SAML1.1 Federation Service Do Not Properly Forward Query If Values Are Empty when acting as Identity Provider

(Doc ID 2326906.1)

Last updated on DECEMBER 11, 2017

Applies to:

Oracle WebLogic Server - Version 12.1.3.0.0 and later
Information in this document applies to any platform.
SAML 1.1 working as Source Site

Symptoms

Original parameters sent to source site are not forwarded to destination site  once Authentication takes place. Parameters should be preserved, and sent back to Service Provider.

The issue can be reproduced at will by accessing application at destination site, providing parameters on request. We can see that when WLS is acting as source and upon authenticating, it is simply forgetting to pass a parameter (param) that comes empty. For example for below request:


Due to this issue, users cannot utilize the application as the rely upon those parameters for application behavior.

Changes

 

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms