Public bug reported: On Ubuntu 14.04 we have a working shibboleth configuration, which when used in Apache gives the SAML 2.0 attributes of the session in server variables and the REMOTE_USER according to attribute mapping of shibboleth.
On Ubuntu 16.04 the same configuration is reported as working by the builtin shibboleth shibd -t configuration test, logging by shibboleth and the Session handler of shibboleth shows that attributes come in and are accurately decoded and mapped, session is established, but the expected Apache server variables remain absent. A scan of wiki entries for Shibboleth shows no needed configuration changes. requestsetting of exportStdVars to true or "on" or 1 also does not help. Example of expected vars: _SERVER["Shib-Application-ID"] default _SERVER["Shib-Session-ID"] _abcdeef0cd3ff507b7f9e2394c625fd94 _SERVER["Shib-Identity-Provider"] http://adfs.example.com/adfs/services/trust _SERVER["Shib-Authentication-Instant"] 2016-12-20T17:03:46.480Z _SERVER["Shib-Authentication-Method"] urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport _SERVER["Shib-AuthnContext-Class"] urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport _SERVER["upn"] ts...@example.com _SERVER["AUTH_TYPE"] shibboleth _SERVER["REMOTE_USER"] ts...@example.com ** Affects: shibboleth-sp2 (Ubuntu) Importance: Undecided Status: New ** Tags: apache saml shibboleth xenial ** Package changed: mpm-itk (Ubuntu) => shibboleth-sp2 (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1651531 Title: libapache2-mod-shib2, no server variables of session To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/shibboleth-sp2/+bug/1651531/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs