The Shibboleth V3.0 SP release is a major version release. This means yada yada yada
We guarantee backwards compability with the most recent V2 version of the SP (2.6.x).
A lot of syntax has been deprecated in V3. As a rule of thumb, if something is documented in this space then it is not deprecated. Otherwise a warning will probably be introduced in the log.
In V3 the default configuration file name is
shibboleth3.xml, this restricted a lot of deprecated syntax and the support for the new funcionality has only been added to this file.
New installation create a
shibboleth3.xml file If the SP cannot find a file called
shibboleth3.xml it will look for a
shibboleth2.xml file. This fallback will be removed in future version and so you are advised to move up to the new file as quickly as possible. The suggested mechanism for doing this is to
- Copy the
shibboleth2.xmlfile to the
- Review and remove any legacy settings:
- Test the configuration
A new IIS plugin is available for recent (IIS7 and later) versions of IIS. This is a significant improvement on the previous version#
- It can use Server Variables rather than relying on spoof-prone HTTPHeaders for the presentation of attributes.
- It is significantly easier to configure and no longer requires the legacy ISAPI module.
- It supports the optional preservervation of post data
- It can be configured to support the native Roles base Authorization.