When using our Multi SSO plugin, if an unauthenticated user makes a request to a URL that contains a Javascript function as part of the query string, it will not be encoded correctly in the relay state parameter for the subsequent request, which causes an incorrect redirection.

E.g.: If the multi SSO provider service URL contains java script or characters that cause delays

If unauthenticated, this request will redirect to / and display the message,

"Security constraints prevent access to requested page"

Steps to Reproduce


  1. Setup your instance with our Multi SSO plugin
  2. Log in using SSO (at least once to allow a cache of the glide_sso_id cookie on your browser)
  3. Log out of the instance.
  4. Open the URL https://<instance_name>

In some cases, you will note the redirection to /, instead of the IdP login page


Set the sys_properties glide.authenticate.external.use_redirect_page to false. Please create if it does not exist.

System Property name: glide.authenticate.external.use_redirect_page
System Property type: true|false
System Property value: false

Related Problem: PRB1265474

Seen In

Jakarta Patch 8

Fixed In

Jakarta Patch 10
Kingston Patch 7

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2019-07-19 08:36:20