Expand my Community achievements bar.

Why does AEM 6.5 not redirect to original requested page after SAML Auth


Level 2

I am working with AEM 6.5 and have implemented SAML AuthN using Okta as my IdP.


I added the OSGi, configured Okta and extended the AuthenticationInfoPostProcessor, all appears to be working.


The auth process flow is as follows:

siteA.com/some/protected/page.html -> (redirect to) okta.com -> POST siteA.com/saml_login -> GET siteA.com/some/protected/page.html

All of that works great, now i add another site siteB and here is what happens with that one.

siteB.com (all pages are protected) -> (redirect to) okta.com -> POST siteA.com/saml_login -> GET siteA.com


Okta is intentionally configured to use an endpoint on siteA as that is my main site and okta for SAML login only supports a single redirect URL.


Is this some issue with cookies not being available for the postProcess?
Is there a way i can resolve this?


So, i think this is a cookie issue. Since my postProcess is on siteA any cookies set by siteB are not sent to siteA after Okta login (specifically the saml_request_path), given that my sites are at 2 different top-level domains, what options do i have?

Also, is there an interface that I can implement to run code BEFORE the okta redirect?
e.g. siteA.some/protected/page.html -> (run some server side code before redirect) -> Okta...

2 Replies


Community Advisor

Can you try to set saml_request_path cookie with the landing page when the login is clicked and see? 





Level 2

There is no login button or landing page, the entire site requires authentication.