Internet Explorer 11 add-on, avast! free 2014.9.2013

Hello,

I administer the Shibboleth IDP (https://shibboleth.net/products/identity-provider.html) which enables SSO at our institution and have had at least three users unable to login to resources due to the avast! Internet Explorer add-on.

Users log on to a protected resource (Service Provider) via a series of SAML messages (http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language) between the various parties. This is a tried and tested technology used to protect a number of services in our institution and around the world.

Users using Internet Explorer 11 on Windows 7 with the avast add-on are greeted with a “Unable to decode base64 in POST binding message” error message. It seems this add-on is modifying the POST reply in some way, rendering it undecodable by our IDP. Disabling the add-on in IE, or simply using another browser (Chrome with avast! add-on works fine!) resolves the issue. Until this is resolved, I have recommended our users to disable the add-on, or use another antivirus product. Can you look into this issue? Thank you.

Add-on info: avast! Online Security 9.0.2013.75 Toolbar & Browser Helper Object
avast! version: avast! free 2014.9.2013

Disable the “avast online security” add-on in each of your browsers.
The AOS has very little to do with security. The resident shields do.
When surfing the web shield has your back. I don’t even have the “browser protection”
installed.

To uninstall…Control Panel>Uninstall a Program>double click “avast”>click “change”>untick “browser protection”>reboot.