I tested mod-auth-mellon/lasso on xenial with testshib (http://www.testshib.org/) and ADFS (that comes with w2k12r2) on the idP side, including sha256 support https://dev.entrouvert.org/issues/10019 - I could successfully perform authentication and get to a protected page. Both Service Provider (mellon) and Identity Provider (shibboleth or ADFS) were TLS-terminated though this does not matter for the functionality under test.
I tested mod-auth- mellon/ lasso on xenial with testshib (http:// www.testshib. org/) and ADFS (that comes with w2k12r2) on the idP side, including sha256 support https:/ /dev.entrouvert .org/issues/ 10019 - I could successfully perform authentication and get to a protected page. Both Service Provider (mellon) and Identity Provider (shibboleth or ADFS) were TLS-terminated though this does not matter for the functionality under test.
Sample mellon metadata XML: /paste. ubuntu. com/p/cg7j6hrhm 6/
https:/
Binding: "urn:oasis: names:tc: SAML:2. 0:bindings: HTTP-POST"
libapache2- mod-auth- mellon 0.12.0-1
liblasso3 2.5.0-3ubuntu2