Bug reproduction:
- Custom single sign on is used and it’s working fine.
- Generated a direct record link in email notification (e.g. domain/index.php?module=Leads&return_module=Leads&action=DetailView&record=XXXXXXXXXX) but when user clicked on the link, the browser unable to go to the record page after login.
- Checking the url and it seems the parameter in the URL has lost.
Solution:
In include\MVC\SugarApplication.php in loadUser() function, the login_XXXXX parameter was dropped when redirect was called and needs to be added back in.
if (isset($_SESSION['authenticated_user_id'])) {
// set in modules/Users/Authenticate.php
if (!$authController->sessionAuthenticate()) {
// if the object we get back is null for some reason, this will break - like user prefs are corrupted
$GLOBALS['log']->fatal('User retrieval for ID: (' . $_SESSION['authenticated_user_id'] . ') does not exist in database or retrieval failed catastrophically. Calling session_destroy() and sending user to Login page.');
session_destroy();
**$loginVars = $this->createLoginVars();**
** SugarApplication::redirect('index.php?action=Login&module=Users' . (empty($loginVars) ? '' : $loginVars));**
die();
}//fi
} elseif (!($this->controller->module == 'Users' && in_array($this->controller->action, $allowed_actions))) {
session_destroy();
**$loginVars = $this->createLoginVars();**
** SugarApplication::redirect('index.php?action=Login&module=Users'. (empty($loginVars) ? '' : $loginVars));**
die();
}
In the SAML2Authenticate.php, the following code is added to the redirectToLogin() function:
//check whether there is a login redirect
$redirectVars = array('module', 'action', 'record');
foreach ($redirectVars as $var) {
if (!empty($_REQUEST['login_' . $var])) {
$ret[$var] = $_REQUEST['login_' . $var];
}
}
if (!empty($ret)) {
SugarApplication::redirect($app->getLoginRedirect());
} else {
SugarApplication::redirect('index.php?module=Users&action=LoggedOut');
}
I hope this helps anyone has issue on the direct link with saml login.