-
Type:
Bug
-
Status: Open
-
Priority:
Trivial
-
Resolution: Unresolved
-
Affects Version/s: 11.0.0, 12.0.0
-
Fix Version/s: None
-
Component/s: SAML
-
Labels:None
-
Environment:Tomcat 7, Java 1.7, Linux 2.6.32-431.5.1.el6.x86_64, CentOS release 6.5 (Final)
-
Rank:1|hzpa9j:
A bad forward path is generated by the OpenAM (SP) which set an original Assertion Consumer Service location.
This problem occurred only if an original assertion consumer service location is configured.
I encountered this problem, when I used an my original servlet which consumes the SAML assertion.
This servlet uses com.sun.identity.saml2.profile.SPACSUtils.prepareForLocalLogin() for getting a path used of a request forwarding.
But, prepareForLocation() returns a wrong URL below.
This URL is made by the code block below.
SPACSUtils.java
if ((localLoginUrl == null) || (localLoginUrl.length() == 0)) { // shouldn't be here, but in case localLoginUrl = SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_PROTOCOL) + "://" + SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_HOST) + SystemConfigurationUtil.getProperty(SAMLConstants.SERVER_PORT) + "/UI/Login?org=" + orgName; }
The comment says // shouldn't be here, but in case . However, my process have reached here in my environment.
