UserService.createLoginURL creates the URL in such a way that the second and third parameters in the destinationURL are lost

I have a simple Java application on GAE with authentication set to federated login.

I have two JSP's

home.jsp is a JSP that doesn't have security constraints mypage.jsp is a JSP that has security constraints as shown at the bottom.

On home.jsp I create a login url using:

userService.createLoginURL("/mypage.jsp?p1=a&p2=b&p3=c", null,
"gmail.com",  new HashSet<String>());

this results in creation of url that looks like this:

http://www.mydomain.com/_ah/login_redir?claimid=gmail.com&continue=http://www.mydomain.com/mypage.jsp?p1=a&p2=b&p3=c

Once the user clicks this url, he is directed to the google page for login. After the user logs in he is redirected to mypage.jsp, only p1 is available, p2 and p3 are lost.

<security-constraint>
       <web-resource-collection>
               <web-resource-name>mypage</web-resource-name>
               <url-pattern>/mypage.jsp</url-pattern>
       </web-re开发者_JS百科source-collection>
       <auth-constraint>
           <role-name>*</role-name>
       </auth-constraint>
</security-constraint>

I would try to Urlencode the & in the landing url; something like this:

mypage.jsp?p1=a%26p2=b%26p3=c

if it does not work, Urlencode all the url.

I've had the same problem and i managed to fix it by replacing & with %2526 not with %26

destination_url = destination_url.replaceAll("&","%2526");
userService.createLoginURL(destination_url,null,provider, new HashSet<String>());