windows SP looping

Guenther, Dean R. guenther at wsu.edu
Wed Oct 11 15:36:49 EDT 2017 

Chris, that was the answer. I added cookieProps=”https” and it started working.
Thanks for your help – Dean




Dean Guenther                          dean.guenther at wsu.edu<mailto:dean.guenther at wsu.edu>
Washington State University    Phone:    509 335-0433
Pullman, WA. 99164-1222        fax:      509 335-0540
Identity and Access Management Manager


From: users <users-bounces at shibboleth.net> on behalf of Chris Andre <candre at overtsoftware.com>
Reply-To: Shib Users <users at shibboleth.net>
Date: Wednesday, October 11, 2017 at 1:11 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: windows SP looping

Hello Dean,

The main time I have seen this its been due to the fact that the URL that is protected with shibboleth i.e dev-sp.it.wsu.edu/secure<http://dev-sp.it.wsu.edu/secure> isn't being accessed over https. For example users are going to http://dev-sp.it.wsu.edu/secure instead of https://dev-sp.it.wsu.edu/secure.

So first thing to check would be that your accessing the site over https for the location that is protected by shibboleth.

As an aside it maybe easier to just set your cookieprops to https so i.e: cookieProps="https" if your using V2.5+

Not sure if you have seen this page here that goes over some more common issues with SP Looping: https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPLooping<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.shibboleth.net_confluence_display_SHIB2_NativeSPLooping&d=DwMFaQ&c=C3yme8gMkxg_ihJNXS06ZyWk4EJm8LdrrvxQb-Je7sw&r=HKqTjFC6RK9VgYzstvO52Q&m=2OCGMFrVzok3VMr8xkq1wFOmn9fAsU2jshIknqpKGT0&s=udN4oZI3Wl-r8krhUhSjfx0dSZJwEwzZvwDDrZHI2Oc&e=>

Thanks

Kindest Regards

Chris



On 11 October 2017 at 00:41, Guenther, Dean R. <guenther at wsu.edu<mailto:guenther at wsu.edu>> wrote:
I’m having a problem with setting up my first Windows SP. The IdP has been in service for several years. I can call a service on the SP (called “secure”) and I see it redirect properly to the IdP. I can successfully enter my Network ID and password. And I see that the IdP correctly sends assertions to the SP. But when it returns from the IdP back to the SP it wants to start a whole new session again.  Ending up in an endless loop. I’ve searched the archives and didn’t find any solutions that worked for me.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20171011/33b76fd7/attachment.html>

More information about the users mailing list