Keep POST data after login [#3085174]

Is an SP initiated SSO SAML request is sent to the light_saml_idp.login route, the POST data is lost after Drupal redirects you through GET, resulting in a 403.

We should save $_POST['SAMLRequest'] before redirecting to /user/login to be able to use that later in the light_saml_idp.login route.

Comment	File	Size	Author
#4	3085174-1.patch	3.61 KB	JohanKleene

Support from Acquia helps fund testing for Drupal Acquia logo

Comments

Comment #1

2 October 2019 at 11:36

MrHaroldA created an issue. See original summary.

Comment #2

2 October 2019 at 11:37

MrHaroldA committed b0e732e on 8.x-1.x

Issue #3085174: Keep POST data after login

Comment #3

MrHaroldA CreditAttribution: MrHaroldA at iO commented 2 October 2019 at 11:52

Status:

Active

» Needs review

Comment #4

JohanKleene CreditAttribution: JohanKleene commented 17 October 2019 at 08:36

Category:

Feature request

» Bug report

File	Size
3085174-1.patch	3.61 KB

On login currently only the SAMLRequest parameter is saved in session. This patch also saves the RelayState temporarily in a session parameter. Without it the parameter is lost when relaying back to the SP.

Comment #5

17 October 2019 at 10:11

MrHaroldA committed a0342b5 on 8.x-1.x authored by JohanKleene

Issue #3085174 by JohanKleene, MrHaroldA: Keep POST data after login

Comment #6

MrHaroldA CreditAttribution: MrHaroldA at iO commented 17 October 2019 at 10:12

Status:

Needs review

» Fixed

Tnx, Johan!

Comment #7

31 October 2019 at 10:14

Status:

Fixed

» Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.

Keep POST data after login

Comments

Comment #1

Comment #2

Comment #3

Comment #4

Comment #5

Comment #6

Comment #7

Thank you to these Drupal contributors

News items

Our community

Documentation

Drupal code base

Governance of community