# Configure the resources to load for various services, # and the settings for failure handling and auto-reload. # failFast=true prevents IdP startup if a configuration is bad # checkInterval = PT0S means never reload (this is the default) # Global default for fail-fast behavior of most subsystems # with individual override possible below. #idp.service.failFast = false #idp.service.logging.resource = %{idp.home}/conf/logback.xml #idp.service.logging.failFast = true idp.service.logging.checkInterval = PT5M #idp.service.relyingparty.resources = shibboleth.RelyingPartyResolverResources #idp.service.relyingparty.failFast = false idp.service.relyingparty.checkInterval = PT15M # See MetadataDrivenConfiguration wiki topic for details idp.service.relyingparty.ignoreUnmappedEntityAttributes=true #idp.service.metadata.resources = shibboleth.MetadataResolverResources #idp.service.metadata.failFast = false #idp.service.metadata.checkInterval = PT0S # Set to false if not using ByReference MetadataFilters for a small perf gain #idp.service.metadata.enableByReferenceFilters = true #idp.service.attribute.registry.resources = shibboleth.AttributeRegistryResources #idp.service.attribute.registry.failFast = false idp.service.attribute.registry.checkInterval = PT15M # Default control of whether to encode XML attribute data with xsi:type idp.service.attribute.registry.encodeType = false #idp.service.attribute.resolver.resources = shibboleth.AttributeResolverResources #idp.service.attribute.resolver.failFast = false idp.service.attribute.resolver.checkInterval = PT15M #idp.service.attribute.resolver.maskFailures = true #idp.service.attribute.resolver.stripNulls = false #idp.service.attribute.resolver.suppressDisplayInfo = true #idp.service.attribute.filter.resources = shibboleth.AttributeFilterResources # NOTE: Failing the filter fast leaves no filters enabled. #idp.service.attribute.filter.failFast = false idp.service.attribute.filter.checkInterval = PT15M #idp.service.attribute.filter.maskFailures = true #idp.service.nameidGeneration.resources = shibboleth.NameIdentifierGenerationResources #idp.service.nameidGeneration.failFast = false idp.service.nameidGeneration.checkInterval = PT15M #idp.service.access.resources = shibboleth.AccessControlResources #idp.service.access.failFast = true idp.service.access.checkInterval = PT5M #idp.service.cas.registry.resources = shibboleth.CASServiceRegistryResources #idp.service.cas.registry.failFast = false idp.service.cas.registry.checkInterval = PT15M #idp.service.managedBean.resources = shibboleth.ManagedBeanResources #idp.service.managedBean.failFast = false idp.service.managedBean.checkInterval = PT15M #idp.message.resources = shibboleth.MessageSourceResources #idp.message.cacheSeconds = 300 # These settings impact the behavior of the internal HTTP Client used by default # with some internal components, but notably *not* for metadata acquisition. #idp.httpclient.useSecurityEnhancedTLSSocketFactory = false #idp.httpclient.connectionDisregardTLSCertificate = false #idp.httpclient.connectionRequestTimeout = PT1M #idp.httpclient.connectionTimeout = PT1M #idp.httpclient.socketTimeout = PT1M #idp.httpclient.maxConnectionsTotal = 100 #idp.httpclient.maxConnectionsPerRoute = 100 # These are deprecated properties that configure the old caching HttpClient # beans that are no longer supported. If you want to manually configure # the caching clients, you should define the beans yourself and if desired # rely on properties of your own devising. #idp.httpclient.memorycaching.maxCacheEntries = 50 #idp.httpclient.memorycaching.maxCacheEntrySize = 1048576 #idp.httpclient.filecaching.maxCacheEntries = 100 #idp.httpclient.filecaching.maxCacheEntrySize = 10485760 idp.httpclient.filecaching.cacheDirectory = %{idp.home}/tmp/httpClientCache