/usr/share/doc/simplesamlphp/simplesamlphp-upgrade-notes-1.5.txt is in simplesamlphp 1.9.2-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | Upgrade notes for simpleSAMLphp 1.5
===================================
* `SimpleSAML_Session::isValid()`
If your code calls `$session->isValid()` without an argument, you will now have to update it to pass an argument (probably `saml2`).
The reason for this change is that calling `$session->isValid()` without an argument can easily create a security hole.
* We have introduced a new module for SAML authentication.
This authentication module supports both SAML 1.1 and SAML 2.0 IdPs.
We have also added a new authentication framework which should replace the previous redirects to the initSSO-scripts.
Relating to this change, we have also deprecated the `initSSO`-scripts for SAML 1.1 and SAML 2.0 authentication.
The old methods will still be supported for a while, but new code should probably use the new code.
See the [migration guide](simplesamlphp-sp-migration) for more information about this.
* The `request.signing` option has been removed.
That option was replaced with the `redirect.sign` and `redirect.validate` options, and has been depreceated for one year.
* The `aggregator` module's configuration file has changed name.
It was changed from `aggregator.php` to `module_aggregator.php`.
|