+++ This bug was initially created as a clone of Bug #1414019 +++ When an ECP client signals it is ECP capable and authentication is required for the protected resource it is trying to access mellon responds with PAOS content that wraps the SAML AuthnRequest. The HTTP Content-Type header must be "application/vnd.paos+xml". However in some versions of Apache the returned Content-Type header is "text/html" which breaks the ECP flow because the ECP client does not expect it. The problem arises because mellon was using the wrong Apache call to set the Content-Type header. In some versions of Apache this worked but in others it did not. Upstream bug: https://github.com/UNINETT/mod_auth_mellon/issues/108 Upstream git commit: 040a1ae5cb2aab38b2bc716cc3d0d6fa7b998a7a
mod_auth_mellon-0.12.0-3.fc24 has been submitted as an update to Fedora 24. https://bodhi.fedoraproject.org/updates/FEDORA-2017-3798bcc1f5
mod_auth_mellon-0.12.0-3.fc24 has been pushed to the Fedora 24 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-3798bcc1f5
mod_auth_mellon-0.12.0-3.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report.