1 # ADD THIS TO THE END OF YOUR APACHE'S HTTPD.CONF
8 # Load the Apache Request module and then the SHIBBOLETH module
9 # Note that ORDER MATTERS! Apache runs the modules in the
10 # _reverse_ order that modules were loaded. The Shib module
11 # depends on the Apreq module, so you need this load-order
12 # to make sure they are run properly.
14 # If you see log messages about missing apreq symbols then you
15 # have messed this up.
17 LoadModule apreq_module /opt/shibboleth/libexec/mod_apreq.so
18 LoadModule mod_shib /opt/shibboleth/libexec/mod_shib.so
21 # Global SHIRE Configuration
22 # This is the INI file that contains all the global, non-apache-specific
23 # configuration. Look at this file for most of your configuration
26 SHIBConfig /opt/shibboleth/etc/shibboleth/shibboleth.ini
29 # Configure a test directory
31 # You need _at least_ a "require" option for Shib to take effect for this
32 # directory. You can either set the AuthType to "shibboleth", or you can
33 # turn on ShibBasicHijack. For Shib, valid-user is a somewhat vague concept
34 # and only means that a trusted origin site has authenticated the user, but
35 # doesn't mean that any attributes were received.
39 require affiliation ~ ^member@.+$
42 # Per-directory SHIRE Configuration
45 #ShibAuthLifetime 14400
51 #ShibExportAssertion On