SAML SSO Looping

We have SAML configured to use SSO. The issue is that when we use the /SSO/ in the URL it goes in a loop and never shows the page. Log shows credentials are being passed (federation). I was thinking it must be incorrectly mapped to the index page. Not sure where to look for that.
2 answers

Hi Brian,

  Have you configured all the constants in your application as ountlined in the documentation?  It sounds to me like you have your intex.html routing users to the /SSO/ url, and so once the response is sent back from the IdP, it takes the user to the index.html, then to the /SSO/, then to the federation log in again.

I think the setting you may want is 'SSOLandingPage.'  I think you want to duplicate your index.html without the /SSO/ redirect and call it index3.html or something similar.  Then set the SSOLandingPage constant to be 'index3.html. Here is the documentation on it:

SSOLandingPage, You could specify a different landing page here, for example: When you would like to redirect all user, accessing the application url, to the Saml login.  This requires you to change the index.html page by adding '<meta http-equiv="refresh" content="0;URL=/SSO/" />', you don't want to end up on 'index.html' again after a login attempt.  By changing this constant to '/index3.html', you'll land on index3.html instead of index.html.  Off course you will need to add an 'index3.html' page to your theme in this case! (You can copy the original index.html into index3.html)

Hope this helps!



check if your constants landingpage and login are correct (usual index3.html and index.htm)