[...] # Load any additional property resources from a comma-delimited list idp.additionalProperties=/conf/ldap.properties, /conf/saml-nameid.properties, /conf/services.properties, /conf/authn/duo.properties # In most cases (and unless noted in the surrounding comments) the # commented settings in the distributed files are the default # behavior for V3. # # Uncomment them and change the value to change functionality. # Set the entityID of the IdP idp.entityID=https://mon-poste.fr/idp/shibboleth # Set the file path which backs the IdP's own metadata publishing endpoint at /shibboleth. # Set to empty value to disable and return a 404. #idp.entityID.metadataFile=%{idp.home}/metadata/idp-metadata.xml # Set the scope used in the attribute resolver for scoped attributes idp.scope=univ-test.fr # General cookie properties (maxAge only applies to persistent cookies) # Note the default for idp.cookie.secure, you will usually want it set. #idp.cookie.secure = false #idp.cookie.httpOnly = true #idp.cookie.domain = #idp.cookie.path = #idp.cookie.maxAge = 31536000 # HSTS/CSP response headers #idp.hsts = max-age=0 # X-Frame-Options value, set to DENY or SAMEORIGIN to block framing #idp.frameoptions = DENY # Content-Security-Policy value, set to match X-Frame-Options default #idp.csp = frame-ancestors 'none'; # Set the location of user-supplied web flow definitions #idp.webflows = %{idp.home}/flows # Set the location of Velocity view templates #idp.views = %{idp.home}/views # Settings for internal AES encryption key #idp.sealer.storeType = JCEKS #idp.sealer.updateInterval = PT15M #idp.sealer.aliasBase = secret idp.sealer.storeResource=%{idp.home}/credentials/sealer.jks idp.sealer.versionResource=%{idp.home}/credentials/sealer.kver [...] # Size of session IDs #idp.session.idSize = 32 # Bind sessions to IP addresses #idp.session.consistentAddress = true # Inactivity timeout #idp.session.timeout = PT60M # Extra time to store sessions for logout #idp.session.slop = PT0S # Tolerate storage-related errors #idp.session.maskStorageFailure = false # Track information about SPs logged into #idp.session.trackSPSessions = false # Support lookup by SP for SAML logout #idp.session.secondaryServiceIndex = false # Length of time to track SP sessions #idp.session.defaultSPlifetime = PT2H [...]