[ https://issues.apache.org/jira/browse/FEDIZ-220?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Colm O hEigeartaigh closed FEDIZ-220. ------------------------------------- > http 400 when logout with redirect to constraint > ------------------------------------------------ > > Key: FEDIZ-220 > URL: https://issues.apache.org/jira/browse/FEDIZ-220 > Project: CXF-Fediz > Issue Type: Bug > Components: Plugin > Affects Versions: 1.4.3 > Reporter: Arnaud MERGEY > Assignee: Colm O hEigeartaigh > Priority: Major > Fix For: 1.4.5 > > > I would like to redirect to a page after logout from a SAML authentication > with tomcat plugin. > I have added this in my fediz_config.xml > > {code:java} > <logoutRedirectToConstraint > type="String">.*logout.do.*</logoutRedirectToConstraint> > {code} > > Then when I logout, instead of being redirected as expected I have an http > 400 because the redirec url (/mycontext/logout.do?display=2) is url encoded > and becomes not valid (because of / and ?). > I looked in the code and it seems to me the issue is here > org.apache.cxf.fediz.core.handler.LogoutHandler.signoutCleanup(HttpServletRequest > request, HttpServletResponse response) > line 114 > {code:java} > response.sendRedirect(URLEncoder.encode(wreply, "UTF-8")); > {code} > should be replaced with > {code:java} > response.sendRedirect(response.encodeRedirectURL(wreply); > {code} -- This message was sent by Atlassian JIRA (v7.6.3#76005)