@@ -15,8 +15,12 @@ This is a reference for the SimpleSAMLphp implementation of the [SAML
V2.0 Metadata Extensions for Login and Discovery User Interface](http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ui/v1.0/sstc-saml-metadata-ui-v1.0.pdf)
defined by OASIS.
The `metadata/saml20-idp-hosted.php` entries are used to define the
metadata extension items. An example of this is:
The metadata extensions are available to both IdP and SP usage of
simpleSAMLphp. For an IdP, the entries are placed in
`metadata/saml20-idp-hosted.php`, for an SP, they are put inside
the relvant entry in `authsources.php`.
An example for an IdP:
<?php
$metadata['entity-id-1'] = array(
...
...
@@ -64,17 +68,40 @@ metadata extension items. An example of this is:
/* ... */
);
The OASIS specification primarily defines how an IdP can communicate
metadata related to IdP discovery. There are two different types of
And for an SP it could look like this:
<?php
$config = array(
'default-sp' => array(
'saml:SP',
'UIInfo' => array(
'DisplayName' => array(
'en' => 'English name',
'es' => 'Nombre en Español'
),
'Description' => array(
'en' => 'English description',
'es' => 'Descripción en Español
),
),
/* ... */
),
);
The OASIS specification primarily defines how an entity can communicate
metadata related to IdP or service discovery and identification. There
are two different types of
extensions defined. There are the `<mdui:UIInfo>`elements that define
how an IdP should be displayed and there are the `<mdui:DiscoHints>`
elements that define when an IdP should be choosen/displayed.
how an IdP or SP should be displayed and there are the `<mdui:DiscoHints>`
elements that define when an IdP should be chosen/displayed.
UIInfo Items
--------------
These elements are used for IdP discovery to determine what to display
about an IdP. These properties are all children of the `UIInfo` key.
These elements are used for IdP and SP discovery to determine what to display
about an IdP or SP. These properties are all children of the `UIInfo` key.
*Note*: Most elements are localized strings that specify the language
using the array key as the language-code:
...
...
@@ -85,7 +112,7 @@ using the array key as the language-code:
),
`DisplayName`
: The localized list of names for this IdP
: The localized list of names for this entity
'DisplayName' => array(
'en' => 'English name',
...
...
@@ -93,7 +120,7 @@ using the array key as the language-code:
),
`Description`
: The localized list of statements used to decribe this IdP
: The localized list of statements used to decribe this entity
'Description' => array(
'en' => 'English description',
...
...
@@ -101,7 +128,7 @@ using the array key as the language-code:
),
`InformationURL`
: A localized list of URLs where more information about the IdP is
: A localized list of URLs where more information about the entity is
located.
'InformationURL' => array(
...
...
@@ -110,7 +137,7 @@ using the array key as the language-code:
),
`PrivacyStatementURL`
: A localized list of URLs where the IdP's privacy statement is
: A localized list of URLs where the entity's privacy statement is
located.
'PrivacyStatementURL' => array(
...
...
@@ -119,7 +146,7 @@ using the array key as the language-code:
),
`Keywords`
: A localized list of keywords used to describe the IdP
: A localized list of keywords used to describe the entity
