I am implementing SSO where I am the Identity Provider, right now I am able to successfully log into the Service Provider. But it takes me to the home page. I want to specify the landing page URL when I post the response. Have searched quite a lot but could not find anything convincing. Do not quite know which element of the SAML response carries the Landing page URL or is the in the form that I have to specify. Using java and opensaml libraries to generate the response.
Though it is not in the SAML specs, a de-facto standard is to use the RelayState element for that. It is added as a parameter in the response in addition to the SAMLResponse parameter and value of the landing URL. Sample HTML page from http://en.wikipedia.org/wiki/SAML_2.0 for an IDP using the POST binding for the response:
<form method="post" action="https://sp.example.com/SAML2/SSO/POST" ...>
<input type="hidden" name="SAMLResponse" value="<response>" />
<input type="hidden" name="RelayState" value="<url>" />
...
<input type="submit" value="Submit" />
</form>
Edit:
Just to be clear, the RelayState parameter declaration is part of the specs and it is included to allow for passing arbitrary state between SP and IDP. Using it for passing a URL that defines the landing page is not defined in the spec but is de-facto standard usage. Any usage of RelayState in IDP-init-SSO would depend on a pair-wise agreement between IDP and SP and this is just an agreement that makes sense, is useful and thus has been widely adopted.
来源:https://stackoverflow.com/questions/28117725/sso-saml-redirect-a-user-to-a-specified-landing-page-after-successful-log-in