diff --git a/roles/pdc/templates/pdc.conf b/roles/pdc/templates/pdc.conf
index 10eac8aa57..e4ee8bc986 100644
--- a/roles/pdc/templates/pdc.conf
+++ b/roles/pdc/templates/pdc.conf
@@ -2,13 +2,28 @@ WSGISocketPrefix /var/run/wsgi
 WSGIPythonOptimize 1
 WSGIDaemonProcess pdc user=apache group=apache maximum-requests=1000 display-name=pdc processes=2 threads=1 shutdown-timeout=10
 
-<VirtualHost {{ hostname }}:80>
+<VirtualHost *:80>
+  ServerName {{ hostname }}
+  Redirect permanent / https://{{ hostname }}/
+</VirtualHost>
+
+
+<VirtualHost *:443>
     ServerName {{ hostname }}
 
     CustomLog /var/log/httpd/pdc-access.log combined
     ErrorLog /var/log/httpd/pdc-error.log
 
+    SSLEngine on
+    SSLProtocol all -SSLv2 -SSLv3
+    # Use secure TLSv1.1 and TLSv1.2 ciphers
+    Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
+
+    SSLCertificateFile /etc/pki/tls/certs/localhost.crt
+    SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
+
     Alias /docs/ /usr/share/doc/pdc/docs/build/html/
+    Alias /saml2protected /usr/share/ipsilon/ui/saml2sp
 
     # Using SetEnv here will not work as expected as it does not change
     # os.environ in the application itself. For more details see:
@@ -26,16 +41,35 @@ WSGIDaemonProcess pdc user=apache group=apache maximum-requests=1000 display-nam
     # Try to find them in the patternfly files
     RewriteRule "^/static/(.*)" "/usr/share/patternfly1/resources/$1" [L]
 
+
     <Location "/">
         SetHandler wsgi-script
 
         LimitRequestBody 31457280
         AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript application/x-javascript text/css
         Require all granted
+        MellonEnable "info"
+        MellonSPPrivateKeyFile "/etc/httpd/saml2/pdc.fedorainfracloud.org/pdc.fedorainfracloud.org.key"
+        MellonSPCertFile "/etc/httpd/saml2/pdc.fedorainfracloud.org/pdc.fedorainfracloud.org.pem"
+        MellonSPMetadataFile "/etc/httpd/saml2/pdc.fedorainfracloud.org/metadata.xml"
+        MellonIdPMetadataFile "/etc/httpd/saml2/pdc.fedorainfracloud.org/idp-metadata.xml"
+        MellonEndpointPath /saml2
+        MellonVariable "saml-sesion-cookie"
+        # Comment out the next two lines if you want to allow logins on bare HTTP
+        MellonsecureCookie On
+        SSLRequireSSL
+        MellonUser "NAME_ID"
+        MellonIdP "IDP"
+        MellonSessionLength 3600
+        # MellonNoCookieErrorPage "https://idp.example.com/no-cookie-error.html"
+        # MellonPostDirectory "/var/lib/ipsilon/post_cache"
+        # MellonPostReplay On
     </Location>
 
-    <Location /auth/krb5login>
+    <Location /auth/saml2login>
         WSGIProcessGroup pdc
+        MellonEnable "auth"
+        Header append Cache-Control "no-cache"
 
         ## Kerberos authentication:
         #AuthType Kerberos
@@ -51,6 +85,7 @@ WSGIDaemonProcess pdc user=apache group=apache maximum-requests=1000 display-nam
         #Require valid-user
     </Location>
 
+
     WSGIPassAuthorization On
     <Location /rest_api/v1/auth/token>
         WSGIProcessGroup pdc