Federated User Redirected to HTTP Instead of HTTPS After Assertion-based Authentication