# Configure the resources to load for various services,
# and the settings for failure handling and auto-reload.

# failFast=true prevents IdP startup if a configuration is bad
# checkInterval = PT0S means never reload (this is the default)

# Global default for fail-fast behavior of most subsystems
# with individual override possible below.
#idp.service.failFast = false

#idp.service.logging.resource = %{idp.home}/conf/logback.xml
#idp.service.logging.failFast = true
idp.service.logging.checkInterval = PT5M

# Set to shibboleth.LegacyRelyingPartyResolverResources with legacy V2 relying-party.xml
#idp.service.relyingparty.resources = shibboleth.RelyingPartyResolverResources
#idp.service.relyingparty.failFast = false
idp.service.relyingparty.checkInterval = PT15M

#idp.service.metadata.resources = shibboleth.MetadataResolverResources
#idp.service.metadata.failFast = false
#idp.service.metadata.checkInterval = PT0S

#idp.service.attribute.resolver.resources = shibboleth.AttributeResolverResources
#idp.service.attribute.resolver.failFast = false
idp.service.attribute.resolver.checkInterval = PT15M
#idp.service.attribute.resolver.maskFailures = true
#idp.service.attribute.resolver.stripNulls = false

#idp.service.attribute.filter.resources = shibboleth.AttributeFilterResources
# NOTE: Failing the filter fast leaves no filters enabled.
#idp.service.attribute.filter.failFast = false
idp.service.attribute.filter.checkInterval = PT15M
#idp.service.attribute.filter.maskFailures = true

#idp.service.nameidGeneration.resources = shibboleth.NameIdentifierGenerationResources
#idp.service.nameidGeneration.failFast = false
idp.service.nameidGeneration.checkInterval = PT15M

#idp.service.access.resources = shibboleth.AccessControlResources
#idp.service.access.failFast = true
idp.service.access.checkInterval = PT5M

#idp.service.cas.registry.resources = shibboleth.CASServiceRegistryResources
#idp.service.cas.registry.failFast = false
idp.service.cas.registry.checkInterval = PT15M

#idp.message.resources = shibboleth.MessageSourceResources
#idp.message.cacheSeconds = 300

# Parameters for pre-defined HttpClient instances which perform in-memory and filesystem caching.
# These are used with components such as remote configuration resources that are explicitly wired
# with these client instances, *not* by default with HTTP metadata resolvers.
#idp.httpclient.useSecurityEnhancedTLSSocketFactory = false
#idp.httpclient.connectionDisregardTLSCertificate = false
#idp.httpclient.connectionRequestTimeout = PT1M
#idp.httpclient.connectionTimeout = PT1M
#idp.httpclient.socketTimeout = PT1M
#idp.httpclient.maxConnectionsTotal = 100
#idp.httpclient.maxConnectionsPerRoute = 100
#idp.httpclient.memorycaching.maxCacheEntries = 50
#idp.httpclient.memorycaching.maxCacheEntrySize = 1048576
#idp.httpclient.filecaching.maxCacheEntries = 100
#idp.httpclient.filecaching.maxCacheEntrySize = 10485760
idp.httpclient.filecaching.cacheDirectory = %{idp.home}/tmp/httpClientCache