Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] SAML nextUrl is empty when clicking on the Button Log in with single sign-on #1434

Closed
joshuarrrr opened this issue May 24, 2023 · 0 comments · Fixed by #1557
Closed

[BUG] SAML nextUrl is empty when clicking on the Button Log in with single sign-on #1434

joshuarrrr opened this issue May 24, 2023 · 0 comments · Fixed by #1557
Assignees
@cwperks
Labels
bug Something isn't working triaged

Comments

@joshuarrrr
Copy link
Member

@marcohald commented on Tue May 23 2023

Describe the bug

The Session expires and the User is redirected back to the Login Page.
There he can login via the Form based Authentification or use SAML with "Log in with single sign-on"
When SAML is used the nextUrl is set to / instead of the URL that is already passed to the logon site

To Reproduce
Steps to reproduce the behavior:

  1. Configure SAML and set this in the Config
opensearch_security.auth.type: ["basicauth","saml"]
server.xsrf.allowlist: ["/_opendistro/_security/saml/acs", "/_opendistro/_security/saml/logout"]
opensearch_security.auth.multiple_auth_enabled: true

  1. Login and visit the Discover Site and add any Filters

  2. Delete the Cookies for the Site

  3. Click on Something on the Site and you are redirected to the Login Page
    grafik

  4. In the Browser URL Bar the nextUrl is set on the Button you can see in the bottom left of the Screenshot the nextUrl is set to /

Expected behavior
The Button "Log in with single sign-on" should have the same nextUrl set as the site itself

OpenSearch Version
v 2.7.0
Dashboards Version
v 2.7.0

Plugins
opensearch-alerting
opensearch-anomaly-detection
opensearch-asynchronous-search
opensearch-cross-cluster-replication
opensearch-geospatial
opensearch-index-management
opensearch-job-scheduler
opensearch-knn
opensearch-ml
opensearch-neural-search
opensearch-notifications
opensearch-notifications-core
opensearch-observability
opensearch-performance-analyzer
opensearch-reports-scheduler
opensearch-security
opensearch-security-analytics
opensearch-sql

Host/Environment (please complete the following information):

  • OS: Windows 10
  • Browser and version Firefox 113

@joshuarrrr commented on Tue May 23 2023

@opensearch-project/triage Please transfer to https://github.com/opensearch-project/security-dashboards-plugin

@marcohald commented on Tue May 23 2023

@joshuarrrr Should I create the Issue manually at https://github.com/opensearch-project/security-dashboards-plugin
and close this one or is that somehow automated?

@joshuarrrr commented on Tue May 23 2023

Hi @marcohald - there are project maintainers in that group that have the permissions to transfer issues (which I don't). So in theory they should transfer it. But if there's no action by tomorrow I'll move it over for you.

@DarshitChanpura commented on Wed May 24 2023

Hey @joshuarrrr I'm a maintainer of security-dashboards-plugin and part of @opensearch-project/triage, however i do not have permissions to transfer this issue.

@joshuarrrr commented on Wed May 24 2023

OK, I'll just transfer via zenhub
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@cwperks cwperks

Labels
bug Something isn't working triaged
Projects
None yet
Milestone
No milestone
4 participants
@joshuarrrr @davidlago @cwperks @RyanL1997