From dbac97dedf589834fddce46b4653c656b5464e0d Mon Sep 17 00:00:00 2001
From: Patrick Radtke <patrick@cirrusidentity.com>
Date: Wed, 1 Dec 2021 12:22:31 -0800
Subject: [PATCH] Add module enablement tips to upgrade notes

---
 docs/simplesamlphp-install.md           | 19 ++-----------------
 docs/simplesamlphp-upgrade-notes-2.0.md |  2 ++
 2 files changed, 4 insertions(+), 17 deletions(-)

diff --git a/docs/simplesamlphp-install.md b/docs/simplesamlphp-install.md
index 22221f385..c65a13bef 100644
--- a/docs/simplesamlphp-install.md
+++ b/docs/simplesamlphp-install.md
@@ -328,23 +328,8 @@ can do that in the configuration:
 
 Set to `true` the modules you want to enable, and to `false` those that you want to disable.
 
-Alternatively, you can enable or disable modules by setting empty files with given names in the module's root 
-directory. For example, in order to enable the _consent_ module: 
-
-```
-    cd modules/consent
-    touch enable
-```
-
-If you later want to disable the module, you can rename the `enable` file to `disable`.
-
-```
-    cd modules/consent
-    mv enable disable
-```
-
-This is the traditional way of enabling and disabling modules, but it is **deprecated**. Please do not rely on this in
-new installations of the software.
+Prior to SSP V2 you could enable or disable modules by setting empty files with names (`enable`, `disable`,
+`default-enable`) in the module's root directory. You need to now use the `module.enable` config option.
 
 
 The SimpleSAMLphp installation web page
diff --git a/docs/simplesamlphp-upgrade-notes-2.0.md b/docs/simplesamlphp-upgrade-notes-2.0.md
index 881385655..eb1c82454 100644
--- a/docs/simplesamlphp-upgrade-notes-2.0.md
+++ b/docs/simplesamlphp-upgrade-notes-2.0.md
@@ -12,6 +12,8 @@ Upgrade notes for SimpleSAMLphp 2.0
     make sure you change them to reflect the method signatures of the base classes.
 - If you used some of the modules that were shipped with SimpleSAMLphp, you now have to manually install them using Composer;
     For example, to use the ldap-module: bin/composer.phar require simplesamlphp/simplesamlphp-module-ldap --update-no-dev
+- Modules must be enabled through the `module.enable` option in `config.php`. Modules can no longer be enabled by having
+     a file named `enable` or `default-enable` in the module's root directory.
 - If you're using the core:TargetedID authproc-filter, note that the `attributename` setting has been renamed to `identifyingAttribute`.
 - The default encryption algorithm is set from AES128_CBC to AES128_GCM. If you're upgrading from an existing implementation, you may want
     to manually switch back the `sharedkey_algorithm`. Note that CBC is vulnerable to the Padding oracle attack.
-- 
GitLab