RelayState truncated in SAML 2.0 POST

Document ID : KB000023036
Last Modified Date : 14/02/2018
Show Technical Document Details

Issue: The data in RelayState parameter appears to be truncated while posting the assertion along with RelayState to the assertion consumer service.

Environment: CA Single Sign On (all versions that includes Federation)

Cause: The data in the RelayState parameter is not URL-encoded when Service Provider (SP) initiates SSO request to the Identity Provider (IDP). As a result, the RelayState parameter value gets truncated when IDP posting the assertion along with non URL-encoded RelayState to SP.

Resolution: The data in the RelayState parameter must be URL-encoded when SP sends the SSO request to ISP.