This was discussed in a previous post. Various changes
have happened since then, improving the customisation process and updating
for newer versions of Nginx and associated add-on modules.
I’ve updated the custom version of Nginx that supports operating with a
Shibboleth SP to version 1.6.0, now that this version has become the lastest
The build scripts located at
https://github.com/jcu-eresearch/nginx-custom-build have been updated, along
with the patches required to make the Shibboleth integration happen due to the
changes in the Auth Request Module now being built into Nginx since version
In case your SCP, Rsync, or other sort of file transfer works for a short
period and then suddenly stalls (permanently), then you may want to examine the
MTU configuration on your network interface. After trawling the web for hours,
attempting to find a solution to why an SCP transfer of one file stalls between
server A and B, whilst the exact same file transfers fine from C to B, the
answer finally ended up being the MTU configuration.
Curiously, the SCP transfers stall at exactly 2112 kB, which was thankfully my
saving grace when I was searching. I’d ...
Got an unsightly image associated with your Gmail messages, your
Google Groups posts, Google Drive activity or somewhere else obscure
within Google’s domain? Tried changing that image several times
and it won’t budge - or it does and reverts itself right back?
Your main Google+ avatar just doesn’t want to sync up with other Google
services? Sure, I hear you - you’re not alone. Your issue is probably
intermittent too - you change the image on Gmail and your old image
comes bounding back, possibly several days later.
If you’re running a Python-based web application and using SQLAlchemy as your
database integration layer (as an ORM or otherwise), you may also be using
uWSGI to act as the application container.
If you try and fire up multiple processes to handle greater load coming in
with the uWSGI option --processes (or -p, --workers; or uWSGI’s
various configuration mechanisms), then you’ll probably find that after a
short time, your web application will lock up and refuse to serve requests.
For me, this was between 1 and 10 requests with using the cx_Oracle
database adapter against an Oracle ...
Ha, that’s a dodgy-sounding title if I ever heard one. If you’re
reading this, then I’ll assure you that these instructions are real,
open, and free, and that I’ve used them to unlock my device. Read on…
Update: I should mention that hexecute’s site at
https://sites.google.com/site/mf60guide/ now mentions his patch can unlock as
well. I haven’t tried that, but from memory, the Windows drivers that are
available on that site didn’t work with my MF60 - presumably a different model
or something similar. If what’s there doesn’t ...
If you’re finding that you’re using Fanstatic to
serve static resources within your Python-based server process, you may be left
scracthing your head if you suddenly find that resources aren’t being served
correctly. For me, this was manifesting as an incorrect Content-Type
header, always being set to text/html for any type of static file being
served. As a side effect, because I’m using Diazo to
theme my backend Pyramid application, this was automatically seeing this
mimetype being returned to the browser and trying to “theme” the raw files.
The global picture looked like a whole ...
Just created a new Shibboleth Service Provider (SP) instance and found an
Identity Providers (IdPs) is not releasing attributes to you? Don’t
worry, you’re not alone. In fact, the issue is far more common than you think,
despite a lack of documentation on the web.
Confirming the problem
Firstly, make sure that your Shibboleth SP configuration is, as best you can
tell, correct. Also, make sure that your shibd daemon has been
restarted after any configuration changes you’ve made (and your
FastCGI shibauthorizer and shibresponder applications too, if you’re
If you’re using uWSGI with XML support (this is its default), then it will
be requiring you to have libxml2 installed — or something similar that
provides xml-config. What you’ll find is some erratic behaviour (or
complete failure) when attempting to serve an application that is also
relying on libxml2, but a different version.
In my case, my original uWSGI was built with CentOS 5’s stock libxml2
library, but my Python application was using lxml, built with a custom
version of libxml2 (via Buildout with the z3c.recipe.staticlxml recipe, in case you
were curious). Because of these ...
The canonical place for this documentation is now the
nginx-http-shibboleth custom Nginx module
GitHub repository. All updates will be reflected there, and as a result,
this page has become severely outdated. Please contribute to that repository!
With changes in Nginx after version 1.5.4, the auth request module is now
built in. This means the following instruction have changed, yet again.
For the latest information and build process, always see
tl;dr: You can have Nginx with Shibboleth. Rebuild Shibboleth with
FastCGI support, and recompile Nginx with a custom ...
Good news! The Shibboleth SP software features FastCGI authorizer and
responder applications for use with your favourite non-Apache and non-IIS
web server. Unfortunately, the default distributions don’t come with it
built by default. I’m looking into why this is the case, but for now
here’s how to rebuild the RPMs yourself.
Note: if you’re just looking to download something that works and don’t
want to rebuild things yourself, we have RHEL 6, x86_64 packages available
in a Yum repo at https://www.hpc.jcu.edu.au/rpm/. You’ll also need to trust