Ability to pass custom params to IDP to get back on a HTTP-POST

Cantor, Scott cantor.2 at osu.edu
Fri Jan 20 19:18:59 GMT 2012

On 1/20/12 2:01 PM, "Anand Somani" <meatforums at gmail.com> wrote:

>But the problem is how to get the original application URL that triggered
>the SP to do SSO. So one thought was to pass it as a query param to IDP
>along with SAMLRequest and then hopefully get it back from IDP and then
>use that to finally forward the user once it has been authorized. This
>gives the SP an ability to be stateless and not having to remember where
>the original URL.

This is addressed in the relevant SAML bindings using RelayState. You
should read the SAML standard if you're trying to implement something, and
you wouldn't need to ask the question if you weren't. It's also not a
Shibboleth question; there is a saml-dev list at OASIS for implementers to

-- Scott

More information about the users mailing list