X-Git-Url: http://www.project-moonshot.org/gitweb/?p=freeradius-pysaml2.git;a=blobdiff_plain;f=etc%2Fecp_config.py;h=923ca81d7ee172c679aab1575e9df81d5aa72e09;hp=e67803fb9d88860d1b8d148e5dbf5ef2ca564860;hb=e17b7a09b1da3e49eb2e1d98962799f06f4399c8;hpb=d4246e231c2ccef41467dda7bc3399560204df77

diff --git a/etc/ecp_config.py b/etc/ecp_config.py
index e67803f..923ca81 100644
--- a/etc/ecp_config.py
+++ b/etc/ecp_config.py
@@ -1,9 +1,7 @@
 # You shouldn't change this line unless you know what you are doing
 CONFIG = 'pysaml_config'                # PySAML2 Configuration file name
-#IDENTITY_CACHE = "identity_cache"
-#STATE_CACHE = "state_cache"
 
-METADATA_FILE="../idp/idp.xml"
+METADATA_FILE="/usr/local/etc/moonshot/metadata.xml"
 
 DEBUG=0
 
@@ -14,10 +12,22 @@ SIGN=False
 # metadata file. This must be the entity ID of the IdP not an endpoint
 IDP_ENTITYID = "http://example.com/idp"
 
-# Attribute filters per service@hostname
-# the key are GSS-Acceptor-Service-Name+':'+GSS-Acceptor-Host-Name
-# and the attribute names are the so called friendly-names
+# The password that should be used when authenticating with the IdP
+# This password will be used disregarding which user it is.
 
-ATTRIBUTE_FILTER = {
-    "ldap:example.com" : ["email", "givenName", "surname"],
-}
\ No newline at end of file
+PASSWD = ""
+
+# If you don't want to used Basic-Auth you can place the username in a
+# header. This defines the header name
+
+USERNAME_HEADER = "X-Moonshot-Username"
+
+# is the path of a file containing root CA certificates for SSL
+# server certificate validation.
+
+CA_CERTS = ""
+
+# If disable_ssl_certificate_validation is true, SSL cert validation will
+# not be performed.
+
+DISABLE_SSL_CERTIFICATE_VALIDATION = True
\ No newline at end of file