Add basic installation script with saml support

[cascardo/ipsilon.git] / templates / install / saml2 / sp.conf

diff --git a/templates/install/saml2/sp.conf b/templates/install/saml2/sp.conf
new file mode 100644 (file)
index 0000000..57abdfd
--- /dev/null
+++ b/templates/install/saml2/sp.conf
@@ -0,0 +1,28 @@
+# This is a server-wide configuration that will add information from the Mellon
+# session to all requests under this path.
+<Location ${saml_base}>
+    MellonEnable "${saml_protect}"
+    MellonSPPrivateKeyFile "${saml_sp_key}"
+    MellonSPCertFile "${saml_sp_cert}"
+    MellonSPMetadataFile "${saml_sp_meta}"
+    MellonIdPMetadataFile "${saml_idp_meta}"
+    MellonEndpointPath ${saml_sp}
+    MellonVariable "saml-sesion-cookie"
+    # Comment out the next line if you want to allow logins on bare HTTP
+    MellonsecureCookie On
+    MellonUser "NAME_ID"
+    MellonIdP "IDP"
+    MellonSessionLength 3600
+    # MellonNoCookieErrorPage "https://idp.example.com/no-cookie-error.html"
+    # MellonPostDirectory "/var/lib/ipsilon/post_cache"
+    # MellonPostReplay On
+</Location>
+
+${saml_auth}
+
+${sp}Alias /saml2protected /usr/share/ipsilon/ui/saml2sp
+${sp}
+${sp}<Directory /usr/share/ipsilon/ui/saml2sp>
+${sp}    SSLRequireSSL
+${sp}    Require all granted
+${sp}</Directory>