From d8f9ab576bd1a09f751151f4b4735152a4eabcfd Mon Sep 17 00:00:00 2001
From: Jody Nega <jnega@2379591510.vpn.umich.net>
Date: Tue, 13 Feb 2024 10:36:39 -0500
Subject: [PATCH] move shib require to top location block

add two shib lines

remove whitespace
---
 manifests/profile/www_lib/vhosts/fulcrum.pp | 14 +++++---------
 1 file changed, 5 insertions(+), 9 deletions(-)

diff --git a/manifests/profile/www_lib/vhosts/fulcrum.pp b/manifests/profile/www_lib/vhosts/fulcrum.pp
index 9c9f92118..fe76b7987 100644
--- a/manifests/profile/www_lib/vhosts/fulcrum.pp
+++ b/manifests/profile/www_lib/vhosts/fulcrum.pp
@@ -19,11 +19,13 @@
   String $servername = 'www.fulcrum.org'
 ) {
   $authz_base_requires = {
-    enforce  => 'all',
-    requires => [
+    auth_type       => 'shibboleth',
+    custom_fragment => 'ShibRequestSetting requireSession 0',
+    enforce         => 'all',
+    requires        => [
       'not env badrobot',
       'not env loadbalancer',
-      'all granted'
+      'shibboleth'
     ]
   }
 
@@ -154,12 +156,6 @@
       XSendFile on
       XSendFilePath ${derivatives_path}
       XSendFilePath ${alt_derivatives_path}
-      # Configure Shibboleth for authentication via InCommon partner login
-      <Location "/">
-        AuthType shibboleth
-        ShibRequestSetting requireSession 0
-        Require shibboleth
-      </Location>
     | EOT
   }
 }