Hey,
I started using Glimpse a few days ago and like it very much. However I noticed that it breaks Shibboleth Authentication when active.
Environment:
- IIS8
- MVC 4 application
- Glimpse newest version
- Shibboleth is configured as ISAPI Module and catches all requests to /Account/Login
When I set Glimpse to any defaultRuntimePolicy other than "Off" (even when I just use PersistResults) the login fails:
- I open /Account/Login
- The browser gets redirected to the Identity Provider website and I log in
- With Glimpse = Off the Account-Controller will be called and I can process the login with the server variables
- When Glimse = On I get the following error:
xmltooling::IOException
The system encountered an error at Fri Aug 16 13:18:32 2013
Please include the following message in any email:
Error reading request body from browser (2746).
I tried adding the uri blacklists and the trace shows that they are applied (RuntimePolicy set to 'Off' by IRuntimePolicy of type 'Glimpse.Core.Policy.UriPolicy' during RuntimeEvent 'BeginRequest'.), however I still get the error.
<uris>
<add regex=".*/Shibboleth.*" />
<add regex=".*/Account.*" />
<add regex=".*SAML.*" />
</uris>
I suspect that Glimpse is still injecting some data into the form post between the remote Identity Provider and my local Service Provider unless I turn it off completely, but I expected that the regex (everything related to Shibboleth runs at /Shibboleth.sso/) should have prevented that.
Has anyone an idea what could be going on or experience with Glimpse+Shibboleth?
regards,
Michael