--- loncom/auth/lonshibauth.pm	2012/03/05 20:51:29	1.1
+++ loncom/auth/lonshibauth.pm	2021/06/22 16:56:35	1.5
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Redirect Shibboleth authentication to designated URL (/adm/sso).
 #
-# $Id: lonshibauth.pm,v 1.1 2012/03/05 20:51:29 raeburn Exp $
+# $Id: lonshibauth.pm,v 1.5 2021/06/22 16:56:35 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -67,18 +67,32 @@ package Apache::lonshibauth;
 
 use strict;
 use lib '/home/httpd/lib/perl/';
-use Apache::Constants qw(:common);
+use Apache::lonnet;
+use Apache::Constants qw(:common REDIRECT);
 use LONCAPA qw(:DEFAULT);
 
 sub handler {
     my $r = shift;
     my $target = '/adm/sso';
-    if (($r->user eq '') && ($r->uri() ne $target)) {
-        my $dest = &Apache::lonnet::absolute_url($r->hostname()).$target;
+    my $uri = $r->uri;
+    if (($r->user eq '') && ($uri ne $target)) {
+        my $lonhost = $Apache::lonnet::perlvar{'lonHostID'};
+        my $hostname = &Apache::lonnet::hostname($lonhost);
+        if (!$hostname) { $hostname = $r->hostname(); }
+        my $protocol = $Apache::lonnet::protocol{$lonhost};
+        unless ($protocol eq 'https') { $protocol = 'http'; }
+        my $alias = &Apache::lonnet::use_proxy_alias($r,$lonhost);
+        $hostname = $alias if ($alias ne '');
+        my $dest = $protocol.'://'.$hostname.$target;
         $r->subprocess_env;
         if ($ENV{'QUERY_STRING'} ne '') {
             $dest .= '?'.$ENV{'QUERY_STRING'};
         }
+        if ($uri ne '/adm/roles/') {
+            unless ($ENV{'QUERY_STRING'} =~ /origurl=/) {
+                $dest.=(($dest=~/\?/)?'&':'?').'origurl='.$uri;
+            }
+        }
         $r->header_out(Location => $dest);
         return REDIRECT;
     } else {