Skip to Content
avatar image
Former Member

How to use Custom Service Provider and not lose parent page context after logon

Hello,

We are having a use case where in , on an action we would request the user to logon.

While doing so, after logging in the page refreshes and we will lose the action context.

Our Requirement

Action-> Login with SAML/ Basic Auth-> Retrigger the action automatically ( publish the event again )

Is there any mechanism where we give the user a logon overlay and he logs in but the page context is not lost?

I have saved the context information in session Storage but that does not seem to be a secure mechanism. Any suggestions with respect to setup of a custom Service Provider and saving the context information securely would be very much appreciated.

Thanks in advance,

Sharvari

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

1 Answer

  • avatar image
    Former Member
    Jun 21, 2017 at 03:37 PM

    Dear Sharvari,

    As I understand from the problem description NetWeaver AS Java is the service provider and you have a custom identity provider. Also it seems to me as a service provider initiated SSO.

    In such a case the RelayState cookie should contain the application url where after the authentication is completed on the Identity provider side, the user is redirected to. For further details please check the below SAP Help Portal content:

    https://help.sap.com/doc/ff4b68756c551014b39c8f8599a3b675/7.02.18/en-US/4ab4f0fe85376d61e10000000a42189c.html

    So in case I understand the scenario correctly, the problem you describe should not occure.

    I would recommend, to collect SAML 2.0 trace using the troubleshooting wizzard to check why the redirect does not work correctly.

    Best regards,

    Emoke

    Add comment
    10|10000 characters needed characters exceeded