Liferay with Open AM doesn't redirect to requested page after login

Problem

I have faced redirect issue with liferay 6.2 / openam (opensso) setup .

SSO Login URL = https://abc.com/openam/UI/Login?goto=https://my.liferay.server.url.com

When i am requesting https://my.liferay.server.url.com/group/abc/abc-portlet, since opensso is enabled i am redirected to https://abc.com/openam/UI/Login?goto=https://my.liferay.server.url.com

And after successful authentication, I am taken to liferay home page i.e https://my.liferay.server.url.com not to the requested url https://my.liferay.server.url.com/group/abc/abc-portlet

If opensso is disabled, while requesting https://my.liferay.server.url.com/group/abc/abc-portlet, after login liferay redirects to requested url.

Solution

Liferay uses com.liferay.portal.servlet.filters.sso.opensso.OpenSSOFilter to handle OpenSSO.

While inspecting the OpenSSOFilter code i too find liferay has a mechanism to redirect to requested url. See below code

171  redirect =
172      loginUrl +
173          HttpUtil.encodeURL("?redirect=" + HttpUtil.encodeURL(redirect));
175  response.sendRedirect(redirect);

But due to some reason the above code was not excuted. And the reason is OpenSSOFilter expects the portal-ext property auth.forward.by.last.path to be true and OpenSSO Login URL should have /portal/login

See below

151  if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH ||
152      !loginUrl.contains("/portal/login")) {
154      response.sendRedirect(loginUrl);
156      return;
157  }

Updating Login SSO URL to https://abc.com/openam/UI/Login?goto=https://my.liferay.server.url.com/c/portal/login and having set auth.forward.by.last.path to true (by default it is true) solved the issue.

1 Comment

Please sign in to comment.

Thanks. this worked

Please sign in to reply.

Menu Display

Blogs

Category Filter

More Blog Entries

Custom Liferay Session on expiration

Pushing Using Vaadin, Websockets and Liferay 6