From 6a1fe4532a27576f707f51cec102b0c51fb0a0b9 Mon Sep 17 00:00:00 2001
From: Lubomir Bucek <lubomir.bucek@eox.at>
Date: Mon, 28 Sep 2020 13:57:04 +0200
Subject: [PATCH] add sample shibboleth conf

---
 auth/shibboleth-conf/shibboleth2.xml | 37 ++++++++++++++++++++++++++++
 1 file changed, 37 insertions(+)
 create mode 100644 auth/shibboleth-conf/shibboleth2.xml

diff --git a/auth/shibboleth-conf/shibboleth2.xml b/auth/shibboleth-conf/shibboleth2.xml
new file mode 100644
index 00000000..342e057e
--- /dev/null
+++ b/auth/shibboleth-conf/shibboleth2.xml
@@ -0,0 +1,37 @@
+<SPConfig xmlns="urn:mace:shibboleth:3.0:native:sp:config"
+xmlns:conf="urn:mace:shibboleth:3.0:native:sp:config"
+clockSkew="180">
+<OutOfProcess tranLogFormat="%u|%s|%IDP|%i|%ac|%t|%attr|%n|%b|%E|%S|%SS|%L|%UA|%a" />
+<ApplicationDefaults entityID="https://samplesp3.eo.esa.int/shibboleth"
+REMOTE_USER="eppn subject-id pairwise-id persistent-id"
+cipherSuites="DEFAULT:!EXP:!LOW:!aNULL:!eNULL:!DES:!IDEA:!SEED:!RC4:!3DES:!kRSA:!SSL
+v2:!SSLv3:!TLSv1:!TLSv1.1">
+<Sessions lifetime="28800" timeout="3600" relayState="ss:mem"
+checkAddress="false" handlerSSL="true" cookieProps="https">
+<SSO entityID="https://eo-sso-idp.eo.esa.int:443/shibboleth"
+discoveryProtocol="SAMLDS" discoveryURL="https://ds.example.org/DS/WAYF">
+SAML2
+</SSO>
+<Logout>SAML2 Local</Logout>
+<LogoutInitiator type="Admin" Location="/Logout/Admin" acl="127.0.0.1 ::1" />
+<Handler type="MetadataGenerator" Location="/Metadata" signing="false"/>
+<Handler type="Status" Location="/Status" acl="127.0.0.1 ::1 192.168.24.1/24"/>
+<Handler type="Session" Location="/Session" showAttributeValues="false"/>
+<Handler type="DiscoveryFeed" Location="/DiscoFeed"/>
+</Sessions>
+<Errors supportContact="root@samplesp3.eo.esa.int"
+helpLocation="/about.html"
+styleSheet="/shibboleth-sp/main.css"/>
+<MetadataProvider type="XML" validate="false" path="idp-metadata.xml"/>
+<AttributeExtractor type="XML" validate="true" reloadChanges="false"
+path="attribute-map.xml"/>
+<AttributeFilter type="XML" validate="true" path="attribute-policy.xml"/>
+<CredentialResolver type="File" use="signing"
+key="sp-signing-key.pem" certificate="sp-signing-cert.pem"/>
+<CredentialResolver type="File" use="encryption"
+key="sp-encrypt-key.pem" certificate="sp-encrypt-cert.pem"/>
+</ApplicationDefaults>
+<SecurityPolicyProvider type="XML" validate="true" path="security-policy.xml"/>
+<ProtocolProvider type="XML" validate="true" reloadChanges="false"
+path="protocols.xml"/>
+</SPConfig>
\ No newline at end of file
-- 
GitLab