--- loncom/auth/lonshibauth.pm	2021/06/22 16:56:35	1.5
+++ loncom/auth/lonshibauth.pm	2021/09/21 22:54:26	1.6
@@ -1,7 +1,7 @@
 # The LearningOnline Network
 # Redirect Shibboleth authentication to designated URL (/adm/sso).
 #
-# $Id: lonshibauth.pm,v 1.5 2021/06/22 16:56:35 raeburn Exp $
+# $Id: lonshibauth.pm,v 1.6 2021/09/21 22:54:26 raeburn Exp $
 #
 # Copyright Michigan State University Board of Trustees
 #
@@ -74,8 +74,11 @@ use LONCAPA qw(:DEFAULT);
 sub handler {
     my $r = shift;
     my $target = '/adm/sso';
+    if (&Apache::lonnet::get_saml_landing()) {
+        $target = '/adm/login';
+    }
     my $uri = $r->uri;
-    if (($r->user eq '') && ($uri ne $target)) {
+    if (($r->user eq '') && ($uri ne $target) && ($uri ne '/adm/sso')) {
         my $lonhost = $Apache::lonnet::perlvar{'lonHostID'};
         my $hostname = &Apache::lonnet::hostname($lonhost);
         if (!$hostname) { $hostname = $r->hostname(); }
@@ -88,10 +91,8 @@ sub handler {
         if ($ENV{'QUERY_STRING'} ne '') {
             $dest .= '?'.$ENV{'QUERY_STRING'};
         }
-        if ($uri ne '/adm/roles/') {
-            unless ($ENV{'QUERY_STRING'} =~ /origurl=/) {
-                $dest.=(($dest=~/\?/)?'&':'?').'origurl='.$uri;
-            }
+        unless (($uri eq '/adm/roles') || ($ENV{'QUERY_STRING'} =~ /origurl=/)) {
+            $dest.=(($dest=~/\?/)?'&':'?').'origurl='.$uri;
         }
         $r->header_out(Location => $dest);
         return REDIRECT;