I have installed and configured the Native Service Provider from source.
Testing went OK, but when I was calling a non-existent webpage in a non-protected directory and location of the Apache httpd, the formatting of the error page broke down.
Apache's error_log reveals the following messages:
(request for a non-existing page)
[Wed Feb 06 20:59:46.641816 2013] [mod_shib:error] [pid 1315:tid 140341830469376] [client xxx.xxx.xxx.xxx:41988] shib_handler found no per-request structure [Wed Feb 06 20:59:46.641857 2013] [include:error] [pid 1315:tid 140341830469376] [client xxx.xxx.xxx.xxx:41988] unable to include "include/top.html" in parsed file /usr/local/apache2/error/HTTP_NOT_FOUND.html.var
=== I was able to mitigate it by setting ShibDisable On to the server root and explicitly setting ShibDisable Off to the <Location /Shibboleth.sso> and to our Shibboleth-protected area. === gcc --version gcc (SUSE Linux) 4.3.4 [gcc-4_3-branch revision 152973]
Subrequests inside the server-side include mechanism were invoking the handler hook without running the post-read hook. Apache raises violating its own request processing model to an art form.
Modified handler to run post-read activity if not already done.
I have installed and configured the Native Service Provider from source.
Testing went OK, but when I was calling a non-existent webpage in a non-protected directory and location of the Apache httpd, the formatting of the error page broke down.
Apache's error_log reveals the following messages:
(request for a non-existing page)
[Wed Feb 06 20:59:46.641816 2013] [mod_shib:error] [pid 1315:tid
140341830469376] [client xxx.xxx.xxx.xxx:41988] shib_handler found no
per-request structure
[Wed Feb 06 20:59:46.641857 2013] [include:error] [pid 1315:tid
140341830469376]
[client xxx.xxx.xxx.xxx:41988] unable to include "include/top.html"
in parsed file /usr/local/apache2/error/HTTP_NOT_FOUND.html.var
===
I was able to mitigate it by setting
ShibDisable On
to the server root and explicitly setting
ShibDisable Off
to the <Location /Shibboleth.sso> and to our Shibboleth-protected area.
===
gcc --version
gcc (SUSE Linux) 4.3.4 [gcc-4_3-branch revision 152973]
httpd -V
Server version: Apache/2.4.3 (Unix)
Server built: Dec 3 2012 10:44:39
Server's Module Magic Number: 20120211:6
Server loaded: APR 1.4.6, APR-UTIL 1.4.1
Compiled using: APR 1.4.6, APR-UTIL 1.4.1
Architecture: 64-bit
Server MPM: event
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with....
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/usr/local/apache2"
-D SUEXEC_BIN="/usr/local/apache2/bin/suexec"
-D DEFAULT_PIDLOG="logs/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"