Shibboleth vs mod_rewrite
Aaron Roots
aaron.roots at deakin.edu.au
Tue Oct 18 08:42:57 BST 2011
Hi all,
We are looking to bring over a application to start using Shibboleth
rather than previous auth options and we are going fairly ok but this
one I'm not too sure about.
When we flip the switch over to using AuthType shibboleth we were
expecting to have to update references to "PHP_AUTH_USER" to "username" to
match our shiny new Shibboleth setup - which has worked in most parts of
the application
We have a particular directory that has the following rewrite rule in a
.htaccess file: "RewriteRule ^.*$ index.php"
- this code produces different results depending on the URL visited
However this piece of code under mod_rewrite can not see variables set by
Shibboleth we have tracked this down to all the variables being changed
into something like "REDIRECT_username" instead of just being "username".
When we access the index.php directly it is working perfectly as expected
in the default code path.
I haven't found much on what is going on that clears things up for me -
does anyone know of a way to avoid the REDIRECT_ prefix occurring. I have
seen some people that have both the REDIRECT_ and the normal coming
through - it would be absolutely fine to have this occurring - but I can't
quite see a way to do this either. Or is it more drastic and we need to
invest the time to avoid using mod_rewrite all together? (in this
application would be minimal work as it is only a small part - however I
know other applications we have use this rewrite feature fairly
extensively)
Cheers
Aaron
More information about the users
mailing list