In general, very little configuration is needed for the Shibboleth Shim server. Most configuration is done either in the Shibboleth SP or the Shibboleth Shim filter. (NB: Should have links here.)
The only configuration in the web.xml file is the location of the properties file, specified with the propertiesFile context-param.
See the sample web.xml file below for an example.
<web-app id="WebApp_ID" version="2.4" xmlns="http://java.sun.com/xml/ns/j2ee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd"> <context-param> <param-name>propertiesFile</param-name> <param-value>file:///usr/local/tomcat/conf/shibshim.properties</param-value> </context-param> <servlet> <display-name>Shibboleth Shim Assertion Consumer Service</display-name> <servlet-name>ACS</servlet-name> <servlet-class>org.kathrynhuxtable.middleware.shibshim.web.acs.ACSServlet</servlet-class> </servlet> <servlet-mapping> <servlet-name>ACS</servlet-name> <url-pattern>/ACS</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>ACS</servlet-name> <url-pattern>/ACS/*</url-pattern> </servlet-mapping> <mime-mapping> <extension>css</extension> <mime-type>text/css</mime-type> </mime-mapping> </web-app>
The properties file currently only has one property.
The absolute path to the private key used to sign attribute assertions passed to the Shibboleth Shim filter in PKCS#8 format.
E.g.
privateKey=/usr/local/tomcat/conf/shibshim.pkcs8