LoadModule shibrm_module /mit/shibboleth/src/shibboleth/c/mod_shibrm/mod_shibrm.so
LoadModule shire_module /mit/shibboleth/src/shibboleth/c/mod_shire/mod_shire.so
-# SHIRE Configuration
+# Global SHIRE Configuration
SHIREConfig /mit/shibboleth/src/shibboleth/c/shibboleth.ini
+# Per-server SHIRE Configuration
#ShibNormalizeRequest Off
# Configure a test directory
<Location /test>
AuthType shibboleth
require valid-user
+
+ # Per-directory SHIRE Configuration
#ShibBasicHijack On
#ShibSSLOnly On
#ShibCheckAddress On
#ShibAuthLifetime 60
#ShibAuthTimeout 600
+
+ # RM Configuration
+ #AuthGroupFile /foo
+ #ShibExportAssertion On
+
</Location>
+#
+# Turn on the SHIRE support
+#
<Location /shibboleth/SHIRE>
AuthType shibboleth
require valid-user
{"ShibCookieName", (config_fn_t)ap_set_server_string_slot,
(void *) XtOffsetOf (shibrm_server_config, szCookieName),
RSRC_CONF, TAKE1, "Name of cookie to use as session token."},
-#endif
{"ShibNormalizeRequest", (config_fn_t)set_normalize, NULL,
RSRC_CONF, TAKE1, "Normalize/convert browser requests using server name when redirecting."},
+#endif
{"AuthGroupFile", (config_fn_t)ap_set_file_slot,
(void *) XtOffsetOf (shibrm_dir_config, szAuthGrpFile),
{"ShibExportAssertion", (config_fn_t)ap_set_flag_slot,
(void *) XtOffsetOf (shibrm_dir_config, bExportAssertion),
OR_AUTHCFG, FLAG, "Export SAML assertion to Shibboleth-defined header?"},
+
+#if 0
{"ShibCheckAddress", (config_fn_t)ap_set_flag_slot,
(void *) XtOffsetOf (shibrm_dir_config, checkIPAddress),
OR_AUTHCFG, FLAG, "Verify IP address of requester matches token?"},
+#endif
{NULL}
};
extern "C" const char* set_normalize(cmd_parms* parms, shire_server_config* sc, const char* arg)
{
- sc->bNormalizeRequest=atoi(arg);
+ sc->bNormalizeRequest=(atoi(arg) || !strcasecmp(arg, "on"));
return NULL;
}
{"ShibCookieName", (config_fn_t)ap_set_server_string_slot,
(void *) XtOffsetOf (shire_server_config, szCookieName),
RSRC_CONF, TAKE1, "Name of cookie to use as session token."},
+#endif
+
{"ShibNormalizeRequest", (config_fn_t)set_normalize, NULL,
RSRC_CONF, TAKE1, "Normalize/convert browser requests using server name when redirecting."},
-#endif
{"ShibBasicHijack", (config_fn_t)ap_set_flag_slot,
(void *) XtOffsetOf (shire_dir_config, bBasicHijack),