Hard code target value in session

Description

Per our mailing list discussion:

Hardcode the target value to come back to when requireSession intercepts a request,
instead of using the current URL? Doesn't sound too difficult.

After a session timeout, I'd like to force the target URL to the root path, rather than the requested URL. (The SAML variable RelayState)

I'm not sure how the object inheritance hangs together, but it would be handy if this functionality could be set via the target parameter for a SAML2 SessionInitiator.

Thank you Scott!

--Cal

Environment

None

Activity

Scott Cantor December 17, 2010 at 2:39 PM

Closing after release.

Scott Cantor March 11, 2010 at 12:15 PM

http://svn.middleware.georgetown.edu/view/cpp-sp?view=rev&revision=3243

Cal, the change is fairly invasive, testing would be appreciated.

Cal Heldenbrand February 2, 2010 at 2:11 PM

Yes, that's acceptable for my situation. My actual problem with this is when timeouts happen, but the root path would be the target upon logins as well, so everything would be fine.

Thanks Scott,

--Cal

Scott Cantor February 2, 2010 at 1:31 PM

Getting back to this, you do understand that such a feature would apply to all cases, not just timeouts, right?

If target were set, then an initial request to some URL that got intercepted would also end up at the target setting and not the original URL. That makes it of questionable value, unless I'm misunderstanding your goal here.

Cal Heldenbrand November 11, 2009 at 3:47 PM

Oops. You must have the wiki tags turned off in your Jira. slightly smiling face

Fixed

Details

Assignee

Reporter

Fix versions

Affects versions

Created November 11, 2009 at 3:46 PM
Updated December 17, 2010 at 2:39 PM
Resolved March 11, 2010 at 12:15 PM