Issue

AEM redirects the user to the original secured URL with an extra "?" after the IDP SAML Response POST back to AEM.  This is breaking SAML auth.  The extra "?" is set in the saml_request_path cookie.

The scenario goes like this:

  1. The user goes to a secured url on the AEM instance that includes a querystring, for example /secured.html?test=1.
  2. AEM sends the user to the IDP (Authn POST or redirect).
  3. IDP does the SAMLResponse POST to AEM.
  4. AEM redirects the user to the url from step 1 but with an extra question mark added to the querystring, for example /secured.html??test=1.

Environment

AEM 6.2

Cause

This is a known AEM product bug GRANITE-14613.

Resolution

Either install the latest AEM 6.2 Cumulative Fix Pack or contact AEM Customer Care for hotfix 13707.

Licencia na používanie tohto diela sa poskytuje v súlade s podmienkami licencie Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License  Na príspevky v sociálnych sieťach Twitter™ a Facebook sa nevzťahujú podmienky licencií Creative Commons.

Právne upozornenia   |   Zásady ochrany osobných údajov online