When using IDS, URL fragment is dropped after redirect

Description

This issue was created as outcome for MNT-22029.

The scope of this issue is to investigate how our SAML Module is handling the URL Fragment after redirect and if we can implement the same mechanism in Share

Short Description:
IDS needs to be enabled and user logged out.
When accessing a Share URL containing a URL Fragment (hash fragment) e.g. localhost:9999/share/page/site/training/documentlibrary#filter=path|%2Ftestfolder|&page=1 , after the login page, the user is redirected to the page without the URL fragment, e.g. localhost:9999/share/page/site/training/documentlibrary
AIMS is ignoring anything after # namely: `filter=path|%2Ftestfolder|&page=1`

Step to reproduce:

  1. Configure ACS 6.2.2 to use AIMS and Share to use also the same authentication system

  2. Open any site document library, then open a folder in this document library

  3. Click on the folder to get the list of all document belonging to that folder

  4. Copy from the browser URL generated

  5. Open a new private window in the same browser and paste the URL

  6. Provide the credentials as required

  7. Check where the URL is being directed

Expected behavior:
to be redirected to the folder
localhost:9999/share/page/site/training/documentlibrary#filter=path|%2Ftestfolder|&page=1

Actual results:
redirected to
localhost:9999/share/page/site/training/documentlibrary

Extra info:
APS and Digital-Workspace are experiencing the same issue.

The Share login with SAML worked like this:

  1. Share starts a new session

  2. We store the initial URL (e.g. localhost:9999/share/page/site/...#filter=path|...) in that session

  3. We redirect to the IdP, giving one fixed return Uri

  4. The IdP returns always to the same Uri, e.g. /share/login/samlResponse

  5. After we validated the SAML response, we then read the initial Uri from the session and delegate there

Environment

None

Testcase ID

None

Activity

Show:
Jesson Atherton
February 19, 2021, 2:19 PM

as the workaround is in the custom Alfresco theme for Keycloak I would not suggest changing the product as the intent is for this theme to be customised by each customer to match their requirements.

Won't Do

Assignee

Jesson Atherton

Reporter

Alexandru Epure

Labels

None

Escalated By

CSO

Security Issue

None

ACT Numbers

00350876

Premier Customer

None

Code Branch

None

Build Location

None

Patch Attached

None

Dependent Version/s

None

Cloud or Enterprise

None

Prioritization Score

None

Bug Priority

Category 3

Delivery Team

None

Affects versions