blob: a7adaf988a3c78bce6179b532d414647cc398969 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
|
# This is a server-wide configuration that will add information from the Mellon
# session to all requests under this path.
<Location ${saml_base}>
MellonEnable "${saml_protect}"
MellonSPPrivateKeyFile "${saml_sp_key}"
MellonSPCertFile "${saml_sp_cert}"
MellonSPMetadataFile "${saml_sp_meta}"
MellonIdPMetadataFile "${saml_idp_meta}"
MellonEndpointPath ${saml_sp}
MellonVariable "saml-sesion-cookie"
# Comment out the next two lines if you want to allow logins on bare HTTP
MellonsecureCookie ${saml_secure_on}
${ssl_require}SSLRequireSSL
MellonUser "NAME_ID"
MellonIdP "IDP"
MellonSessionLength 3600
# MellonNoCookieErrorPage "https://idp.example.com/no-cookie-error.html"
# MellonPostDirectory "/var/lib/ipsilon/post_cache"
# MellonPostReplay On
</Location>
${saml_auth}
${sp}Alias /saml2protected /usr/share/ipsilon/ui/saml2sp
${sp}
${sp}<Directory /usr/share/ipsilon/ui/saml2sp>
${sp} SSLRequireSSL
${sp} Require all granted
${sp}</Directory>
# Redirect requests to the secure port
${ssl_rewrite}RewriteEngine on
${ssl_rewrite}RewriteCond %{SERVER_PORT} !^${ssl_port}$$
${ssl_rewrite}RewriteRule ^${saml_base}(.*) https://${sp_hostname}${sp_port}${saml_base}$$1 [L,R=301,NC]
|
