My Oracle Support Banner

WebLogic Generates a Malformed SAML2 HTTP Redirect URL when the IdP EndPoint Contains Query Parameters (Doc ID 2057110.1)

Last updated on AUGUST 17, 2023

Applies to:

Oracle WebLogic Server - Version 10.3.6 and later
Information in this document applies to any platform.
Identity Provider (IdP) configured with HTTP Redirect Binding
Identity Provider (IdP) End Point configured with Query Parameters.


When a SAML2 Identity Provider (IdP) is configured with an HTTP Redirect Binding which includes Query Parameters as part of its End Point Location, WebLogic will generate a malformed Redirect request including double question marks. The browser receiving the HTTP response with the incorrect redirect location will fail as the server will not understand the Location received in the new request.

For example, when the IdP metadata file contains


Notice from the above, the URL contains a question mark in SSO?param1=value1 and on the same string it will have another question mark in ?SAMLRequest



 The IdP HTTP Redirect Binding has been configured to include parameters in its End Point Definition


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.