Options common to most/all profiles:
Bean named shibboleth.DefaultSecurityConfiguration
An object containing all of the default security-related objects needed for peer authentication and encryption. See SecurityConfiguration for complete details.
A bitmask of features to disallow, the mask values being specific to individual profiles
Modifying the security configuration is usually done to:
specify an alternate signing or decryption key to use
control signing or encryption algorithms (but for metadata you control, it's advisable to control algorithms by using an extension to specify supported algorithms).