Alter RelayState with SAML Response
Cantor, Scott
cantor.2 at osu.edu
Thu Jul 10 17:40:22 EDT 2014
On 7/10/14, 3:45 PM, "Supakit Kiatrungrit" <supakitk at sfsu.edu> wrote:
>
>We are implementing the Shibboleth IdP Postlogin Flow / Filter and would
>like to redirect the user back to the original page. However, this seems
>require saving the original RelayState to the session and alter
>RelayState value on the second request when return from the Postlogin
>Flow page. Do you have any suggestion on how to redirect the user to
>original page by replacing the Relaystate from the session. Are there any
>other alternatives?
RelayState is a SAML requirement and shouldn't be changed or used in any
other interaction. The IdP handles passing it back to the SP when the
profile completes because it's stored in the profile request state. If
something you added to the IdP is preventing that, it would have a bug.
Other than that, I don't know what you're asking exactly.
-- Scott
More information about the users
mailing list