X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=configs%2Fupgrade.xsl;h=be86033f995c7f9c5f14352062c3cdadda5f8661;hb=3a58b40dbac4d36f9bdad8d947548cacc26eaac7;hp=bdd5b09ac203dfa751676932b7d32e1f1e6622b4;hpb=56247b87a97595fd3cb58475b66f57993d4916ed;p=shibboleth%2Fsp.git
diff --git a/configs/upgrade.xsl b/configs/upgrade.xsl
index bdd5b09..be86033 100644
--- a/configs/upgrade.xsl
+++ b/configs/upgrade.xsl
@@ -3,131 +3,480 @@
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:oldconf="urn:mace:shibboleth:target:config:1.0"
xmlns:cred="urn:mace:shibboleth:credentials:1.0"
+ xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config"
xmlns="urn:mace:shibboleth:2.0:native:sp:config"
- xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion"
- xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
- xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
- exclude-result-prefixes="oldconf cred saml1">
+ exclude-result-prefixes="oldconf cred">
+
+
+
+
+
+
+
-
-
- Generated by upgrade utility: check carefully before deploying.
-
-
-
-
+
+
+ Generated by upgrade utility: check carefully before deploying.
+
+
-
-
- This set of components stores sessions and other persistent data in daemon memory.
-
-
-
-
-
-
-
- This set of components stores sessions and other persistent data in an ODBC database.
-
-
-
- <StorageService type="ODBC" id="db" cleanupInterval="900">
- <ConnectionString>DRIVER=drivername;SERVER=dbserver;UID=shibboleth;PWD=password;DATABASE=shibboleth;APP=Shibboleth</ConnectionString>
- </StorageService>
- <SessionCache type="StorageService" StorageService="db" cacheTimeout="3600" inprocTimeout="900" cleanupInterval="900"/>
- <ReplayCache StorageService="db"/>
- <ArtifactMap StorageService="db" artifactTTL="180"/>
+
+
+ This set of components stores sessions and other persistent data in daemon memory.
+
+
+
+
+
+
+
+
+
+
+
+ This set of components stores sessions and other persistent data in an ODBC database.
+
+
+
+
+ <StorageService type="ODBC" id="db" cleanupInterval="900">
+ <ConnectionString>DRIVER=drivername;SERVER=dbserver;UID=shibboleth;PWD=password;DATABASE=shibboleth;APP=Shibboleth</ConnectionString>
+ </StorageService>
+ <SessionCache type="StorageService" StorageService="db" cacheTimeout="3600" inprocTimeout="900" cleanupInterval="900"/>
+ <ReplayCache StorageService="db"/>
+ <ArtifactMap StorageService="db" artifactTTL="180"/>
-
-
+
-
+
+
+
+ Each policy defines a set of rules to use to secure messages.
+
+
+
+
+
+ The predefined policy enforces replay/freshness and permits signing and client TLS.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
- <Extensions>
- <Library path="odbc-store.so" fatal="true"/>
+
+
+
+
+
+ <Extensions>
+ <Library path="odbc-store.so" fatal="true"/>
</Extensions>
-
-
+
+
+
+
+
-
-
-
+
+
+
+
+
+
+
+
+
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
+
+
+
+
+
+
+
+
+
+
-
-
-
+
+
+
+
+ 8
+
+
+
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Chain the two built-in trust engines together.
+
+
+
+
+
+
+
+
+
+
+
+ Map to extract attributes from SAML assertions.
+
+
+
+
+
+ Use a SAML query if no attributes are supplied during SSO.
+
+
+
+
+
+ Default filtering policy for recognized attributes, lets other data pass.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+ SessionInitiators handle session requests and relay them to a Discovery page,
+ or to an IdP if possible. Automatic session setup will use the default or first
+ element (or requireSessionWith can specify a specific one to use).
+
+
+
+
-
+
+
+
+ md:AssertionConsumerService locations handle specific SSO protocol bindings,
+ such as SAML 2.0 POST or SAML 1.1 Artifact. The isDefault and index attributes
+ are used when sessions are initiated to determine how to tell the IdP where and
+ how to return the response.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ /Logout
+
+
+
+
+ LogoutInitiators enable SP-initiated local or global/single logout of sessions.
+
+
+
+
+
+
+
+
+
+
+
+
+ md:SingleLogoutService locations handle single logout (SLO) protocol messages.
+
+
+
+
+
+
+
+
+
+
+
+
+ md:ManageNameIDService locations handle NameID management (NIM) protocol messages.
+
+
+
+
+
+
+
+
+
+
+
+
+
+ md:ArtifactResolutionService locations resolve artifacts issued when using the
+ SAML 2.0 HTTP-Artifact binding on outgoing messages, generally uses SOAP.
+
+
+
+
+
+
+
+ Extension service that generates "approximate" metadata based on SP configuration.
+
+
+
+
+
+
+ Status reporting service.
+
+
+
+
+
+
+ Session diagnostic service.
+
+
+
+
+
+
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
+
+
+
+
+
+
+ localLogout.html
+ globalLogout.html
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
+
+
+
+
+
+ 12
+
+
+
+
+
+
+
+ 8
+
+
+
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+