Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-15089

SAML SLO - Allow RelayState to be a path-relative URL

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 6.5.0
    • Fix Version/s: 6.0.1, 5.5.2, 7.0.0, 6.5.3
    • Component/s: SAML
    • Labels:
    • Sprint:
      AM Sustaining Sprint 65
    • Story Points:
      3
    • Needs backport:
      No
    • Support Ticket IDs:
    • Verified Version/s:
    • Needs QA verification:
      Yes
    • Functional tests:
      No
    • Are the reproduction steps defined?:
      Yes and I used the same an in the description

      Description

      Currently, we validate RelayState as an absolute URL, customer's requirement is to also allow RelayState to be set as a relative path.

      Also, make the goto parameter be the main redirect parameter and take precedence over the RelayState when they both exist in the request.

        Attachments

          Activity

            People

            Assignee:
            lawrence.yarham Lawrence Yarham
            Reporter:
            anastasios.kampas Anastasios Kampas
            Votes:
            0 Vote for this issue
            Watchers:
            6 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: