Security

go to a specific page after SSO login

alecools
Engager

Hi

I find it hard to summarise the issue, but the scenario is described as below, any help is appreciated.

If I try to open a Splunk dashboard while not authenticated, e.g. https://mysplunk.com/en-US/app/myapp/search, I would get a login page, and in the URL it will contain a return_to parameter like this: https://mysplunk.com/en-US/account/login?return_to=%2Fen-US%2Fapp%2Fmyapp%2Fsearch. And after login, i will be brought directly to the dashboard requested.

However, for my Splunk instance, which is configured to use SAML SSO with OpenAM, whatever address i request, after authentication via SSO, it will always redirect me to the home page.

The only conf which I suspect may cause this is in authentication.conf:
idpSSOUrl = https://sso.server/openam/saml2/jsp/applogin.jsp?relay=https://mysplunk.com/en-US/saml/acs

Is there any way i can imitate the same behaviour as the return_to parameter in a normal login scenario with SAML SSO?
Please let me know if you'd like to see any additional conf details.

Thank you

Tags (2)
0 Karma

sivagct
Explorer

How did you fix this? please share. Facing the problem after we swtiched from LDAP to SAML SSO. It always redirects to the home page after authentication not to the actual page.

0 Karma

rdimri_splunk
Splunk Employee
Splunk Employee

Your idpSSOUrl is incorrect. It should not have query parameter in it.
Typically it will be something like https://someDomainName/someEndPoint

Get Updates on the Splunk Community!

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...

They're back! Join the SplunkTrust and MVP at .conf24

With our highly anticipated annual conference, .conf, comes the fez-wearers you can trust! The SplunkTrust, as ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had two releases of new security content via the Enterprise ...