<SessionCache type="StorageService" cacheAssertions="false"\r
cacheTimeout="3600" inprocTimeout="900" cleanupInterval="900"/>\r
\r
- <!-- To customize behavior, map hostnames and path components to applicationId and other settings. -->\r
+ <!--\r
+ To customize behavior for specific resources on IIS, and to link vhosts or\r
+ resources to ApplicationOverride settings below, use the XML syntax below.\r
+ See https://spaces.internet2.edu/display/SHIB2/NativeSPRequestMapHowTo for help.\r
+ \r
+ Apache users should rely on web server options/commands in most cases, and can remove the\r
+ RequestMapper element. See https://spaces.internet2.edu/display/SHIB2/NativeSPApacheConfig\r
+ -->\r
<RequestMapper type="Native">\r
- <RequestMap applicationId="default">\r
+ <RequestMap>\r
<!--\r
The example requires a session for documents in /secure on the containing host with http and\r
https on the default ports. Note that the name and port in the <Host> elements MUST match\r
<!--\r
The ApplicationDefaults element is where most of Shibboleth's SAML bits are defined.\r
Resource requests are mapped by the RequestMapper to an applicationId that\r
- points into to this section.\r
+ points into to this section (or to the defaults here).\r
-->\r
- <ApplicationDefaults id="default" policyId="default"\r
+ <ApplicationDefaults policyId="default"\r
entityID="https://sp.example.org/shibboleth"\r
REMOTE_USER="eppn persistent-id targeted-id"\r
signing="false" encryption="false">\r
<!-- Simple file-based resolver for using a single keypair. -->\r
<CredentialResolver type="File" key="sp-key.pem" certificate="sp-cert.pem"/>\r
\r
- <!-- Example of a second application (using a second vhost) that has a different entityID. -->\r
- <!-- <ApplicationOverride id="admin" entityID="https://admin.example.org/shibboleth"/> -->\r
-\r
+ <!--\r
+ The default settings can be overridden by creating ApplicationOverride elements (see\r
+ the https://spaces.internet2.edu/display/SHIB2/NativeSPApplicationOverride topic).\r
+ Resource requests are mapped by web server commands, or the RequestMapper, to an\r
+ applicationId setting.\r
+ \r
+ Example of a second application (for a second vhost) that has a different entityID.\r
+ Resources on the vhost would map to an applicationId of "admin":\r
+ -->\r
+ <!--\r
+ <ApplicationOverride id="admin" entityID="https://admin.example.org/shibboleth"/>\r
+ -->\r
</ApplicationDefaults>\r
\r
<!-- Policies that determine how to process and authenticate runtime messages. -->\r