xsi:schemaLocation="urn:mace:shibboleth:2.0:native:sp:config @-PKGXMLDIR-@/shibboleth-2.0-native-sp-config.xsd"
logger="@-PKGSYSCONFDIR-@/syslog.logger" clockSkew="180">
- <!-- The OutOfProcess section pertains to components that run in the shibd daemon. -->
+ <!-- The OutOfProcess section contains properties affecting the shibd daemon. -->
<OutOfProcess logger="@-PKGSYSCONFDIR-@/shibd.logger">
-
<!--
<Extensions>
<Library path="@-PKGLIBDIR-@/adfs.so" fatal="true"/>
<Library path="@-PKGLIBDIR-@/odbc-store.so" fatal="true"/>
</Extensions>
-->
-
- <!-- Only one listener can be defined. -->
- <UnixListener address="@-PKGRUNDIR-@/shibd.sock"/>
-
- <!-- <TCPListener address="127.0.0.1" port="12345" acl="127.0.0.1"/> -->
-
- <StorageService type="Memory" id="memory" cleanupInterval="900"/>
- <SessionCache type="StorageService" StorageService="memory" cacheTimeout="3600"/>
- <ReplayCache StorageService="memory"/>
- <ArtifactMap artifactTTL="180"/>
-
- <!--
- <StorageService type="ODBC" id="db" cleanupInterval="900">
- <ConnectionString>
- DRIVER=drivername;SERVER=dbserver;UID=shibboleth;PWD=password;DATABASE=shibboleth;APP=Shibboleth
- </ConnectionString>
- </StorageService>
- <SessionCache type="StorageService" StorageService="db" cacheTimeout="3600"/>
- <ReplayCache StorageService="db"/>
- <ArtifactMap StorageService="db" artifactTTL="180"/>
- -->
</OutOfProcess>
- <!-- The InProcess section pertains to components that run inside the web server. -->
+ <!-- The InProcess section conrains settings affecting web server modules/filters. -->
<InProcess logger="@-PKGSYSCONFDIR-@/native.logger">
-
<!--
<Extensions>
<Library path="@-PKGLIBDIR-@/adfs-lite.so" fatal="true"/>
</Extensions>
-->
-
- <SessionCache type="Remoted" cleanupInterval="900" cacheTimeout="900"/>
-
- <!--
- To customize behavior, map hostnames and path components to applicationId and other settings.
- -->
- <RequestMapper type="Native">
- <RequestMap applicationId="default">
- <!--
- The example requires a session for documents in /secure on the containing host with http and
- https on the default ports. Note that the name and port in the <Host> elements MUST match
- Apache's ServerName and Port directives or the IIS Site name in the <ISAPI> element
- below.
- -->
- <Host name="sp.example.org">
- <Path name="secure" authType="shibboleth" requireSession="true">
- <!-- Example shows the folder "/secure/admin" assigned to a separate <Application> -->
- <!--
- <Path name="admin" applicationId="foo-admin"/>
- -->
- </Path>
- </Host>
- </RequestMap>
- </RequestMapper>
-
- <Implementation>
- <ISAPI normalizeRequest="true">
- <!--
- Maps IIS Instance ID values to the host scheme/name/port/sslport. The name is
- required so that the proper <Host> in the request map above is found without
- having to cover every possible DNS/IP combination the user might enter.
- The port and scheme can usually be omitted, so the HTTP request's port and
- scheme will be used.
- -->
- <Site id="1" name="sp.example.org"/>
- </ISAPI>
- </Implementation>
+
+ <ISAPI normalizeRequest="true">
+ <!--
+ Maps IIS Instance ID values to the host scheme/name/port/sslport. The name is
+ required so that the proper <Host> in the request map above is found without
+ having to cover every possible DNS/IP combination the user might enter.
+ The port and scheme can usually be omitted, so the HTTP request's port and
+ scheme will be used.
+ -->
+ <Site id="1" name="sp.example.org"/>
+ </ISAPI>
</InProcess>
+ <!-- Only one listener can be defined, to connect in process modules to shibd. -->
+ <UnixListener address="@-PKGRUNDIR-@/shibd.sock"/>
+ <!-- <TCPListener address="127.0.0.1" port="12345" acl="127.0.0.1"/> -->
+
+ <!-- This set of components stores sessions and other persistent data in daemon memory. -->
+ <StorageService type="Memory" id="mem" cleanupInterval="900"/>
+ <SessionCache type="StorageService" StorageService="mem" cacheTimeout="3600" inprocTimeout="900" cleanupInterval="900"/>
+ <ReplayCache StorageService="mem"/>
+ <ArtifactMap artifactTTL="180"/>
+
+ <!-- This set of components stores sessions and other persistent data in an ODBC database. -->
+ <!--
+ <StorageService type="ODBC" id="db" cleanupInterval="900">
+ <ConnectionString>
+ DRIVER=drivername;SERVER=dbserver;UID=shibboleth;PWD=password;DATABASE=shibboleth;APP=Shibboleth
+ </ConnectionString>
+ </StorageService>
+ <SessionCache type="StorageService" StorageService="db" cacheTimeout="3600" inprocTimeout="900" cleanupInterval="900"/>
+ <ReplayCache StorageService="db"/>
+ <ArtifactMap StorageService="db" artifactTTL="180"/>
+ -->
+
+ <!-- To customize behavior, map hostnames and path components to applicationId and other settings. -->
+ <RequestMapper type="Native">
+ <RequestMap applicationId="default">
+ <!--
+ The example requires a session for documents in /secure on the containing host with http and
+ https on the default ports. Note that the name and port in the <Host> elements MUST match
+ Apache's ServerName and Port directives or the IIS Site name in the <ISAPI> element
+ below.
+ -->
+ <Host name="sp.example.org">
+ <Path name="secure" authType="shibboleth" requireSession="true">
+ <!-- Example shows the folder "/secure/admin" assigned to a separate <Application> -->
+ <!--
+ <Path name="admin" applicationId="foo-admin"/>
+ -->
+ </Path>
+ </Host>
+ </RequestMap>
+ </RequestMapper>
+
<!--
The Applications section is where most of Shibboleth's SAML bits are defined.
Resource requests are mapped in the Local section into an applicationId that
<!-- Status reporting service. -->
<Handler type="Status" Location="/Status" acl="127.0.0.1"/>
+ <!-- Session diagnostic service. -->
+ <Handler type="Session" Location="/Session"/>
+
</Sessions>
<!--
projects / shibboleth / cpp-sp.git / blobdiff