SSO - SAML, Redirect a user to a specified landing page after successful log in

single-sign-on saml opensaml

Though it is not in the SAML specs, a de-facto standard is to use the RelayState element for that. It is added as a parameter in the response in addition to the SAMLResponse parameter and value of the landing URL. Sample HTML page from http://en.wikipedia.org/wiki/SAML_2.0 for an IDP using the POST binding for the response:

<form method="post" action="https://sp.example.com/SAML2/SSO/POST" ...>
    <input type="hidden" name="SAMLResponse" value="<response>" />
    <input type="hidden" name="RelayState" value="<url>" />
    ...
    <input type="submit" value="Submit" />
</form>

Edit:
Just to be clear, the RelayState parameter declaration is part of the specs and it is included to allow for passing arbitrary state between SP and IDP. Using it for passing a URL that defines the landing page is not defined in the spec but is de-facto standard usage. Any usage of RelayState in IDP-init-SSO would depend on a pair-wise agreement between IDP and SP and this is just an agreement that makes sense, is useful and thus has been widely adopted.

Related

Create customized plotting function and run it with dynamic parameters using R
Iterate over JS object of arrays
How to convert UTF-8 notation to python unicode notation
phaser 3 throws "Texture.frame missing:" warning and fails to load frame, how do I fix it? [duplicate]
Unable to connect Android ADB over TCP/IP
Any ideas on how to reset my zsh terminal to default?
Windows 10 - LoadLibrary failed with error 87 - on Remote Desktop Session
Set DPI of individual applications in Linux
Where could I find the dll/exe/process that handles the Bluetooth tray icon?
How to create a bash/zsh status bar on macOS
My mouse keeps on the mouse click
Is there a preferred way of restarting X after getting stuck on the desktop despite not logging in due to disconnecting a monitor?