The <InProcess>
element contains settings governing the portion of the SP that runs inside the web server. It also includes content specific to particular web servers that supply an inadequate native configuration mechanism. On version 2.4 and above, it is required for IIS usage, optional otherwise.
<InProcess logger="native.logger" checkSpoofing="true"> <Extensions> <Library path="adfs-lite.so" fatal="true"/> </Extensions> <ISAPI/> </InProcess> |
When omitted, the default attribute values below are used, no extensions are loaded, and no IIS configuration information is supplied.
logger
(local pathname) (default is native.logger
on 2.4+)native.log
file. If set, this overrides theĀ logger
property in theĀ <SPConfig>
parent element, but if omitted (defaulted), the parent property will take precedence.catchAll
(boolean) (default is false)unsetHeaderValue
(string) (default is empty string)checkSpoofing
(boolean) (default is true)spoofKey
(string)checkSpoofing
option. Web servers do not generally provide a reliable means of detecting whether a request is directly from a client or has been internally redirected/rewritten in some fashion.When using Apache, strongly consider porting applications to rely on environment variables in place of headers. If this is not possible, the On the Windows/IIS platform, a random key is automatically generated to ensure the detection feature works safely. On other platforms, you need to establish the |
<Extensions>
<ISAPI>