Uploaded image for project: 'PUBLIC - Liferay Portal Community Edition'
  1. PUBLIC - Liferay Portal Community Edition
  2. LPS-76246

SAML relay state can be bigger than 80 bytes

    Details

    • Story Points:
      5
    • Fix Priority:
      3

      Description

      Description:
      Liferay usually sends a redirect URL as relay state and as Liferay can have very long query strings in it it can easily exceed 80 bytes. The SAML specification does not require implementations to be able to handle relay states bigger than 80 bytes so there might be implementations with which Liferay wouldn't be compatible.

      Proposed solution:
      Instead of the URLs only some id/token should be in the relay state and the URL should be stored locally.

        Attachments

          Activity

            People

            • Votes:
              3 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

              • Created:
                Updated:
                Days since last comment:
                1 year, 18 weeks, 1 day ago

                Packages

                Version Package