search

Uninett / mod_auth_mellon

An Apache module with a simple SAML 2.0 service provider
207 stars 182 forks source link

MellonOrganization* values require ampersand to be escaped #206

Closed dnmvisser closed 5 years ago

dnmvisser commented 5 years ago

When any of the MellonOrganization* configuration options contains an ampersand (&) character, the web server says 500 and logs:

Error initializing lasso server object. Please verify the following configuration directives: MellonSPMetadataFile and MellonSPPrivateKeyFile.

For example this fails:

MellonOrganizationDisplayName "GÉANT Trust & Identity Operations"

I've confirmed these configuration options to be affected:

Interestingly, HTML escaping fixes the problem. So this works:

MellonOrganizationDisplayName "GÉANT Trust & Identity Operations"

olavmrk commented 5 years ago

Closing this issue as part of archiving this project. See the announcement for details:

https://github.com/Uninett/mod_auth_mellon/blob/info/README.md