Add explicit PreviousSession support
[java-idp.git] / resources / conf / handler.xml
1 <?xml version="1.0" encoding="UTF-8"?>
2
3 <ProfileHandlerGroup xmlns="urn:mace:shibboleth:2.0:idp:profile-handler"
4                      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
5                      xsi:schemaLocation="urn:mace:shibboleth:2.0:idp:profile-handler classpath:/schema/shibboleth-2.0-idp-profile-handler.xsd">
6
7     <ErrorHandler xsi:type="JSPErrorHandler" jspPagePath="/error.jsp" />
8
9     <ProfileHandler xsi:type="Status">
10         <RequestPath>/Status</RequestPath>
11     </ProfileHandler>
12
13     <ProfileHandler xsi:type="ShibbolethSSO"
14                     inboundBinding="urn:mace:shibboleth:1.0:profiles:AuthnRequest"
15                     outboundBindingEnumeration="urn:oasis:names:tc:SAML:1.0:profiles:browser-post 
16                                                 urn:oasis:names:tc:SAML:1.0:profiles:artifact-01">
17         <RequestPath>/Shibboleth/SSO</RequestPath>
18     </ProfileHandler>
19     
20     <ProfileHandler xsi:type="SAML1AttributeQuery" 
21                     inboundBinding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
22                     outboundBindingEnumeration="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding">
23         <RequestPath>/SAML1/SOAP/AttributeQuery</RequestPath>
24     </ProfileHandler>
25     
26     <ProfileHandler xsi:type="SAML1ArtifactResolution" 
27                     inboundBinding="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding"
28                     outboundBindingEnumeration="urn:oasis:names:tc:SAML:1.0:bindings:SOAP-binding">
29         <RequestPath>/SAML1/SOAP/ArtifactResolution</RequestPath>
30     </ProfileHandler>
31     
32     <ProfileHandler xsi:type="SAML2SSO" 
33                     inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
34                     outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign
35                                                 urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST 
36                                                 urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
37         <RequestPath>/SAML2/POST/SSO</RequestPath>
38     </ProfileHandler>
39
40     <ProfileHandler xsi:type="SAML2SSO" 
41                     inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
42                     outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign
43                                                 urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST 
44                                                 urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
45         <RequestPath>/SAML2/POST-SimpleSign/SSO</RequestPath>
46     </ProfileHandler>
47
48     <ProfileHandler xsi:type="SAML2SSO" 
49                     inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
50                     outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign
51                                                 urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST 
52                                                 urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact">
53         <RequestPath>/SAML2/Redirect/SSO</RequestPath>
54     </ProfileHandler>
55     
56     <ProfileHandler xsi:type="SAML2AttributeQuery"
57                     inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
58                     outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP">
59         <RequestPath>/SAML2/SOAP/AttributeQuery</RequestPath>
60     </ProfileHandler>
61     
62     <ProfileHandler xsi:type="SAML2ArtifactResolution" 
63                     inboundBinding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
64                     outboundBindingEnumeration="urn:oasis:names:tc:SAML:2.0:bindings:SOAP">
65         <RequestPath>/SAML2/SOAP/ArtifactResolution</RequestPath>
66     </ProfileHandler>
67     
68     <LoginHandler xsi:type="RemoteUser">
69         <AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</AuthenticationMethod>
70     </LoginHandler>
71     
72     <LoginHandler xsi:type="UsernamePassword" 
73                   jaasConfigurationLocation="file://$IDP_HOME$/conf/login.config">
74         <AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport</AuthenticationMethod>
75     </LoginHandler>
76     
77     <!-- 
78         Removal of this login handler will disable SSO support, that is it will require the user to authenticate 
79         on every request.
80     -->
81     <LoginHandler xsi:type="PreviousSession">
82         <AuthenticationMethod>urn:oasis:names:tc:SAML:2.0:ac:classes:PreviousSession</AuthenticationMethod>
83     </LoginHandler>
84
85 </ProfileHandlerGroup>