-
Notifications
You must be signed in to change notification settings - Fork 153
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] SAML login nextUrl drops URL hash #831
Comments
The problem is more complicated than this. I build my own version that include the hash part. |
Looks like a duplicate of #543 |
Elasticsearch Kibana solved this by redirecting to a capture-url-fragment page first, which gets the url fragment and returns that back to server, and only then does it build the SAML redirect url. Captured and included a har file that showcases this. |
This seems like a general issue. The same happens when OpenID is used. The Also enabling Similar issue #926. After security dashboard plugin is enabled, the usability of OpenSearch Dashboards suffers a lot, as the end users do not understand, why they are redirected to unexpected locations after re-login. |
Thanks for commenting on this issue, there is a pull request to save the hash from the url on redirect, #1001 that I believe would address this issue as well as several impacted by the same root cause. |
This looks like it was successfully backported/released for 2.2, closing |
Describe the bug
OpenSearch Dashboards encodes useful state in the
hash
component of the URL, for example:Currently, the SAML component's
nextUrl
builder includesurl.path
but omitsurl.hash
, dropping this state. This creates a problem when sharing links to a particular view without first creating a shortlink, in that the state of that view is lost. For the example above, the redirect would be:and after authentication, the user would land at:
With no preselected columns.
Expected behavior
I believe the user expect to be redirected back to the exact URL, including hash, as they were at before the authentication redirect. I believe it would be preferable to include
url.hash
, so thenextUrl
would become:Additional context
security-dashboards-plugin/server/auth/types/saml/saml_auth.ts
Line 57 in afd6497
The text was updated successfully, but these errors were encountered: