Add Cache-Control header to prevent browser caching of SAML auth location

[cascardo/ipsilon.git] / ipsilon / install / ipsilon-client-install

diff --git a/ipsilon/install/ipsilon-client-install b/ipsilon/install/ipsilon-client-install
index 484c462..237b439 100755 (executable)
--- a/ipsilon/install/ipsilon-client-install
+++ b/ipsilon/install/ipsilon-client-install
@@ -115,6 +115,7 @@ def saml2():
             saml_protect = 'info'
             saml_auth = '<Location %s>\n' \
                         '    MellonEnable "auth"\n' \
+                        '    Header append Cache-Control "no-cache"\n' \
                         '</Location>\n' % args['saml_auth']
 
         psp = '# '
@@ -123,8 +124,12 @@ def saml2():
             psp = ''
 
         saml_secure = 'Off'
+        ssl_require = '#'
+        ssl_rewrite = '#'
         if args['saml_secure_setup']:
             saml_secure = 'On'
+            ssl_require = ''
+            ssl_rewrite = ''
 
         samlopts = {'saml_base': args['saml_base'],
                     'saml_protect': saml_protect,
@@ -135,6 +140,9 @@ def saml2():
                     'saml_sp': args['saml_sp'],
                     'saml_secure_on': saml_secure,
                     'saml_auth': saml_auth,
+                    'ssl_require': ssl_require,
+                    'ssl_rewrite': ssl_rewrite,
+                    'sp_hostname': args['hostname'],
                     'sp': psp}
         files.write_from_template(SAML2_CONFFILE, SAML2_TEMPLATE, samlopts)