Hans Hübner hans.huebner@gmail.com writes:
Hi Nicolas,
On Thu, Oct 7, 2010 at 13:35, Nicolas Neuss neuss@kit.edu wrote:
I am trying to make Shibboleth authentification work for an application of mine. For this I am using the Apache2 Shibboleth module (my server sits behind Apache). Everything works fine, but for one thing. The authentification data is passed in the headers section in UTF-8 format (probably).
Before going into any depth on this, can you have a look at the headers and find out in what character set they are encoded? HTTP headers must be encoded as ISO-8859-1. If a client wants to send data in different encoding, quoted-printable encoding as described in RFC 2047 must be used.
Thus, it would be a client error if you saw UTF-8 encoded data in headers. If the data is properly encoded using RFC 2047 rules, the behavior that you see would be a bug.
-Hans
Thanks Hans,
I think this helps to pin down the problem.
For information about headers: I have called the server information page while being Shibboleth authentificated and obtained the following:
http://ruprecht.mathematik.uni-karlsruhe.de/misc/info.html
I have the following in my Apache configuration file
<VirtualHost *:443> ... <Location /sso> AuthType shibboleth ShibRequestSetting requireSession 1 require valid-user </Location>
ProxyVia On ProxyPassInterpolateEnv On ProxyPass /sso http://127.0.0.1:8004 ProxyPassReverse /sso http://127.0.0.1:8004 RequestHeader set sn %{sn}e ... </VirtualHost>
Maybe the data in the sn environment variable is in UTF-8 format and is not encoded correctly for the header?
Nicolas