You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 2 Next »

When there are multiple websites served by the same web server and Shibboleth Service Provider, you may have site that need different session values than others. This document describes how to create a new session for a website.

Step 1: Create and name the application via <ApplicationOverride> and the id property.

Open shibboleth2.xml, add <ApplicationOverride> block inside <ApplicationDefaults> block. The new session for this application is defined inside <ApplicationOverride> block.

shibboleth2.xml
<ApplicationDefaults entityID="xxx"  ...>
    <Sessions lifetime="28800" timeout="3600" relayState="ss:mem" checkAddress="false" handlerSSL="true" cookieProps="https">
    ...
    <ApplicationOverride id="myAppName">
      <Sessions lifetime="7200" timeout="600" relayState="ss:mem"checkAddress="false" handlerSSL="true" cookieProps="https">           
        <SSO entityID="https://shibidp.cit.cornell.edu/idp/shibboleth">
          SAML2
        </SSO>
      </Sessions>
    </ApplicationOverride>
</ApplicationDefaults>

Step 2: Map the applicable resources using a matching applicationId setting.

Apache (httpd.conf or equiv)
<VirtualHost ...>
    <Location />
       AuthType shibboleth
       ShibRequestSetting applicationId myAppName
       ...  
    </Location>
</VirtualHost>
IIS(shibboleth2.xml)
<RequestMap>
...
    <Host name="myapphost.example.org" applicationId="myAppName"/>
...
</RequestMap>


See Also

Shibboleth Project's ApplicationOverride


  • No labels