We are using saml-plugin on our Jenkins instances to handle logins using Okta.  After the logins complete successfully we are expecting to be redirected back to the original requested URL however after a successful login Jenkins will redirect us to the base url.  

I was originally thinking this SamlSecurityRealm.calculateSafeRedirect() check might be failing and defaulting to the base url, however with Fine logging turned on I was able to see that redirectURL is being set to the "from" string.

I still think this is possibly a misconfiguration on our end.  Logins work, but will always redirect to the base url.  Any ideas for troubleshooting assistance?

Thanks!