When using IDS, URL fragment is dropped after redirect
This issue was created as outcome for MNT-22029.
The scope of this issue is to investigate how our SAML Module is handling the URL Fragment after redirect and if we can implement the same mechanism in Share
IDS needs to be enabled and user logged out.
When accessing a Share URL containing a URL Fragment (hash fragment) e.g. localhost:9999/share/page/site/training/documentlibrary#filter=path|%2Ftestfolder|&page=1 , after the login page, the user is redirected to the page without the URL fragment, e.g. localhost:9999/share/page/site/training/documentlibrary
AIMS is ignoring anything after # namely: `filter=path|%2Ftestfolder|&page=1`
Step to reproduce:
Configure ACS 6.2.2 to use AIMS and Share to use also the same authentication system
Open any site document library, then open a folder in this document library
Click on the folder to get the list of all document belonging to that folder
Copy from the browser URL generated
Open a new private window in the same browser and paste the URL
Provide the credentials as required
Check where the URL is being directed
to be redirected to the folder
APS and Digital-Workspace are experiencing the same issue.
The Share login with SAML worked like this:
Share starts a new session
We store the initial URL (e.g. localhost:9999/share/page/site/...#filter=path|...) in that session
We redirect to the IdP, giving one fixed return Uri
The IdP returns always to the same Uri, e.g. /share/login/samlResponse
After we validated the SAML response, we then read the initial Uri from the session and delegate there
as the workaround is in the custom Alfresco theme for Keycloak I would not suggest changing the product as the intent is for this theme to be customised by each customer to match their requirements.