Too many redirects

Created on 30 November 2023, about 1 year ago

I have probably misconfigured something, but I was hoping someone might have a hunch to point me in the right direction. After configuring this module as best I can, when I visit /user I end up in a redirect loop. The redirects are:

  • /user
  • /user/login
  • /saml_login
  • /user/login
  • /saml_login
  • /user/login
  • /saml_login
  • etc...

Does anyone happen to know what this behavior is symptomatic of? My impression is that /saml_login sends a request to my IdP in the background. Is it possible my IdP is responding in some way that would trigger a redirect back to /user/login?

Here is my (redacted) config:

_core:
  default_config_hash: oDGEkhP0h5rXXqlDplxeBDre0goLigOJupHKMDMwcqM
login_menu_item_title: ''
logout_menu_item_title: ''
login_link_show: true
login_link_title: 'Login via SSO'
login_redirect_url: ''
logout_redirect_url: ''
error_redirect_url: ''
error_throw: false
local_login_saml_error: false
logout_different_user: false
drupal_login_roles:
  authenticated: '0'
  administrator: '0'
  content_creator: '0'
  content_publisher: '0'
  block_manager: '0'
  content_manager: '0'
  media_manager: '0'
sp_entity_id: doj_legacysites_saml_service_provider
sp_name_id_format: 'urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress'
sp_x509_certificate: [redacted]
sp_new_certificate: ''
sp_private_key: [redacted]
metadata_valid_secs: 60
metadata_cache_http: false
idp_entity_id: 'http://redacted.com/services/trust'
idp_single_sign_on_service: 'https://redacted.com/ls/'
idp_single_log_out_service: 'https://redacted.com/ls/'
idp_change_password_service: ''
idp_certs:
  - [redacted]
idp_cert_encryption: ''
unique_id_attribute: emailAddress
map_users: false
map_users_name: false
map_users_mail: true
map_users_roles:
  administrator: administrator
  content_creator: content_creator
  content_publisher: content_publisher
  block_manager: block_manager
  content_manager: content_manager
  media_manager: media_manager
create_users: true
sync_name: false
sync_mail: false
user_name_attribute: emailAddress
user_mail_attribute: emailAddress
request_set_name_id_policy: true
strict: true
security_metadata_sign: false
security_authn_requests_sign: true
security_logout_requests_sign: true
security_logout_responses_sign: true
security_nameid_encrypt: false
security_signature_algorithm: ''
security_encryption_algorithm: ''
security_messages_sign: true
security_assertions_signed: false
security_assertions_encrypt: false
security_nameid_encrypted: false
security_want_name_id: true
security_request_authn_context: true
security_lowercase_url_encoding: true
security_logout_reuse_sigs: false
security_allow_repeat_attribute_name: false
debug_display_error_details: false
debug_log_in: false
debug_log_saml_in: false
debug_log_saml_out: false
debug_phpsaml: false
use_proxy_headers: false
use_base_url: true
bypass_relay_state_check: false

Thank you for any advice!

πŸ’¬ Support request
Status

Fixed

Version

3.0

Component

Miscellaneous

Created by

πŸ‡ΊπŸ‡ΈUnited States brockfanning

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

Production build 0.71.5 2024