SP- Redirect to improper urls after setting value for redirectErrors
Alexander Ivanov
alex at calmforce.com
Mon Jan 23 18:44:34 EST 2017
> That raises all kinds of red flags because most people are copying
various example scripts people have posted that are intended to respond to
and forward along the browser back to the original URL. Get that wrong and
this is easily imaginable.
Our Dataverse instance is using the sample code from your Shibboleth
isPassive documentation page for the isPassive implementation:
https://wiki.shibboleth.net/confluence/display/SHIB2/isPassive
Are you saying that code is incorrect?
On Mon, Jan 23, 2017 at 6:15 PM, Cantor, Scott <cantor.2 at osu.edu> wrote:
> > What specific parameters on the URL would there be on an error redirect?
>
> https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPErrors
>
> It describes many of the common parameters, some of which are practically
> always going to be there, like errorType, statusCode, etc. Note that one of
> them is requestURL. Could be that you have something in the midst of all
> this chain of redirects causing this to happen, and that's a heck of a lot
> more likely frankly.
>
> > This problem occurs during a failed passive login attempt.
>
> That raises all kinds of red flags because most people are copying various
> example scripts people have posted that are intended to respond to and
> forward along the browser back to the original URL. Get that wrong and this
> is easily imaginable.
>
> > It is occurring for
> > both of our applications, so I think the SP must be at fault.
>
> I think that's virtually impossible, I know what the code looks like and
> it doesn't do what you're describing.
>
> Simply put, I think the bug is in whatever is handling the redirect, not
> the code producing it. But a simple LiveHeaders trace should be
> illustrative.
>
> -- Scott
>
>
> --
> To unsubscribe from this list send an email to
> users-unsubscribe at shibboleth.net
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20170123/5b8bad41/attachment.html>
More information about the users
mailing list