Comment 6 for bug 688395

Hi -
Thanks for looking into this problem - this is much easier to fix in Moodle than Mahara as Moodle already has the concept of wantsurl built into the authentication system.

I have committed a hybrid fix to HEAD that will preserve a wantsurl query string parameter throughout the saml authentication redirection process, based on what is initially stuffed in the session relating to simplesamlphp. Incidentally, this is where all the grief comes from with saml and sessions as, the session management scheme configured for ssphp, is not necessarily the same as for mahara, and there is an added complication of ssphp registered shutdown handlers.

So - if a user goes to http://mahara.local.net/maharadev/auth/saml/?wantsurl=http://mahara.local.net/maharadev/user/view.php... then they will end up at http://mahara.local.net/maharadev/user/view.php... after loggin in.

I realise that this is not a complete solution as wantsurl is not being automatically determined by the initial access attempt (eg. goto http://mahara.local.net/maharadev/user/view.php?id=2 but get the login to Mahara screen), but there is another step that needs to be resolved here, in that the default login screen needs to detect that the user is not logged in and have the capacity to offer a 'click here to login via SSO' link(plugin would need to calculate this link), or completely override the login challenge screen and redirect to /auth/saml (don't like this option as SAML should not be the only auth mechanism available - need a backup option..).

Cheers,
Piers Harding.