jmdemuth
Forum Replies Created
-
Forum: Plugins
In reply to: [Shibboleth] Shibboleth v1.8 Not Allowing LoginThis is just a follow-up: I did confirm with our web-hosting sysadmins that in our environment we restrict Apache from accessing environment variables for security reasons. This is why using getenv() (as opposed to $_SERVER) in the plugin failed to return any values (for us).
Forum: Plugins
In reply to: [Shibboleth] NGINX & ShibbolethHi –
I’m having a similar problem and just put up a post on this site. After looking through the code, I think there is a problem with how the Shibboleth v1.8 code uses getenv() to read the environment variables vs. v1.7’s use of $_SERVER. That or PHP v5.x on our site isn’t doing something right with getenv(). Hoping the developers can review and comment/fix soon.
So it may not be NGINX per se. Do you have access to the Shibboleth v1.7 plugin? Reverting back to that helped my situation.
Forum: Plugins
In reply to: [Shibboleth] Shibboleth v1.8 Not Allowing LoginI did a little tracing through the code. It looks to me like our Shib/web hosting environment stores the Shibboleth username in $_SERVER[“uid”]. In plugin v1.7, it looks like the shibboleth_authenticate_user() function sets the $username variable based on this value.
However, it the v1.8 plugin, it looks like it’s trying to get the $_SERVER[“uid”] value via the getenv() function with a value of “UID”. This appears to set $username to a boolean “false” value. This is what appears to break the login.
I’m not quite sure how to fix this, except for suggesting pulling the value from $_SERVER again instead of using getenv(). However, the sites where this is happening are still on PHP v5.x. So I wonder if getenv() not getting the right data is a problem with PHP v5.x? Maybe upgrading to PHP v7 would get around this problem?