search cancel

AWI corrupts URLs following SAML redirection

book

Article ID: 256021

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine

Issue/Introduction

We use saved AWI URLs to facilitate easy login and navigation to specific resources in the Automation Engine. There is a problem with the way AWI handles URLs. This problem happens only when the user is not already logged in, and when SAML authentication is in use.

Non-error condition

The user is already logged in to the AWI.

The user clicks on the URL:

https://awi.domain.com/?system=UC4_PROD&client=0120&department=CORP&logintype=SAML&autologin=true#UC4_PROD:[email protected]/explorer&folder=1001001

The AWI navigates to the specified folder, and the URL in the browser's location bar remains unchanged.

 

Error condition

The user is not already logged in to the AWI.

The user clicks on the URL:

https://awi.domain.com/?system=UC4_PROD&client=0120&department=CORP&logintype=SAML&autologin=true#UC4_PROD:[email protected]/explorer&folder=1001001

The AWI authenticates the user via SAML through a series of redirects. After this, the AWI navigates to the specified folder, but changes the URL in the browser's location bar to:

https://awi.domain.com/awi#UC4_PROD:[email protected]/explorer&folder=1001001

The problem appears to happen only as a result of the multiple redirects that take place during SAML authentication.

The problem may seem like a small one, but it is actually quite a nuisance. Once the URL has been corrupted, all subsequent URLs in that browser window will be similarly corrupted. For instance AWI system parameters that facilitate automatic login are removed from the URL. This means that any URLs that the user saves and uses later will not automatically log the user in.

Environment

Release : 21.x

Component: Automic Web Interface (AWI)

Context: Usage of SAML for SSO

Cause

Defect introduced in 21.x versions, working fine on versions 12.3.x

Resolution

Solution:
Update to a fix version listed below or a newer version if available.

Fix version:
Component(s):  Automic.Web.Interface (AWI)
Will be fixed in Automation.Engine 21.0.5 - Planned release February 2023

Additional Information

Solution Details:

A problem was solved where AWI generated corrupted URLs during SAML login.