diff --git a/build/lemonldap-ng/doc/3.1-Install-prerequesites.html b/build/lemonldap-ng/doc/3.1-Install-prerequesites.html
index 130c18a28..53abeda42 100644
--- a/build/lemonldap-ng/doc/3.1-Install-prerequesites.html
+++ b/build/lemonldap-ng/doc/3.1-Install-prerequesites.html
@@ -152,6 +152,10 @@
       <li>HTML::Template</li>
 
       <li>SOAP::Lite</li>
+
+      <li>Config::IniFiles</li>
+
+      <li>JSON</li>
     </ul>
 
     <h4 class="heading-1-1-1"><span id="HResetPasswordbyMail">Reset Password
@@ -168,12 +172,19 @@
     <h4 class="heading-1-1-1"><span id="HExtras">Extras</span></h4>
 
     <ul class="star">
-      <li>Lasso (see <span class="wikiexternallink"><a href=
+      <li>Lasso (Liberty Alliance, SAML2) (see <span class=
+      "wikiexternallink"><a href=
       "http://lasso.entrouvert.org/">http://lasso.entrouvert.org/</a></span>)</li>
 
       <li>CAS (see <span class="wikiexternallink"><a href=
       "http://sourcesup.cru.fr/projects/perlcas/">http://sourcesup.cru.fr/projects/perlcas/</a></span>)</li>
 
+      <li>Net::OpenID::Consumer</li>
+
+      <li>Net::OpenID::Server</li>
+
+      <li>Net::Twitter</li>
+
       <li>Test::POD</li>
     </ul>
 
@@ -194,7 +205,7 @@
 
     <div class="code">
       <pre>
-# apt-get install apache2 libapache2-mod-perl2 libapache-session-perl libnet-ldap-perl libcache-cache-perl libdbi-perl perl-modules libwww-perl libcache-cache-perl libxml-simple-perl  libsoap-lite-perl libhtml-template-perl libregexp-assemble-perl libjs-jquery libxml-libxml-perl libcrypt-rijndael-perl libio-string-perl libxml-libxslt-perl
+# apt-get install apache2 libapache2-mod-perl2 libapache-session-perl libnet-ldap-perl libcache-cache-perl libdbi-perl perl-modules libwww-perl libcache-cache-perl libxml-simple-perl  libsoap-lite-perl libhtml-template-perl libregexp-assemble-perl libjs-jquery libxml-libxml-perl libcrypt-rijndael-perl libio-string-perl libxml-libxslt-perl libconfig-inifiles-perl libjson-perl
 # apt-get install libstring-random-perl libemail-date-format-perl libmime-lite-perl
 </pre>
     </div>
@@ -211,7 +222,7 @@
 
     <div class="code">
       <pre>
-# yum install httpd mod_perl perl-Apache-Session perl-LDAP perl-XML-SAX perl-XML-NamespaceSupport perl-HTML-Template perl-Regexp-Assemble perl-Error perl-IPC-ShareLite perl-Cache-Cache perl-FreezeThaw perl-XML-Simple perl-version perl-CGI-Session perl-DBD-Pg perl-XML-LibXML-Common perl-BSD-Resource perl-XML-LibXML perl-Crypt-Rijndael perl-IO-<span class="java-object">String</span> perl-XML-LibXSLT perl-SOAP-Lite
+# yum install httpd mod_perl perl-Apache-Session perl-LDAP perl-XML-SAX perl-XML-NamespaceSupport perl-HTML-Template perl-Regexp-Assemble perl-Error perl-IPC-ShareLite perl-Cache-Cache perl-FreezeThaw perl-XML-Simple perl-version perl-CGI-Session perl-DBD-Pg perl-XML-LibXML-Common perl-BSD-Resource perl-XML-LibXML perl-Crypt-Rijndael perl-IO-<span class="java-object">String</span> perl-XML-LibXSLT perl-SOAP-Lite perl-Config-IniFiles perl-JSON
 </pre>
     </div>
 
@@ -273,6 +284,18 @@
 
         <td>0.90</td>
       </tr>
+
+      <tr class="table-even">
+        <td>1.0-rc1</td>
+
+        <td>&nbsp;</td>
+
+        <td>&nbsp;</td>
+
+        <td>&nbsp;</td>
+
+        <td>&nbsp;</td>
+      </tr>
     </table>
   </div>
 
diff --git a/build/lemonldap-ng/doc/4.5-SAML-authentication-backend.html b/build/lemonldap-ng/doc/4.5-SAML-authentication-backend.html
index 3807cd849..cd579930a 100644
--- a/build/lemonldap-ng/doc/4.5-SAML-authentication-backend.html
+++ b/build/lemonldap-ng/doc/4.5-SAML-authentication-backend.html
@@ -63,11 +63,334 @@
 
     <ul>
       <li><a href="#HPresentation">Presentation</a></li>
-    </ul>
+
+      <li>
+        <a href="#HTechnicalrequirements">Technical requirements</a>
+
+        <ul>
+          <li><a href="#HLasso">Lasso</a></li>
+
+          <li><a href="#HApacherewriterules">Apache rewrite rules</a></li>
+
+          <li><a href="#HSAML2IDP">SAML2 IDP</a></li>
+
+          <li><a href="#HPublic2Fprivatekey">Public/private key</a></li>
+        </ul>
+      </li>
+
+      <li>
+        <a href="#HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG
+        configuration</a>
+
+        <ul>
+          <li><a href="#HAuthenticationandUserDB">Authentication and
+          UserDB</a></li>
+
+          <li>
+            <a href="#HSAML2Service">SAML2 Service</a>
+
+            <ul>
+              <li><a href="#HNodeSAML2Service">Node SAML 2 Service</a></li>
+
+              <li><a href="#HNodeOrganization">Node Organization</a></li>
+
+              <li>
+                <a href="#HNodeServiceProvider">Node Service Provider</a>
+
+                <ul>
+                  <li><a href="#HNodeSingleLogout">Node SingleLogout</a></li>
+
+                  <li><a href="#HNodeAssertionConsumer">Node Assertion
+                  Consumer</a></li>
+
+                  <li><a href="#HNodeNameIDFormat">Node NameID Format</a></li>
+                </ul>
+              </li>
+
+              <li><a href="#HNodeIdentityProvider">Node Identity
+              Provider</a></li>
+            </ul>
+          </li>
+
+          <li>
+            <a href="#HIdentityProviderregistration">Identity Provider
+            registration</a>
+
+            <ul>
+              <li><a href="#HMetadataXML">Metadata XML</a></li>
+
+              <li><a href="#HNodeExportedattributes">Node Exported
+              attributes</a></li>
+
+              <li><a href="#HNodeOptions">Node Options</a></li>
+            </ul>
+          </li>
+        </ul>
+      </li>
+
+      <li><a href="#HPartnerIDPconfiguration">Partner IDP
+      configuration</a></li>
+    </ul><strong class="strong">Since LemonLDAP::NG 1.0</strong>
 
     <h3 class="heading-1-1"><span id="HPresentation">Presentation</span></h3>
 
-    <p class="paragraph"></p>This feature is a work in progress.
+    <p class="paragraph"></p>LemonLDAP::NG can used SAML2 authentication to
+    get user identity and grab some attributes defined in user profile on its
+    Identity Provider (IDP). In this case, LemonLDAP::NG acts like an SAML2
+    Service Provider (SP).
+
+    <p class="paragraph"></p>Several IDPs are allowed, in this case the user
+    will choose the IDP he wants. You can preselect IDP with an IDP resolution
+    rule.
+
+    <p class="paragraph"></p>For each IDP, you can configure attributes that
+    are asked. Some can be mandatory, so if they are not givn by IDP, the
+    session will not open.
+
+    <h3 class="heading-1-1"><span id="HTechnicalrequirements">Technical
+    requirements</span></h3>
+
+    <h4 class="heading-1-1-1"><span id="HLasso">Lasso</span></h4>
+
+    <p class="paragraph"></p>SAML2 implementation is based on <span class=
+    "wikiexternallink"><a href="http://lasso.entrouvert.org">Lasso</a></span>.
+    You will need a very recent version of Lasso (&gt;= 2.2.91).
+
+    <p class="paragraph"></p>For lucky Debian users, there are packages
+    available here: <span class="wikiexternallink"><a href=
+    "http://deb.entrouvert.org/">http://deb.entrouvert.org/</a></span>.
+
+    <p class="paragraph"></p>You will only need to install liblasso3-perl
+    package:
+
+    <div class="code">
+      <pre>
+$ sudo apt-get install liblasso3-perl
+</pre>
+    </div>
+
+    <h4 class="heading-1-1-1"><span id="HApacherewriterules">Apache rewrite
+    rules</span></h4><br />
+    <br />
+    Be sure that mod_rewrite is installed and that SAML2 rewrite rules are
+    activated in <strong class="strong">etc/portal-apache2.conf</strong>:
+
+    <div class="code">
+      <pre>
+&lt;IfModule mod_rewrite.c&gt;
+        RewriteEngine On
+        RewriteRule ^/saml/metadata /metadata.pl
+        RewriteRule ^/saml/.* /index.pl
+&lt;/IfModule&gt;
+</pre>
+    </div>
+
+    <h4 class="heading-1-1-1"><span id="HSAML2IDP">SAML2 IDP</span></h4>
+
+    <p class="paragraph"></p>Of course you need an SAML2 IDP. If you don't
+    have one, you can check:
+
+    <ul class="star">
+      <li><span class="wikiexternallink"><a href=
+      "http://authentic.labs.libre-entreprise.org/">Authentic</a></span></li>
+
+      <li><span class="wikiexternallink"><a href=
+      "https://rnd.feide.no/simplesamlphp">simpleSAMLphp</a></span></li>
+    </ul>
+
+    <h4 class="heading-1-1-1"><span id="HPublic2Fprivatekey">Public/private
+    key</span></h4>
+
+    <p class="paragraph"></p>Since SAML2 use a lot a signature and encoding,
+    you need to generate a public/private key pair.
+
+    <p class="paragraph"></p>You can do this with openssl:
+
+    <div class="code">
+      <pre>
+$ openssl genrsa -out private_key.pem 1024
+$ openssl rsa -pubout -in private_key.pem -out public_key.pem
+</pre>
+    </div>
+
+    <h3 class="heading-1-1"><span id=
+    "HLemonLDAP3A3ANGconfiguration">LemonLDAP::NG configuration</span></h3>
+
+    <p class="paragraph"></p>All configuration can be done with LemonLDAP::NG
+    Manager. Connect to it first (by default <span class=
+    "wikiexternallink"><a href=
+    "http://manager.example.com">http://manager.example.com</a></span>).
+
+    <h4 class="heading-1-1-1"><span id=
+    "HAuthenticationandUserDB">Authentication and UserDB</span></h4>
+
+    <p class="paragraph"></p>In General Parameters &gt; Authentication, set:
+
+    <ul class="star">
+      <li>Users database type: SAML</li>
+
+      <li>Authentication module: SAML</li>
+    </ul>As passwords will not be managed by LL::NG, you can also go in
+    General Parameters &gt; Portal :
+
+    <ul class="star">
+      <li>Display reset password: 0</li>
+
+      <li>Display password change: 0</li>
+    </ul>
+
+    <h4 class="heading-1-1-1"><span id="HSAML2Service">SAML2
+    Service</span></h4>
+
+    <p class="paragraph"></p>This is where you configure SAML2 settings for
+    LemonLDAP::NG service. These settings will be used to build metadata that
+    will be shared with identity providers.
+
+    <h5 class="heading-1-1-1-1"><span id="HNodeSAML2Service">Node SAML 2
+    Service</span></h5>
+
+    <ul class="star">
+      <li>Entity Identifier: your EntityID, often use as metadata URL, by
+      default <span class="nobr"><a href=
+      "http://auth.example.com/saml/metadata.">http://auth.example.com/saml/metadata.</a></span>
+      Change this value to fit your portal URL.</li>
+
+      <li>Private key: copy all the content of your private key file, with
+      header and footer. This will not be published in metadata.</li>
+    </ul>
+
+    <h5 class="heading-1-1-1-1"><span id="HNodeOrganization">Node
+    Organization</span></h5>
+
+    <ul class="star">
+      <li>Display Name: will be displayed on IDP, this is often your society
+      name</li>
+
+      <li>Name: internal name</li>
+
+      <li>URL: URL of your society</li>
+    </ul>
+
+    <h5 class="heading-1-1-1-1"><span id="HNodeServiceProvider">Node Service
+    Provider</span></h5>
+
+    <ul class="star">
+      <li>Signed Authentication Request: set to On to require signed
+      authentication request. Off by default.</li>
+
+      <li>Protocol: Protocol support enumeration string. Do not change.</li>
+
+      <li>Signing Key: copy the content of your public key file,
+      <strong class="strong">without</strong> header and footer.</li>
+    </ul>
+
+    <h6 class="heading-1-1-1-1-1"><span id="HNodeSingleLogout">Node
+    SingleLogout</span></h6>
+
+    <p class="paragraph"></p>For each binding you can set:
+
+    <ul class="star">
+      <li>Location: Access Point for SLO request. Change this value to fit
+      your portal URL.</li>
+
+      <li>Response Location: Access Point for SLO response. Change this value
+      to fit your portal URL.</li>
+    </ul>
+
+    <h6 class="heading-1-1-1-1-1"><span id="HNodeAssertionConsumer">Node
+    Assertion Consumer</span></h6>
+
+    <p class="paragraph"></p>For each binding you can set:
+
+    <ul class="star">
+      <li>Default: will this binding be used by default for authentication
+      response</li>
+
+      <li>Index: Do not change.</li>
+
+      <li>Binding: SAML2 binding string. Do not change.</li>
+
+      <li>Location: Access Point for SSO request and response. Change this
+      value to fit your portal URL.</li>
+    </ul>
+
+    <h6 class="heading-1-1-1-1-1"><span id="HNodeNameIDFormat">Node NameID
+    Format</span></h6>
+
+    <p class="paragraph"></p>For each NameID Format, you can activate and
+    deactivate it in metadata. The first will be chosen by default if no
+    NameID Format is set in authentication request.
+
+    <h5 class="heading-1-1-1-1"><span id="HNodeIdentityProvider">Node Identity
+    Provider</span></h5>
+
+    <p class="paragraph"></p>Not used here.
+
+    <h4 class="heading-1-1-1"><span id=
+    "HIdentityProviderregistration">Identity Provider registration</span></h4>
+
+    <p class="paragraph"></p>Now you have to register partner IDP. For that,
+    select node Identity Providers and click on New metadatas.
+
+    <p class="paragraph"></p>The IDP name is asked, enter it and click OK.
+
+    <h5 class="heading-1-1-1-1"><span id="HMetadataXML">Metadata
+    XML</span></h5>
+
+    <p class="paragraph"></p>You must register IDP metadata here. You can do
+    it either by uploading the file, or with IDP metadata URL.
+
+    <h5 class="heading-1-1-1-1"><span id="HNodeExportedattributes">Node
+    Exported attributes</span></h5>
+
+    <p class="paragraph"></p>For each attribute, you can set:
+
+    <ul class="star">
+      <li>Key name: name of the key in LemonLDAP::NG session (for example
+      "uid" will then be used as $uid in access rules)</li>
+
+      <li>Mandatory : if set to "On", then session will not open if this
+      attribure is not given by IDP.</li>
+
+      <li>Name : SAML attribute name.</li>
+
+      <li>Friendly Name: optional, SAML attribute friendly name.</li>
+
+      <li>Format: optional, SAML attribute format.</li>
+    </ul>
+
+    <h5 class="heading-1-1-1-1"><span id="HNodeOptions">Node
+    Options</span></h5>
+
+    <ul class="star">
+      <li>NameID format: force NameID format here (email, persitent,
+      transient, etc.). If no value, will use first NameID Format activated in
+      metadata.</li>
+
+      <li>Force authentication: set ForceAuthn flag in authentication
+      request</li>
+
+      <li>Allow proxied authentication: allow an authentication response to be
+      issued from another IDP that the one we register (proxy IDP)</li>
+
+      <li>SSO binding: force binding to use for SSO (http-redirect, http-post,
+      etc.)</li>
+
+      <li>SLO binding: force binding to use for SLO (http-redirect, http-post,
+      etc.)</li>
+
+      <li>Resolution rule: Perl expression that will be evaluate to know if
+      this IDP is the default for the connected user. You can use for example
+      $ENV{ to get user's IP.</li>
+    </ul>
+
+    <h3 class="heading-1-1"><span id="HPartnerIDPconfiguration">Partner IDP
+    configuration</span></h3>
+
+    <p class="paragraph"></p>You have to give LemonLDAP::NG metadata to your
+    partner. After previous steps, metadata can be viewed at Entity Identifier
+    URL (by default <span class="nobr"><a href=
+    "http://auth.example.com/saml/metadata/">http://auth.example.com/saml/metadata/</a></span>)
   </div>
 
   <p class="footer"><a href="index.html">Index</a></p>
diff --git a/build/lemonldap-ng/scripts/doc.pl b/build/lemonldap-ng/scripts/doc.pl
index 658ea0579..b62f18c3c 100755
--- a/build/lemonldap-ng/scripts/doc.pl
+++ b/build/lemonldap-ng/scripts/doc.pl
@@ -53,7 +53,7 @@ my $docs = {
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/UserDBLDAP'                    => '4.6-LDAP-user-backend.html',
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/UserDBNull'                    => '4.6-Null-user-backend.html',
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/UserDBMulti'                   => '4.6-Multiple-user-backend.html',
-    'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/userDBSAML'                      => '4.6-SAML-user-backend.html',
+    'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/userDBSAML'                    => '4.6-SAML-user-backend.html',
     # Password backends
     'http://wiki.lemonldap.ow2.org/xwiki/bin/view/NG/PasswordDBLDAP'                => '4.7-LDAP-password-backend.html',
     # LDAP specificities