Details
-
Bug Report
-
Resolution: Unresolved
-
L3 - Default
-
None
-
7.13.0, 7.14.0
-
None
Description
Based on the exchange in this forum thread.
In the example discussed in the forum thread linked above, and then shown in the reproduction linked below, it is demonstrated that when integrating SSO at the container level (example: Oauth2 + Spring Security) the hash fragment of the URL is lost during redirect after the initial login. The reproduction scenario looks something like this (using the Github Oauth example below):
- Clear any cached site data for http://localhost and https://github.com (also, incognito window would suffice)
- Navigate to a link deep in cockpit (e.g. http://localhost:8080/app/cockpit/default/#/process-definition/example:1:df90e1bd-35bc-11eb-815b-9ea5f5f2c29d)
- Browser redirects user to Github for login.
- Login to Github, approve app if necessary.
- Browser redirects back to Cockpit
- User ends up at http://localhost:8080/app/cockpit/default/#/dashboard
It appears as though the hash fragments are lost completely and Spring Security redirects to the only thing it knows about, which is the base url (http://localhost:8080/app/cockpit/default/).
Note: when login has taken place already, navigating to the deep link again has no issue. This remains true even if you get redirected to Github, but never see a login page. This can be reproduced by following the same steps, but in step #1 clear only site data for http://localhost, but not https://github.com.
Research suggests that most frontend applications need to handle hash fragments when a backend technology like Spring Security is used for SSO + redirects as the fragment is never sent to the server to begin with.
It is also worth noting that I have no evidence to suggest the Camunda webapps support what is being attempted here. If someone can point me in the right direction, I'd be happy to contribute a fix (or propose one) whether that's a direct contribution or plugin (I'm not sure plugins of any type are loaded early enough to produce the desired result). If nothing else, some verbiage in the documentation to indicate the shortcoming might be helpful to future community members.
Small reproduction
mgm-controller-panel
This is the controller panel for Smart Panels app
Attachments
Issue Links
- is related to
-
CAM-1841 redirect from login page to originally requested page
- Closed