Support for Drupal 7 is ending on 5 January 2025—it’s time to migrate to Drupal 10! Learn about the many benefits of Drupal 10 and find migration tools in our resource center.
Is an SP initiated SSO SAML request is sent to the light_saml_idp.login route, the POST data is lost after Drupal redirects you through GET, resulting in a 403.
We should save $_POST['SAMLRequest'] before redirecting to /user/login to be able to use that later in the light_saml_idp.login route.
Comment | File | Size | Author |
---|---|---|---|
#4 | 3085174-1.patch | 3.61 KB | JohanKleene |
Comments
Comment #3
MrHaroldA CreditAttribution: MrHaroldA at iO commentedComment #4
JohanKleene CreditAttribution: JohanKleene commentedOn login currently only the SAMLRequest parameter is saved in session. This patch also saves the RelayState temporarily in a session parameter. Without it the parameter is lost when relaying back to the SP.
Comment #6
MrHaroldA CreditAttribution: MrHaroldA at iO commentedTnx, Johan!