Bug 1085504
Summary: | [GSS] (6.2.x) The NegotiationAuthenticator loses post data | ||
---|---|---|---|
Product: | [JBoss] JBoss Enterprise Application Platform 6 | Reporter: | Derek Horton <dehort> |
Component: | Security | Assignee: | Derek Horton <dehort> |
Status: | CLOSED CURRENTRELEASE | QA Contact: | Josef Cacek <jcacek> |
Severity: | unspecified | Docs Contact: | Lucas Costi <lcosti> |
Priority: | unspecified | ||
Version: | 6.1.1 | CC: | bbaranow, cdewolf, lcosti, olukas, rdickens, sgilda |
Target Milestone: | CR2 | ||
Target Release: | EAP 6.2.3 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: |
When using negotiation with PicketLink, if the Service Provider (SP) was using HTTP-POST binding, then the `NegotiationAuthenticator` would lose the SAMLRequest post parameter. This meant that after a user was successfully authenticated, the Identity Provider (IDP) would not know to where to redirect the user. As a result, the user would be left at the IDP index page.
This issue was fixed by altering the `NegotiationAuthenticator` to check if there was a re-submission of the original request URI, and if so, would forward the original request instead. As a result, using HTTP-POST binding when using negotiation should redirect the user successfully after authentication.
|
Story Points: | --- |
Clone Of: | 1030053 | Environment: | |
Last Closed: | 2014-06-09 12:46:53 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1030053 | ||
Bug Blocks: | 1067532, 1085506 |
Description
Derek Horton
2014-04-08 18:37:52 UTC
Assigning to pskopek since he pleaded to PL issues for EAP6 Assigning back to derek, this is negotiation issue, its not part of PL as I assumed. Verified in EAP 6.2.3.CR2, changes are presented in code. Customer confirmed the bug was fixed. Fix typo in release notes reported by Bug 1098999. |