ipsilon.conf is used to set instance-specific configuration options for an Ipsilon instance. It should be stored in a subdirectory representing the instance under the the system configuration directory, normally /etc/ipsilon. For example /etc/ipsilon/idp/ispilon.conf.
The configuration options are not case sensitive. The values may be case sensitive, depending on the option.
Blank lines are ignored. Lines beginning with # are comments and are ignored.
Valid lines consist of an option name, an equals sign and a value. Spaces surrounding equals sign are ignored. An option terminates at the end of a line.
Non-string values should not be quoted, the quotes will not be stripped.
# Wrong - don't include quotes with boolean options
verbose = "True"
# Right - Properly formatted options
verbose = True
Options must appear in the section named [global]. There are no other sections defined or used currently.
The following options are defined:
Enables additional debugging output.
Logs the full SAML 2 request and response information.
Enable verbose database connection tracing logs. debug needs to be True for this to be written.
Location of the template directory used for buidling the UI. This can be relative to base.dir.
The base mount mount for UI pages. This should match the name of the IdP.
The Ipsilon UI base directory, e.g. /usr/share/ipsilon.
Database URL for storing Ipsilon administrative settings.
Database URL for storing persistent user information. This is where users are marked as administrators by setting is_admin to 1.
Database URL for storing login transactions.
Enable sessions in CherryPy. This should always be True.
The session name to be used in session cookies.
Type of storage for the sessions. See CherryPy documentation for more details. Ipsilon defaults to using file. Ipsilon adds a session storage type "Sql" for storing the sesions in an SQL database for load-balanced servers.
The directory where the CherryPy sessions are stored.
The database URL used for session storage if storage_type is set to "Sql".
The URI for where the session is valid, this should conform to the instance name, e.g. /idp.
The time in minutes the session is valid for. Default is 60.
If False the cookie secure value will not be set. If True (the default), the cookie secure value will be set (to 1). If this is set to True, browsers are instructed to only send cookies to secure (TLS-protected) URLs.