When there are multiple websites served by the same web server and Shibboleth Service Provider, you may have site that need different session values than others. This document describes how to create a new session for a website.
Step 1: Create and name the application via <ApplicationOverride> and the id property.
Open shibboleth2.xml, add <ApplicationOverride> block inside <ApplicationDefaults> block. The new session for this application is defined inside <ApplicationOverride> block.
| Code Block |
|---|
|
<ApplicationDefaults entityID="xxx" ...>
<Sessions lifetime="28800" timeout="3600" relayState="ss:mem" checkAddress="false" handlerSSL="true" cookieProps="https">
...
<ApplicationOverride id="myAppName">
<Sessions lifetime="7200" timeout="600" relayState="ss:mem"checkAddress="false" handlerSSL="true" cookieProps="https" />
</ApplicationOverride>
</ApplicationDefaults> |
Step 2: Map the applicable resources using a matching applicationId setting.
| Code Block |
|---|
| title | For Apache, open httpd.conf or equiv |
|---|
|
<VirtualHost ...>
<Location />
AuthType shibboleth
ShibRequestSetting applicationId myAppName
...
</Location>
</VirtualHost> |
| Code Block |
|---|
| title | For IIS, open shibboleth2.xml |
|---|
|
<RequestMap>
...
<Host name="myapphost.example.org" applicationId="myAppName"/>
...
</RequestMap> |
Shibboleth Project's ApplicationOverride
