[overlord-issues] [JBoss JIRA] (SRAMP-440) Add a final redirect filter to overlord SPs
Brett Meyer (JIRA)
issues at jboss.org
Tue Jul 29 12:18:29 EDT 2014
[ https://issues.jboss.org/browse/SRAMP-440?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brett Meyer reopened SRAMP-440:
-------------------------------
> Add a final redirect filter to overlord SPs
> -------------------------------------------
>
> Key: SRAMP-440
> URL: https://issues.jboss.org/browse/SRAMP-440
> Project: S-RAMP
> Issue Type: Enhancement
> Security Level: Public(Everyone can see)
> Components: UI
> Reporter: Eric Wittmann
> Assignee: Brett Meyer
> Fix For: 0.5.0
>
>
> The IDP (when running in tomcat, jetty, fuse) causes the browser to do a POST of the SAML assertion to the SP (e.g. s-ramp-ui). This POST is consumed by the SPFilter and the assertion is consumed. At this point the user is authenticated and the UI is loaded.
> However, if the user then tries to refresh the page, the browser will likely ask if the user wishes to Resend data.
> To avoid this problem we should have a filter that does a final redirect (only after a POST to the SPFilter) so that the browser finishes up with a GET request to the UI rather than a POST.
--
This message was sent by Atlassian JIRA
(v6.2.6#6264)
More information about the overlord-issues
mailing list