299719f23fa4624568732c2e9f84e146189a039b
[java-idp.git] / resources / WEB-INF / web.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <web-app xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
4     xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"
5     version="2.4">
6
7     <display-name>Shibboleth $IDP_VERSION$ Identity Provider</display-name>
8
9     <!--
10         Spring 2.0 application context files.  Files are loaded in the order they appear with subsequent files 
11         overwritting same named beans in previous files.
12     -->
13     <context-param>
14         <param-name>contextConfigLocation</param-name>
15         <param-value>file://$IDP_HOME$/conf/internal.xml; file://$IDP_HOME$/conf/service.xml;</param-value>
16     </context-param>
17
18     <!-- 
19         Spring 2.0 listener used to load up the configuration
20     -->
21     <listener>
22         <listener-class>org.springframework.web.context.ContextLoaderListener</listener-class>
23     </listener>
24
25     <!-- 
26         Session time inactivity timeout, in minutes.
27         
28         A timeout of 0 or less means the session never timesout.  Such a setting is strongly discouraged and will 
29         almost certainly lead to memory exhaustion under moderate to heavy loads or in servers with prolonged uptime.
30     -->
31     <session-config>
32         <session-timeout>30</session-timeout>
33     </session-config>
34
35     <!-- Profile Request Dispatcher -->
36     <servlet>
37         <servlet-name>ProfileRequestDispatcher</servlet-name>
38         <servlet-class>
39             edu.internet2.middleware.shibboleth.idp.profile.ShibbolethProfileRequestDispatcher
40         </servlet-class>
41     </servlet>
42
43     <servlet-mapping>
44         <servlet-name>ProfileRequestDispatcher</servlet-name>
45         <url-pattern>/profile/*</url-pattern>
46     </servlet-mapping>
47
48     <!-- Authentication Engine Entry Point -->
49     <servlet>
50         <servlet-name>AuthenticationEngine</servlet-name>
51         <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.AuthenticationEngine</servlet-class>
52     </servlet>
53
54     <servlet-mapping>
55         <servlet-name>AuthenticationEngine</servlet-name>
56         <url-pattern>/AuthnEngine</url-pattern>
57     </servlet-mapping>
58
59     <!-- Servlet protected by container user for RemoteUser authentication -->
60     <servlet>
61         <servlet-name>RemoteUserAuthHandler</servlet-name>
62         <servlet-class>edu.internet2.middleware.shibboleth.idp.authn.provider.RemoteUserAuthServlet</servlet-class>
63     </servlet>
64
65     <servlet-mapping>
66         <servlet-name>RemoteUserAuthHandler</servlet-name>
67         <url-pattern>/Authn/RemoteUser</url-pattern>
68     </servlet-mapping>
69
70     <security-constraint>
71         <display-name>Shibboleth IdP</display-name>
72         <web-resource-collection>
73             <web-resource-name>remote user authentication</web-resource-name>
74             <url-pattern>/Authn/RemoteUser</url-pattern>
75             <http-method>GET</http-method>
76             <http-method>POST</http-method>
77         </web-resource-collection>
78         <user-data-constraint>
79             <transport-guarantee>INTEGRAL</transport-guarantee>
80         </user-data-constraint>
81     </security-constraint>
82     
83     <login-config>
84       <auth-method>BASIC</auth-method>
85       <realm-name>Password Auth</realm-name>
86     </login-config>
87 </web-app>