Bug 1072387

Summary: IdP does not redirect back to original SP URL when accessed via SP URL
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Hynek Mlnarik <hmlnarik>
Component: PicketLinkAssignee: Tom Fonteyne <tfonteyn>
Status: CLOSED CURRENTRELEASE QA Contact: Hynek Mlnarik <hmlnarik>
Severity: high Docs Contact:
Priority: unspecified    
Version: 6.3.0CC: fbogyai, jcacek, jdoyle, nziakova, pskopek, pslavice, smumford, tfonteyn
Target Milestone: DR6   
Target Release: EAP 6.3.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
: 1088318 (view as bug list) Environment:
Last Closed: 2014-06-28 15:24:25 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1051640    

Description Hynek Mlnarik 2014-03-04 13:43:40 UTC 
Seen the following behaviour with PL 2.5.3.Beta2 and 2.5.3.Final in EAP 6.3.0.DR1 builds.

When accessing a service provider (SP) using URL which does not point to the SP root, the redirects caused by IdP authentication lose part of the actual URL and only redirect back to the root of SP. This happens in the following scenario:

1) Access SP using URL which retrieves a document in the SP context, e.g. /sp/printRoles. No authentication in IdP happened before.

Actual behaviour:
- The SP root document, i.e. /sp/ is retrieved

Expected behaviour:
- Requested document, i.e. /sp/printRoles is retrieved.

Strange enough, the redirection from SP to IdP is performed _twice_ in the session.
Comment 2 Hynek Mlnarik 2014-03-04 13:50:28 UTC 
May be caused by the same cause as bug 1071288
Comment 4 Tom Fonteyne 2014-03-21 11:22:49 UTC 
pull request send:

https://github.com/picketlink2/federation/pull/200
Comment 5 FIlip Bogyai 2014-04-09 09:05:32 UTC 
Verified in 6.3.0.ER1
Comment 6 Scott Mumford 2014-05-14 00:52:20 UTC 
Marking for exclusion from 6.3.0 Beta release notes as both 'affects' and 'fix' versions are listed as 6.3.0, suggesting this was not a customer-facing issue.