windows SP looping
Guenther, Dean R.
guenther at wsu.edu
Wed Oct 11 15:36:49 EDT 2017
Chris, that was the answer. I added cookieProps=”https” and it started working.
Thanks for your help – Dean
Dean Guenther dean.guenther at wsu.edu<mailto:dean.guenther at wsu.edu>
Washington State University Phone: 509 335-0433
Pullman, WA. 99164-1222 fax: 509 335-0540
Identity and Access Management Manager
From: users <users-bounces at shibboleth.net> on behalf of Chris Andre <candre at overtsoftware.com>
Reply-To: Shib Users <users at shibboleth.net>
Date: Wednesday, October 11, 2017 at 1:11 AM
To: Shib Users <users at shibboleth.net>
Subject: Re: windows SP looping
The main time I have seen this its been due to the fact that the URL that is protected with shibboleth i.e dev-sp.it.wsu.edu/secure<http://dev-sp.it.wsu.edu/secure> isn't being accessed over https. For example users are going to http://dev-sp.it.wsu.edu/secure instead of https://dev-sp.it.wsu.edu/secure.
So first thing to check would be that your accessing the site over https for the location that is protected by shibboleth.
As an aside it maybe easier to just set your cookieprops to https so i.e: cookieProps="https" if your using V2.5+
Not sure if you have seen this page here that goes over some more common issues with SP Looping: https://wiki.shibboleth.net/confluence/display/SHIB2/NativeSPLooping<https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.shibboleth.net_confluence_display_SHIB2_NativeSPLooping&d=DwMFaQ&c=C3yme8gMkxg_ihJNXS06ZyWk4EJm8LdrrvxQb-Je7sw&r=HKqTjFC6RK9VgYzstvO52Q&m=2OCGMFrVzok3VMr8xkq1wFOmn9fAsU2jshIknqpKGT0&s=udN4oZI3Wl-r8krhUhSjfx0dSZJwEwzZvwDDrZHI2Oc&e=>
On 11 October 2017 at 00:41, Guenther, Dean R. <guenther at wsu.edu<mailto:guenther at wsu.edu>> wrote:
I’m having a problem with setting up my first Windows SP. The IdP has been in service for several years. I can call a service on the SP (called “secure”) and I see it redirect properly to the IdP. I can successfully enter my Network ID and password. And I see that the IdP correctly sends assertions to the SP. But when it returns from the IdP back to the SP it wants to start a whole new session again. Ending up in an endless loop. I’ve searched the archives and didn’t find any solutions that worked for me.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users