diff --git a/readme.txt b/readme.txt
index 2e300c7..32f8c7a 100644
--- a/readme.txt
+++ b/readme.txt
@@ -1,8 +1,8 @@
 === Shibboleth ===
-Contributors: willnorris, mitchoyoshitaka
+Contributors: willnorris, mitchoyoshitaka, cjbrabec
 Tags: shibboleth, authentication, login, saml
 Requires at least: 3.3
-Tested up to: 3.9
+Tested up to: 4.2
 Stable tag: 1.6
 
 Allows WordPress to externalize user authentication and account creation to a
diff --git a/shibboleth.php b/shibboleth.php
index 4ecddc9..9629362 100644
--- a/shibboleth.php
+++ b/shibboleth.php
@@ -18,6 +18,26 @@
 	add_action('admin_init', 'shibboleth_activate_plugin');
 }
 
+/**
+ * Fastcgi-php friendly getenv() replacement that handles
+ * REDIRECT_ environment variables automatically.
+ */
+function shibboleth_getenv( $var ) {
+    $var_under = str_replace('-', '_', $var);
+    $check_vars = array(
+        $var => TRUE,
+        'REDIRECT_' . $var => TRUE,
+        $var_under => TRUE,
+        'REDIRECT_' . $var_under => TRUE,
+    );
+    foreach ($check_vars as $check_var => $true) {
+        if ( ($result = getenv($check_var)) !== FALSE ) {
+            return $result;
+        }
+    }
+    return FALSE;
+}
+
 /**
  * Perform automatic login. This is based on the user not being logged in,
  * an active session and the option being set to true.
@@ -31,7 +51,7 @@ function shibboleth_auto_login() {
 		if ( is_wp_error($userobj) ) {
 			// TODO: Proper error return.
 		} else {
-			wp_safe_redirect($_SERVER['REQUEST_URI']);
+			wp_safe_redirect(shibboleth_getenv('REQUEST_URI'));
 			exit();
 		}
 	}
@@ -148,9 +168,9 @@ function shibboleth_admin_hooks() {
 function shibboleth_session_active() { 
 	$active = false;
 
-	$session_headers = array('Shib-Session-ID', 'Shib_Session_ID', 'HTTP_SHIB_IDENTITY_PROVIDER');
+	$session_headers = array('Shib-Session-ID', 'HTTP_SHIB_IDENTITY_PROVIDER');
 	foreach ($session_headers as $header) {
-		if ( array_key_exists($header, $_SERVER) && !empty($_SERVER[$header]) ) {
+		if ( shibboleth_getenv($header) ) {
 			$active = true;
 			break;
 		}
@@ -289,7 +309,7 @@ function shibboleth_authenticate_user() {
 		return new WP_Error('no_access', __('You do not have sufficient access.'));
 	}
 
-	$username = $_SERVER[$shib_headers['username']['name']];
+	$username = shibboleth_getenv($shib_headers['username']['name']);
 	$user = new WP_User($username);
 
 	if ( $user->ID ) {
@@ -371,7 +391,7 @@ function shibboleth_get_user_role() {
 
 		if ( empty($role_header) || empty($role_value) ) continue;
 
-		$values = split(';', $_SERVER[$role_header]);
+		$values = explode(';', shibboleth_getenv($role_header));
 		if ( in_array($role_value, $values) ) {
 			$user_role = $key;
 			break;
@@ -436,7 +456,7 @@ function shibboleth_update_user_data($user_id, $force_update = false) {
 	foreach ($user_fields as $field => $header) {
 		if ( $force_update || $shib_headers[$header]['managed'] ) {
 			$filter = 'shibboleth_' . ( strpos($field, 'user_') === 0 ? '' : 'user_' ) . $field;
-			$user_data[$field] = apply_filters($filter, $_SERVER[$shib_headers[$header]['name']]);
+			$user_data[$field] = apply_filters($filter, shibboleth_getenv($shib_headers[$header]['name']));
 		}
 	}