- First commit to issue fork.
- Merge request !30Issue #3289683 Add _access parameter to saml_login path - update 4.x branch. β (Open) created by brooke_heaton
- Status changed to Needs work
12 months ago 6:12pm 19 April 2024
If a user who has successfully authenticated subsequently visits the /saml_login route, they will be sent to the site's 403 page.
Although there is no reason that authenticated users *need* to navigate to the URL, our customers have reported that users do so, perhaps because they have bookmarked that as their 'landing page' for the site.
This behavior of the 403 contrasts with the behavior of core Drupal behavior, where if an authenticated user navigates to /user/login, they will be redirected to their /user/[id] route.
1. Sign in with SAML.
2. Navigate to /saml_login.
3. You will see a 403 response.
Match the behavior of Drupal core by redirecting authenticated users who visit /saml_login to their /user/[id] route.
diff --git a/simplesamlphp_auth.routing.yml b/simplesamlphp_auth.routing.yml
index 5fe63b3..3042ed6 100644
--- a/simplesamlphp_auth.routing.yml
+++ b/simplesamlphp_auth.routing.yml
@@ -24,7 +24,7 @@ simplesamlphp_auth.saml_login:
defaults:
_controller: '\Drupal\simplesamlphp_auth\Controller\SimplesamlphpAuthController::authenticate'
requirements:
- _user_is_logged_in: 'FALSE'
+ _access: 'TRUE'
options:
_maintenance_access: TRUE
no_cache: TRUENeeds work
4.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.