Limitation On Size Or Url Length With Target In OIF
Last updated on MARCH 08, 2017
Applies to:Oracle Identity Federation - Version: 18.104.22.168
Information in this document applies to any platform.
We are using OIF11g and using OAM10g as authentication engine. We have integrated one SP which is using SAML1.1. For redirecting the user to a deep link in the SP we are using TARGET attribute in the URL. This target attribute is getting populated correctly by SP and send to IDP for authentication. Below is the URL format that SP is using to redirect the user to IDP for authentication purpose.
We are seeing two behaviors with OIF for TARGET url, when SP is sending a TARGET url around 66 characters OIF is able to send back the TARGET URL correctly, however when SP is sending the TARGET URL with more than 200 characters then OIF is truncating some part of the TARGET url and sending it to SP.
I looked at the oracle documentation there is no specific information on TARGET url length or size. Could you please let me know if there are any restrictions on size or length of the TARGET url. We have configured database as session store for OIF.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms