-Release Notes
+Shibboleth Native SP Release Notes
-Shibboleth Native SP
-2.4
+Fix/Enhancement Lists:
+https://wiki.shibboleth.net/confluence/display/DEV/SPRoadmap
+
+Important Changes:
+https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPConfigurationChanges
+
+Feature Highlights:
+https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPInterestingFeatures
NOTE: The shibboleth2.xml configuration format in this release
is fully compatible with the 2.x releases, but there are significant
A stripped down default configuration and a "full" example file are
included.
-List of issues addressed by this release:
-https://bugs.internet2.edu/jira/secure/ReleaseNote.jspa?projectId=10011&version=10273
-
Fully Supported
- SAML 1.0, 1.1, 2.0 Single Sign-On
- General Security
- Black/whitelisting of XML security algorithms (with xml-security 1.6+)
- RSA and ECDSA signatures (EC requires xml-security 1.6+ and support from openssl)
+ - AES-GCM encryption (requires xml-security 1.7+ and support from openssl)
- Metadata-based algorithm selection
- Attributes
- Support on Apache for preserving URL-encoded form data across SSO
- Apache module enhancements
- - "OR" coexistence with other authorization modules
+ - Apache 2.4 support including authz
+ - "OR" coexistence with other authz modules on older Apache
- htaccess-based override of any valid RequestMap property
- htaccess support for external access control plugins
- samlsign for manual XML signing and verification
- mdquery for interrogating via metadata configuration
- resolvertest for exercising attribute extraction, filtering, and resolution
-
-- Migrating 1.3 core configuration file
- - Stylesheet can handle some common options