X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fsp.git;a=blobdiff_plain;f=configs%2Fupgrade.xsl;h=64896fdaf470d9316aad9fe9ec387199c181c029;hp=bdd5b09ac203dfa751676932b7d32e1f1e6622b4;hb=daddfae725714b8b61d7b21d83378bc239926b37;hpb=56247b87a97595fd3cb58475b66f57993d4916ed
diff --git a/configs/upgrade.xsl b/configs/upgrade.xsl
index bdd5b09..64896fd 100644
--- a/configs/upgrade.xsl
+++ b/configs/upgrade.xsl
@@ -3,12 +3,15 @@
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:oldconf="urn:mace:shibboleth:target:config:1.0"
xmlns:cred="urn:mace:shibboleth:credentials:1.0"
+ xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config"
xmlns="urn:mace:shibboleth:2.0:native:sp:config"
xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
exclude-result-prefixes="oldconf cred saml1">
+
+
@@ -55,6 +58,21 @@
+
+
+ Each policy defines a set of rules to use to secure messages.
+
+
+
+ The predefined policy enforces replay/freshness and permits signing and client TLS.
+
+
+
+
+
+
+
+
@@ -71,63 +89,305 @@
+
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
+
-
-
+
-
+
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ Chain the two built-in trust engines together.
+
+
+
+
+
+
+
+ Map to extract attributes from SAML assertions.
+
+
+
+
+ Use a SAML query if no attributes are supplied during SSO.
+
+
+
+
+ Default filtering policy for recognized attributes, lets other data pass.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ SessionInitiators handle session requests and relay them to a Discovery page,
+ or to an IdP if possible. Automatic session setup will use the default or first
+ element (or requireSessionWith can specify a specific one to use).
+
+
+
+
+
+
+
+
+
+ md:AssertionConsumerService locations handle specific SSO protocol bindings,
+ such as SAML 2.0 POST or SAML 1.1 Artifact. The isDefault and index attributes
+ are used when sessions are initiated to determine how to tell the IdP where and
+ how to return the response.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ /Logout
+
+
+
+
+ LogoutInitiators enable SP-initiated local or global/single logout of sessions.
+
+
+
+
+
+
+
+ md:SingleLogoutService locations handle single logout (SLO) protocol messages.
+
+
+
+
+
+
+
+ md:ManageNameIDService locations handle NameID management (NIM) protocol messages.
+
+
+
+
+
+
+
+
+ md:ArtifactResolutionService locations resolve artifacts issued when using the
+ SAML 2.0 HTTP-Artifact binding on outgoing messages, generally uses SOAP.
+
+
+
+
+
+ Extension service that generates "approximate" metadata based on SP configuration.
+
+
+
+
+ Status reporting service.
+
+
+
+
+ Session diagnostic service.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ localLogout.html
+ globalLogout.html
+
+
+
+
+
+
+
+
+
+
+
+
+
+
-
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+