Back to target url after wso2 saml sso authorization

I am creating a simple service provider (SP) for java with wso2 saml sso authorization.

I implemented it this way (please correct me if I am wrong):

  • User enters some kind of target url in browser
  • My SP servlet is sending a redirect to WSO2 IDM.
  • IDM resolves the user and redirects the SAMLResponse and RelayState parameters to my consumer address.

The SP should now process this request and redirect the user to the target URL without IDM redirecting again. Otherwise I end up with an infinite loop, so I think there should be one more step between steps 1 and 2 ...

What is the correct way to do this?

+3


source to share


1 answer


Typical implementation

1 User tries to access a secure site

2 The filter checks if the user has passed the authentication session.

2.1 If not, redirect IDP / IDM



2.1.1 IDM authenticates user and redirects back to SP with identity

2.1.2 SP creates authenticated session

2.1.3 The user is redirected to the target url, everything starts at 2 again.

Here I have a post describing the flow in more detail

+1


source







All Articles