From f1a0026522189e6f947dedd55ee87d47644cc7a3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaime=20P=C3=A9rez=20Crespo?= <jaime.perez@uninett.no>
Date: Mon, 9 Dec 2013 14:31:06 +0000
Subject: [PATCH] Properly document the use of NameIDFormat configuration
 option.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@3313 44740490-163a-0410-bde0-09ae8108e29a
---
 docs/simplesamlphp-reference-idp-hosted.txt | 25 +++++++++++++++++++++
 modules/saml/docs/sp.txt                    |  4 +++-
 2 files changed, 28 insertions(+), 1 deletion(-)

diff --git a/docs/simplesamlphp-reference-idp-hosted.txt b/docs/simplesamlphp-reference-idp-hosted.txt
index 9d76115cd..cea6fe1f1 100644
--- a/docs/simplesamlphp-reference-idp-hosted.txt
+++ b/docs/simplesamlphp-reference-idp-hosted.txt
@@ -183,6 +183,31 @@ The following SAML 2.0 options are available:
 
 :   Note that this option can be set for each SP in the [SP-remote metadata](./simplesamlphp-reference-sp-remote).
 
+`NameIDFormat`
+:   The format of the NameID supported by this IdP. Defaults to the `transient` format if unspecified.
+    This parameter can be configured in multiple places, and the actual value used is fetched from metadata with
+    the following priority:
+
+:   1.  SP Remote Metadata
+
+    2.  IdP Hosted Metadata
+
+:   The three most commonly used values are:
+
+:   1.  `urn:oasis:names:tc:SAML:2.0:nameid-format:transient`
+    2.  `urn:oasis:names:tc:SAML:2.0:nameid-format:persistent`
+    3.  `urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress`
+
+:   The `transient` format will generate a new unique ID every time
+    the user logs in.
+
+:   To properly support the `persistent` and `emailAddress` formats,
+    you should configure [NameID generation filters](./saml:nameid)
+    on your IdP.
+
+:   Note that the value set here will be added to the metadata generated for this IdP,
+    in the `NameIDFormat` element.
+
 `saml20.sendartifact`
 :   Set to `TRUE` to enable the IdP to send responses with the HTTP-Artifact binding.
     Defaults to `FALSE`.
diff --git a/modules/saml/docs/sp.txt b/modules/saml/docs/sp.txt
index 4cc32330d..5d6c86217 100644
--- a/modules/saml/docs/sp.txt
+++ b/modules/saml/docs/sp.txt
@@ -297,7 +297,9 @@ Options
 
 `NameIDPolicy`
 :   The format of the NameID we request from the IdP.
-    Defaults to the transient format if unspecified.
+    Defaults to the `transient` format if unspecified.
+
+:   If this option is set, its value will be added to the metadata generated for this SP, in the NameIDFormat element.
 
 :   *Note 1*: This option replaces the `NameIDFormat` option found in `saml20-sp-hosted`.
 
-- 
GitLab