Upgrade notes for SimpleSAMLphp 1.9
- The OpenID client "linkback" URL has changed from
.../module.php/openid/consumer.phpto.../module.php/openid/linkback.php. - Support for CA path validation has been removed from SAML 2.0.
- The X-Frame-Options has been added to the default templates, to prevent the pages from being loaded in iframes.
- Access permissions of generated files are now restricted to the current user.
- The code to set cookies now requires PHP version >= 5.2. (PHP version 5.2.0 or newer has been the only supported version for a while, but it has in some cases been possible to run SimpleSAMLphp with older versions.)
- It used to be possible to set an array of endpoints for the SingleSignOnService in
saml20-idp-hosted.php. That is no longer supported. - The
aselectmodule has been replaced with a new module. The new module gives us better error handling and support for request signing, but we lose support for A-Select Cross. - There has been various fixes in the session expration handling. As a result of this, sessions may get a shorter lifetime (if the IdP places a limit on the lifetime, this limit will now be honored).