Getting the error "This webpage has a redirect loop " when trying to login as admin
5,794 views
Skip to first unread message
Chaitanya Pai
Dec 21, 2011, 3:16:38 AM12/21/11
to simpleSAMLphp
Hi All,
I am new to simplesamlphp and am trying to set up SSO. I have
installed Simplesamlphp according to http://simplesamlphp.org/docs/1.8/simplesamlphp-install
. After finishing step 7 i.e configuring the config.php, I could see
the welcome page. But the SAML 2.0 IdP seems disabled as it has red
circle next to it. When I try to login as administrator, I am getting
a browser error "This webpage has a redirect loop" in chrome and "The
page isn't redirecting properly" in firefox. I have enabled 3rd party
cookies and cleared my cookies/cache. I enabled sanity check and ran
it. It shows that the configuration is fine, But still I am unable to
login as admin.
Please let me know how I can login as admin as I am trying to connect
to the test IdP and I need to provide my local metadata.
Thanks in advance.
I am new to simplesamlphp and am trying to set up SSO. I have
installed Simplesamlphp according to http://simplesamlphp.org/docs/1.8/simplesamlphp-install
. After finishing step 7 i.e configuring the config.php, I could see
the welcome page. But the SAML 2.0 IdP seems disabled as it has red
circle next to it. When I try to login as administrator, I am getting
a browser error "This webpage has a redirect loop" in chrome and "The
page isn't redirecting properly" in firefox. I have enabled 3rd party
cookies and cleared my cookies/cache. I enabled sanity check and ran
it. It shows that the configuration is fine, But still I am unable to
login as admin.
Please let me know how I can login as admin as I am trying to connect
to the test IdP and I need to provide my local metadata.
Thanks in advance.
Dick Visser
Dec 21, 2011, 4:52:00 AM12/21/11
to simple...@googlegroups.com
First you need to find out what gets redirected to where.
Either look in the log files of apache, or use a tool such as
http://livehttpheaders.mozdev.org/ to debug it.
The information you get this way should give you some indication what
is going on.
Either look in the log files of apache, or use a tool such as
http://livehttpheaders.mozdev.org/ to debug it.
The information you get this way should give you some indication what
is going on.
Dick
> --
> You received this message because you are subscribed to the Google Groups "simpleSAMLphp" group.
> To post to this group, send email to simple...@googlegroups.com.
> To unsubscribe from this group, send email to simplesamlph...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/simplesamlphp?hl=en.
>
Chaitanya Pai
Dec 21, 2011, 5:21:38 AM12/21/11
to simpleSAMLphp
Hi Dick,
Thanks for the quick reply. I used the livehttpheaders plugin to check
the redirection. The link "login as admin" points to
http://localhost/simplesaml/module.php/core/login-admin.php?ReturnTo=http%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Ffrontpage_welcome.php
The header shows http requests oscillating between
http://localhost/simplesaml/module.php/core/as_login.php?AuthId=admin&ReturnTo=http%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Flogin-admin.php%3FReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Ffrontpage_welcome.php
and
http://localhost/simplesaml/module.php/core/loginuserpass.php?AuthState=_aab33d494e50046adf7bb7c53e73a30a132362d002%3Ahttp%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId%3Dadmin%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Flogin-admin.php%253FReturnTo%253Dhttp%25253A%25252F%25252Flocalhost%25252Fsimplesaml%25252Fmodule.php%25252Fcore%25252Ffrontpage_welcome.php
I also increased the redirect limit in firefox which did not give any
favourable results.
Thanks
Thanks for the quick reply. I used the livehttpheaders plugin to check
the redirection. The link "login as admin" points to
http://localhost/simplesaml/module.php/core/login-admin.php?ReturnTo=http%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Ffrontpage_welcome.php
The header shows http requests oscillating between
http://localhost/simplesaml/module.php/core/as_login.php?AuthId=admin&ReturnTo=http%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Flogin-admin.php%3FReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Ffrontpage_welcome.php
and
http://localhost/simplesaml/module.php/core/loginuserpass.php?AuthState=_aab33d494e50046adf7bb7c53e73a30a132362d002%3Ahttp%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId%3Dadmin%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Flogin-admin.php%253FReturnTo%253Dhttp%25253A%25252F%25252Flocalhost%25252Fsimplesaml%25252Fmodule.php%25252Fcore%25252Ffrontpage_welcome.php
I also increased the redirect limit in firefox which did not give any
favourable results.
Thanks
Olav Morken
Dec 21, 2011, 5:29:08 AM12/21/11
to simple...@googlegroups.com
Two things to check:
- Are cookies working? The cookie headers should be included in the
livehttpheaders output.
- Is session storage working correctly? If the cookie-headers are
present, this is the most likely error.
Best regards,
Olav Morken
UNINETT / Feide
Chaitanya Pai
Dec 21, 2011, 5:55:00 AM12/21/11
to simpleSAMLphp
Hi Olav,
The problem exists in firefox,chrome,ie etc.
I cleared the cookies and opened the
localhost/simplesaml/module.php/core/login-admin.php?ReturnTo=http%3A
%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore
%2Ffrontpage_welcome.php
again. The Security tab in page info does not show any cookies set.
The headers tab in livehttpheaders has repeated occurences of
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
http://localhost/simplesaml/module.php/core/as_login.php?AuthId=admin&ReturnTo=http%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Flogin-admin.php%3FReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Ffrontpage_welcome.php
GET /simplesaml/module.php/core/as_login.php?AuthId=admin&ReturnTo=http
%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Flogin-admin.php
%3FReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml
%252Fmodule.php%252Fcore%252Ffrontpage_welcome.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:8.0) Gecko/20100101
Firefox/8.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection: keep-alive
Referer: http://localhost/simplesaml/module.php/core/frontpage_welcome.php
HTTP/1.1 302 Found
Date: Wed, 21 Dec 2011 10:47:17 GMT
Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8
mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.8
Location:
http://localhost/simplesaml/module.php/core/loginuserpass.php?AuthState=_d2e8aab7102e1da52bde01e7924cdbe2ab0c638b66%3Ahttp%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId%3Dadmin%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Flogin-admin.php%253FReturnTo%253Dhttp%25253A%25252F%25252Flocalhost%25252Fsimplesaml%25252Fmodule.php%25252Fcore%25252Ffrontpage_welcome.php
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
Content-Length: 1360
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
----------------------------------------------------------
http://localhost/simplesaml/module.php/core/loginuserpass.php?AuthState=_d2e8aab7102e1da52bde01e7924cdbe2ab0c638b66%3Ahttp%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId%3Dadmin%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Flogin-admin.php%253FReturnTo%253Dhttp%25253A%25252F%25252Flocalhost%25252Fsimplesaml%25252Fmodule.php%25252Fcore%25252Ffrontpage_welcome.php
GET /simplesaml/module.php/core/loginuserpass.php?
AuthState=_d2e8aab7102e1da52bde01e7924cdbe2ab0c638b66%3Ahttp%3A%2F
%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId
%3Dadmin%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml
%252Fmodule.php%252Fcore%252Flogin-admin.php%253FReturnTo%253Dhttp
%25253A%25252F%25252Flocalhost%25252Fsimplesaml%25252Fmodule.php
%25252Fcore%25252Ffrontpage_welcome.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:8.0) Gecko/20100101
Firefox/8.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection: keep-alive
Referer: http://localhost/simplesaml/module.php/core/frontpage_welcome.php
HTTP/1.1 302 Found
Date: Wed, 21 Dec 2011 10:47:17 GMT
Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8
mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.8
Location:
http://localhost/simplesaml/module.php/core/as_login.php?AuthId=admin&ReturnTo=http%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Flogin-admin.php%3FReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Ffrontpage_welcome.php
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
Content-Length: 1024
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
----------------------------------------------------------
Please let me know if any other info is needed.
Thanks
The problem exists in firefox,chrome,ie etc.
I cleared the cookies and opened the
localhost/simplesaml/module.php/core/login-admin.php?ReturnTo=http%3A
%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore
%2Ffrontpage_welcome.php
again. The Security tab in page info does not show any cookies set.
The headers tab in livehttpheaders has repeated occurences of
-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
http://localhost/simplesaml/module.php/core/as_login.php?AuthId=admin&ReturnTo=http%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Flogin-admin.php%3FReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Ffrontpage_welcome.php
GET /simplesaml/module.php/core/as_login.php?AuthId=admin&ReturnTo=http
%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Flogin-admin.php
%3FReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml
%252Fmodule.php%252Fcore%252Ffrontpage_welcome.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:8.0) Gecko/20100101
Firefox/8.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection: keep-alive
Referer: http://localhost/simplesaml/module.php/core/frontpage_welcome.php
HTTP/1.1 302 Found
Date: Wed, 21 Dec 2011 10:47:17 GMT
Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8
mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.8
Location:
http://localhost/simplesaml/module.php/core/loginuserpass.php?AuthState=_d2e8aab7102e1da52bde01e7924cdbe2ab0c638b66%3Ahttp%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId%3Dadmin%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Flogin-admin.php%253FReturnTo%253Dhttp%25253A%25252F%25252Flocalhost%25252Fsimplesaml%25252Fmodule.php%25252Fcore%25252Ffrontpage_welcome.php
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
Content-Length: 1360
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
----------------------------------------------------------
http://localhost/simplesaml/module.php/core/loginuserpass.php?AuthState=_d2e8aab7102e1da52bde01e7924cdbe2ab0c638b66%3Ahttp%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId%3Dadmin%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Flogin-admin.php%253FReturnTo%253Dhttp%25253A%25252F%25252Flocalhost%25252Fsimplesaml%25252Fmodule.php%25252Fcore%25252Ffrontpage_welcome.php
GET /simplesaml/module.php/core/loginuserpass.php?
AuthState=_d2e8aab7102e1da52bde01e7924cdbe2ab0c638b66%3Ahttp%3A%2F
%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId
%3Dadmin%26ReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml
%252Fmodule.php%252Fcore%252Flogin-admin.php%253FReturnTo%253Dhttp
%25253A%25252F%25252Flocalhost%25252Fsimplesaml%25252Fmodule.php
%25252Fcore%25252Ffrontpage_welcome.php HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:8.0) Gecko/20100101
Firefox/8.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/
*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Connection: keep-alive
Referer: http://localhost/simplesaml/module.php/core/frontpage_welcome.php
HTTP/1.1 302 Found
Date: Wed, 21 Dec 2011 10:47:17 GMT
Server: Apache/2.2.21 (Win32) mod_ssl/2.2.21 OpenSSL/1.0.0e PHP/5.3.8
mod_perl/2.0.4 Perl/v5.10.1
X-Powered-By: PHP/5.3.8
Location:
http://localhost/simplesaml/module.php/core/as_login.php?AuthId=admin&ReturnTo=http%3A%2F%2Flocalhost%2Fsimplesaml%2Fmodule.php%2Fcore%2Flogin-admin.php%3FReturnTo%3Dhttp%253A%252F%252Flocalhost%252Fsimplesaml%252Fmodule.php%252Fcore%252Ffrontpage_welcome.php
Pragma: no-cache
Cache-Control: no-cache, must-revalidate
Content-Length: 1024
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html
----------------------------------------------------------
Please let me know if any other info is needed.
Thanks
Dick Visser
Dec 21, 2011, 6:15:29 AM12/21/11
to simple...@googlegroups.com
So it looks like your sessions are not working.
If you look at Configuration -> PHP info, what does it say at the
section called "sessions"?
If you look at Configuration -> PHP info, what does it say at the
section called "sessions"?
> --
> You received this message because you are subscribed to the Google Groups "simpleSAMLphp" group.
> To post to this group, send email to simple...@googlegroups.com.
> To unsubscribe from this group, send email to simplesamlph...@googlegroups.com.
> For more options, visit this group at http://groups.google.com/group/simplesamlphp?hl=en.
>
--
Dick Visser
System & Networking Engineer
TERENA Secretariat
Singel 468 D, 1017 AW Amsterdam
The Netherlands
T +31 20 530 44 88 F +31 20 530 44 99
vis...@terena.org | www.terena.org
Chaitanya Pai
Dec 21, 2011, 6:26:36 AM12/21/11
to simpleSAMLphp
Hi Dick,
I am not sure where you want me to look at Configuration -> PHP info.
I saw this at http://localhost/xampp/phpinfo.php
The session section is as follows
session
Session Support enabled
Registered save handlers files user sqlite
Registered serializer handlers php php_binary wddx
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.hash_bits_per_character 5 5
session.hash_function 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path C:\abcde\xampp\tmp C:\abcde\xampp\tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid 0 0
Thanks,
I am not sure where you want me to look at Configuration -> PHP info.
I saw this at http://localhost/xampp/phpinfo.php
The session section is as follows
session
Session Support enabled
Registered save handlers files user sqlite
Registered serializer handlers php php_binary wddx
Directive Local Value Master Value
session.auto_start Off Off
session.bug_compat_42 On On
session.bug_compat_warn On On
session.cache_expire 180 180
session.cache_limiter nocache nocache
session.cookie_domain no value no value
session.cookie_httponly Off Off
session.cookie_lifetime 0 0
session.cookie_path / /
session.cookie_secure Off Off
session.entropy_file no value no value
session.entropy_length 0 0
session.gc_divisor 100 100
session.gc_maxlifetime 1440 1440
session.gc_probability 1 1
session.hash_bits_per_character 5 5
session.hash_function 0 0
session.name PHPSESSID PHPSESSID
session.referer_check no value no value
session.save_handler files files
session.save_path C:\abcde\xampp\tmp C:\abcde\xampp\tmp
session.serialize_handler php php
session.use_cookies On On
session.use_only_cookies Off Off
session.use_trans_sid 0 0
Thanks,
Chaitanya Pai
Dec 22, 2011, 1:12:46 AM12/22/11
to simpleSAMLphp
Hi,
Is this what you had asked for?
Thanks,
Chaitanya Pai
Is this what you had asked for?
Thanks,
Chaitanya Pai
Dick Visser
Dec 22, 2011, 4:44:46 AM12/22/11
to simple...@googlegroups.com
Yes, and but it seems to be OK, but despite that there are no
cookie-headers at all being sent. Upon visiting the page for the first
time you *should* see a header similar to this:
cookie-headers at all being sent. Upon visiting the page for the first
time you *should* see a header similar to this:
Set-Cookie: PHPSESSID=f2fcb20fc99c18c6df5be773fcd9f747; path=/
The configuration of PHP seems to be OK, and assuming you left the SSP
config default, the problem must be elsewhere.
Could it be some permission problem in the directory where the session
files are stored, C:\abcde\xampp\tmp ?
And what does the log file say?
Dick
Cris Bettis
Nov 18, 2015, 2:35:22 PM11/18/15
to SimpleSAMLphp, vis...@terena.org
I ran into this same error.
The root of my issue was that the SSOService page thought that it had a session while the loginpass page was sure that it didn't. They were forwarding back and forth indefinitely.
The problem turned out to be that phpsession was trying to treat them as two separate sessions.
I fixed this by using SQL as the session storage option instead of phpsession. I suspect using memcache would also work.
jarrod...@gmail.com
May 24, 2017, 7:07:13 PM5/24/17
to SimpleSAMLphp
I know this is really old post but I just had this exact same issue. SimpleSAMLPHP would load fine by then trying to login as an admin it would go into an infinite loop loading the loginuserpass.php and as_login.php pages.
After a lot of debugging I found that the problem was actually Varnish caching which was stopping the session state from being loaded. This happened no matter what session storage was selected (phpsession, memcache or sql).
Disabling varnish caching on the SimpleSAMLPHP paths fixed the issue for me.
Reply all
Reply to author
Forward
Message has been deleted
0 new messages