症状

Upon successful login, the server does not redirect the page to the destination but instead redirects back to the the user's customised homepage. The following appears in the atlassian-confluence.log:

2010-05-05 08:24:24,992 WARN [WebContainer : 1159\] [atlassian.seraph.filter.BaseLoginFilter\] redirectToOriginalDestination 
Redirect request to 'http://confluence.company.com/display/somespace/somepage' is not allowed. Will send user to the context 
root instead.

原因

In some installation instances, Confluence may be configured to run under different hostname aliases. For example, the server URL might be configured as:

http://confluence.local.intranet

In some network and DNS configurations, the server may be reachable via a different alias. For example:

http://confluence.company.com

The server base URL in this example is http://confluence.local.intranet. The user is given a direct URL: http://confluence.company.com/display/somespace/somepage. As the user is not authenticated, the server will redirect to the login page.
The default configuration for Confluence (which does not allow different base URLs) is designed to prevent malicious users from constructing URLs that would redirect to an external website after login.

回避策

The workaround is to modify the <confluence-install>/confluence/WEB-INF/classes/seraph-config.xml file and add in a redirect-policy configuration under 'security-config':

<security-config>

.....

    <redirect-policy class="com.atlassian.seraph.config.DefaultRedirectPolicy">
         <init-param>
          <param-name>allow.any.redirect.url</param-name>
           <param-value>true</param-value>
         </init-param>
   </redirect-policy>

</security-config>

This will override the security settings and will allow redirects to any URL external to the default context.

ソリューション

Confluence currently does not support access via multiple domains. See CONF-19006 for a related feature request.