idp.additionalProperties

Comma-delimited paths

Used to point to additional property files to load. All properties must be unique and are ultimately pooled into a single, unordered set.

idp.entityID

See RelyingPartyConfiguration for reference.

idp.entityID.metadataFile

File pathname

%{idp.home}/metadata/idp-metadata.xml

Identifies the file to serve for requests to the IdP's "well-known metadata location"

idp.scope

See ScopedAttributeDefinition for reference.

idp.cookie.secure

See SecurityConfiguration for reference.

idp.cookie.httpOnly

idp.cookie.domain

idp.cookie.path

idp.cookie.maxAge

idp.cookie.sameSite

idp.csrf.enabled

See Cross-Site Request Forgery (CSRF) Protection for reference.

idp.csrf.token.parameter

idp.hsts

max-age=0

Auto-configures an HSTS response header

idp.frameoptions

DENY

Auto-configures an X-Frame-Options response header

idp.csp

frame-ancestors 'none';

Auto-configures a Content Security Policy response header

idp.webflows

Path

%{idp.home}/flows

Location from which to load user-supplied webflows from. See also SpringConfiguration

idp.views

Comma-delimited paths

%{idp.home}/views

Location from which to load user-modifiable Velocity view templates. This can be set to include "classpath*:/META-INF/net/shibboleth/idp/views" (or equivalent) to load templates from the classpath, such as from extension jars, but doing so disables support for template reloading.

idp.sealer.keyStrategy

See SecurityConfiguration for reference.

idp.sealer.storeType

idp.sealer.updateInterval

idp.sealer.aliasBase

idp.sealer.storeResource

idp.sealer.versionResource

idp.sealer.storePassword

idp.sealer.keyPassword

idp.signing.key

idp.signing.cert

idp.encryption.key

idp.encryption.cert

idp.encryption.key.2

idp.encryption.cert.2

idp.security.config

idp.signing.config

idp.encryption.config

idp.trust.signatures

idp.trust.certificates

idp.encryption.optional

idp.errors.detailed

See ErrorHandlingConfiguration for reference.

idp.errors.signed

idp.errors.excludedExceptions

idp.errors.exceptionMappings

idp.errors.defaultView

idp.storage.cleanupInterval

See StorageConfiguration for reference.

idp.storage.htmlLocalStorage

idp.session.enabled

See SessionConfiguration for reference.

idp.session.StorageService

idp.session.idSize

idp.session.consistentAddress

idp.session.consistentAddressCondition

idp.session.timeout

idp.session.slop

idp.session.maskStorageFailure

idp.session.trackSPSessions

idp.session.secondaryServiceIndex

idp.session.defaultSPlifetime

idp.authn.flows

See AuthenticationConfiguration for reference.

idp.authn.defaultLifetime

idp.authn.defaultTimeout

idp.authn.rpui

idp.authn.favorSSO

idp.authn.identitySwitchIsError

idp.consent.StorageService

See ConsentConfiguration for reference.

idp.consent.attribute-release.userStorageKey

idp.consent.attribute-release.userStorageKeyAttribute

idp.consent.terms-of-use.userStorageKey

idp.consent.terms-of-use.userStorageKeyAttribute

idp.consent.terms-of-use.consentValueMessageCodeSuffix

idp.consent.allowDoNotRemember

idp.consent.allowGlobal

idp.consent.allowPerAttribute

idp.consent.compareValues

idp.consent.maxStoredRecords

idp.consent.expandedMaxStoredRecords

idp.consent.storageRecordLifetime

idp.logout.elaboration

See LogoutConfiguration for reference.

idp.logout.authenticated

idp.logout.promptUser

idp.policy.messageLifetime

See SecurityConfiguration for reference.

idp.policy.assertionLifetime

idp.policy.clockSkew

idp.replayCache.StorageService

See StorageConfiguration for reference.

idp.replayCache.strict

idp.artifact.enabled

See RelyingPartyConfiguration for reference.

idp.artifact.secureChannel

idp.artifact.endpointIndex

idp.artifact.StorageService

See StorageConfiguration for reference.

idp.ui.fallbackLanguages

idp.cas.StorageService

See CasProtocolConfiguration for reference.

idp.cas.serviceRegistryClass

idp.cas.relyingPartyIdFromMetadata

idp.fticks.*