LoginHandler - Obtain the SP URL

Manuel Haim haim at hrz.uni-marburg.de
Wed Sep 7 08:28:10 BST 2011

Hi Joshua,

as far as I know, it is just not possible (and was never intended for
privacy reasons) to get the URL of the SP-protected ressource from
within the IdP.

When you access an SP-protected resource, the SP sets a cookie (with the
SP session id) and remembers the resource URL for you. After successful
login at the IdP, you will be redirected back to the SP (a JavaScript
initiated HTTP-POST request with your user attributes is sent e.g. to
https://sp.example.org/Shibboleth.sso/SAML2/POST), and the SP will then
redirect you to the resource URL.


Am 06.09.2011 08:17, schrieb Halm Reusser:
> Joshua, it's more than just a redirect...
> Keyword: returnToAuthenticationEngine [1]
> Along with the developer docs [2],  I suggest to take a look at the
> Username Password Login Handler Code [3]. It's very well written and
> documented, you will see how it works quickly, I guess.
> [1]
> http://svn.shibboleth.net/view/java-shib-idp2/tags/2.3.3/src/main/java/edu/internet2/middleware/shibboleth/idp/authn/provider/UsernamePasswordLoginServlet.java?view=markup
> [2]
> https://wiki.shibboleth.net/confluence/display/SHIB2/IdPDevExtLoginHandler
> [3]
> http://svn.shibboleth.net/view/java-shib-idp2/tags/2.3.3/src/main/java/edu/internet2/middleware/shibboleth/idp/authn/provider/
> On 06.09.11 07:09, Joshua Brodie wrote:
>> Hi:
>> Is it possible, in the IdP's LoginHandler, to obtain the URL to
>> redirect user after successful authentication?
>> Jos -- To unsubscribe from this list send an email to
>> users-unsubscribe at shibboleth.net
> --
> To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net

More information about the users mailing list