Description: Debian-specific paths and defaults
Forwarded: not-needed
Author: Thijs Kinkhorst <thijs@debian.org>

diff -ur simplesamlphp-1.9.0-rc1.orig/config/config.php simplesamlphp-1.9.0-rc1/config/config.php
--- simplesamlphp-1.9.0-rc1.orig/config/config.php	2012-04-20 09:37:33.000000000 +0200
+++ simplesamlphp-1.9.0-rc1/config/config.php	2012-04-21 17:28:16.525789308 +0200
@@ -22,10 +22,12 @@
 	 * external url, no matter where you come from (direct access or via the
 	 * reverse proxy).
 	 */
-	'baseurlpath'           => 'simplesaml/',
-	'certdir'               => 'cert/',
-	'loggingdir'            => 'log/',
-	'datadir'               => 'data/',
+	'baseurlpath'           => 'simplesamlphp/',
+	'certdir'               => '/etc/ssl/certs/',
+	'loggingdir'            => '/var/log/simplesamlphp/',
+	'datadir'               => '/var/lib/simplesamlphp/data/',
+	'metadatadir'		=> '/etc/simplesamlphp/metadata/',
+	'attributenamemapdir'	=> '/etc/simplesamlphp/attributemap/',
 
 	/*
 	 * A directory where simpleSAMLphp can save temporary files.
@@ -69,7 +71,8 @@
 	 * metadata listing and diagnostics pages.
 	 * You can also put a hash here; run "bin/pwgen.php" to generate one.
 	 */
-	'auth.adminpassword'		=> '123',
+	// Debian: this password is in /var/lib/simplesamlphp/secrets.inc.php
+	//'auth.adminpassword'		=> '123',
 	'admin.protectindexpage'	=> false,
 	'admin.protectmetadata'		=> false,
 
@@ -81,7 +84,8 @@
 	 * A possible way to generate a random salt is by running the following command from a unix shell:
 	 * tr -c -d '0123456789abcdefghijklmnopqrstuvwxyz' </dev/urandom | dd bs=32 count=1 2>/dev/null;echo
 	 */
-	'secretsalt' => 'defaultsecretsalt',
+	// Debian: this secret is in /var/lib/simplesamlphp/secrets.inc.php
+	//'secretsalt' => 'defaultsecretsalt',
 	
 	/*
 	 * Some information about the technical persons running this installation.
@@ -630,3 +634,5 @@
 	'proxy' => NULL,
 
 );
+
+require_once('/var/lib/simplesamlphp/secrets.inc.php');