* Solved performance issues when processing large metadata sets.
* Fix an issue in the web interface when only one language is enabled.
## Version 1.13.1
Released 2014-10-27
* Solved an issue with empty fields in metadata to cause SimpleSAMLphp to fail with a translation error. Issues #97 and #114.
* Added Basque language to the list of known languages. Issue #117.
* Optimized the execution of redirections by removing an additional, unnecessary function call.
* Solved an issue that caused SimpleSAMLphp to fail when the RelayState parameter was empty or missing on an IdP-initiated authentication. Issues #99 and # 104.
* Fixed a certificate check for SubjectConfirmations with Holder of Key methods.
## Version 1.13
Released 2014-09-25.
* Added the 'remember me' option to the default login page.
* Improved error reporting.
* Added a new 'logging.format' option to control the formatting of the logs.
* Added support for the 'objectguid' binary attribute in LDAP modules.
* Added support for custom search and private attributes read credentials in all LDAP modules.
* Added support for the WantAuthnRequestsSigned option in generated SAML metadata.
* Tracking identifiers are no longer generated based on MD5.
* Several functions, classes and interfaces marked as deprecated.
* Bug fixes and documentation enhancements.
* Updated translations.
* New language: Basque.
### `adfs`
* Honour the 'wreply' parameter when redirecting.
### `aggregator`
* Fixed an issue when regenerating metadata from certain metadata sources.
### `aselect`
* Bug fixes.
### `discopower`
* Bug fix.
### `expirycheck`
* Translations are now possible for this module.
### `metarefresh`
* Use cached metadata if something goes wrong when refreshing feeds.
### `oauth`
* Bug fix.
### `openidProvider`
* Fix for compatibility with versions of PHP greater or equal to 5.4.
### `saml`
* Make it possible to add friendly names to attributes in SP metadata.
* The RSA_1.5 (RSA with PKCS#1 v1.5 padding) encryption algorithm is now blacklisted by default for security reasons.
* Stop checking the 'IDPList' parameter in IdPs.
* Solved an issue that allowed bypassing authentication status checks when presenting an 'IDPList' parameter.
* The 'Destination' attribute is now always sent in logout responses issued by an SP.
### `sqlauth`
* Updated documentation to remove bad practice with regard to password storage.
## Version 1.12
Released 2014-03-24.
* Removed example authproc filters from configuration template.
* Stopped using the 'target-densitydpi' option removed from WebKit.
* The SimpleSAML_Utilities::generateRandomBytesMTrand() function is now deprecated.
* Removed code for compatibility with PHP versions older than 5.3.
* Removed the old interface of SimpleSAML_Session.
* Fixed a memory leak in SimpleSAML_Session regarding serialization and unserialization.
* Support for RegistrationInfo (MDRPI) elements in the metadata of identity and service providers.
* Renamed SimpleSAML_Utilities::parseSAML2Time() function to xsDateTimeToTimestamp().
* New SimpleSAML_Utilities::redirectTrustedURL() and redirectUntrustedURL() functions.
* Deprecated the SimpleSAML_Utilities::redirect() function.
* Improved Russian translation.
* Added Czech translation.
* New 'errorreporting' option to enable or disable error reporting feature.
* Example certificate removed.
* New SimpleSAML_Configuration::getEndpointPrioritizedByBinding() function.
* PHP 5.3 or newer required.
* Started using Composer as dependency manager.
* Detached the basic SAML2 library and moved to a standalone library in github.
* Added support for exporting shibmd:Scope metadata with regular expressions.
* Remember me option in the IdP.
* New SimpleSAML_Utilities::setCookie wrapper.
* Custom HTTP codes on error.
* Added Romanian translation.
* Bug fixes and documentation enhancements.
### `adfs`
* Support for exporting metadata.
### `aggregator`
* Support for RegistrationInfo (MDRPI) elements in the metadata.
* Fix for HTTP header injection vulnerability.
* Fix for directory traversal vulnerability.
### `aggregator2`
* Support for RegistrationInfo (MDRPI) elements in the metadata.
### `aselect`
* License changed to LGPL 2.1.
### `authfacebook`
* Updated extlibinc to 3.2.2.
### `authtwitter`
* Added 'force_login' configuration option.
### `cdc`
* Bugfix related to request validation.
### `core`
* The AttributeAlter filter no longer throws an exception if the attribute was not found.
* Support for removal of values in the AttributeAlter filter, with '%remove' flag.
* Support for empty strings and NULL values as a replacement in the AttributeAlter filter.
* Bugfixes in the AttributeAlter filter.
* Support for NULL attribute values.
* Support for limiting values and not only attributes in the AttributeLimit filter.
* Log a message when a user authenticates successfully.
* Added %duplicate flag to AttributeMap, to leave original names in place when using map file.
* Fix infinite loop when overwriting attributes with AttributeMap.
### `discopower`
* Bugfix for incorrect handling of the 'idpdisco.extDiscoveryStorage' option.
### `ldap`
* Support for configuring the duplicate attribute handling policy in AttributeAddFromLDAP, 'attribute.policy' option.
* Support for binary attributes in the AttributeAddFromLDAP filter.
* Support for multiple attributes in the AttributeAddFromLDAP filter.
### `metarefresh`
* Support for specifying permissions of the resulting files.
### `negotiate`
* Added support for "attributes"-parameter.
### `oauth`
* Bugfix related to authorize URL building.
### `openidProvider`
* Support for SReg and AX requests.
### `saml`
* Send 'isPassive' in passive discovery requests.
* Support for generating NameIDFormat in service providers with NameIDPolicy set.
* Support for AttributeConsumingService and AssertionConsumingServiceIndex.
* Support for the HTTP-POST binding in WebSSO profile.
* Fix for entity ID validation problems when using the IDPList configuration option.
### `smartattributes`
* New 'add_candidate' option to allow the user to decide whether to prepend or not the candidate attribute name to the resulting value.
### `statistics`
* Bugfix in statistics aggregator.
## Version 1.11
Released 2013-06-05.
* Support for RSA_SHA256, RSA_SHA384 and RSA_SHA512 in HTTP Redirect binding.
* Support for RegistrationInfo element in SAML 2.0 metadata.
* Support for AuthnRequestsSigned and WantAssertionsSigned when generating metadata.
* Third party OpenID library updated with a bugfix.
* Added the Name attribute to EntitiesDescriptor.
* Removed deprecated option 'session.requestcache' from config-template.
* Workaround for SSL SNI extension not being correctly set.
* New language cookie and parameter config options.
* Add 'module.enable' configuration option for enabling/disabling modules.
* Check for existence of memcache extension.
* Initial support for limiting redirects to trusted hosts.
* Demo example now shows both friendly and canonical name of the attributes.
* Other minor fixes for bugs and typos.
* Several translations updated.
* Added Latvian translation.
### `authorize`
* Added a logout link to the 403 error page.
### `authtwitter`
* Updated API endpoint for version 1.1.
* Fix for oauth_verifier parameter.
### `authX509`
* ldapusercert validation made optional.
### `consent`
* Added support for SQLite databases.
### `core`
* Fix error propagation in UserPass(Org)Base authentication sources.
* MCrypt module marked as required.
### `discopower`
* Get the name of an IdP from mdui:DisplayName.
### `expirycheck`
* PHP 5.4 compatibility fixes.
### `InfoCard`
* PHP 5.4 compatibility fixes.
### `ldap`
* Added an option to disable following referrals.
### `metarefresh`
* Improved help message.
### `oauth`
* PHP 5.4 compatibility fixes.
### `saml`
* Verify that the issuer of an AuthnResponse is the same entity ID we sent a request to.
* Added separate option to enable Holder of Key support on SP.
* Fix for HoK profile metadata.
* New filter for storing persistent NameID in eduPersonTargetedID attribute.
* Support for UIInfo elements.
* Bugfix for SAML SP metadata signing.
* Ignore default technical contact.
* Support for MDUI elements in SP metadata.
* Support for more contact types in SP metadata.
* New information in statistics with the time it took for a login to happen.
* New IdP core, which makes it simpler to share code between different IdPs, e.g. between SAML 1.1 and SAML 2.0.
* Dictionaries moved to JSON format.
* New authentication module: [`cas:CAS`](./cas:cas).
* All images that doesn't permit non-commercial use have been replaced.
* Better support for OrganizationName, OrganizationDisplayName and OrganizationURL in metadata.
* Cookie secure flag no longer automatically set.
* Cross-protocol logout between ADFS and SAML 2.
* New experimental module for aggregating metadata: [`aggregator2`](./aggregator2:aggregator2)
* Metadata support for multiple endpoints with [multiple bindings](./simplesamlphp-metadata-endpoints).
* The metadata generation is using a new set of classes.
As a result, all generated metadata elements now have a `md:`-prefix.
* The deprecated functions `init(...)` and `setAuthenticated(...) in the `SimpleSAML_Session` class have been removed.
* Configuration check and metadata check was removed, as they were often wrong.
### SAML 2 SP
* SAML 2.0 HTTP-Artifact support on the [SP](./simplesamlphp-artifact-sp).
### SAML 2 IdP
* SAML 2.0 HTTP-Artifact support on the [IdP](./simplesamlphp-artifact-idp).
* Support for sending PartialLogout status code in logout response.
* Set AuthnInstant to the timestamp for authentication.
* Combine normal and iframe versions of the logout handlers into a single endpoint.
* The SessionIndex is now unique per SP.
* Statistics for logout failures.
* Better generation of persistent NameID when `nameid.attribute` isn't specified.
### The SP API
* Support for handling errors from the IdP.
* Support for passing parameters to the authentication module.
This can be used to specify SAML 2 parameters, such as isPassive and ForceAuthn.
### `adfs`
* Move to new IdP core.
### `casserver`
* Collect all endpoints in a single file.
* Fix prefix on the tickets.
### `consent`
* Support for deactivating consent for specific services.
### `consentAdmin`
* Support for the SAML SP module.
### `core`
* New filter: [`core:PHP`](./core:authproc_php), which allows processing of attributes with arbitrary PHP code.
* Support for multiple target attributes in [`core:AttributeMap`](./core:authproc_attributemap).
* New filter: [`core:ScopeFromAttribute`](./core:authproc_scopefromattribute), which allows the creation an attribute based on the scope of another attribute.
* Support for a target attribute in [`core:AttributeAlter`](./core:authproc_attributealter).
### `discoPower`
* Support for new scoring algorithm.
### `ldap`
* SASL support in LDAPMulti
### `ldapstatus`
* This module was removed, as it was very specific for Feide.
### `multiauth`
* Support for specifying the target authentication source through a request parameter.
### `oauth`
* Configurable which authentication source should be used.
### `openidProvider`
* OpenID 2.0 support.
* XRDS generation support.
### `saml`
* Support for specifying parameters for authentication request.
* Add AttributeConsumingService to generated metadata.
* The two SPSSODescriptor elements in the metadata has been merged.
## Version 1.5.1
Released 2010-01-08.
* Fix security vulnerability due to insecure temp file creation:
* statistics: The logcleaner script outputs to a file in /tmp.
* InfoCard: Saves state directly in /tmp. Changed to the simpleSAMLphp temp directory.
* openidProvider: Default configuration saves state information in /tmp.
Changed to '/var/lib/simplesamlphp-openid-provider'.
* SAML 1 artifact support: Saves certificates temporarily in '/tmp/simplesaml', but directory creation was insecure.
* statistics: Handle new year wraparound.
* Dictionary updates.
* Fix bridged logout.
* Some documentation updates.
* Fix all metadata to use assignments to arrays.
* Fix $session->getIdP().
* Support AuthnContextClassRef in saml-module.
* Do not attempt to send logout request to an IdP that does not support logout.
* LDAP: Disallow bind with empty password.
* LDAP: Assume that LDAP_NO_SUCH_OBJECT is an error due to invalid username/password.
* statistics: Fix configuration template.
* Handle missing authority in idp-hosted metadata better.
## Version 1.5
Released 2009-11-05. Revision 1937.
* New API for SP authentication.
* Make use of the portal module on the frontpage.
* SQL datastore.
* Support for setting timezone in config (instead of php.ini).
* Logging of PHP errors and notices to simpleSAMLphp log file.
* Improve handling of unhandled errors and exceptions.
* Admin authentication through authentication sources.
* Various bugfixes & cleanups.
* Translation updates.
* Set the dropdown list as default for built in disco service.
### New modules:
* `adfs`
* [`authorize`](./authorize:authorize)
* `authtwitter`
* [`autotest`](./autotest:test)
* `exampleattributeserver`
* `metaedit`
* [`multiauth`](./multiauth:multiauth)
* `oauth`
* [`openidProvider`](./openidProvider:provider)
* [`radius`](./radius:radius)
* [`saml`](./saml:sp)
### `aggregator`:
* Add ARP + ARP signing functionality to the aggregator.
* Improvements to the aggregator module. Added documentation, and re-written more OO-oriented.
* Add support for reconstructing XML where XML for an entity is already cached.
* Add support for excluding tags in metadata aggregator.
### `AuthMemCookie`:
* Delete the session cookie when deleting the session.
* Support for authentication sources.
* Set expiry time of session data when saving to memcache.
* Support multiple memcache servers.
### `cas`:
* Added support for attributes in <cas:serviceResponse>.
### `consent`:
* Support for hiding some attribute values.
### `consentAdmin`:
* Added config option to display description.
### `core`:
* New WarnShortSSOInterval filter.
### `discopower`:
* Live search in discopower-module.
### `ldap`:
* Support for proxy authentication.
* Add 'debug' and 'timeout' options.
* Privilege separation for LDAP attribute retrieval.
* Allow search.base to be an array.
* (LDAPMulti) Add support for including the organization as part of the username.
### `ldapstatus`:
* Do a connect-test to all ip-addresses for a hostname.
* Check wheter hostname exists before attempting to connect.
* hobbit output.
* Check schema version.
* Add command line tab to single LDAP status page for easier debugging.
### `logpeek`:
* Blockwise reading of logfile for faster execution.
### `metarefresh`:
* Adding support for generating Shibboleth ARP files.
* Add 'serialize' metadata format.
### `preprodwarning`:
* Don't show warning in passive request.
* Focus on continue-button.
### SAML:
* Support for multiple AssertionConsumerService endpoints.
* SAML 1 artifact support on the SP side.
* New SAML authentication module.
* Deprecation of www/saml2/sp & www/shib13/sp.
* Support for encrypted NameID.
* NameIDPolicy replaces NameIDFormat.
* Better support for IdP initiated SSO and bookmarked login pages.
* Improvements to iframe logout page.
* Scoping support.
* New library for SAML 2 messages.
* Support for transporting errors from the IdP to the SP.
* Sign both the assertion and the response element by default.
* Support for sending XML attribute values from the IdP.
### `statistics`:
* Extended Google chart encoding... Add option of alternative compare plot in graph...
* Added support for Ratio type reports in the statistics module..
* Changed default rule to sso.
* Added incremental aggregation, independent time resolution from rule def, combined coldefs and more.
* Add DST support in date handler. Added summary columns per delimiter. Added pie chart. +++
* Log first SSO to a service during a session.
## Version 1.4
Released 2009-03-12. Revision 1405.
Updates to `config.php`. Please check for updates in your local modified configuration.
* Language updates
* Documentation update. New authencation source API now default and documented.
* Smartname. does it best to guess the full name of the user based on several attributes.
* Language adaptor: allow adopting UI by preferredLanguage SAML 2.0 Attribute both on the IdP and the SP. And if the user selects a lanauge, this can be sent to the SP as an attribute.
* New module: portal, allows you to created tabbed interface for custom pages within simpleSAMLphp. In example user consent management and attribute viewer.
* New module: ldapstatus. Used by Feide to monitor connections to a large list of LDAP connections. Contact Feide on details on how to use.
* ldapstatus also got certificate check capabilities.
* New module: MemcacheMonitor: Show statistics for memcache servers.
* New module: DiscoPower. A tabbed discovery service module with alot of functionality.
* New module: SAML 2.0 Debugginer. An improved version of the one found on rnd.feide.no earlier is not included in simpleSAMLphp allowing you to run it locally.
* New module: Simple Consent Amdin module that have one button to remove all consent for one user.
* New module: Consent Administration. Contribution from Wayf.
* We also have a consent adminstration module that we use in Feide that is not checked in to subversion.
* New module: logpeek. Lets administrator lookup loglines matching a TRackID.
* New module: PreprodWarning: Adding a warning to users that access a preprod system.
* New module: CAS Server
* New module: Aggregator: Aggregates metadata. Used in Kalmar Union.
* New module: Metarefresh, download, parses and consumes metadata.
* New module: SanityCheck. Checks if things looks good and reports bad configuration etc.
* New module: Cron. Will perform tasks regularly.
* Module: SAML2.0. SAML 2.0 SP implemented as an module. Yet not documented how to use, but all SAML 2.0 SP functionality may be moved out to this module for better modularization.
* New module: statistics. Parses STAT log files, and aggregates based on a generic rule system. Output is stored in aggregated text files, and a frontend is included to present statistics with tables and graphs. Used sanitycheck and cron.
* Added support for IdP initiated SSO.
* Added support for IdP-initiated SLO with iFrame type logout.
* Major updates to iFrame AJAX SLO. Improved user experience.
* iFrame AJAX SLO is not safe against simulanous update of the session.
* Added support for bookmarking login pages. By adding enough information in the URL to be able to bootstrap a new IdP-initiated SSO and sending.
* Major updates to the infocard module.
* Added some handling of isPassive with authentication processing filters.
* More localized UI.
* New login as administrator link on frontpage.
* Tabbed frontpage. Restructured.
* Simplifications to the theming and updated documentation on theming simpleSAMLphp.
* Attribute presentation hook allows you to tweak attributes before presentation in the attribute viewers. Used by Feide to group orgUnit information in a hieararchy.
* Verification of the Receipient attribute in the response. Will improve security if for some reason an IdP is not includeding sufficient Audience restrictions.
* Added hook to let modules tell about themself moduleinfo hook.
* Improved cron mails
* Improved santity check exception handling
* Preserver line breaks in stack trace UI
* Improvements to WS-Federation support: dynamic realms, logout etc.
* Better handling of presentation of JPEG photos as attributes.
* Support limiting size of attribute retrieved from LDAP.
* Added notes about how to aggregate and consume metadata. Just a start.
* Large improvements to Configuration class, and config helper functions.
* STAT logging is moved into separate authenticaion processing filter.
* Fix for NoPassive responses to Google Apps with alternative NameIDFormats.
* LDAP module allows to search multiple searchbases.
* All documentation is converted from docbook to markdown format.
* Added headers to not allow google to index pages.
* Added check on frontpage for magic quotes
* Added statistic loggging to Consent class.
* Improvements to Exception handler in LDAP class, and better logging.
* LDAP class supports turning on LDAP-debug logging.
* Much improvements to SAML 2.0 Metadata generation and parsing.
* Adding more recent jquery library.
* Generic interface for including jquery dependencies in template headers.
* Improved UI on default theme
* Fix for session duration in the Conditions element in the Assertion (SAML 2.0).
* Updated with new Feide IdP metadata in metadata-templates
## Version 1.3
Released 2008-11-04. Revision 973.
Configuration file `config.php` should not include significant changes, except one language added.
### New features
* Documentation update
* Added new language. Now there are two different portugese
dialects.
* Consent "module" modified. Now added support for preselecting the
checkbox by a configuration parameter. Consent module supports
including attributs values (possible to configure).
* CSS and look changed. Removed transparency to fix problem for some
browsers.
* The login-admin authentication module does not ask for username any
more.
* Added support for persistent NameID Format. (Added by Hans
* More readable XML output formatting. In example metadata.
* Better support for choosing whether or not to sign authnrequest.
Possible to specify both at SP hosted and IdP remote.
* Adding more example metadata in metadata-templates.
* Improved e-mails sent from SimpleSAMLphp. Now both plain text and
html.
* Configuration class may return information about what version.
* iFrame AJAX SLO improved. Now with non-javascript failback
handling.
### Bug fixes
* Fixed warning with XML validator.
* Improved loading of private/public keys in XML/Signer.
* Improvements to CAS module.
* Fixed memcache stats.
## Version 1.2
Released 2008-09-26. Revision 899.
There are some changes in the configuration files from version 1.1 to 1.2. `/simplesaml/admin/config.php` should be used to check what options have changed.
When you upgrade from an previous version you should copy `authsources.php` from `config-templates` into `config` directory.
There are also some changes to the templates. If you have any custom templates, they should be updated to match the ones included. Of notable changes is that the `t(...)`-functtes, they should be updated to match the ones included. Of notable changes is that the `t(...)`-function has been simplified, and takes far fewer parameters. It is backwardscompatible, but will write a warning to the log until updated. The backwards compatibility will be removed in a future version.
### New features
* Experimental support for modules. Currently modules can contain
* An generic SQL autentication module added for those who store their
users in an SQL database.
* Limited support for validating against a CA root certificate. The
current implementation only supports cases where the certificate is
directly signed by the CA.
* Allow an IdP to have multiple valid certificate fingerprints, to
allow for easier updating of certificates.
* Shibboleth 1.3 authentication for Auth MemCookie.
* Support for link to privacy policy on consent-pages.
* Customizable initial focus on consent-page.
* Almost all pages should be translateable.
* Allow SAML 2.0 SP to handle error replies from IdP.
* PostgreSQL support for consent storage.
* Add support for encrypted private keys.
* Proof-of-concept MetaShare service, for easy publishing and sharing
of metadata.
### Bug fixes
* Fixed generated SAML 2.0 metadata to be correct.
* Fixed logout for Auth MemCookie.
* Sign SAML 2.0 authentication response on failure (such as
NoPassive).
* Fixes for IsPassive in the SAML 2.0 IdP.
* Fix default syslog configuration on Windows.
* Fix order of signing and encryption of SAML 2.0 responses
* Fix generated metadata for Shib 1.3
* Fix order of elements in encrypted assertions to be schema
compliant.
* Fix session index sent to SAML 2.0 SPs.
* Remember SAML 2.0 NameID sent to SPs, and include it in logout
requests.
## Version 1.1
Released 2008-06-19. Revision 673.
When upgrading to version 1.1 from version 1.0, you should update the configuration files. Many options have been added, and some have moved or removed. The new configuration check page: `/simplesaml/admin/config.php` may be useful for determining what should be updated. Also note that the `language.available` option in `config.php` should be updated to reflect the new languages which have been added.
There are also several changes to the template files. If you have done any customizations to these, you should test them to make sure that they still work. Some changes, such as allowing the users to save the IdP choice they make in the discovery service, will not work without updating the templates.
New localizations in version 1.1: Sami, Svenska (swedish), Suomeksi (finnish), Nederlands, Luxembourgish, Slovenian, Hrvatski (Croatian), Magyar (Hungarian).
### New features
* Add support for saving the users choice of IdP in the IdP discovery
service.
* Add a config option for whether the Response element or the
Assertion element in the response should be signed.
* Make it easier to add attribute alteration functions.
* Added support for multiple languages in metadata name and
description (for IdP discovery service).
* Added configuration checker for checking if configuration files
should be updated.
* Add support for icons in IdP discovery service.
* Add support for external IdP discovery services.
* Support password encrypted private keys.
* Added PHP autoloading as the preferred way of loading the
simpleSAMLphp library.
* New error report script which will report errors to the
`technicalcontact_email` address.
* Support lookup of the DN of the user who is logging in by searching
for an attribute when using the LDAP authentication module.
* Add support for fetching name and description of entities from XML
metadata files.
* Support for setting custom AttributeNameFormats.
* Support for signing generated metadata.
* Support for signature validation of metadata.
* Added consent support for Shib 1.3 logging.
* Added errorlog logging handler for logging to the default Apache
error log.
* Added support for WS-Federation single signon.
* Allow `session_save_path` to be overridden by setting the
`session.phpsession.savepath` option in `config.php`.
* Add support for overriding autogenerated metadata values, such as
the `AssertionConsumerService` address.
* Added IsPassive support in the SAML 2.0 IdP.
* Add attribute filter for generating eduPersonTargetedID attribute.
* Add support for validation of sent and received messages and
metadata.
* Add support for dynamic metadata loading with cache.
* Add support for dynamic generation of entityid and metadata.
* Added wayf.dk login module.
* Add support for encrypting and decrypting assertions.
* CAS authentication module: Add support for serviceValidate.
* CAS authentication module: Add support for getting attributes from
response by specifying XPath mappings.
* Add support for specifying a certificate in the `saml20-idp-remote`
metadata instead of a fingerprint.
* Add an attribute alter function for dynamic group generation.
* Add support for attribute processing in SAML 2 SP.
* Added tlsclient authentication module.
* Allow the templates to override the header and footer of pages.
* Major improvements to the Feide authentication module.
* Add support for ForceAuthn in the SAML 2.0 IdP.
* Choose language based on the languages the user has selected in the
web browser.
* Added fallback to base language if translation isn't found.
### Bug fixes
* Modified IdP discovery service to support Shibboleth 2.0 SP.
* Fix setcookie warning for PHP version \< 5.2.
* Fix logout not being performed for Auth MemCache sometimes.
* Preserve case of attribute names during LDAP attribute retrival.
* Fix IdP-initiated logout.
* Ensure that changed sessions with changed SP associations are
written to memcache.
* Prevent infinite recursion during logging.
* Don't send the relaystate from the SP which initiated the logout to
other SPs during logout.
* Prevent consent module from revealing DB password when an error
occurs.
* Fix logout with memcache session handler.
* Allow new session to be created in login modules.
* Removed the strict parameter from base64\_decode for PHP 5.1
compatibility.
## Version 1.0
Released 2008-03-28. Revision 470.
## Version 0.5
Released 2007-10-15. Revision 28.
### Warning
Both `config.php` and metadata format are changed. Look at the
templates to understand the new format.
* Documentation is updated!
* Metadata files made tidier. Unused entries removed. Look at the new
templates on how to change your existing metadata.
* Support for sending metadata by mail to Feide. Automatically
detecting whether you have configured Feide as the default IdP or
not.
* Improved SAML 2.0 Metadata generation
* Added support for Shibboleth 1.3 IdP functionality (beta, contact
me if any problems)
* Added RADIUS authentication backend
* Added support for HTTP-Redirect debugging when enable `debug=true`
* SAML 2.0 SP example now contains a logout page.
* Added new authentication backend with support for multiple LDAP
based on which organization the user selects.
* Added SAML 2.0 Discovery Service
* Initial 'proof of concept' implementation of "User consent on
attribute release"
* Fixed some minor bugs.
## Version 0.4
Released 2007-09-14. Revision X.
* Improved documentation
* Authentication plugin API. Only LDAP authenticaiton plugin is
included, but it is now easier to implement your own plugin.
* Added support for SAML 2.0 IdP to work with Google Apps for
Education. Tested.
* Initial implementation of SAML 2.0 Single Log Out functionality
both for SP and IdP. Seems to work, but not yet well-tested.
* Added support for bridging SAML 2.0 to SAML 2.0.
* Added some time skew offset to the NotBefore timestamp on the
assertion, to allow some time skew between the SP and IdP.
* Fixed Browser/POST page to automaticly submit, and have fall back
functionality for user agents with no javascript support.
* Fixed some bug with warning traversing Shibboleth 1.3 Assertions.
* Fixed tabindex on the login page of the LDAP authentication module
to allow you to tab from username, to password and then to submit.
* Fixed bug on autodiscovering hostname in multihost environments.
* Cleaned out some debug messages, and added a debug option in the
configuration file. This debug option let's you turn on the
possibility of showing all SAML messages to users in the web