--- /dev/null
+# This is a server-wide configuration that will add information from the Mellon
+# session to all requests under this path.
+<Location ${saml_base}>
+ MellonEnable "${saml_protect}"
+ MellonSPPrivateKeyFile "${saml_sp_key}"
+ MellonSPCertFile "${saml_sp_cert}"
+ MellonSPMetadataFile "${saml_sp_meta}"
+ MellonIdPMetadataFile "${saml_idp_meta}"
+ MellonEndpointPath ${saml_sp}
+ MellonVariable "saml-sesion-cookie"
+ # Comment out the next line if you want to allow logins on bare HTTP
+ MellonsecureCookie On
+ MellonUser "NAME_ID"
+ MellonIdP "IDP"
+ MellonSessionLength 3600
+ # MellonNoCookieErrorPage "https://idp.example.com/no-cookie-error.html"
+ # MellonPostDirectory "/var/lib/ipsilon/post_cache"
+ # MellonPostReplay On
+</Location>
+
+${saml_auth}
+
+${sp}Alias /saml2protected /usr/share/ipsilon/ui/saml2sp
+${sp}
+${sp}<Directory /usr/share/ipsilon/ui/saml2sp>
+${sp} SSLRequireSSL
+${sp} Require all granted
+${sp}</Directory>