When trying to use SimpleSamlPHP in an Apache 2.4 environment with PHP-FPM, you might get the error
|
1 2 3 |
simplesamlphp ERR [bf585dbb39] SimpleSAML_Error_No tFound: NOTFOUNDREASON('%' => 'https://test.domain.tld/simplesaml/module.php/core/fro ntpage_welcome.php', '%' => 'No PATH_INFO to module.php') |
After digging into this, it seems that it has to do with the fact that PATH_INFO is not used in in apache 2.4.11+’s mod_proxy_fcgi: see Apache mod_proxy_fcgi
where you can read:
|
1 2 3 4 5 6 7 |
When configured via ProxyPass or ProxyPassMatch, mod_proxy_fcgi will not set the PATH_INFO environment variable. This allows the backend FCGI server to correctly determine SCRIPT_NAME and Script-URI and be compliant with RFC 3875 section 3.3. If instead you need mod_proxy_fcgi to generate a "best guess" for PATH_INFO, set this env-var. This is a workaround for a bug in some FCGI implementations. This variable can be set to multiple values to tweak at how the best guess is chosen (In 2.4.11 and later only): |
To make sure that simplesaml works, without breaking anything else that “fixes paths”, I configured mod_proxy_fcgi by creating a /etc/apache2/mods-enabled/proxy_fcgi.conf file containing:
|
1 2 3 4 5 |
<IfModule mod_proxy_fcgi.c> #No PATH_INFO with mod_proxy_fcgi unless this is set SetEnvIf Request_URI "simplesaml.*" proxy-fcgi-pathinfo=1 </IfModule> |
And afterwards re-enable the module + apache restart.
This fixes this problem.