completed conversion of remaining docs to rst format

docs/claims-authentication-manager.rst

@@ -0,0 +1,21 @@
+ClaimsAuthenticationManager
+===========================
+When using federated authentication, the identity provider solely decides what claims to use to 
+populate the incoming identity. If using multiple identity providers there is very high probability that 
+they will present the same information in somewhat different ways. That's where the ``ClaimsAuthenticationManager`` 
+fits in. It works as a translation filter that can modify or replace the incoming identity as soon as it has 
+been constructed from the incoming authentication response.
+
+You can implement a ``ClaimsAuthenticationManager`` by creating a class derived from the 
+``System.Security.Claims.ClaimsAuthenticationManager`` class.
+
+Then register it with a ``<claimsAuthenticationManager>`` element in the configuration if the configuration is 
+loaded from the config file. If the configuration is done in code (typically for the OWIN middleware) 
+the ClaimsAuthenticationManager should be registered in 
+``Options.SPOptions.SystemIdentityModelIdentityConfiguration.ClaimsAuthenticationManager``.
+
+Single Logout
+--------------
+If you are using Single Logout, you need to make sure that the claims containing the Saml2 logout information 
+are present in the returned identity. The types of the claims are available in 
+``Saml2ClaimTypes.SessionIndex`` and ``Saml2ClaimTypes.LogoutNameIdentifier``.

docs/configuration.rst

@@ -52,7 +52,7 @@ Sustainsys.Saml2 Section
 ------------------------
 The ``sustainsys.saml2`` section contains the configuration of the Sustainsys.Saml2
 library. It is required for the http module and the mvc controller. The Owin middleware can
-read web.config, but can also be configured from code (see [Owin middleware](OwinMiddleware.md)).
+read web.config, but can also be configured from code (see :doc:`Owin middleware <owin-middleware>`).
 
 A sample section is shown below.  For full details and all avaialble options, see  
 :doc:`sustainsys.saml2 <config-elements/sustainsys-saml2>`.
@@ -101,7 +101,7 @@ System.IdentityModel Section
 There must be a ``<system.identityModel>`` section in the config file or there will be a runtime error. The section can be 
 empty (use ``<system.identityModel />``).
 
-The reason you might want this to be non-empty is to provide a custom ``ClaimsAuthenticationManager`` as shown in the 
+The reason you might want this to be non-empty is to provide a custom :doc:`ClaimsAuthenticationManager <claims-authentication-manager>` as shown in the 
 sample below (you would obviously provide your own type in place of the Stub shown in the sample).
 
 .. code-block:: xml

docs/getting-started.rst

@@ -54,8 +54,8 @@ Nuget Package to use: `Sustainsys.Saml2.AspNetCore2 <https://www.nuget.org/packa
 
 HOW TO CONFIGURE ASP.NET CORE 2 -- owin middleware doc?  somewhere else?
 
-IdentityServer Integration
---------------------------
+IdentityServer[3/4] Integration
+-------------------------------
 If you're using ``IdentityServer`` (v3 or later), you may want to 
 configure SAML identity providers like Okta or Ping as external
 identity providers within your IdentityServer implementation.
@@ -67,7 +67,7 @@ providers to be integrated within `IdentityServer3 <https://github.com/IdentityS
 Nuget Package to use for IdentityServer3: `Sustainsys.Saml2.Owin <https://www.nuget.org/packages/Sustainsys.Saml2.Owin/>`_
 Nuget Package for IdentityServer4: `Sustainsys.Saml2.AspNetCore2 <https://www.nuget.org/packages/Sustainsys.Saml2.AspNetCore2/>`_
 
-Review ``THIS DOCUMENT`` to see how to configure Saml2 with 
+Review :doc:`this document <identity-server-3-okta>` to see how to configure Saml2 with 
 IdentityServer3 and Okta to add Okta as an 
 identity provider to an IdentityServer3 project. There is 
 also a SampleIdentityServer3 project in the Saml2 repository.