My Oracle Support Banner

Limitation On Size Or Url Length With Target In OIF (Doc ID 1357981.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Identity Federation - Version: 11.1.1.1 and later   [Release: No Release Description and later ]
Information in this document applies to any platform.

Symptoms


HI,
We are using OIF11g and using OAM10g as authentication engine. We have integrated one SP which is using SAML1.1. For redirecting the user to a deep link in the SP we are using TARGET attribute in the URL. This target attribute is getting populated correctly by SP and send to IDP for authentication. Below is the URL format that SP is using to redirect the user to IDP for authentication purpose.

https://<>:443/fed/idp/samlv11sso?providerid=XXXXX&TARGET=XXXXXXXXXXXX

We are seeing two behaviors with OIF for TARGET url, when SP is sending a TARGET url around 66 characters OIF is able to send back the TARGET URL correctly, however when SP is sending the TARGET URL with more than 200 characters then OIF is truncating some part of the TARGET url and sending it to SP.

I looked at the oracle documentation there is no specific information on TARGET url length or size. Could you please let me know if there are any restrictions on size or length of the TARGET url. We have configured database as session store for OIF.

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
  Symptoms
  Cause
  Solution
  References

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.