Hello,
I administer the Shibboleth IDP (https://shibboleth.net/products/identity-provider.html) which enables SSO at our institution and have had at least three users unable to login to resources due to the avast! Internet Explorer add-on.
Users log on to a protected resource (Service Provider) via a series of SAML messages (http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language) between the various parties. This is a tried and tested technology used to protect a number of services in our institution and around the world.
Users using Internet Explorer 11 on Windows 7 with the avast add-on are greeted with a “Unable to decode base64 in POST binding message” error message. It seems this add-on is modifying the POST reply in some way, rendering it undecodable by our IDP. Disabling the add-on in IE, or simply using another browser (Chrome with avast! add-on works fine!) resolves the issue. Until this is resolved, I have recommended our users to disable the add-on, or use another antivirus product. Can you look into this issue? Thank you.
Add-on info: avast! Online Security 9.0.2013.75 Toolbar & Browser Helper Object
avast! version: avast! free 2014.9.2013