Hi, Hoping you can give me some guidance on the config of the SAML module. We have configured the SAML module successfully for our app. The issue we're having is that the user are getting redirected to Login.html in some instances. This is then causing the login page to load on all subsequent attempts to access the the root URL. Here is the current setup: - Index.html - redirecting to /SSO/ with script for document.cookie commented out - Index3.html - copied from Index.html - script for document.cookie NOT commented out, no redirect - Login.html - no change - Sign out button removed from app SAML Module Constants: -BindingURI_Redirect = False -DefaultLoginPage=empty -DefaultLogoutPage=/SSO/ -SSOLandingPage=index3.html I'm guessing the script for document.cookie (below) is causing the issue but can't be sure. Any thoughts? Much appreciated <script> if (!document.cookie || !document.cookie.match(/(^|;)originURI=/gi)) document.cookie = "originURI=/login.html"; </script>
That login.html cookie is used to redirect users to whatever is set as 'originURI' after a user logs out or a session expires. This check is made every time a user hits index.html. Here is some more information on it: https://forum.mendix.com/link/questions/9231
This cookie should be automatically set by the SAML module itself. It is set in the SessionManager.java file to be equal to the /SSO/ value, so you don't need to set it in your index.html.
Thanks for the info Rob, that's now working as expected with the cookie script commented out.
While I have your attention could I ask you if it's possible to restrict access the index3.html page, we'd like all users to access via SSO only so don't want this page to offer a mendix login...
I tried using path based restriction on index3.html but that prevents the SSO working also.