--- loncom/auth/lonshibauth.pm	2021/05/04 18:47:37	1.4
+++ loncom/auth/lonshibauth.pm	2021/06/22 16:56:35	1.5
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Redirect Shibboleth authentication to designated URL (/adm/sso).
 #
-# $Id: lonshibauth.pm,v 1.4 2021/05/04 18:47:37 raeburn Exp $
+# $Id: lonshibauth.pm,v 1.5 2021/06/22 16:56:35 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -74,7 +74,8 @@ use LONCAPA qw(:DEFAULT);
 sub handler {
     my $r = shift;
     my $target = '/adm/sso';
-    if (($r->user eq '') && ($r->uri() ne $target)) {
+    my $uri = $r->uri;
+    if (($r->user eq '') && ($uri ne $target)) {
         my $lonhost = $Apache::lonnet::perlvar{'lonHostID'};
         my $hostname = &Apache::lonnet::hostname($lonhost);
         if (!$hostname) { $hostname = $r->hostname(); }
@@ -87,6 +88,11 @@ sub handler {
         if ($ENV{'QUERY_STRING'} ne '') {
             $dest .= '?'.$ENV{'QUERY_STRING'};
         }
+        if ($uri ne '/adm/roles/') {
+            unless ($ENV{'QUERY_STRING'} =~ /origurl=/) {
+                $dest.=(($dest=~/\?/)?'&':'?').'origurl='.$uri;
+            }
+        }
         $r->header_out(Location => $dest);
         return REDIRECT;
     } else {