Limitation On Size Or Url Length With Target In OIF
(Doc ID 1357981.1)
Last updated on MARCH 08, 2017
Applies to:Oracle Identity Federation - Version: 22.214.171.124
Information in this document applies to any platform.
We are using OIF11g and using OAM10g as authentication engine. We have integrated one SP which is using SAML1.1. For redirecting the user to a deep link in the SP we are using TARGET attribute in the URL. This target attribute is getting populated correctly by SP and send to IDP for authentication. Below is the URL format that SP is using to redirect the user to IDP for authentication purpose.
We are seeing two behaviors with OIF for TARGET url, when SP is sending a TARGET url around 66 characters OIF is able to send back the TARGET URL correctly, however when SP is sending the TARGET URL with more than 200 characters then OIF is truncating some part of the TARGET url and sending it to SP.
I looked at the oracle documentation there is no specific information on TARGET url length or size. Could you please let me know if there are any restrictions on size or length of the TARGET url. We have configured database as session store for OIF.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document
|This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.|