mod_auth_mellon large scale interoperability.

Solution Verified - Updated -

Issue

Current version of mod_auth_mellon in RHEL 6.6 (0.8.0) suffers from few problems
not allowing us to deploy it at large organization scale:

1.) The generated apache session environment size is limited to 128 elements
(env. variables): in our MS ADFS environment that number of elements can be
as high as 1024 (user groups) - current implementation of mod_auth_mellon
exits with 'internal server error' in such case.

[ `https://github.com/UNINETT/mod_auth_mellon/issues/10` ]

2.) related to 1.) - by default generated environment contains series of
variables named alike MYVAR_0=val0 , MYVAR_1=val1 .. etc (single values).
This is not very practical for programmatic comparisons .. (and makes
porting of in-house applications from other auth. providers complicated)
Multivalue variables alike MYVAR=val0;val1;... etc as for example
shibboleth/mod_shib generates seem to be more suitable for that purpose.

[  `https://github.com/UNINETT/mod_auth_mellon/pull/9` ]

3.) a bug: MellonCond does not work with MellonSetEnv(NoPrefix)

[ `https://github.com/UNINETT/mod_auth_mellon/issues/12` ]

Environment

  • Red Hat Enterprise Linux 6.6
  • Red Hat Enterprise Linux 7.1
  • mod_auth_mellon

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.