Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15042

Document that idpssoinit can only use RelayState as a GET parameter and not via POST

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 13.5.2, 14.5.1, 5.5.1, 6.0.0.7, 6.5.1
    • Fix Version/s: 7.0.0
    • Component/s: documentation
    • Labels:
    • Environment:
      AM SAML
    • Sprint:
      AM 2019.14 - Rotary Mill, AM 2019.15 - Gears
    • Story Points:
      1
    • Needs backport:
      No
    • Support Ticket IDs:
    • Needs QA verification:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Bug description

      https://bugster.forgerock.org/jira/browse/OPENAM-2469

      documents that only GET request are allowed to use RelayState, there is a common misconfiguration to try to use this parameter with a PUT.

      How to reproduce the issue

      https://backstage.forgerock.com/docs/am/6.5/saml2-guide/#using-saml2-sso-slo

      Doesn't list GET as limitation for RelayState

      Expected behaviour
      Documentation should list in 
      RelayState(Optional) Use this parameter to specify where to redirect the user when the process is complete. Make sure you URL-encode the value. For example, RelayState=http%3A%2F%2Fforgerock.com takes the user to http://forgerock.com.
      
      Clarify this is for GET only, or in idpSSOInit.jsp section. 
      idpSSOInit.jsp Used to initiate SSO from the identity provider side, so call this on the identity provider not the service provider. This is also mapped to the endpoint idpssoinit under the context root.Examples: http://www.idp.example:8080/openam/saml2/jsp/idpSSOInit.jsp,http://www.idp.example:8080/openam/idpssoinit
      Current behaviour
      Customer try to post to idpSSOInit.jsp relaystate and this will fail
      

        Attachments

          Activity

            People

            • Assignee:
              chris.lee Chris Lee
              Reporter:
              william.hepler William Hepler
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: