Shibboleth SP/Windows 7/Tomcat- Website authenticates with IdP on every new page

Cantor, Scott cantor.2 at osu.edu
Wed Oct 10 18:35:24 EDT 2012


On 10/10/12 6:18 PM, "Chris Glaubig" <cglaubig at imedris.com> wrote:

>Just about everything seems to be working with Shibboleth how I want it
>to.
> 
>The only exception is that whenever I navigate to a new page, I am being
>directed back to the IdP and then redirected back to the page that I
>originally navigated to.

Looping is the usual result if there's a problem recovering the session
cookie because when it does the final redirect back to the resource, that
step fails. What you're describing doesn't fit that because you're getting
the resource once and then hitting something else.

I would still say that I guess you'd have to check all the logs to see
what its behavior internally is with regard to the session. Particularly
native.log

>I was expecting that I would authenticate once, and then a cookie would
>be generated for the timeout period of time, during which I would not
>need to talk to the IdP server.

That is how it works.

> 
>Can anybody point me in the right direction as to why this happens?

I don't know offhand how one would get the behavior you're describing. It
isn't really physically possible with anything close to a default
configuration.

The one case I guess would be if your client IP address were changing per
request.

-- Scott




More information about the users mailing list