This module allows Nginx to work with Shibboleth, by way of Shibboleth's FastCGI authorizer. This module requires specific configuration in order to work correctly, as well as Shibboleth's FastCGI authorizer application available on the system. It aims to be similar to parts of Apache's mod_shib, though Shibboleth authorisation and authentication settings are configured via shibboleth2.xml rather than in the web server configuration. With this module configured against a location block, incoming requests are authorized within Nginx based upon the result of a subrequest to Shibboleth's FastCGI authorizer. In this process, this module can be used to copy user attributes from a successful authorizer response into Nginx's original request as headers or environment parameters for use by any backend application. If authorization is not successful, the authorizer response status and headers are returned to the client, denying access or redirecting the user's browser accordingly (such as to a WAYF page, if so configured).