...
Property | Type | Default | Function |
---|---|---|---|
idp.cookie.secure | Boolean | false | Whether cookies created by the software include the "secure" attribute; the default is mostly an accident, you should strongly consider setting this |
idp.cookie.httpOnly | Boolean | true | Whether cookies created by the software include the "httpOnly" attribute (excepting a few user-preference cookies that are explicitly meant to be accessed by JavaScript) |
idp.cookie.domain | String | Optional domain to attach to cookies | |
idp.cookie.path | String | Optional path to attach to cookies | |
idp.cookie.maxAge | Integer | 31536000 | Lifetime of non-session cookies |
idp.storage.cleanupInterval | Duration | PT10M | Interval of background thread sweeping server-side storage for expired records |
idp.storage.htmlLocalStorage | Boolean | false | Whether to use HTML Local Storage (if available) instead of cookies |
idp.storage.clientSessionStorageName 3.3 | String | shib_idp_session_ss | Name of cookie or HTML storage key used by the default per-session instance of the client storage service |
idp.storage.clientPersistentStorageName 3.3 | String | shib_idp_persistent_ss | Name of cookie or HTML storage key used by the default persistent instance of the client storage service |
idp.session.StorageService | Bean ID of a StorageService | shibboleth.ClientSessionStorageService | Storage back-end to use for IdP sessions, authentication results, and optionally tracking of SP usage for logout |
idp.consent.StorageService | Bean ID of a StorageService | shibboleth.ClientPersistentStorageService | Storage back-end to use for consent and terms-of-use records |
idp.replayCache.StorageService | Bean ID of a StorageService | shibboleth.StorageService | Storage back-end to use for message replay checking (must be server-side) |
idp.replayCache.strict 3.4 | Boolean | true | Whether storage errors during replay checks should be treated as a replay |
idp.artifact.StorageService | Bean ID of a StorageService | shibboleth.StorageService | Storage back-end to use for short-lived SAML Artifact mappings (must be server-side) |
idp.cas.StorageService | Bean ID of a StorageService | shibboleth.StorageService | Storage back-end to use for CAS ticket mappings (must be server-side) |
...