When there are multiple websites served by the same web server and Shibboleth Service Provider, you may have site that need different session values than others. This document describes how to create a new session for a website.
Step 1: Create and name the application via <ApplicationOverride> and the id property.
Open shibboleth2.xml, add <ApplicationOverride> block inside <ApplicationDefaults> block. The new session for this application is defined inside <ApplicationOverride> block.
shibboleth2.xml
<ApplicationDefaults entityID="xxx" ...>
<Sessions lifetime="28800" timeout="3600" relayState="ss:mem" checkAddress="false" handlerSSL="true" cookieProps="https">
...
<ApplicationOverride id="myAppName">
<Sessions lifetime="7200" timeout="600" relayState="ss:mem"checkAddress="false" handlerSSL="true" cookieProps="https" />
</ApplicationOverride>
</ApplicationDefaults>
Step 2: Map the applicable resources using a matching applicationId setting.
For Apache, open httpd.conf or equiv
<VirtualHost ...>
<Location />
AuthType shibboleth
ShibRequestSetting applicationId myAppName
...
</Location>
</VirtualHost>
For IIS, open shibboleth2.xml
<RequestMap>
...
<Host name="myapphost.example.org" applicationId="myAppName"/>
...
</RequestMap>
See Also
Shibboleth Project's ApplicationOverride