Added redirectLimit session parameter to disable open redirect https://mirantis.jira.com/browse/PROD-23570 Change-Id: I8e76f64204cde49f3c15fd74341b0740adddfbca

commit: c8689c3d607d2857e8ff5aba28c083c1ae18e179 [log] [tgz]
author: Ihor Stehantsev <istegantsev@mirantis.com> Thu Oct 18 12:14:21 2018 -0700
committer: Martin Polreich <mpolreich@mirantis.com> Wed Nov 14 16:13:27 2018 +0000
tree: 60c8808c8290d2d70c08dffbd555ea73d2eba6c2
parent: ee0fcf2f5c008066a6586348c168fa47478a9df9 [diff]
diff --git a/shibboleth/files/shibboleth2.xml b/shibboleth/files/shibboleth2.xml
index 4036623..d7df71f 100644
--- a/shibboleth/files/shibboleth2.xml
+++ b/shibboleth/files/shibboleth2.xml

@@ -76,6 +76,7 @@
         <Sessions lifetime="{{ server.get('sessions', {}).get('lifetime', 28800) }}" timeout="{{ server.get('sessions', {}).get('timeout', 3600) }}"
                   relayState="{{ server.get('sessions', {}).get('relaystate', "ss:mem") }}"
                   checkAddress="{{ server.get('sessions', {}).get('checkaddress', "false") }}" handlerSSL="{{ server.get('sessions', {}).get('handlerssl', "false") }}"
+                  redirectLimit="{{ server.get('sessions', {}).get('redirectlimit', "host") }}"
                   cookieProps="{{ server.get('sessions', {}).get('cookieprops', "http") }}">
 
             <!--
commit	c8689c3d607d2857e8ff5aba28c083c1ae18e179	[log] [tgz]
author	Ihor Stehantsev <istegantsev@mirantis.com>	Thu Oct 18 12:14:21 2018 -0700
committer	Martin Polreich <mpolreich@mirantis.com>	Wed Nov 14 16:13:27 2018 +0000
tree	60c8808c8290d2d70c08dffbd555ea73d2eba6c2
parent	ee0fcf2f5c008066a6586348c168fa47478a9df9 [diff]