This website uses cookies to ensure you get the best experience. Learn More.
Liferay with Open AM doesn't redirect to requested page after login
Problem
I have faced redirect issue with liferay 6.2 / openam (opensso) setup . SSO Login URL = https://abc.com/openam/UI/Login?goto=https://my.liferay.server.url.com When i am requesting https://my.liferay.server.url.com/group/abc/abc-portlet, since opensso is enabled i am redirected to https://abc.com/openam/UI/Login?goto=https://my.liferay.server.url.com And after successful authentication, I am taken to liferay home page i.e https://my.liferay.server.url.com not to the requested url https://my.liferay.server.url.com/group/abc/abc-portlet If opensso is disabled, while requesting https://my.liferay.server.url.com/group/abc/abc-portlet, after login liferay redirects to requested url.
Solution
Liferay uses com.liferay.portal.servlet.filters.sso.opensso.OpenSSOFilter to handle OpenSSO.
While inspecting the OpenSSOFilter code i too find liferay has a mechanism to redirect to requested url. See below code
171 redirect = 172 loginUrl + 173 HttpUtil.encodeURL("?redirect=" + HttpUtil.encodeURL(redirect)); 175 response.sendRedirect(redirect);
But due to some reason the above code was not excuted. And the reason is OpenSSOFilter expects the portal-ext property auth.forward.by.last.path to be true and OpenSSO Login URL should have /portal/login
See below
151 if (!PropsValues.AUTH_FORWARD_BY_LAST_PATH || 152 !loginUrl.contains("/portal/login")) { 154 response.sendRedirect(loginUrl); 156 return; 157 }
Updating Login SSO URL to https://abc.com/openam/UI/Login?goto=https://my.liferay.server.url.com/c/portal/login and having set auth.forward.by.last.path to true (by default it is true) solved the issue.