...
- shibboleth2.xml (main SP configuration file)
- attribute-map.xml (defines our attribute mappings)
- native.logger (configures Apache module logging – we modify the stock configuration to log under /var/log/shibboleth instead of /var/log/httpd, because the apache user must have write access to the directory)
Note that SELinux must be set to permissive mode in order for the SP to function properly; otherwise (without modifying policy) its Apache module will be unable to connect to the shibd socket (which lives in /var/run/shibboleth/). Edit /etc/selinux/config accordingly.