Crowd SSO Error with Google Apps
The following error appears when you try to access Google Apps with Crowd SSO:
SAML Error: SAMLRequest is not Base64 encoded: fVJNT%2BMwEL2vtP8h8r1Jw5eQ1QR1QYhKwEY07GFvgz1JTR1P8Dgt%2FHvcFAQcQPLp%2Bfl9jGd29tzZZIOeDblC5OlUJOgUaePaQtzXl5NTcVb%2B%2FjVj6Gwv50NYuTt8GpBDEl86luNFIQbvJAEblg46ZBmUXM5vruVBOpW9p0CKrEgWF4XQqPVj5%2FoWqG3gwTjlyDQKcG1Bm6bXa2dovUKR%2FHuPdbCLtWAecOE4gAsRmuZHk%2BlpPHV%2BIvN
The incoming string has been URL escaped, possibly due to proxy.
The following workaround can be applied if you are using an Apache proxy server:
nocanonoption to ProxyPass in the proxy configuration. This will pass the URL path "raw" to the backend, which will prevent the escaping. For example:
ProxyPass /foo http://foo.example.com/bar nocanon
Add the [NE,R] flag to the RewriteRule. This will prevent the special characters, such as & and ?, from being converted to their equivalent hexcode.
RewriteRule <PATTERN> [NE,R]