Hi Jeff, Unfortunately it looks like the forums and bug reporter for that module are pretty inactive so I’m not sure there’s anybody monitoring them.
Cheers, Andi From: Jeff Trawick [mailto:traw...@gmail.com] Sent: 24 June 2014 15:26 To: users@httpd.apache.org Subject: Re: [users@httpd] Pound symbol encoding issue? On Tue, Jun 24, 2014 at 9:19 AM, Morris, Andi <amor...@cardiffmet.ac.uk<mailto:amor...@cardiffmet.ac.uk>> wrote: Hi, We are having some authentication issues with Apache if a user has a £ symbol as part of their password. The error_log shows: (OS 1326)Logon failure: unknown user name or bad password When the same user removes the pound symbol from the password they are authenticated with no issues. The setup is: TMG publishes our Shibboleth server externally and present the user with a form for Forms Based Authentication. Shibboleth uses an Apache virtual server called Remote User to handle the authentication. The problem only occurs when the users login from outside our network, via TMG and the Apache Remote User vhost. The same TMG form is used to publish our sharepoint and other internal resources, and the issue does not occur there when using the same test user. The parts of the config that I can see that are relevant are: <Location /idp/Authn/RemoteUser> AuthName "Identity Provider" AuthType SSPI SSPIAuth On Have you checked with the mod_auth_sspi folks? (mailing list or bug db) I suspect that this is an issue with that third-party module. Perhaps someone here can help, but a resource specific to mod_auth_sspi would probably yield better results. If you can duplicate the error with some simple httpd-bundled authentication module (e.g., mod_authn_file), open a bug against httpd and provide the test case. SSPIAuthoritative On SSPIOfferBasic On SSPIOmitDomain On SSPIPerRequestAuth On SSPIUsernameCase lower require valid-user </Location> I've read around about forcing the basic authentication using: SSPIBasicPreferred On So I'm going to give that a try overnight (I can only restart the apache service out of hours frustratingly). I'm happy to post up any obfuscated config files that might be required to help resolve this. I'm pretty new to Apache but willing to provide whatever is required. Does anyone have any suggestions for why the apache server doesn't seem to like the pound symbol? Cheers, Andi --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org<mailto:users-unsubscr...@httpd.apache.org> For additional commands, e-mail: users-h...@httpd.apache.org<mailto:users-h...@httpd.apache.org> -- Born in Roswell... married an alien... http://emptyhammock.com/ http://edjective.org/
