X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=configs%2Fapache2.config.in;h=e735d2032a1d447382aeeee825cd9f422f821ff8;hb=16658259b0b6430b9737a61e0c5968fa4ff71181;hp=7ea0bb7b6d93d93f50b9f2d0129fd412d6177fd1;hpb=67d4510838d5ae1a3f7115a0000416244b32c856;p=shibboleth%2Fcpp-sp.git

diff --git a/configs/apache2.config.in b/configs/apache2.config.in
index 7ea0bb7..e735d20 100644
--- a/configs/apache2.config.in
+++ b/configs/apache2.config.in
@@ -1,39 +1,46 @@
+# https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPApacheConfig
+
 # RPM installations on platforms with a conf.d directory will
-# result in this file being copied into that directory for you.
-# For non-RPM installs, you can add this file to your
-# configuration using an Include command in httpd.conf
+# result in this file being copied into that directory for you
+# and preserved across upgrades.
 
-######
-## SHIB Config
-######
+# For non-RPM installs, you should copy the relevant contents of
+# this file to a configuration location you control.
 
 #
-# Load the SHIBBOLETH module
+# Load the Shibboleth module.
 #
 LoadModule mod_shib @-PKGLIBDIR-@/mod_shib_20.so
 
 #
-# Used for example logo and style sheet in error templates.
+# Ensures handler will be accessible.
+#
+<Location /Shibboleth.sso>
+  Satisfy Any
+  Allow from all
+</Location>
+
+#
+# Used for example style sheet in error templates.
 #
 <IfModule mod_alias.c>
   <Location /shibboleth-sp>
+    Satisfy Any
     Allow from all
   </Location>
-  Alias /shibboleth-sp/main.css @-PKGDOCDIR-@/main.css
-  Alias /shibboleth-sp/logo.jpg @-PKGDOCDIR-@/logo.jpg
+  Alias /shibboleth-sp/main.css @-PKGWEBDIR-@/main.css
 </IfModule>
 
 #
-# Configure the module for content
+# Configure the module for content.
 #
-# You can now do most of this in shibboleth.xml using the RequestMap
-# but you MUST enable AuthType shibboleth for the module to process
+# You MUST enable AuthType shibboleth for the module to process
 # any requests, and there MUST be a require command as well. To
 # enable Shibboleth but not specify any session/access requirements
 # use "require shibboleth".
 #
 <Location /secure>
   AuthType shibboleth
-  ShibRequireSession On
+  ShibRequestSetting requireSession 1
   require valid-user
 </Location>