- Update SPID Registry signing certificate (fingerprint
CF:6F:E5:4E:9A:78:1A:F2:78:92:69:0B:A7:BF:FB:B1:8A:D1:28:B5:4D:40:06:DF:4B:06:8A:D1:4B:6D:EB:27) - Refine checks on returned attributes
- Generate
<SessionInitiator>elements according toACS_*environment variables - Add check on returned AuthnContextClassRef and attributes
- Add backend-side checks
- Update SPID registry certificate
- Make logging and security policy configurable
- Revise Shibboleth SP configuration (align to 3.x branch)
- Enable SPID SP validator
- Enable the use of
TARGET_LOCATIONenvironment variable - Generate the
<AttributeConsumingService>elements according to the defined environment variables - Remove
AllowCreatefromNameIDPolicyaccording to SPID - Avviso 5 - Revise httpd security configuration (TLS, security headers)
- Fix the order of SP metadata elements
- Substitute
samlsignwithxmlsectool - Update signing (rsa-sha512) and digest (sha512) algorithm
- Remove double KeyName in SP requests signature
- Fix Shibboleth SP configuration
- Hack the metagen.sh script (cloned under /usr/local/bin) in order to match the SPID requirements
- Fix metadata signing process
- Add script for system integration
- Allow to run the container in production mode
- Add checking of the aggregate IdP metadata signature
- Declare only SAML 2.0 as supported protocol
- Include organization details in metadata
- Fix typo in metadata tranformation (see #1)
- Fix IdP metadata aggregator URI in Shibboleth SP configuration
- First release