update sample apache config with a few more comments

test the ShibNormalizeRequest option -- get it working
fix the ShibCheckAddress option

git-svn-id: https://svn.middleware.georgetown.edu/cpp-sp/trunk@93 cb58f699-b61c-0410-a6fe-9272a202ed29

diff --git a/configs/apache.config b/configs/apache.config
index 43a60cd..db431b9 100644 (file)
--- a/configs/apache.config
+++ b/configs/apache.config
@@ -5,22 +5,33 @@
 LoadModule shibrm_module /mit/shibboleth/src/shibboleth/c/mod_shibrm/mod_shibrm.so
 LoadModule shire_module /mit/shibboleth/src/shibboleth/c/mod_shire/mod_shire.so
 
-# SHIRE Configuration
+# Global SHIRE Configuration
 SHIREConfig /mit/shibboleth/src/shibboleth/c/shibboleth.ini
 
+# Per-server SHIRE Configuration
 #ShibNormalizeRequest Off
 
 # Configure a test directory
 <Location /test>
   AuthType shibboleth
   require valid-user
+
+  # Per-directory SHIRE Configuration
   #ShibBasicHijack On
   #ShibSSLOnly On
   #ShibCheckAddress On
   #ShibAuthLifetime 60
   #ShibAuthTimeout 600
+
+  # RM Configuration
+  #AuthGroupFile /foo
+  #ShibExportAssertion On
+
 </Location>
 
+#
+# Turn on the SHIRE support
+# 
 <Location /shibboleth/SHIRE>
   AuthType shibboleth
   require valid-user

diff --git a/mod_shibrm/mod_shibrm.cpp b/mod_shibrm/mod_shibrm.cpp
index f1ea4a3..5047631 100644 (file)
--- a/mod_shibrm/mod_shibrm.cpp
+++ b/mod_shibrm/mod_shibrm.cpp
@@ -152,9 +152,9 @@ static command_rec shibrm_cmds[] = {
   {"ShibCookieName", (config_fn_t)ap_set_server_string_slot,
    (void *) XtOffsetOf (shibrm_server_config, szCookieName),
    RSRC_CONF, TAKE1, "Name of cookie to use as session token."},
-#endif
   {"ShibNormalizeRequest", (config_fn_t)set_normalize, NULL,
    RSRC_CONF, TAKE1, "Normalize/convert browser requests using server name when redirecting."},
+#endif
 
   {"AuthGroupFile", (config_fn_t)ap_set_file_slot,
    (void *) XtOffsetOf (shibrm_dir_config, szAuthGrpFile),
@@ -162,9 +162,12 @@ static command_rec shibrm_cmds[] = {
   {"ShibExportAssertion", (config_fn_t)ap_set_flag_slot,
    (void *) XtOffsetOf (shibrm_dir_config, bExportAssertion),
    OR_AUTHCFG, FLAG, "Export SAML assertion to Shibboleth-defined header?"},
+
+#if 0
   {"ShibCheckAddress", (config_fn_t)ap_set_flag_slot,
    (void *) XtOffsetOf (shibrm_dir_config, checkIPAddress),
    OR_AUTHCFG, FLAG, "Verify IP address of requester matches token?"},
+#endif
 
   {NULL}
 };

diff --git a/mod_shire/mod_shire.cpp b/mod_shire/mod_shire.cpp
index 9b2ee16..20e6eaa 100644 (file)
--- a/mod_shire/mod_shire.cpp
+++ b/mod_shire/mod_shire.cpp
@@ -147,7 +147,7 @@ extern "C" const char* ap_set_server_string_slot(cmd_parms* parms, void*, const
 
 extern "C" const char* set_normalize(cmd_parms* parms, shire_server_config* sc, const char* arg)
 {
-    sc->bNormalizeRequest=atoi(arg);
+    sc->bNormalizeRequest=(atoi(arg) || !strcasecmp(arg, "on"));
     return NULL;
 }
 
@@ -188,9 +188,10 @@ static command_rec shire_cmds[] = {
   {"ShibCookieName", (config_fn_t)ap_set_server_string_slot,
    (void *) XtOffsetOf (shire_server_config, szCookieName),
    RSRC_CONF, TAKE1, "Name of cookie to use as session token."},
+#endif
+
   {"ShibNormalizeRequest", (config_fn_t)set_normalize, NULL,
    RSRC_CONF, TAKE1, "Normalize/convert browser requests using server name when redirecting."},
-#endif
 
   {"ShibBasicHijack", (config_fn_t)ap_set_flag_slot,
    (void *) XtOffsetOf (shire_dir_config, bBasicHijack),