Redirection issue with Issue SAML + ForceAuthn=true + Kerberos authentication
The setup:
- IDP SAML2
- Auth combination Kerberos + LDAP
- SAML SP using ForceAuthn=true
When we have a request from the SP, we are redirected to the upgrade session screen (expected, as the SP set ForceAuthn=true), but after clicking on the upgrade session button, we are redirected back on the portal instead of the SP.
Result: logging on the SP is impossible.
The only workaround is to ignore the ForceAuthn flag, either by creating a hook on the SAML AuthnRequest, either by modifying portalForceAuthnInterval to set the same value as the session timeout.