Adobe Experience Manager Sites & More

tatrived · 4/4/24

Hi,

I need to add relaystate property so should I add property "saml.sp.use.relaystate": true in SAML Authentication Handler configuration file

com.adobe.granite.auth.saml.SamlAuthenticationHandler~okta.saml.cfg.json:
......

"addGroupMemberships": true,

"defaultGroups": ["administrators"],

"saml.sp.use.relaystate": true

}

or should i add in

userAuthService.java:
...............................

boolean useRelayState = true;

@ObjectClassDefinition(name = "dCloud UserAuthService Config", description = "OSGi Service providing UserAuthService config")

@interface Config {

@AttributeDefinition(name = "Login Redirection Path", description = "Login Redirection Path")

String loginRedirectionPath() default "xxx";

@AttributeDefinition(name = "Forbidden Path", description = "Forbidden Path")

String forbiddenPath() default "/en/forbidden.html";

boolean useRelayState() default true;

}

@Activate

protected void activate(Config config) {

loginRedirectionPath = config.loginRedirectionPath();

forbiddenPath = config.forbiddenPath();

useRelayState = config.useRelayState();

}

let me know which one is correct?

Thanks in advance

EstebanBustamante · 4/4/24

Hi,

It depends on how you want to configure your SAML setup.

Option 1 will limit your configurations to a specific scope. Typically, the OSGi configuration will be associated with a specific RUNMODE and a particular SAML configuration, such as Okta in your case.

On the other hand, Option 2 defaults the configuration for any other SAML implementation. This means that if you add a new SAML configuration, it will inherit the default configuration you've set up.

Hope this helps.

Esteban Bustamante

View solution in original post

EstebanBustamante · 4/4/24

Hi,

It depends on how you want to configure your SAML setup.

Option 1 will limit your configurations to a specific scope. Typically, the OSGi configuration will be associated with a specific RUNMODE and a particular SAML configuration, such as Okta in your case.

On the other hand, Option 2 defaults the configuration for any other SAML implementation. This means that if you add a new SAML configuration, it will inherit the default configuration you've set up.

Hope this helps.

Esteban Bustamante

arunpatidar · 4/8/24

Hi @tatrived

Did you find the suggestions from users helpful? Please let us know if more information is required. Otherwise, please mark the answer as correct for posterity. If you have found out solution yourself, please share it with the community.

Arun Patidar

diveshSoni · 6/28/24

I tried to use "saml.sp.use.relaystate": true for relay state redirection but it is not working. Post Authentication the user is landing on the home page of the application despite relay state being present in the URL. Any additional configuration is needed?

Adobe Experience Manager Sites & More

Add relay state config in SAML

Esteban Bustamante

Esteban Bustamante

Arun Patidar

Learn

Documentation

Community

Support

Resources

Adobe account

Adobe