SP 2.5 cookieProps

Tom Poage tfpoage at ucdavis.edu
Wed Aug 8 15:36:04 EDT 2012


I'd like a little clarification on configuration inheritance in 
<ApplicationOverride> with SP 2.5

shibd -t on this:

> <ApplicationDefaults ...>
>   <Sessions relayState="ss:mem" checkAddress="false" cookieProps="https">
>   ...
>   <ApplicationOverride id="ajp" attributePrefix="AJP_">
>     <Sessions handlerURL="/a/saml"/>
>   </ApplicationOverride>
> </ApplicationDefaults>


> 2012-08-08 12:28:07 WARN Shibboleth.Application : empty/missing cookieProps setting, set to "https" for SSL/TLS-only usage
> overall configuration is loadable, check console for non-fatal problems

until I add cookieProps to the inner <Sessions> element.

I expected cookieProps to be inherited, or at least that's how I read 
some of the docs.


What does <Sessions> within an <ApplicationOverride> inherit? I don't 
recall noticing the warning previously.


More information about the users mailing list