Includes updates for latest SAML Profiles specification.
Features
- Added the DisableClearAllSessionsOnLogout flag to configure how multi-session SLO is handled.
- Defaulted the configuration flags SignLogoutRequest, SignLogoutResponse, WantLogoutRequestSigned and WantLogoutResponseSigned to true as these messages must be signed as per the SAML Profiles specification.
- Defaulted the configuration flag SignAssertion to true as per the SAML Profiles specification.
- Defaulted the configuration flags SignAuthnRequest and WantAuthnRequestSigned to true to encourage best security practices.