6)r72u1pIpLSh`3
zD_}7jor5T{IAG3Erw+E0GDS#$LzqIu5V({eJORn+phQT3<FbVNwv32FSt7*SsYzKP
zB)aif!li`AlIfsCNOa?}g!^&|$}NQ?2VNvj9cL%yiICWa;4E0z0g<2)iG@s|!t^xI
zg2xF7Z(O!;-;@z(=sP@u5bvfYV+&lm`hvAM5D}Y849XXfo)%(+g<9n02MpK^K?OvJ
z2gV8*A|YOtP0p7uz*-ss;QUAL%8>N55F;em66D~b3XLX*!2=~G;NUU>h{gn7u7Vs8
z)Ewqa<?SkbPdFaP+z!O!XIdLE?ChAbhDMIE=6a5LvJ4}8thIx_r5T6??+l`P!mnr9
zeJ+?ehz=!`%n_;JMKK9{L<=V?2i`@3r6S-i$PuAyhX-nj<_X;&&>ekCriq=bodW~;
zDuA7XwUMp0p8aRZ7ZT@@=@uCc5MiD~qtfJ{s}7)zf{X{ieQxHLbiu$<&&<lq5b1!C
zt)(8r<TH`v!L%zB^GRUQ2P`&zARP_ph5v74J21?E=-7jR_@5(J$QgtHWCetX1wzi_
zG>{My5E?m*9D$ejC5$#P(qq^Ypum5Q;*Vz<?)FSPHxBRT_h<TZj@qrPaA@l|;VyD4
z@9>Jf?dfG6nl}zLuS?D)M_Za4h<N0XS2zE_FRLH@@5YW_!k(t6B}nfg-NV0OW!wBf
z3gd7dh^@ZunrVM;dCr)dU(Q&`M&0{E!_8xvdrFe+i#yM}$W_%EQhct;?tfp@uMi*2
z@)~RJxX~dME<4)U+)!%WaZZCZQq})<$Wza2WY|2<gz55fcW;hD#-MM9!rEMOw$(xt
zT+&5@#V+*1C@CNLkvfZW8xwZ~MDG}_s?w<S(2#v@-O-!%`emI((WM+mw&j834wh_<
zM@D~3OLwqm=F$5jnF$_aj_%hy0!rfF{@`o!yz7N|a&9GMlb2eQYMa&a=XJ8}PT`q4
zOqN?$w1US#cRh7k0ybyNgJqYQc|Rkgx}CvXsO(mwlIKuYkh{hI?rtq9Cp(v}(P#ZB
zDO4#(DXF%GxXcmR0hKbpu427|CC&}WPo7Kmbv87NaC$pOZ$*b2u483ZNlK15pKwn~
zAL{RKyrrStPVTw0qV~0(9H%Q&hu-FDH<lVa)@7ZTR?*fM99+c;4S&0SySdfDprEAr
z7QyN{eRmbw+SAfFB`#LsHOYUejV&M5v>L9>%93BuI<TD3W<Ptm^vQ}pm6UI*?#W7g
zT9qHu61|Ky^t!*TErmKX^ll`MF1N|!o_WoJAF_U4cw*50Wf3)<afuaDncbq6HZ;=8
z!M3ao^C8zJ_g~&fUlhlDI!B?p^Ko>VCaJ~c$2H*=$(pP557k!`CI-yZ6g6B~=yPMM
z`pgRP$KplOZ2^m&^3SK$KjqjqFlckDSHF^;L7kVn`+@2#hPZXfN$q*5{wK9<QaZ{P
z{8n~K`Hb>UzT!T~Pb1DKZ}#bZ6p<I9lb;%3BU7h!Hp%dTRvmSvWVY6&TLG(M*UYon
zouhT>c7S2*nyVJ`$`{42(NSRs*viyvov~OFe>heBwU)od;rPRB^*SwY3vzrZTm79@
zsD(qk5v)>AX4S2Lg-2B8#zxMwFng#KbSpqQHgbi9S&mi^JHT4zwbsL=%NFa)55!06
z#8}5YOv=&C{xM!N_G~%6%9U7hIPvbLoteApm^m&DDdDnAIwOIpAe(qB!1wm|2|@i8
zt25miqDuk`><!}jdyNuH=S$AF7gsenRhYQwaoN@~XUC1tT#{$s2{p-`8EQh)&g1fA
zCSwucN${L%(ku0uj5Y8=ex*JOy~w;Oo5=u|S&S|4veY{9WboJ3UTO8Gcz=&Lwr?0T
zo0Jf?c44)QNn3#3165e1A6jM9jFd&zKg~#a!*JNO{Z39IdG4JxzqiU)9l*q#vaGA1
z&%U$h@tkVc2L&@h<-|7WSx$bZ(w;ovthS-<u2x;-<oAfP+K&39TGe(!wNz0!h{#Ba
zrk0-67EMh$sXZUP^qkZdOYMP_ZhU22tva_YYL-*UskEjC9Fh%HwOVztQ^`{f$&Oku
z2@85(k{xA-N`LypV_R9Q=&x~=_4Rly$^0SLO9Kh5oDq^`yY=P!D_B=X2=80;B3fEb
zC7WfDHrcSl6<g}b@)cgJ77g!0o%b;$Q(R+c#>OM2x3d0l>bvvD^W(p6Yi~5#w&CFQ
zy?+w?^A2q|cw=t_!8?z%q2$KiXhLY7{RV?WIoG|mU6tR;{R{bH@4la<*RJzheEG?W
zytfOCY@-O<jZWu%<G+7H#37{{UI(sjHxlt*@Avd~k;i5Kdu)!Wa!wXK6+8P5`FC<y
zEA4lgQ<ehUHGIXmlp4IcP5OM=?gqvscJSMi!LxaKVutDo7&K($#I0jyq#&22))q5T
zmRh&WNRb2=>ikqqSaA-={uN`BHFZ^LuykA0`82aPj39Qfaa+{YG_!?J=>!DK(l1Ud
zYjAVF23B8nS!K?ig36nm=Iz10ZW1arE)7m83bi`5$1+$!<}}Oq)_=CTNVmGx<+ggH
zceMBsa`kn@{0Pf(>70UlBxYGb^UaEi<`5I|?^g1g1DfQ2I%O$p=xvgFDbz#-vl0p+
z>{iqaAT3C@5b@6DSnir<Xdz+<OI4la;YP2-<AAM{SH`esE1bISgqg5|1AFB2Irn4V
zX|^>OZ7DQ{*P=N*Moj>ed8ioj$s!a(Ad3j2pnSvfwp4734fyaLw#6kN%|){)vAQ7N
zHB9tVtZL|5k$ZD=Z?8ptd!3t77x_v+L7`}PN3&hnK$c@>Ek~m4`k?Vf?M__WyY4~T
z^rm-JX_?^#8EGS(`K~QpH}@u5nUu8!DU7^s>+QO#B&IRuEMA{D%piGqxN~lmwrt{L
zcUC>^4_MP<Zc_37DK&i2W5=+b3ri7pwk(k;+=J1crCC>j$ibqCasY$@$^p0}qM$Ia
z&LFIwLC*s*Zi0OY4S;76UN#gvs+7^w#7Q)b;-RuZ(e1AFTeS?9%JcZL{F@c*46)3H
zEkzOm%eHt7+`ixOHGZzk4K;(|k^{q4nwqU$_Eb;f41(fK`VrR(%O0Qp#sgs=@T5Z<
zTZ9s=iHK)vaGy=bMyD>iY=~-g!BDC*;JDN>IFRl-@{`F25RwV-Hxq@wEj-~^87^YT
z9<Lg7x+eEb;#FAnf0GVC6c9Jx`6i1Y$w<A~Ks*55luyoK^HN<{SI8}7`=+-xms{>`
zY`k-IquA>aJ=;z7!_IXVE5jRN!dsJqwxn-n4?OLx2v5<_l~rIA`R}Z=abNYko)*$}
z{OBtGtj+7NPapR+{|0oX%Ed9($60+=MNXoD!y{zopzy=L4K=|BvJw1RT@dplAoAF%
z*Om?7+F?14(X+v9f@qyTKSl%P_!LIZpw_|iV4#}6fqe(0u!A*}Au~3;sTjwmkCk}M
ztA>$R=|kq)7d!RDWnMmV)h25nR<03?kM5d1W=~uB)yoUM!<*R-4PCu;m$$OIUD7h$
zSnSLYtHE1oH8oh@#-pbygQOTPZ+D~_WiYhp!Md!D?mvGawal7rgUpidCozQ(Ov~ne
z^9G<Pgb<`N17H2E<9?;dbH9|-E?_H&D!W@_yhVJ~CCL&!r%sWyoG)9fC?~`l9m!YG
zk;v96`5#prTxTQKZp!k4BNjo`N)b9LseCg&Vmq8cZHIbbL;%|%6&MlFb|_^d#z;=m
z0t?lHFHQevp}P3xagtt~*`T<$ew<k+a%~p(wnYqx(;piU_kWG=y)oDGkj25)tA!0k
zWnuI=YHp13{|&VM`CPs%oD<gePv67k?>ow^<6JhiHPO}j?wHnRy}c0h<W6a`_b&P#
zA0^N~FA49ZlC5&hv)-B>a=BY<+FNWxx{%a)68_mf)S~Idh1^mvJo1xCtUnR8iD2LA
zweo;9!*3PUqgGMs$5xSzOqLemxXg-M0Sk_(EGoNnI%&0@%#$N3gtALsNvrJyJ0()S
zK_|vGE-z_Axw%e^O<YdWrt)T;7`wQ_BrnMN*vMIB&u3UPolGL>$*3MtSzPw~bP~xx
zrr?OmIC;=y<B=E8chj@K^yGucUj}}!D^ZVG`SZYU2H`O&8Syp*S7$Bq<MsnRgITQ{
z*E%UyU&Fbcvix%+(X9m@eQg?!J@tdH>)IN0zQ;J=v_mV*x*Syh$T)s|qjqTAJnI+M
z_ObJ<@BU+&TYOvk!T$Q<vk?ZWClTvXPbOiW_5UnfRJTUV1J{!gNAfLZ0%<w6_|-Zd
z3sD-8-a=z=L-|eE?VKcW*lpNb*lom8%|gnRbq1YOS`4mVDc=q#pG^vaSGl~T(}<-S
z`LU&1Pu^BgcH-^)&KDK51$EyCfWxP!`W#$!Yw?|RPp*a3F}<SMr^R&3s$|Q9@Be6@
z?jZl@YNJ?w$?lRZ<>#8>Xj|e+qCC|-h=(#g+i#XOi-t1J?TJ{WJQ8r7bW^_4`UTT#
zPsGCre`Qf+Z)8Ns9BF^0+hz7KhnA}zvAB110}$M%fE&0VkXLm`ydD_7kV<IyLVFtY
zR&bET`3Jdv$1@wC3RJbo{jp@uCZzhhLr}f$S#22C1zw%NFh?wOwmMX<!>Dq3BgzG2
zF^4NSWR3(<j|EC59w9UNIuQ1#;A_u6F);beGeIq+`9Zod|5y-{-s&AW>P)NBZ7~S;
zz1SmXFLlgg`MHcMjq)dq%Y08%J4;j3?1@#b_w9+k@v<D}R=>!-?(Aq2_e%Stb8aYG
zRWw_!*csu0_feYf+l$|@<9T3&!HUxe#N-mb;kqfk&`m)B;cU|V1rPVf)*F56qc4N~
z6^aumzXDuOe<8fUl1K9MG2*K53dM2G>vd(FpmBcp1OY3972Tw>eysLB!u87@4PU*>
z`=cpfX71yv){#*&$$0rb>Gp7qqEM?4e^O#x?j>W%5xsP)A%#FX+o`9t(8O)eiaAHa
zD$RzBVs77OK4C_%O_N638UrKsUSL&9OkWrKM0jWhDfug}^cgfV6JH_;WdwDOrUsP*
zTbZB(^k>0PB~I1IT}X2Kg9;cW)#yFW9f$zyA(}w_5<&GV57jRlu71VX0Y4Bz?<ec?
zHjb^Im2PvH-xth7q&I)_V%2khDs9NSLEJw_H_sdda$ERJifQlU6|%6qcTH{JtaKBo
zUmnAE)9&3%uW3_=3ty?AW+EO7J{6mJ!!A7FjaEptS&30h@{PzL#WRXArB%&!*K7_s
z-|f8q`nr*%jC`fpi(JLJ>z!bXY>HtIbx5#>%e=uT<|>w4|Ab39v6npX<n{98SAc7y
zt7ZTQ5&Px=kglQ<(;O{2=BsfL;G1B^tDAtuNOb^>%Q|PwfP`)R%3B(+Y9<iU0i=nK
zYy4<fJ=RCuz`Cqj*DRH*7_GM}Up+=;1s$`sFy4T?a+$mF*6yZVjgAc>XPNTH?p=SE
zOB-rttGitoe6w+(Re%lWtyc8>&7D0@Mr+OowWPl5wzVH#d6o-AxtV%$TF!Ut8vCgW
zl>NCX1P9h-?FPWK_MMT%r<3k4UIIGqbnOk`=)OY|{J6x!kkn6NNGNaC-@G5-5~vh*
zIP^N`{QbrLO2kjp$HlqMGxI$~Z~T$aaPY~+wDKQ3`ztQ(P&2kD%)ty<XXyR2J|YqS
zIMF+XV9;BAyYdRPUoXA2T<M1)xuYwh^i?$ce)er$7B_ss>{63|OSuVq@b{w<R&vc6
zd(F6VqKl6#eh9F6K9KYLge%fL-}PgaMlP)9nJhm=0h8r!-F5KX{`&psLIs?Xk6A$`
znEOHXF<%V0q7e-HQu$~<T=Wo_;KxlDWZ8o^!E;R)fK;GdY<;OTWJ;+t;CBMW3{1%h
zlu2~QM9s9v-)&}O`Ta(DtHT;|8%w_VP1Eo;#m@DZ&%0ELotDf$#43_*FfCN`l}U2P
zP+v>&J^I;#6B(8+$D*wQ<MN~<JJL;o_&B}L(1|MUV9xj1;7gHMHJ1G9`ah=i`?HWN
zThLGXo#mi&z8j;!@Vgn}q5f#@1t>c3SbxI!PjO!Q(G!e6EDg{Hsap(tt=J2xn`fa3
zH!IciYJ{+?ytEDs%f)P{RDfDujUO!<iIjKl*SwbX?LBq8)M>X$a|fFo<=HR%)|a<z
zdt8?gXM0DsqT4xRb;Vu1Wbumb{-=?F@B5xyZwT~Ts_f24w!{Pn*avAI&7}8K2d>G2
zj7nSS1I@op9!^<^4O8bt<#OhuRxenbul=Sy+jNyPDtD&&@=&Zy)#Pu==b_UpG>LQN
zUIFs)3rS$@%hv|ti-82hgynN5Fnfy1_Nn?zfnZ710XvIpVxuU309~G==ltoF)Y+WY
zoA4skHzjPJu|vfx%da{6j0ZDZ#zv3GQ!5sDX6G6Q8!L8Owj82isWt8Nnh;KFS}Vt+
zPp_}dHd9i)y=CXn`6rzcYJIok3-<Uoam;nYSGOju@b*bsfwHR1SPt4j_OS)lhk!pY
znY~dDo(HN>U<wS?gaSB$Tb%{aZ9)7pW`J^F$__3zeF&~_;;!_9z*D(k9J~2e7w=ON
z>3{7yPmuEPsJs~(Q}o_YtJ|{BPW-H0-;p3D-O-{jC2XZe8!^%~{8(aK6!_#PHaJQ3
z4xwjGRr%VpYo)I2;6khW@r7Im!45bGT=z#O|CYKW?{D9cpVr3uFD}blVNvguWSgT!
z`x3i;&8)IZGc2B*gbu=Pp08kl_zL_s^F+6UyBNzurHPBNz+C_i0^%zW%bt5Bk$A-M
z>8YycZ@p%FEnY2p{GzJn(O~m8F)_5t=-sOmAG2zTT(i5HcJ<`uYKWz^j8M~p{k(It
zo1)IKT)M_GHdp-f`gH@x!|8;bOM2DVo%qt{#=A;&pS-aQbGl{uM{sOK``vU?>!^j6
zK*!#2=l90`^SKCa=c>v3K!bS0C(RSY{D%wGQQ3uNz#R4r%>tueqW=!sth}s}Pgt&q
z$-}Ml(=Nq$C3?`;yln@)Sp9d<WWW28Hf~^}5TL?F^mRc09osp9_EV&>U+^-~!lj-~
zEk70Az%l~WG{R0)_6D|=`YMbLxek?b+D39)M><Vw>gisr%3;N5JG&&Y*1))C<DLIp
zaw#_NQFm$I?Cryp;35wz7e$^vCkbc?g88Ix6+rF2j1th>njs&cG$(4|wA;S<(~t;k
zynpi;>(kre<klAoXS*6Fphh)A`=BW;P#?Faz^z4H39g^c?@El<@iAf0Rs_xP{4p?z
zet2_GPh4NQp)V;$>|oJ}lqUT=vlzRsb#7Px)_hw#yy<alS9*A8nMbv2$ZmX9Kel$*
z;`+#)NAH8nUg*Aj^LAgAtY^B7hN8RH@U_yb_ijOVv*QGJzROJE&399AsZ{*n<P!M=
zPGHa9!YRhgR=nUyexP*j_^kh0i_dEQoLFY;1agx>qJfE@?0z^J06x-4P+0VMjUPO5
zAVekZbwQffyMt7#b?<J{w$6J}J*xOO&Eu3uSX$<N>cD$;UHTJ~mA*zMhS(NyrQv`!
zE0=50R^|13J8pj$qi&MFLZa1xq$-Y8%(a~Z%)FI8KJ^QH(AAmNtIG3zZMlZ73+-1R
zG~jW7n1ygovONp25)|UOIzrmHpycg<Kq8#j0*O$VLjDGw)zzA4;6OLDzV6Y5{*kjY
zYoEO%gR%CAS6aW8s2&)q?_zLHFDs^5ADDVdSFJ)EybF2>E#jLQTgu4|tCX#-TsU_p
z$n%6{nq?`a;vUv59r#QOn+(c%ww~|NXn+~+UX{N;&o92+_z+PVt5^G97w1Ksjo8v<
z`kHIt>B(U4!Re;>3}Aw%EM$UxF|hNG*}opg3gK38V9B!1Yo1VnuFVImSauXL0nqSC
zbMaWXsIMK(#hXxSQb%1awaBHi+0tEIP5Qh?Bz>qS@4{hYY^hV`vG7v6#k#t&Ma|_V
zWrZz?%eWJcNl%3*=xA<ucHp(d!S~tMJ595SHQjslQQM<2mVN^NVI9umSa|yKY^^Tv
z;JUJ)auY0AiMUTcu^u29xZyvkkif@87YZi6%0rg+z}$uuy^z$<Q=tM3M{x55%Mb}g
z$Gr68TmT^xJVNyCU|B4^j+}R&zS+tlnQpPRt8i(Lrh?4V!QF~wYJ2dk?snZ|YV8=K
zC!1j!+`MB+ey8a<M^9&QN<+-c_<f8KfBZaTm9YTIv7>}Pd{Zf^?Emq4-vtY@E`1=|
zR25iVmDYDf<u}M{xxBExYXY1_t`!E>3uJ-OfwhBhdDRmtfezI1e4TNlW6>v<VZiDW
zTx;WBhJiL6C<)}J;W;!r8lclaSO!&rJq~q|9~N~w2h6sJn)Q4=Xjx2+J55+nX0<{=
z`)+SS{OJSK(zyZ2(fj^x?YVvMpZ;pgXYXw4Vl6sSJ2djN5=JbaHg>x03&v`D*Rx9X
z8uQgn^0sE}&pfgNd22hEEiQgo68JsKEKH%nH4&cCWmMiuPg$oT9zxu;D^Odp7tRAF
zEX)228tMD@j&nh%#VAjG*l}L95IOhng<M^h{lQ=Q7&&FyA4-g2UTzpn`l0Ez_}&ss
z7Fc*Rf5s%}uT7j?EB{`>irJgy6zDPQ$qsVh9JcdF!@2gr0zd5GfafoY3}V(_s4>6D
z3VD^eAmNykYY0coc1eR*z2w@SUv*Bg3vGSv2Da_fi@&XNMskVkp~n4xD*q}e>Pl)X
z{!{s!<SN(Y-MB`*XIWR2C3%1Qp8mMD;o{=1$5&n6K9#pMmZa?vJ0&@D%WT(m-9I<}
z`7C0q@60V1PAn*!|C_i^8TzI?8I`}G2S6#odL(ZF;p+`R8az&2fIu++5a7h{%q4K@
zTXx-gf>NN%B)|}XE4ky+WzJjM1WV{Z&$#c)krmxZUYYX&wOhz9{!IrKv%h*981>#d
ztGZ;kB=QC`)9?1iYSN8mOa+OR3zr!UujIroq-~)%519=)J2dx1b4Esc+XAy9s>IH*
zs@v%-cFkb_5H>tRzCB&%uh)h}mDs!^vM*wH1mqsYYSH6UO0mb<+f2mbW!qEQO?<<#
z0Rz7}rL?Cco|9^0C`d`gTd3<M<QqCjD$t+yHPx;2N$Kv9$s7wG>1_a3VB)>d1TUsu
zXOpNyQb}|UYvgV%i#_&^nVG(-?*xmL=8`#*+mMMJvthF<+A>EvtsT-&^tE1XIb*a@
zvtg);9{wnWrJWPU*cr8ZX}<cx?vfU<6sPbMr*buWRwjF7;GYY+x{@_5<*aJ=;k%ix
zsTqS!)E3`b=S>FtkH?9zW#~(5yD1kq?|akoTPgxrmhB7MUv@=Bt3B;L&U)@aKM@i7
zwC10+tSejkZCz5rw+s*1dYle#cO2?C8f3*DtnWWQknJvip|<_8dP3{D{C7KEysH?f
z%NgkpVlYR|Myk7KXt5j`pSxdwX4~hPQ!>|Z*iGkXt;hY^YK3ac8jc5j==^flrFTPY
zR{x#!AzQXCOVaJJe)!Tj?PQv=cCJ`QzeAP!9n~DE8|Q+ZJkAVux~7a7C6APJt!(#=
zPcCY|rw~GqX%A;vx|h@!yf5xtn>aWUIlR`+W&@K^Q){KRu-k7zeY;cF;^B_oLGu%R
z9XdzVt8jmn?h6;Er?<DqW1YgC+M}J^hregvA4qjo7)eO-|NGo|8OL6=%-(CmYBpBy
zj=f-w4h$)bjkZ?VeS7KM-_eWRQY*YOH}ry?Fs0`sJ09J;GIsO`i5_xA_Xpa>eWM#G
zRgNiJ1}<LR(ly*gt8z?FyO-uRI15)bYPq?#ceH|)>@fV;gY7;zBg{&QwJk1rRbbxB
z*sv2P8s2AAb23=YDK&kJkvmdtMIlwAj!8`&(rxelI;2LAW@ac1FI}ak&l+m$9c)Tz
zZfoj$-!(KaD5kJ`4|8<5_vM?+l=j}a2|W(4-ri4^fAcz`!{&rbV$o=zq5Fy$E4RbW
zW5eMT_rWFq45cKD)|HOUB+SjYBN(2E#M_dqjYd5>AcDjk0yp&dAQET?q~O*?aD!U_
z!42-E12?!w4cy?yuLB}TG!bxvds)E^El!3zI6(?6PDYE9(c<8&GV&W*966?cKm<7>
z4{m5J;N&iRgo4&WL2IF)#gUW1;5W25asu{%2o*g-Kt+p#QyH*0a^ex((AGiV2P6}1
zor)Gmj+Pw|LC$r78``WKS{y_?fd#<sMdXGSmqUw#6DTkfIky3BXtT(91&~6E)6nAJ
zoFeihS{!W4LsDpQbYt`Z@YQ;hd_36U34g}pP(tuv7bu!W>jIk)xoNaEJPxgH{B!p(
z2?JSu2zc{<`28w84(%oH16GL0eH?=e-6aU=rID%Q;U4jL$OK+5#y1qA9Qpi)LidBJ
zcEPxB(_1v&UzE7EXXf{IdkI!+Lmi_+aeh0b=bGm$E#A2Q+q%J8C(%0wE6KPAcchrL
z^xYE6Yf>b1Z+?5L`jWzFU;4s5TZ7c%H|m~zeEqbHl2XJ9(c!({lgyo^191I&jvd3N
z&OB?jnb6?5!|1E;&b?XN=~*54wq)77kZtURsu#b}xU}cu62&?5gQ9+Byk65(kZjdm
z!trgl;?!)N*)LyNqoI1xrS84x{p|y-3;z0<bnwz`iP@X~Jmk2<Tq@*faKW?CWh~i?
zCE4A3)`^q0sVSA<9+^^<?eON`d5v8-X|ukzr9StE-!2=3{(jkWX2N-ojv2+X^1s{j
z{ovP!!e+fAVPDKX5JY*fvr?aNVavgs<zh`qVXM>XuYbLA)^2jYmNqkBTSiMirzn?Q
z(ru?(W!BzjH`acWs<Nq1xx#dBS$g<f$HTKL)7Z>gKXG0gZ({g%9cgvEsHxA<>07!2
zPjLj{`>M5fnz7OoZO#)MZtpCdvwu;_!m|p^mm4#q`f?Z#nN<r`8VnuOS~7=Lyi+pu
z=AiRFuh8!$mnvNOsiY~=i8Fd{tVWbG@Ab&#=Ut-1Vt$uK?+OAG9_(!YAO>iZqW?=_
zMx>HodZ9={IVF+CzZHT9dvPaHt;A&5i(n5r=-azk8=+tF#fxC~=~;n<5>W)ZUC+)4
zK7+yTGO~0uvNto(liAL+G!(%qG7Ol8W(*SyR>O?34Qw_a&-f5B6_1D5z*85LPygB?
z`QsK3nOPax$sAx>=`p6-9E2btngd<^L<gtZ7{oat8l!#O*bb(Ht(lSSRGSjS&VOYi
z_2Z^cHVQFl0^Ne5Z6|^SGy_2Z-B2+zw8Lm4@Qy)X6dY{;g${u849E=}y?`lj+6~^2
zu)g4iOcNMXbq-*TVm^q;$C!!=$qqexJ#ZdC1dB9{L1!SWs*$~(A@~J@&M+S;;0e3D
zya*PNR`4GT6kyOCI!nP68Kls;3Z}qUs8OnsCutys)(U?E=U4FP>;>Au{%p%MIA~;#
z(Z*nZ-l>Ga?zRH_*v`H007?T+TOda`n3hc2gVuTmMi{jHokqrb4wm)@l(%Ehxe?U%
zfoLS!3%~qqGq49|Hh?~2u*%FsOcCr(j5e32*dv-+82AlsDm*=cVK`V?9{s2?Bv|9;
zD?`WZGj$<x{61e7I=Y{!3kgy6`MS9B^O?$!m>Qq2j4OVhsSF7&Fonvd)J^2<?B^@v
zs={X|L(V}>p)ypVK2w>qt&y<^4#+c21ULQ<Lm`uaJ{n`tJR(gFn$7SZhB2N;gZ3_8
z9tnpd043qe0|}^96Y>x{i9e4(g?8zLJURH`P`*46O$46E<IBU5Y4Dg5e;$zxna-a_
zmZMJW2aZUECNuwY6rA956mTR<;5opy33<RSg!VjteR4#IZv1%^JhUnK^W;d-{^rXg
z;Rw)B=F7u@Q&bb{1MLz8crQnRF3p6pRA~6~<$=+Fz7l^Pkpwk>KMzlUD#o7&0-H=6
zBRm-#`VxFjfEGL%FnZ#1R1$RN_}d^;2m<v{DFSkUr{SO%#9x+5fgjA}&!Z6_hVkVA
zK0}|0FAon61x~CF90r4*aGCI&piGi*Faq1e=Kx~_@+i=cn^2$JCupV#)JMP}&KF-<
z0*(N&enK7)a)CTDoWl5?BjHE_G6aqvLZ6rKIRXxxixbGB3APJ#VWPYc@B|3v{Pp39
z(C40zC#Vacq=2ju@KoqHPbf=+XSn$D2sr5MPsjrjBalZF7+(Sid^NGZBpex<4ioC5
z2<R#S9C8!rFF0i=P!<G870d%iLMOHX$eY+-Knt7`_-P@M1Z14>2}~q_;6DO90AZyk
z_Ll&{ZVBX(Kmh6q?UHa50bT)Z6O=!o<^p^nk>P3!e?LeR0Zb%-@SFmC0Y?ZY@`XSa
zoM*t9a6vf$2crde03tpM_KhlllLYc7`U|EWfqsx_f^q=FWg@;1C<FoB2Ph;s9u#oc
zb0V)mC`<vqP+**o2|T6H@B-~pae_KX#lvMG{_&s^1>2yK1u&aHr3&gQuuTQVNDc>%
zgHLEfjsTax_}T>`DbNoPSy*5m1kVZZ1stdrz#)()&@Pb%Lhem$mqr$#8N^nDU+v<j
zk4F7i7wm2I%q)Tb20f00X0AqvfrUN5WZGi@2f#8Jb~nSAi2);n{2$oy@?hZQ6e-)b
zZℜX^KkZZDh)JAgzRLfT|seO55p}&p(2g{C4(ww)Ti!2SVc!2qJ6ND5@!m{6Cj_
Bn05dF
diff --git a/docs/simplesamlphp-sp.html b/docs/simplesamlphp-sp.html
deleted file mode 100644
index abb73461f..000000000
--- a/docs/simplesamlphp-sp.html
+++ /dev/null
@@ -1,154 +0,0 @@
-<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
-<html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>Using simpleSAMLphp as a Service Provider</title><link rel="stylesheet" href="html.css" type="text/css" /><meta name="generator" content="DocBook XSL Stylesheets V1.69.1" /></head><body><div class="article" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title"><a id="id721993"></a>Using simpleSAMLphp as a Service Provider</h2></div><div><div class="author"><h3 class="author"><span class="firstname">Andreas Ã…kre</span> <span class="surname">Solberg</span></h3><code class="email"><<a href="mailto:andreas.solberg@uninett.no">andreas.solberg@uninett.no</a>></code></div></div><div><p class="pubdate">Sun Oct 21 13:50:29 2007</p></div></div><hr /></div><div class="toc"><p><b>Table of Contents</b></p><dl><dt><span class="section"><a href="#id856631">Introduction</a></span></dt><dt><span class="section"><a href="#id856645">Configuring metadata for SAML 2.0 SP</a></span></dt><dd><dl><dt><span class="section"><a href="#id856660">Configuring SAML 2.0 SP Hosted metadata</a></span></dt><dt><span class="section"><a href="#id856786">Configuring SAML 2.0 IdP Remote metadata</a></span></dt><dt><span class="section"><a href="#id856919">Setting the default SAML 2.0 IdP</a></span></dt><dt><span class="section"><a href="#id856961">Using the SAML 2.0 IdP Discovery Service</a></span></dt></dl></dd><dt><span class="section"><a href="#id856988">Configuring metadata for Shibboleth 1.3 SP</a></span></dt><dd><dl><dt><span class="section"><a href="#id857004">Configuring Shibboleth 1.3 SP Hosted metadata</a></span></dt><dt><span class="section"><a href="#id857059">Configuring Shibboleth 1.3 IdP Remote metadata</a></span></dt></dl></dd><dt><span class="section"><a href="#id857142">Exchange metadata with the IdP</a></span></dt><dd><dl><dt><span class="section"><a href="#id857155">Automatically generation of SP metadata for SAML 2.0</a></span></dt></dl></dd><dt><span class="section"><a href="#id857220">Test the SAML 2.0 SP examples</a></span></dt><dt><span class="section"><a href="#id857271">Integrating authentication with your own application</a></span></dt><dt><span class="section"><a href="#id857386">Support</a></span></dt></dl></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856631"></a>Introduction</h2></div></div></div><p>simpleSAMLphp can run as both a SAML 2.0 Service Provider and as a
- Shibboleth 1.3 Service Provider. The configuration and metadata would be
- somewhat different, therefore there are separate chapter for the two,
- although the configuration is similar.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856645"></a>Configuring metadata for SAML 2.0 SP</h2></div></div></div><p>When you are setting up a SAML 2.0 SP, you would need to configure
- two metadata files. saml20-sp-hosted.php and saml20-idp-remote.php.
- saml20-sp-hosted.php represent the SAML entity of the service provider
- itself, while the saml20-idp-remote.php configuration lists all the
- trusted SAML 2.0 IdP and how to connect to them.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856660"></a>Configuring SAML 2.0 SP Hosted metadata</h3></div></div></div><p>You need to know at least two variables to be able to setup this
- metadata. You need to know the hostname of the server you are using, and
- you need to set an entity ID for this server. Talk to the people running
- the IdP of what entity ID you should use.</p><div class="note" style="margin-left: 0.5in; margin-right: 0.5in;"><h3 class="title">Note</h3><p>Feide has special rules for setting entity IDs, so if you want
- to connect to Feide, contact them and ask what entity ID you should
- use.</p></div><p>Here is an example of the metadata file:</p><pre class="programlisting">$metadata = array(
-
- /*
- * Example of a hosted SP
- */
- 'entityid' => array(
- 'host' => 'hostname',
- 'spNameQualifier' => 'entityid',
- 'NameIDFormat' => 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient',
- 'ForceAuthn' => 'false'
- )
-
-);</pre><p>Here are the description of the possible fields:</p><div class="glosslist"><dl><dt>index (the index of the array)</dt><dd><p>The entity ID of the hosted SP entity.</p></dd><dt>spNameQualifier</dt><dd><p>The name qualifier of the SP. If this is not important to
- you, you can set it to be identical with the entity ID
- above.</p></dd><dt>host</dt><dd><p>The hostname of the server running this SAML 2.0 SP. This
- option allows simpleSAMLphp to automatically discover which SP
- metadata to use, when it runs multiple virtual hosts.</p></dd><dt>NameIDFormat</dt><dd><p>The NameIDFormat in the request. If you don't know what this
- is, or don't need it to be anything specific, leave it with the
- default configuration.</p></dd><dt>ForceAuthn</dt><dd><p>Force authentication is a parameter that allows you to force
- re-authenticatino of users even if the user contains a SSO session
- at the IdP.</p></dd></dl></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856786"></a>Configuring SAML 2.0 IdP Remote metadata</h3></div></div></div><p>This metadata file lists all the IdPs that you trust.</p><pre class="programlisting"> /*
- * Example simpleSAMLphp SAML 2.0 IdP
- */
- 'idp.example.org' => array(
- 'name' => 'Test',
- 'description' => 'Description of this example entry',
- 'SingleSignOnService' => 'https://idp.example.org/simplesaml/saml2/idp/SSOService.php',
- 'SingleLogoutService' => 'https://idp.example.org/simplesaml/saml2/idp/LogoutService.php',
- 'certFingerprint' => '3fa158e8abfd4b5203315b08c0b791b6ee4715f6',
- 'base64attributes' => true
- ),</pre><div class="glosslist"><dl><dt>index (the index of the array)</dt><dd><p>The entity ID of this SAML 2.0 IdP entity.</p></dd><dt>name</dt><dd><p>Set the name of this identity provider. Will just be used in
- the UI of the discovery service, so set it to whatever you
- want.</p></dd><dt>description</dt><dd><p>Set the description of this identity provider. Will just be
- used in the UI of the discovery service, so set it to whatever you
- want.</p></dd><dt>SingleSignOnService</dt><dd><p>Contact the IdP to get the endpoint URL of this service.
- This is the URL which the user is redirected with the AuthnRequest
- using HTTP-REDIRECT.</p></dd><dt>SingleLogoutService</dt><dd><p>Contact the IdP to get the endpoint URL of this service.
- This is the URL which the user is redirected with the
- LogoutRequest using HTTP-REDIRECT.</p></dd><dt>certFingerprint</dt><dd><p>The md5sum of the certificate used by the IdP. If you don't
- know how to compute this, you can leave it as it is, and then
- you'll get an error message the first time you try to login. In
- this error message you are told what is the fingerprint of the IdP
- certiciate, so you can copy and use that.</p></dd><dt>base64encode</dt><dd><p>Is the IdP base64 encoding all the attributes?
- Base64encoding should be avoided but makes it much easier to send
- data in different formats and characterencodings, so you can leave
- it on when you test. If you are using simpleSAMLphp at the IdP,
- remember to set the parameter in the metadata at the IdP to be the
- same.</p></dd></dl></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856919"></a>Setting the default SAML 2.0 IdP</h3></div></div></div><p>In the global configuration (<code class="filename">config.php</code>)
- there is a parameter to set the default IdP to use. Alternatively you
- can specify which IdP to use in a parameter to the initSSO.php script
- when you initiate logon in your application.</p><p>Here is an example from <code class="filename">config.php</code>:</p><pre class="programlisting"> 'default-saml20-idp' => 'sam.feide.no',</pre><p>The configuration above will use the IdP configured in IdP Remote
- metadata with entity ID equal to <code class="literal">sam.feide.no</code>.</p></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id856961"></a>Using the SAML 2.0 IdP Discovery Service</h3></div></div></div><p>If you want end users to be able to select one of all the
- specified entries in IdP remote metadata, you can set the default IdP to
- be null, then simpleSAMLphp will initiate the builtin IdP discovery
- service to let the user select IdP. Here is the neccessary configuration
- from <code class="filename">config.php</code>:</p><pre class="programlisting"> 'default-saml20-idp' => null,</pre></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id856988"></a>Configuring metadata for Shibboleth 1.3 SP</h2></div></div></div><p>When you are setting up a Shibboleth 1.3 SP, you need to configure
- two metadata files. shib13-sp-hosted.php and shib13-idp-remote.php.
- shib13-sp-hosted.php represents the SAML entity of the service provider
- itself, while the shib13-idp-remote.php metadata lists all the trusted
- SAML 2.0 IdPs and contains information on how to connect to them.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id857004"></a>Configuring Shibboleth 1.3 SP Hosted metadata</h3></div></div></div><p>In the hosted metadata (shib13-sp-hosted.php) you will need to
- configure two parameters, the entity ID and the hostname of the server
- running this SP.</p><pre class="programlisting"> /*
- * Example of hosted Shibboleth 1.3 SP.
- */
- 'sp1entityid' => array(
- 'host' => 'sp.example.org'
- )</pre><div class="glosslist"><dl><dt>index (the index of the array)</dt><dd><p>The entity ID of the hosted SP entity.</p></dd><dt>host</dt><dd><p>The hostname of the server running this Shibboleth 1.3 SP.
- This option allows simpleSAMLphp to automatically discover which
- SP metadata to use, when it runs multiple virtual hosts.</p></dd></dl></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id857059"></a>Configuring Shibboleth 1.3 IdP Remote metadata</h3></div></div></div><p>Here (shib13-idp-remote.php) you configure which IdPs that you
- trust.</p><pre class="programlisting"> 'urn:mace:switch.ch:aaitest:dukono.switch.ch' => array(
- 'SingleSignOnUrl' => 'https://dukono.switch.ch/shibboleth-idp/SSO',
- 'certFingerprint' => 'c7279a9f28f11380509e075441e3dc55fb9ab864'
- ),</pre><div class="glosslist"><dl><dt>index (the index of the array)</dt><dd><p>The entity ID of this Shibboleth 1.3 IdP entity. In this
- example the entity ID is set to
- <code class="literal">urn:mace:switch.ch:aaitest:dukono.switch.ch</code>.</p></dd><dt>SingleSignOnUrl</dt><dd><p>Contact the IdP to get the endpoint URL of this service.
- This is the URL which the user is redirected with the request for
- authentication.</p></dd><dt>certFingerprint</dt><dd><p>The md5sum of the certificate used by the IdP. If you don't
- know how to compute this, you can leave it as it is, and then
- you'll get an error message the first time you try to login. In
- this error message you are told what is the fingerprint of the IdP
- certiciate, so you can copy and use that.</p></dd></dl></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857142"></a>Exchange metadata with the IdP</h2></div></div></div><p>Before you can run the test examples, you need the people running
- the IdP to load the metadata for your SP. If you run Shibboleth 1.3 SP,
- you will need to manually create metadata for your SP and send to the IdP,
- if you use SAML 2.0, metadata can be generated automatically.</p><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h3 class="title"><a id="id857155"></a>Automatically generation of SP metadata for SAML 2.0</h3></div></div></div><p>On the installation page there is a link named "Look at your SAML
- 2.0 SP metadata". Click there to look at the metadata for your SP. Send
- this metadata document to the IdP and ask them to load it.</p><div class="screenshot"><div class="mediaobject"><img src="resources/simplesamlphp-sp/saml2metadata.png" /></div></div><p>If you are connected to Feide, and put one of Feides entity IDs as
- default IdP, you will see an additional section on this page:</p><div class="screenshot"><div class="mediaobject"><img src="resources/simplesamlphp-sp/saml2metadata-feide.png" /></div></div><p>Enter your email address and click the button to send the metadata
- to Feide. Remeber to get in contact with Feide to discuss your new
- service, and how you can be connected to Feides test environment.</p></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857220"></a>Test the SAML 2.0 SP examples</h2></div></div></div><p>When you have installed simpleSAMLphp, configured apache, and setup
- metadata and exchanged metadata with the IdP you are ready to test the
- example service that is included in the simpleSAMLphp installation.</p><p>On the installation page of simpleSAMLphp as you remember from the
- installation guide, there is a link to a Shibboleth 1.3 and SAML 2.0
- example. When you click on that example, you should be automatically
- redirected to the IdP. Then login as usual, and you should get back to a
- status page with .</p><p>You should be redirected to the IdP. Login, and you should be sent
- back and shown all the attributes sent form the IdP.</p><div class="figure"><a id="id857246"></a><p class="title"><b>Figure 1. Screenshot of the status page after an user have succesfully
- authenticated</b></p><div class="screenshot"><div class="mediaobject"><img src="resources/simplesamlphp-sp/screenshot-example.png" alt="Screenshot of the status page after an user have succesfully authenticated" /></div></div></div></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857271"></a>Integrating authentication with your own application</h2></div></div></div><p>You will need to hook some code into your application executed for
- every protected HTTP request. The flow in that code goes like:</p><div class="itemizedlist"><ul type="disc"><li><p>Check whether the user is authenticated or not.</p></li><li><p>If the user is not authenticated, and it should be, then
- redirect the user to the initSSO.php script with the appropriate
- parameters. In particular the RelayState that tells the URL to return
- to after login.</p></li><li><p>If the user is authenticated then your done, map to your own
- user database if neccessary, and access the attributes from the
- session object as you like.</p></li></ul></div><p>Here are some example code from the included example that you can
- reuse:</p><p>We start off with including a common file _include.php. All this
- file is doing is adding simpleSAMLphp to the classpath. If you want you
- can do this in php.ini instead. Or you can include all the content of
- _include.php in the application it self.</p><pre class="programlisting">require_once('../_include.php');</pre><p>Including class specifications. This is for SAML 2.0, for shibboleth
- look at the shibboleth example in
- <code class="filename">www/example-simple/shib13-example.php</code>.</p><pre class="programlisting">require_once('SimpleSAML/Utilities.php');
-require_once('SimpleSAML/Session.php');
-require_once('SimpleSAML/XML/MetaDataStore.php');
-require_once('SimpleSAML/XML/SAML20/AuthnRequest.php');
-require_once('SimpleSAML/XML/SAML20/AuthnResponse.php');
-require_once('SimpleSAML/Bindings/SAML20/HTTPRedirect.php');
-require_once('SimpleSAML/Bindings/SAML20/HTTPPost.php');
-require_once('SimpleSAML/XHTML/Template.php');
-</pre><p>Then enable using PHP Sessions, and load configuration and metadata
- with simpleSAMLphp. You can copy this lines into your application without
- changes:</p><pre class="programlisting">session_start();
-
-/* Load simpleSAMLphp, configuration and metadata */
-$config = SimpleSAML_Configuration::getInstance();
-$metadata = new SimpleSAML_XML_MetaDataStore($config);
-$session = SimpleSAML_Session::getInstance();
-</pre><p>Then at last, you check whether the session is valid. If it is not,
- redirect to the initSSO.php script adding the current URL as a RelayState
- parameter. If you are authenticated, then retrieve all the attributes from
- the session object. You may want to look closer at the attributes array,
- so why don't you print_r it out right away to get the structure...</p><pre class="programlisting">/* Check if valid local session exists.. */
-if (!isset($session) || !$session->isValid() ) {
- header('Location: /' . $config->getValue('baseurlpath') . 'saml2/sp/initSSO.php?RelayState=' . urlencode(SimpleSAML_Utilities::selfURL()));
- exit(0);
-}
-
-$attributes = $session->getAttributes();
-print_r($attributes);
-</pre></div><div class="section" lang="en" xml:lang="en"><div class="titlepage"><div><div><h2 class="title" style="clear: both"><a id="id857386"></a>Support</h2></div></div></div><p>If you have problems to get this work, or want to discuss
- simpleSAMLphp with other users of the software you are lucky! Around
- simpleSAMLphp there is a great Open source community, and you are welcome
- to join! Both for asking question, answer other questions, request
- improvements or contribute with code or plugins of your own.</p><p>Visit the project page of simpleSAMLphp at: <a href="http://code.google.com/p/simplesamlphp/" target="_top">http://code.google.com/p/simplesamlphp/</a></p><p>And please join the mailinglist: <a href="???" target="_top">https://postlister.uninett.no/sympa/subscribe/simplesaml</a></p></div></div></body></html>
diff --git a/docs/source/simplesamlphp-idp.xml b/docs/source/simplesamlphp-idp.xml
index 463e844bf..ffff04a1d 100644
--- a/docs/source/simplesamlphp-idp.xml
+++ b/docs/source/simplesamlphp-idp.xml
@@ -7,7 +7,7 @@
<articleinfo>
<date>2007-10-15</date>
- <pubdate>Sun Oct 21 13:49:41 2007</pubdate>
+ <pubdate>Wed Dec 19 12:03:28 2007</pubdate>
<author>
<firstname>Andreas Ã…kre</firstname>
@@ -356,11 +356,11 @@ openssl x509 -req -days 60 -in server2.csr -signkey server2.key -out server2.crt
to join! Both for asking question, answer other questions, request
improvements or contribute with code or plugins of your own.</para>
- <para>Visit the project page of simpleSAMLphp at: <ulink
- url="http://code.google.com/p/simplesamlphp/">http://code.google.com/p/simplesamlphp/</ulink></para>
+ <para>Go to simpleSAMLphp homepage: <ulink
+ url="http://rnd.feide.no/simplesamlphp">http://rnd.feide.no/simplesamlphp</ulink></para>
<para>And please join the mailinglist: <ulink
- url="???">https://postlister.uninett.no/sympa/subscribe/simplesaml</ulink></para>
+ url="http://rnd.feide.no/content/simplesamlphp-users-mailinglist">http://rnd.feide.no/content/simplesamlphp-users-mailinglist</ulink></para>
</section>
<appendix>
diff --git a/docs/source/simplesamlphp-install.xml b/docs/source/simplesamlphp-install.xml
index 8d4b007b0..574cfc402 100644
--- a/docs/source/simplesamlphp-install.xml
+++ b/docs/source/simplesamlphp-install.xml
@@ -7,7 +7,7 @@
<articleinfo>
<date>2007-08-30</date>
- <pubdate>Sun Oct 21 11:56:20 2007</pubdate>
+ <pubdate>Wed Dec 19 12:03:53 2007</pubdate>
<author>
<firstname>Andreas Ã…kre</firstname>
@@ -207,12 +207,12 @@
<para>To get the latest news about simpleSAMLphp you can follow this url:
<ulink
- url="http://rnd.feide.no/category/simplesamlphp/">http://rnd.feide.no/category/simplesamlphp/</ulink>.</para>
+ url="http://rnd.feide.no/taxonomy/term/4">http://rnd.feide.no/taxonomy/term/4</ulink>.</para>
- <para>Currently simpleSAMLphp has a project page at Google Code:</para>
+ <para>Here is the simpleSAMLphp homepage:</para>
<para><ulink
- url="http://code.google.com/p/simplesamlphp/">http://code.google.com/p/simplesamlphp/</ulink></para>
+ url="http://rnd.feide.no/simplesamlphp">http://rnd.feide.no/simplesamlphp</ulink></para>
</section>
<section>
@@ -351,18 +351,21 @@ cp -r metadata-templates/*.php metadata/
<itemizedlist>
<listitem>
- <para><ulink url="simplesamlphp-sp.html">Setting up simpleSAMLphp as a
- service provider</ulink></para>
+ <para><ulink
+ url="http://rnd.feide.no/content/using-simplesamlphp-service-provider">Setting
+ up simpleSAMLphp as a service provider</ulink></para>
</listitem>
<listitem>
- <para><ulink url="simplesamlphp-idp.html">Setting up simpleSAMLphp as
- an identity provider</ulink></para>
+ <para><ulink
+ url="http://rnd.feide.no/content/using-simplesamlphp-identity-provider">Setting
+ up simpleSAMLphp as an identity provider</ulink></para>
</listitem>
<listitem>
- <para><ulink url="simplesamlphp-bridge.html">Setting up simpleSAMLphp
- as a bridge</ulink></para>
+ <para><ulink
+ url="http://rnd.feide.no/content/using-simplesamlphp-bridge-federation-protocols">Setting
+ up simpleSAMLphp as a bridge</ulink></para>
</listitem>
</itemizedlist>
</section>
diff --git a/docs/source/simplesamlphp-sp.xml b/docs/source/simplesamlphp-sp.xml
index c4614bde0..bad846742 100644
--- a/docs/source/simplesamlphp-sp.xml
+++ b/docs/source/simplesamlphp-sp.xml
@@ -7,7 +7,7 @@
<articleinfo>
<date>2007-10-15</date>
- <pubdate>Sun Oct 21 13:50:29 2007</pubdate>
+ <pubdate>Wed Dec 19 12:04:13 2007</pubdate>
<author>
<firstname>Andreas Ã…kre</firstname>
@@ -494,10 +494,10 @@ print_r($attributes);
to join! Both for asking question, answer other questions, request
improvements or contribute with code or plugins of your own.</para>
- <para>Visit the project page of simpleSAMLphp at: <ulink
- url="http://code.google.com/p/simplesamlphp/">http://code.google.com/p/simplesamlphp/</ulink></para>
+ <para>Go to simpleSAMLphp homepage: <ulink
+ url="http://rnd.feide.no/simplesamlphp">http://rnd.feide.no/simplesamlphp</ulink></para>
<para>And please join the mailinglist: <ulink
- url="???">https://postlister.uninett.no/sympa/subscribe/simplesaml</ulink></para>
+ url="http://rnd.feide.no/content/simplesamlphp-users-mailinglist">http://rnd.feide.no/content/simplesamlphp-users-mailinglist</ulink></para>
</section>
</article>
\ No newline at end of file
--
GitLab