Uploaded image for project: 'DSpace'
  1. DSpace
  2. DS-4139

Wrong redirect URL after shibboleth login

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Code Review Needed (View Workflow)
    • Priority: Critical
    • Resolution: Unresolved
    • Affects Version/s: 6.3, 5.10
    • Fix Version/s: None
    • Component/s: JSPUI
    • Labels:
      None
    • Attachments:
      0
    • Comments:
      0
    • Documentation Status:
      Not Required

      Description

      We have observed that the returnURL generated by the ShibAuthentication plugin contains an extra leading slash, see
      https://github.com/DSpace/DSpace/blob/dspace-6_x/dspace-api/src/main/java/org/dspace/authenticate/ShibAuthentication.java#L522

      this will generate a request to DSPACE-URL//shibboleth-login
      When a reverse proxy is on front of tomcat, this could lead (sometime - we have seen both behavior but as we don't have full access to both reverse proxy configurations) to the creation of a new session on the tomcat side as the session cookie is not forwarded by the reverse proxy to the tomcat server resulting in the redirection to the mydspace instead than the original restricted URL

        Attachments

          Activity

            People

            Assignee:
            Unassigned
            Reporter:
            bollini Andrea Bollini (4Science)
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: