1 # This is a server-wide configuration that will add information from the Mellon
2 # session to all requests under this path.
3 <Location ${saml_base}>
4 MellonEnable "${saml_protect}"
5 MellonSPPrivateKeyFile "${saml_sp_key}"
6 MellonSPCertFile "${saml_sp_cert}"
7 MellonSPMetadataFile "${saml_sp_meta}"
8 MellonIdPMetadataFile "${saml_idp_meta}"
9 MellonEndpointPath ${saml_sp}
10 MellonVariable "saml-sesion-cookie"
11 # Comment out the next two lines if you want to allow logins on bare HTTP
12 MellonsecureCookie ${saml_secure_on}
13 ${ssl_require}SSLRequireSSL
16 MellonSessionLength 3600
17 # MellonNoCookieErrorPage "https://idp.example.com/no-cookie-error.html"
18 # MellonPostDirectory "/var/lib/ipsilon/post_cache"
24 ${sp}Alias /saml2protected /usr/share/ipsilon/ui/saml2sp
26 ${sp}<Directory /usr/share/ipsilon/ui/saml2sp>
28 ${sp} Require all granted
31 # Redirect requests to the secure port
32 ${ssl_rewrite}RewriteEngine on
33 ${ssl_rewrite}RewriteCond %{SERVER_PORT} !^${ssl_port}$$
34 ${ssl_rewrite}RewriteRule ^${saml_base}(.*) https://${sp_hostname}${sp_port}${saml_base}$$1 [L,R=301,NC]