I'm using mod_shib_22 to protected a location in Apache 2.2, for which requests are proxied to a Jetty server using AJP.
Looking at a trace of the AJP requests, I can see the user is being sent through, but the auth type is not.
Other authentication modules for Apache do appear to send the auth type through.
Looking at another authentication module (mod_cosign), r->ap_auth_type is assigned at the same time that r->user is assigned. I guess that the same needs to happen in mod_shib.
I'm using mod_shib_22 to protected a location in Apache 2.2, for which requests are proxied to a Jetty server using AJP.
Looking at a trace of the AJP requests, I can see the user is being sent through, but the auth type is not.
Other authentication modules for Apache do appear to send the auth type through.
Looking at another authentication module (mod_cosign), r->ap_auth_type is assigned at the same time that r->user is assigned. I guess that the same needs to happen in mod_shib.