Target URL Containing Tilde Character Is Truncated During Federated SSO With OAM-OIF SP Integration (Doc ID 2008242.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Identity Federation - Version 11.1.1.7.0 and later
Oracle Access Manager - Version 11.1.1.7.0 and later
Information in this document applies to any platform.

Symptoms

Oracle Access Manager (OAM) 11.1.1.7 is integrated with Oracle Identity Federation (OIF) 11.1.1.7 as Service Provider.

Users receive emails containing "deep links" that trigger SP-initiated SSO for access to OAM-protected application pages.

This is working for most application URLs. However if the application URL has the tilde ~ character in the path then OAM removes all characters in the URL after the ~ character.

This may either cause an OAM System Error or may cause the OAM-protected application to generate an error e.g. HTTP-404 Not Found since it is not a valid application URL.

Example URL:

http://sp.domain.com:7499/fed/sp/initiatesso?providerid=http://idp.domain.com:8080/sp/token&returnurl=http%3A%2F%2Fsp.domain.com%3A7777%2Fcs%2Fgroups%2Fmygroup%2Fdocuments%2Fdocument%2Fmdaw%2Fmdaw%2F%7Eedisp%2F1.xml

The original URL-encoded returnurl value is:

http://sp.domain.com:7777/cs/groups/mygroup/documents/document/~edisp/1.xml

After IdP login OAM redirects the user back to:

http://sp.domain.com:7777/cs/groups/mygroup/documents/document

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms