Native SP Request Mapping
The native SP matches incoming requests to its internal
<RequestMap> configuration and Shibboleth-related configuration of the web server to determine how to handle them. This matching is done on a literal string basis, making proper and consistent configuration of the request map and the web server itself critical.
The request map itself is a series of host and path elements that define how Shibboleth interacts with sequentially smaller pieces of the webspace served by this webserver. The most precise match is always used, allowing inner elements to selectively override broad outer rules.
The request map and associated webserver directives are only directly responsible for a limited portion of SP functionality:
- which application to associate with an incoming request, which in turn specifies most of the SP's behavior;
- whether a Shibboleth session must be established prior to any access of a resource;
- whether to export the assertions received in a transaction directly into the surrounding environment;
- and optionally access control rules to be applied to the request itself.