diff --git a/shibauth/etc-httpd/conf.d/sp.conf b/shibauth/etc-httpd/conf.d/sp.conf
index edfa7e84698603bc22cc75e45bec500d8dac8d78..ad617192aa2f9f06e8ce510acfadaff39c960ab4 100755
--- a/shibauth/etc-httpd/conf.d/sp.conf
+++ b/shibauth/etc-httpd/conf.d/sp.conf
@@ -1,12 +1,13 @@
 <VirtualHost *:80>
-    ServerName https://emg.pdas.prism.eox.at:443
+    ServerName PassEnv APACHE_SERVERNAME
     UseCanonicalName On
 
     DocumentRoot "/var/www/html"
     <Location /secure>
       AuthType shibboleth
       ShibRequestSetting requireSession 1
-      require shib-session
-      RequestHeader set Referer X-Forwarded-Uri env=X-Forwarded-Uri
+      ShibAccessControl /etc/shibboleth/pass-ac.xml
+      RequestHeader set Referer "%{X-Forwarded-Uri}e"
+      Header set Referer "%{X-Forwarded-Uri}e"
     </Location>
 </VirtualHost>
\ No newline at end of file
diff --git a/shibauth/shibboleth-conf/attribute-map.xml b/shibauth/shibboleth-conf/attribute-map.xml
index e9e9797a63d571bea770b7ffbbafc5203a873598..d20c514072b8651fd1c5a825d1cdfe5a1fab5dc4 100755
--- a/shibauth/shibboleth-conf/attribute-map.xml
+++ b/shibauth/shibboleth-conf/attribute-map.xml
@@ -1,5 +1,4 @@
 <Attributes xmlns="urn:mace:shibboleth:2.0:attribute-map" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-    <Attribute name="urn:oid:0.9.2342.19200300.100.1.1" id="uid" />
-    <Attribute name="urn:oid:2.16.840.1.113730.3.1.241" id="displayName"/>
-    <Attribute name="urn:oid:0.9.2342.19200300.100.1.3" id="mail"/>
+    <Attribute name="urn:mace:dir:attribute-def:cds-spci-es_oa-signed-tcs" id="spField1" />
+    <Attribute name="urn:mace:dir:attribute-def:cds-spci-es_oa-user-category" id="spField2"/>
 </Attributes>
diff --git a/shibauth/shibboleth-conf/pass-ac.xml b/shibauth/shibboleth-conf/pass-ac.xml
new file mode 100644
index 0000000000000000000000000000000000000000..134656602d8a260e7751f5342f261556bdfc0658
--- /dev/null
+++ b/shibauth/shibboleth-conf/pass-ac.xml
@@ -0,0 +1,9 @@
+<AccessControl
+type="edu.internet2.middleware.shibboleth.sp.provider.XMLAccessControl">
+  <AND>
+    <Rule require="spField2">
+      Copernicus_Services Union_Inst Union_Research_Projects_space Union_Research_Projects_non-space Public_Auth
+    </Rule>
+    <RuleRegex require="spField1">.+</RuleRegex>
+  </AND>
+</AccessControl>
\ No newline at end of file