My Oracle Support Banner

WebLogic Server: IDP Initiated SAML2.0 "RequestURL" have Limit of 80 Characters (Doc ID 1575459.1)

Last updated on SEPTEMBER 12, 2023

Applies to:

Oracle WebLogic Server - Version 10.3 and later
Information in this document applies to any platform.

Goal

Customers report using an IdP-initiated SAML2.0 SSO set-up where on the IdP side, the Service Provider Partner configuration is defined as SAML2CredentialMapper with a "POST Binding POST Form" pointing to a .jsp file which contains the Service Provider URL. An example of an end user Service Provider URL for this is "http://saml2/idp/sso/initiator?SPName=<SPName>&RequestURL=<RequestURL>" where:

If the RequestURL is fewer than 80 characters, the request processes successfully. If the RequestURL is 80 or more characters, then the request fails and end user is thrown an HTTP error code 400.

This is an example URL that will FAIL: http://identityprovider.DomainName:7003/saml2/idp/sso/initiator?SPName=WebSSO-SP-Partner-0&RequestURL=http://serviceprovider.DomainName/testapp/flow.html?_flowId=searchFlow

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.