[http]
# These items must live in [http]
shire=/shibboleth/SHIRE
-wayfLocation=https://shibprod0.internet2.edu/shibboleth/WAYF
+wayfLocation=https://wayf.internet2.edu/shibboleth/WAYF
cookie=shib-cookie
+shireSSLOnly=true
# these can live anywhere
supportContact=warlord@MIT.EDU
try {
+ const string& sslonly = ini.get (SHIBTARGET_HTTP, "shireSSLOnly");
+ const char* sslonlyc = sslonly.c_str();
+
// Make sure this is SSL, if it should be
- if (sc->bSSLOnly==1 && strcmp(ap_http_method(r),"https"))
+ if ((*sslonlyc == 't' || *sslonlyc == 'T') &&
+ strcmp(ap_http_method(r),"https"))
throw ShibTargetException (SHIBRPC_OK,
"blocked non-SSL access to SHIRE POST processor");