Shibboleth SP mod_shib module not handling Shibboleth.sso URLs and looping
Cantor, Scott
cantor.2 at osu.edu
Tue Oct 14 13:06:44 EDT 2014
On 10/14/14, 12:58 PM, "Cantor, Scott" <cantor.2 at osu.edu> wrote:
>
>That indicates it's not running the handler, as you originally suggested.
>That makes the redirect you're describing to a resource after the POST
>something Apache is doing, not the SP. Also, if it doesn't run the
>handler, it should be seeing it as a request to a protected resource, and
>that should end up as a redirect back to the IdP.
Actually, given the whole picture, its clear the SP is having no general
issue seeing this as a handler request and implementing that. The problem,
simply put, is that I have no idea how Satisfy/Allow and so forth work
(I've never read a coherent explanation of those commands and they're even
more confusing in 2.4 now) but they probably are causing the result of the
POST to turn into something totally unexpected as a consequence of Apache
error configuration somewhere. Clearly they are actually blocking access
to it.
If they don't work, I would just get rid of them. That simple, really.
-- Scott
More information about the users
mailing list