Symptoms
After end-user successfully performs SP initiated SAML SSO with a original request URI other then "/", SP will redirect user back to '/' as landing URI.
Impact
User is not redirected to original request URI.
Conditions
BIG-IP is used as SAML SP and no relay state is configured on either SP or IdP
Workaround
Workaround provided below works when first client request to BIG-IP as SP is 'GET'.
This workaround is not applicable when first client request is 'POST'.
SP object can be configured with relay state pointing to the landing URI: %{session.server.landinguri}
After successful authentication, end-user will be redirected to the landing URI (reflected back by IdP in the relay-state).
Fix Information
SAML SSO requests will now be redirected to the original request URI.
