Versions Compared

Old Version 13

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version Current

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents

Overview

The <RequestMap> element is the root of the XML-based RequestMapper configuration (see the general documentation on this plugin for context). The root element is a globally applicable container that can apply settings to all requests.

Info

A special requirement of this root element is that it MUST contain an applicationId attribute with a value of "default", which in turn matches the required id attribute of the outer-most <ApplicationDefaults> element in the shibboleth2shibboleth2.xml file.

Apart from establishing default settings, its purpose is to act as a container for the rules you specify regarding virtual host, path, and/or query string matching to apply settings. The tree structure of the XML essentially maps to the tree structure of the URL space of your web server.

...

The element supports a large number of XML attributes corresponding to the content settings supported by the SP:

Include Page
ContentSettings
ContentSettings

Child Elements

...

...

Access Control Elements

...

Attaches a custom access control implementation provided by a plugin.

...

Attaches an access control policy using the XML-based plugin provided with the SP. This is a short-hand for embedding the policy in the element above, if you want the policy inside the RequestMapper's configuration file anyway.

...

Include Page
AccessControl
AccessControl

Nested Content Specifiers

The following elements are supported to narrow the matching process:

Name

Cardinality

Description

<Host>

0 or more

Matches requests via the exact hostname (and optionally port and scheme).

<HostRegex>

0 or more

Matches requests with a URL prefix matching a regular expression. The prefix contains everyting up until the slash following the hostname or port.

The matching process is peformed by examining <examining <Host> elements > elements in order, and then checking any <any <HostRegex> elements > elements in order, in separate passes (see the HowTo).

...

A somewhat non-trivial example shows a pair of virtual hosts with one bound to an <an <ApplicationOverride> called admin. The path "/secure" on the primary host is protected automatically, while the entire admin host is protected along with access control rule embedded in the configuration.

...