websiddu/shibboleth2.xml

## shibboleth2.xml
<SPConfig xmlns="urn:mace:shibboleth:2.0:native:sp:config"
  xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config"
  xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
  xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
  xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
  clockSkew="180">

  <UnixListener address="/var/run/shibd.sock"/>

    <ApplicationDefaults entityID="https://green-certification.uw.edu"
      REMOTE_USER="uid eppn mail persistent-id targeted-id"
      signing="false"
      encryption="false">

      <Sessions lifetime="28800"
        timeout="28800" checkAddress="false"
        consistentAddress="false" relayState="ss:mem"
        handlerSSL="true">

          <SSO id="UW" isDefault="true" entityID="urn:mace:incommon:washington.edu">
            SAML2 SAML1
          </SSO>

          <Logout>SAML2 Local</Logout>
          <Handler type="MetadataGenerator" Location="/Metadata" signing="false"/>
          <Handler type="Status" Location="/Status" acl="127.0.0.1"/>
          <Handler type="Session" Location="/Session" showAttributeValues="true"/>
          <Handler type="DiscoveryFeed" Location="/DiscoFeed" dir="/var/run/shibboleth"/>
      </Sessions>

  <Errors session="/usr/local/etc/shibboleth/sessionError.html"
    metadata="/usr/local/etc/shibboleth/metadataError.html"
    access="/usr/local/etc/shibboleth/accessError.html"
    ssl="/usr/local/etc/shibboleth/sslError.html"
    supportContact="help@uw.edu"
    logoLocation="/shibboleth-sp/logo.jpg"
    styleSheet="/shibboleth-sp/main.css"/>

      <MetadataProvider type="XML"
        uri="http://md.incommon.org/InCommon/InCommon-metadata.xml"
        backingFilePath="/usr/local/etc/shibboleth/InCommon-metadata.xml"
        reloadInterval="7200"
        legacyOrgNames="true">
          <MetadataFilter type="RequireValidUntil" maxValidityInterval="2419200"/>
          <MetadataFilter type="Signature" certificate="inc-md-cert.pem"/>
      </MetadataProvider>

      <MetadataProvider type="XML"
        uri="https://idp.u.washington.edu/metadata/UW-gateway-metadata.xml"
        backingFilePath="/data/shibboleth/UW-gateway-metadata.xml"
        reloadInterval="7200" >
      </MetadataProvider>

      <AttributeExtractor type="XML" validate="true" path="/usr/local/etc/shibboleth/attribute-map.xml"/>
      <AttributeResolver type="Query" subjectMatch="true"/>
      <AttributeFilter type="XML" validate="true" path="/usr/local/etc/shibboleth/attribute-policy.xml"/>

    <CredentialResolver type="File"
      key="/usr/local/ssl/certs/green-certification.uw.edu.key"
      certificate="/usr/local/ssl/certs/green-certification.uw.edu.cert"/>

  </ApplicationDefaults>

  <SecurityPolicyProvider type="XML" validate="true" path="/usr/local/etc/shibboleth/security-policy.xml"/>
  <ProtocolProvider type="XML" validate="true" reloadChanges="false" path="/usr/local/etc/shibboleth/protocols.xml"/>
</SPConfig>
	<SPConfig xmlns="urn:mace:shibboleth:2.0:native:sp:config"
	xmlns:conf="urn:mace:shibboleth:2.0:native:sp:config"
	xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
	xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
	xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
	clockSkew="180">

	<UnixListener address="/var/run/shibd.sock"/>

	<ApplicationDefaults entityID="https://green-certification.uw.edu"
	REMOTE_USER="uid eppn mail persistent-id targeted-id"
	signing="false"
	encryption="false">

	<Sessions lifetime="28800"
	timeout="28800" checkAddress="false"
	consistentAddress="false" relayState="ss:mem"
	handlerSSL="true">

	<SSO id="UW" isDefault="true" entityID="urn:mace:incommon:washington.edu">
	SAML2 SAML1
	</SSO>

	<Logout>SAML2 Local</Logout>
	<Handler type="MetadataGenerator" Location="/Metadata" signing="false"/>
	<Handler type="Status" Location="/Status" acl="127.0.0.1"/>
	<Handler type="Session" Location="/Session" showAttributeValues="true"/>
	<Handler type="DiscoveryFeed" Location="/DiscoFeed" dir="/var/run/shibboleth"/>
	</Sessions>

	<Errors session="/usr/local/etc/shibboleth/sessionError.html"
	metadata="/usr/local/etc/shibboleth/metadataError.html"
	access="/usr/local/etc/shibboleth/accessError.html"
	ssl="/usr/local/etc/shibboleth/sslError.html"
	supportContact="help@uw.edu"
	logoLocation="/shibboleth-sp/logo.jpg"
	styleSheet="/shibboleth-sp/main.css"/>

	<MetadataProvider type="XML"
	uri="http://md.incommon.org/InCommon/InCommon-metadata.xml"
	backingFilePath="/usr/local/etc/shibboleth/InCommon-metadata.xml"
	reloadInterval="7200"
	legacyOrgNames="true">
	<MetadataFilter type="RequireValidUntil" maxValidityInterval="2419200"/>
	<MetadataFilter type="Signature" certificate="inc-md-cert.pem"/>
	</MetadataProvider>

	<MetadataProvider type="XML"
	uri="https://idp.u.washington.edu/metadata/UW-gateway-metadata.xml"
	backingFilePath="/data/shibboleth/UW-gateway-metadata.xml"
	reloadInterval="7200" >
	</MetadataProvider>

	<AttributeExtractor type="XML" validate="true" path="/usr/local/etc/shibboleth/attribute-map.xml"/>
	<AttributeResolver type="Query" subjectMatch="true"/>
	<AttributeFilter type="XML" validate="true" path="/usr/local/etc/shibboleth/attribute-policy.xml"/>

	<CredentialResolver type="File"
	key="/usr/local/ssl/certs/green-certification.uw.edu.key"
	certificate="/usr/local/ssl/certs/green-certification.uw.edu.cert"/>

	</ApplicationDefaults>

	<SecurityPolicyProvider type="XML" validate="true" path="/usr/local/etc/shibboleth/security-policy.xml"/>
	<ProtocolProvider type="XML" validate="true" reloadChanges="false" path="/usr/local/etc/shibboleth/protocols.xml"/>
	</SPConfig>