Disclaimer: I am not a SAML expert but this isn't my first time working with it. This is probably my fault. :)
I'm trying to set up SAML auth against RapidIdentity. On the back end I think it's using Shibboleth, but gets configured via a custom web interface.
I visit MR while unauthenticated. It takes me to the RapidIdentity login page. I authenticate. But then MR and RapidIdentity redirect me back and forth indefinitely.
Using the SAML-tracer Chrome plugin I see the following series of requests repeating endlessly.
GET https://[my-rapididentity-host]/idp/profile/SAML2/Redirect/SSO
POST https://[my-munkireport-server]/index.php?%2Fauth%2Fsaml%2Facs
GET https://[my-munkireport-server]/index.php?/auth/login
GET https://[my-munkireport-server]/index.php?/auth/saml/sso
GET https://[my-rapididentity-host]/idp/profile/SAML2/Redirect/SSO?SAMLRequest=[redacted]
GET https://[my-rapididentity-host]/idp/AuthnEngine
When viewing the SAML details of the POST entry I see <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /> so it seems like it's telling MR my authentication is good. But I'm not enough of a SAML expert to decipher what's going on beyond that. I can post more of that message if needed.
My MR install is on 5.7.1.4264
Thanks!
David