SAML1.1 Federation Service Do Not Properly Forward Query If Values Are Empty when acting as Identity Provider
Last updated on DECEMBER 11, 2017
Applies to:Oracle WebLogic Server - Version 18.104.22.168.0 and later
Information in this document applies to any platform.
SAML 1.1 working as Source Site
Original parameters sent to source site are not forwarded to destination site once Authentication takes place. Parameters should be preserved, and sent back to Service Provider.
The issue can be reproduced at will by accessing application at destination site, providing parameters on request. We can see that when WLS is acting as source and upon authenticating, it is simply forgetting to pass a parameter (param) that comes empty. For example for below request:
Due to this issue, users cannot utilize the application as the rely upon those parameters for application behavior.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms