[overlord-issues] [JBoss JIRA] (SRAMP-440) Add a final redirect filter to overlord SPs

Add a final redirect filter to overlord SPs ------------------------------------------- Key: SRAMP-440 URL: https://issues.jboss.org/browse/SRAMP-440 Project: S-RAMP Issue Type: Enhancement Security Level: Public(Everyone can see) Components: UI Reporter: Eric Wittmann Assignee: Brett Meyer Fix For: 0.5.0.Final The IDP (when running in tomcat, jetty, fuse) causes the browser to do a POST of the SAML assertion to the SP (e.g. s-ramp-ui). This POST is consumed by the SPFilter and the assertion is consumed. At this point the user is authenticated and the UI is loaded. However, if the user then tries to refresh the page, the browser will likely ask if the user wishes to Resend data. To avoid this problem we should have a filter that does a final redirect (only after a POST to the SPFilter) so that the browser finishes up with a GET request to the UI rather than a POST.