1071288 – IdP does not redirect back to original SP URL

Bug 1071288 - IdP does not redirect back to original SP URL

Summary: IdP does not redirect back to original SP URL

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	PicketLink
Sub Component:
Version:	6.3.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	ER3
Target Release:	EAP 6.3.0
Assignee:	Anil Saldhana
QA Contact:	Hynek Mlnarik
Docs Contact:	Russell Dickenson
URL:
Whiteboard:
Duplicates (1):	1078342 (view as bug list)
Depends On:	1085522
Blocks:	eap63-beta-blockers 1091177
TreeView+	depends on / blocked

Reported:	2014-02-28 12:50 UTC by Hynek Mlnarik
Modified:	2015-09-01 03:34 UTC (History)
CC List:	8 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2014-06-28 15:40:07 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Issue Tracker	EAP6-92	0	Major	Closed	Configuration of IDP indicated SSO	2016-05-02 09:08:57 UTC

Description Hynek Mlnarik 2014-02-28 12:50:41 UTC

Seen the following behaviour with PL 2.5.3.Beta2 and 2.5.3.Final in EAP 6.3.0 builds.

When accessing a service provider (SP) using URL which does not point to the SP root, the redirects caused by IdP authentication lose part of the actual URL and only redirect back to the root of SP. This happens in the following scenario (realized e.g. by SAML2KerberosTestCase in the AS testsuite):

1) Access IdP directly and authenticate via Kerberos
2) Access SP using URL which retrieves a document in the SP context, e.g. /sp/printRoles

Actual behaviour:
- The SP root document, i.e. /sp/ is retrieved

Expected behaviour:
- Requested document, i.e. /sp/printRoles is retrieved.

Comment 11 Kabir Khan 2014-04-25 14:46:37 UTC

Fixed by component upgrade https://bugzilla.redhat.com/show_bug.cgi?id=1091177

Comment 12 FIlip Bogyai 2014-05-02 14:11:53 UTC

Verified in EAP 6.3.0.ER3

Comment 13 baranowb 2014-05-07 11:07:39 UTC

*** Bug 1078342 has been marked as a duplicate of this bug. ***

Comment 14 Scott Mumford 2014-05-14 00:59:03 UTC

Marking for exclusion from 6.3.0 Beta release notes as both 'affects' and 'fix' versions are listed as 6.3.0, suggesting this was not a customer-facing issue.

Comment 15 JBoss JIRA Server 2015-04-28 15:09:11 UTC

John Doyle <jdoyle> updated the status of jira EAP6-92 to Closed

Note You need to log in before you can comment on or make changes to this bug.