After successful user authentication, this URL is called. You can use this URL to configure a location where SSL client-based authentication with the enrolled X.509 certificate is required, for example, in the SAP Enterprise Portal. Choose the action Redirect to URL and enter the relevant URL in the mandatory field. NavigationService.redirect: recieved exception when calling to redirectors with URL (null result is returned from redirect) EXCEPTION javax.naming.NamingException: The old URL is null at com.sap.portal.ivs.global.navigation.connector.NavigationRedirector.redirect. You have logged off: Copyright © SAP AG. All Rights Reserved.
HTTP redirects are an everyday thing when it comes to visiting websites, mostly used in the form of URL redirections. Although HTTP redirects in API consumption are not as massive, they are still frequent. In this blog we will review, redirections in sender and receiver scenarios.
Just append the url to the GET string and redirect based off that. UPDATE: As mentioned in the comments, it is probably a good idea to restrict the redirect from the GET parameter to only work for domain-less relative links, refuse directory patterns (./), etc. This parameter is used to define an HTTP redirect (301). If the client attempts to access the URL in question, the server sends a redirect. This forces the client to access the new destination instead.
A little background
HTTP redirections are used for different purposes: to load balancing, to maintain backward compatibility, whilst a maintenance work is being done, etc. To a request, the server will respond with a 3XX HTTP code accompanied by a “Location” header, which is the new URL to be accessed.
There is a large list of precautions before following redirections: validation of cyclical calls, redirections to unencrypted sites, malicious redirections, method used, and so on. Due to these caveats, it is not surprising that CPI by default does not follow the redirects and instead, throws an exception (in fact, there is a escalation event, that allows you to classify this error for a consumer of alerts). Then, what if you -need- to follow a redirection? (side-note: as CPI is constantly evolving, this could be enabled directly by SAP in a future release)
Url Redirect Iis
1.- Following a redirection
In apache Camel, is not difficult to include and configure a clientConfig option for the AHC component. This configuration, will allow us to enable the redirections. However, I must confess that I couldn’t manage to configure this in CPI, as the communication channels temporarily overwrite the “CamelHttpQuery” header prior to a request execution. (If you have an idea, leave it in the comment section!)
Is there any workaround? Yes. For instance, it is possible to write a groovy script and handle the redirections there. The following script should follow a redirection. Please, consider this a simple/reference snippet as you should include the considerations given by the HTTP standard. Also, the used class (HttpURLConnection) also has features to deal with redirections.
In my proof of concept, I’m using this script during the exception raised by CPI.
Original exception:
iFlow with the exception subprocess, using the script:
For my own testings, I’ve created a quick-n-dirty redirector app in NodeJs, you can download it from the following GitHub repository
2.- Redirecting from CPI
The early days of the then called “HCI” are now behind us… and in their passing, their left us with a naming conventions mess (with a few honorable exceptions and definitely not me!). A use case of HTTP redirections is to use them to correct and normalise endpoints while maintaining compatibility. (Assuming that the clients are able to handle redirections!)
An over simplified redirection implementation, simply requires to return an HTTP code 3XX and the target Location. You can create you own groovy script to analyse things such us the http method, the path, etc. The following iFlows returns the code and location set by a content modifier and as a result, the client is redirected to a different iFlow:
As a result, Postman is being redirected and it consumed both iFlows:
Note the HTTP code: 200, this is the code provided by the second iFlow. On the other hand, by changing the default behaviour of Postman, is possible to ignore redirections. In this case, the second iFlow is not being called:
For more information, have a look into the HTTP standard:
And this easy to read documentation:
Symptom
How to change the redirect URLs for Single Sign On?
Environment
Resolution
When you enable Single Sign On on your instance, you have 5 scenarios where you can set a redirect URL:
- When users do logout
- When there is a session timeout
- When there is an invalid login
- When missing credentials
- When there is an invalid manager
These settings are done in Provisioning, in the Single Sign On page. The default value of this redirections is null. SAP has a list with all the default pages that our customers can use, in case you don't have any particular page to set for this. You can check all these URLs for each DC in this KBA: Default Redirect URLs for Single Sign On.
To change these redirect URL:
- If you have IAS implemented and access to the Manage SAML SSO Settings:
You can access the Manage SAML SSO Settings in 'Admin Center' > 'Tools' > 'SAML 2.0 Single Sign On' and change the URL as described on KBA 2569087
OR
Url Redirect Checker
- If you do not have access to the Manage SAML SSO Settings:
Sap Redirect Url Is Null Hypothesis
You need to have access to Provisioning. Considering that only Support and Implementation Partners have access to Provisioning, to change these URLs you need to contact your partner or create an incident to Support (under component LOD-SF-PLT)
See Also
2278269 - [SSO] Default Redirect URLs for Single Sign On
Keywords
Redirect URL, SSO, Single Sign On, URL, Logout, Session Timeout, Invalid Login, Missing Credentials, Invalid Manager , KBA , LOD-SF-PLT-SAM , SAML SSO First Time Setup , How To