We have an SSO solution that uses Shibboleth SSO for SSO authentication to a Confluence wiki site. We've configured Seraph (login.url and link.login.url) to redirect through Shibboleth as follows:
<init-param> <param-name>login.url</param-name> <param-value>https://<sp domain>/Shibboleth.sso/Login?target=https://<wiki domain>/wiki?os_destination=${originalurl}</param-value> </init-param> <init-param> <param-name>link.login.url</param-name> <param-value>https://<sp domain>/Shibboleth.sso/Login?target=https://<wiki domain>/wiki?os_destination=${originalurl}</param-value> </init-param>
The problem is, the originalurl contains query parameters (e.g https://<wiki domain>/wiki/pages/viewpage.action?title=Home&spaceKey=Space). When this is sent back to the SP, only the ${originalurl} portion is URL encoded. Once the SP decodes the target, the 2nd originalulr query parameter (spaceKey in this example) is interpret as the target's query parameters.
It seems as if i need to url encode the entire target after the originalurl has been encoded (i.e dual encode the originalurl) so original url can survive the SP decode.
How can i handle origianlurl's that contain query parameters?
Thanks
Have you found a solution?
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Join us June 26, 11am PT for a webinar with Atlassian Champion Robert Hean & Loom’s Brittany Soinski. Hear tips, stories, and get your burning questions answered. Learn how Loom makes training and enablement easier. Don’t miss it!
Register todayOnline forums and learning are now in one easy-to-use experience.
By continuing, you accept the updated Community Terms of Use and acknowledge the Privacy Policy. Your public name, photo, and achievements may be publicly visible and available in search engines.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.