excludeFileTypes=.js,.css,.jpg,.gif
skipUrlTypeList=services,jsonservices,remoting
isSSOEnabled=true
#sts.saml2.wsdl.url=http://localhost/idp/Sample/services/wss/STSService/Saml2?wsdl
metadata.filename=
#home.url=https://localhost:8543/dynamic-runtime-war/
portal.name=ipp-portal-localhost
client.id=ipp-portal-localhost
idpResponseEncrypted=false

#Valid values are "none", "client.id" , "acs.url" & "portal.name"
# none - Audience URI will not be validated
# client.id - Audience URI will be validated against client.id (tenant.id will be renamed to client.id in the next release hence using client.id). This is same as Client ID configured in IdP
# acs.url -
# portal.name - Audience URI will be validated against portal.name
validateAudienceUri=portal.name

# Validate the InResponseTo value in the SAMLv2 response. This should be set to true if you want InResponseTo validation.
validateInResponseTo=false
spInitiatedSSOEnabled=true
samlTokenCachingEnabled=true
processAsyncSessionTimeout=false
sendAuthnRequest=true
sendLogoutRequest=true
signAuthnRequest=true
disableCacheDuringSSO=false
disableCacheRequestParamKey=t
encryption.property.file=/encryption.properties

################################ Moved from webssoconfig.properties #############################

acsURL=acs/POST.do
globalLogoutACSURL=acs/globalLogoutACS.do
samlBinding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST
protocol=1
excludeURLPattern=.*authService.*|.*globalLogout.jsp|.*favicon.ico|.*jsp/error.jsp|.*loggedOut.html
globalLogoutURL=/logOff

# Below configured class is a sample, you would require to write your own class that implements SessionPrePostProcessor interface
# For reference you may have a look com.sungard.cs.websso.providers.ClientSessionPrePostProcessorImpl.
#sessionProcessorClassName=com.sungard.cs.websso.providers.SampleClientSessionPrePostProcessorImpl

# SAMLv2 provider that handles SAMLv2 handshake
providerName=com.sungard.cs.websso.handler.saml.DefaultSAML2HttpPostHandler

# Signing Keystore configuration - Used to send signed logout request. Even if you are not using singleLogout,
# this keystore should be configured for initializing SSO SPI
keyStoreType=JKS
#keyStoreFile=C:/keystore.jks
keyStoreFile=websso-keystore.jks
keyStorePass=changeit
privateKeyAlias=test
privateKeyPass=changeit

certificateAlias=test
# This is searched in the signing keystore configured as part of property "keystoreFile"
idpCertificateAlias=test

# Encryption Keystore  - Private key from this keystore is used to decrypt the encrypted assertion when you enable SSO SPI to process encrypted response .
# There is a flag in websso.properties "isIdPResponseEncrypted", when set to true this keystore is used to decrypt the response
#encKeyStoreFile=C:/keystore.jks
encKeyStoreFile=websso-keystore.jks
encKeyStorePass=changeit
encPrivateKeyAlias=test
encPrivateKeyPass=changeit

## if metadata.filename is configured above then there is no need to configure below mentioned properties
#ssoServiceURL=
#singleSignOutURL=

# IdP demo site
ssoServiceURL=https://someIdP.com/idp/ipp-test?ClientID=ipp-portal 
singleSignOutURL=https://someIdP.com/idp/ipp-test/globalLogout.html