eIf If you use Apache and all you need Shibboleth for is to create your application's own session you don't really need any host affinity at all. You can use proxying to assure that all login activity occurs on the same host.
...
|
Protect the real shib login path
Any require lines should be OK.
|
...