0 Replies Latest reply on Sep 1, 2015 6:55 AM by richard groote

    Web SSO and security constraints

    richard groote Newbie



      We are trying to use Web SSO in our application. I followed the documentation at SAML Web Browser SSO on JBoss AS 7.0 | JBoss Developer and this works fine when there are no specific security constraints.


      Used the following test scenario:

      - User request a secure page: http://localhost:8180/Application/WebApp/Tab

      - User is redirected to the idp

      - User supplies the credentials

      - The idp should redirects to the http://localhost:8180/Application/WebApp/Tab


      When in the web.xml the following security constraint is defined <url-pattern>/*</url-pattern> it works fine. The user is correctly redirect to the requested page.


      When the web.xml contains the below security constraints the user is redirected to http://localhost:8180/Application.






      Is there a configuration option to redirect back to the request page?


      When i change the service provider URL to http://localhost:8180/Application/WebApp than it looks like there is a infinite login attempt. Also tried to define the relaystate on the service provider configuration but that was not working and this value is not dynamic.


      Kind regards,