Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-76246

SAML relay state can be bigger than 80 bytes

Details

    • 5
    • 3

    Description

      Description:
      Liferay usually sends a redirect URL as relay state and as Liferay can have very long query strings in it it can easily exceed 80 bytes. The SAML specification does not require implementations to be able to handle relay states bigger than 80 bytes so there might be implementations with which Liferay wouldn't be compatible.

      Proposed solution:
      Instead of the URLs only some id/token should be in the relay state and the URL should be stored locally.

      Attachments

        Activity

          People

            support-lep@liferay.com SE Support
            norbert.kocsis Norbert Kocsis (Inactive)
            Kiyoshi Lee Kiyoshi Lee
            Votes:
            3 Vote for this issue
            Watchers:
            5 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:
              2 years, 29 weeks, 3 days ago

              Packages

                Version Package