Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-11194

Goto url not used in the presence of a valid session or after a redirect callback

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 13.5.1, 13.5.2, 14.0.0, 14.1.1, 14.5.0
    • Fix Version/s: 13.5.2, 14.5.0
    • Component/s: XUI
    • Sprint:
      AM Sustaining Sprint 42
    • Story Points:
      3
    • Needs backport:
      No
    • Support Ticket IDs:
    • Verified Version/s:
    • Needs QA verification:
      Yes
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Steps to reproduce:

      1) Access http://am.example.com:8080/openam/?goto=http%3A%2F%2Fwww.forgerock.com -> Redirected to login page
      2) Authenticate successfully -> Redirected to http://www.forgerock.com
      3) Access http://am.example.com:8080/openam/?goto=http%3A%2F%2Fwww.google.com

      Expected result:
      Immediately redirected to http://www.google.com

      Actual result:
      Taken to http://am.example.com:8080/openam/XUI/?goto=http%3A%2F%2Fwww.google.com#profile/details

      Note: At this point, the user can click "Logout" from the XUI profile and will be taken to the goto url at that point

       

      Similarly, if at step 2 you authenticate successfully with a social provider (such as Google), upon returning to OpenAM you will not be redirected to your requested goto URL but instead will be taken to the default success url (#profile/details,  for example)

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                markdr Mark de Reeper
                Reporter:
                jake.feasel Jake Feasel
              • Votes:
                0 Vote for this issue
                Watchers:
                16 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: