RelyParty redirect URL

Christopher Bongaarts cab at
Thu Jul 2 15:59:34 UTC 2020

On 7/2/2020 10:57 AM, Cantor, Scott wrote:
> On 7/2/20, 11:20 AM, "users on behalf of Joseph Fischetti"<users-bounces at on behalf of Joseph.Fischetti at>  wrote:
>> Is there any way to force the JSESSIONID to exist in the flowExecutionUrl (i.e. it doesn't always), or is it available as a
>> variable I can access in a velocity template?
> That's terrible security practice, but it won't matter anyway.
> It's already in a cookie, and if the cookie isn't sent back, nothing's going to work right anyway. And if the session is actually just expired, including it in the URL won't help.
> Whatever you're doing either isn't technically possible or it's relying on the session lasting long enough, which there's no guarantee of (but the timeout value is not up to the IdP, it's set by the container, and is changeable).

Does SameSite come into play in this situation?

%%  Christopher A. Bongaarts   %%  cab at          %%
%%  OIT - Identity Management  %%  %%
%%  University of Minnesota    %%  +1 (612) 625-1809    %%

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list