blob: d7872ccfe9e23d893fe12bc273d9159c8c2885f1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
# This is a server-wide configuration that will add information from the Mellon
# session to all requests under this path.
<Location ${saml_base}>
MellonEnable "${saml_protect}"
MellonSPPrivateKeyFile "${saml_sp_key}"
MellonSPCertFile "${saml_sp_cert}"
MellonSPMetadataFile "${saml_sp_meta}"
MellonIdPMetadataFile "${saml_idp_meta}"
MellonEndpointPath ${saml_sp}
MellonVariable "saml-sesion-cookie"
# Comment out the next two lines if you want to allow logins on bare HTTP
MellonsecureCookie ${saml_secure_on}
${ssl_require}SSLRequireSSL
MellonUser "NAME_ID"
MellonIdP "IDP"
MellonSessionLength 3600
# MellonNoCookieErrorPage "https://idp.example.com/no-cookie-error.html"
# MellonPostDirectory "/var/lib/ipsilon/post_cache"
# MellonPostReplay On
</Location>
${saml_auth}
${sp}Alias /saml2protected /usr/share/ipsilon/ui/saml2sp
${sp}
${sp}<Directory /usr/share/ipsilon/ui/saml2sp>
${sp} SSLRequireSSL
${sp} Require all granted
${sp}</Directory>
# Redirect requests to the secure port
${ssl_rewrite}RewriteEngine on
${ssl_rewrite}RewriteCond %{SERVER_PORT} !^443$$
${ssl_rewrite}RewriteRule ^${saml_base}(.*) https://${sp_hostname}${saml_base}$$1 [L,R=301,NC]
|