Skip to content
Snippets Groups Projects
Commit 0150cba8 authored by Adam Lewenberg's avatar Adam Lewenberg
Browse files

more

parent 849164da
No related branches found
No related tags found
No related merge requests found
......@@ -7,9 +7,24 @@ class shibb_idp3::config {
mode => '0644',
}
# The idp.properties file.
### PROPERTIES FILES
# idp.properties
include shibb_idp3::config::idp_properties
# services.properties
# Controls the dynamic reloading behavior of
# services listed services.xml. Right now, we want relying-party
# resources to use legacy V2 format.
file { '/etc/shibboleth-idp/conf/services.properties':
ensure => present,
content => template('shibb_idp3/etc/shibboleth-idp/conf/services.properties.erb'),
mode => '0644',
}
###
# 1. web.xml: custom version contains TwoStepRemoteUser definition.
file { '/opt/shibboleth-idp/webapp/WEB-INF/web.xml':
ensure => present,
......
# Configure the resources to load for various services,
# and the settings for failure handling and auto-reload.
# failFast=true prevents IdP startup if a configuration is bad
# checkInterval = PT0S means never reload (this is the default)
# Global default for fail-fast behavior of most subsystems
# with individual override possible below.
#idp.service.failFast = false
#idp.service.logging.resource = %{idp.home}/conf/logback.xml
#idp.service.logging.failFast = true
idp.service.logging.checkInterval = PT5M
# Set to shibboleth.LegacyRelyingPartyResolverResources with legacy V2 relying-party.xml
#idp.service.relyingparty.resources = shibboleth.RelyingPartyResolverResources
idp.service.relyingparty.resources = shibboleth.LegacyRelyingPartyResolverResources
#idp.service.relyingparty.failFast = false
idp.service.relyingparty.checkInterval = PT15M
#idp.service.metadata.resources = shibboleth.MetadataResolverResources
#idp.service.metadata.failFast = false
#idp.service.metadata.checkInterval = PT0S
#idp.service.attribute.resolver.resources = shibboleth.AttributeResolverResources
#idp.service.attribute.resolver.failFast = false
idp.service.attribute.resolver.checkInterval = PT15M
#idp.service.attribute.resolver.maskFailures = true
#idp.service.attribute.filter.resources = shibboleth.AttributeFilterResources
# NOTE: Failing the filter fast leaves no filters enabled.
#idp.service.attribute.filter.failFast = false
idp.service.attribute.filter.checkInterval = PT15M
#idp.service.attribute.filter.maskFailures = true
#idp.service.nameidGeneration.resources = shibboleth.NameIdentifierGenerationResources
#idp.service.nameidGeneration.failFast = false
idp.service.nameidGeneration.checkInterval = PT15M
#idp.service.access.resources = shibboleth.AccessControlResources
#idp.service.access.failFast = true
idp.service.access.checkInterval = PT5M
#idp.service.cas.registry.resources = shibboleth.CASServiceRegistryResources
#idp.service.cas.registry.failFast = false
idp.service.cas.registry.checkInterval = PT15M
#idp.message.resources = shibboleth.MessageSourceResources
#idp.message.cacheSeconds = 300
# Parameters for pre-defined HttpClient instances which perform in-memory and filesystem caching.
# These are used with components such as remote configuration resources that are explicitly wired
# with these client instances, *not* by default with HTTP metadata resolvers.
#idp.httpclient.useTrustEngineTLSSocketFactory = false
#idp.httpclient.useSecurityEnhancedTLSSocketFactory = false
#idp.httpclient.connectionDisregardTLSCertificate = false
#idp.httpclient.connectionTimeout = -1
#idp.httpclient.memorycaching.maxCacheEntries = 50
#idp.httpclient.memorycaching.maxCacheEntrySize = 1048576
#idp.httpclient.filecaching.maxCacheEntries = 100
#idp.httpclient.filecaching.maxCacheEntrySize = 10485760
idp.httpclient.filecaching.cacheDirectory = %{idp.home}/tmp/httpClientCache
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment