When there are multiple websites served by the same web server and Shibboleth Service Provider, you may have site that need different session values than others. This document describes how to create a new session for a website.
Step 1: Create and name the application via <ApplicationOverride>
and the id
property.
Open shibboleth2.xml, add <ApplicationOverride> block inside <ApplicationDefaults> block. The new session for this application is defined inside <ApplicationOverride> block.
shibboleth2.xml
<ApplicationDefaults entityID="xxx" ...> <Sessions lifetime="28800" timeout="3600" relayState="ss:mem" checkAddress="false" handlerSSL="true" cookieProps="https"> ... <ApplicationOverride id="myAppName"> <Sessions lifetime="7200" timeout="600" relayState="ss:mem"checkAddress="false" handlerSSL="true" cookieProps="https"> <SSO entityID="https://shibidp.cit.cornell.edu/idp/shibboleth"> SAML2 </SSO> </Sessions> </ApplicationOverride> </ApplicationDefaults>
Step 2: Map the applicable resources using a matching applicationId
setting.
Apache (httpd.conf or equiv)
<VirtualHost ...> <Location /> AuthType shibboleth ShibRequestSetting applicationId myAppName ... </Location> </VirtualHost>
IIS(shibboleth2.xml)
<RequestMap> ... <Host name="myapphost.example.org" applicationId="myAppName"/> ... </RequestMap>
See Also
Shibboleth Project's ApplicationOverride