...
Improved upgrade and patching process
Expanded authentication options
Native CAS protocol support
Advanced per-SP configuration options
Supports multiple signing and encryption algorithms
Supports inbound XML encryption
Supports the SHA-256 digest algorithm by default
Supports the metadata query (MDQ) protocol
On-demand reload of configuration/metadata
Extensible (via built-in scripting language)
High availability (HA) option without additional software
Single Logout support
User consent (based on uApprove feature set)
- Internationalization
- Supports non-browser ECP profile (in some cases without any additional configuration)