Question

[Solved] SimpleSAMLPHP redirection loop

we are trying to setup sso with custom mysql database but it is going into endless loop between below two requests.

POST http://192.168.0.15/simplesaml/module.php/core/loginuserpass.php

Set-Cookie

PHPSESSID=d0eaabb959ffeb2a0dd20f4744945f8f; path=/; HttpOnly
SimpleSAMLAuthToken=_297a91e9a4e14c61d247427063201a39587396c2e3; path=/; httponly

http://192.168.0.15/simplesaml/module.php/core/loginuserpass.php?AuthState=_e3e75218660095b936b9582356bcbc7b1e26934876%3Ahttp%3A%2F%2F192.168.0.15%2Fsimplesaml%2Fmodule.php%2Fcore%2Fas_login.php%3FAuthId%3Dexample-sql%26ReturnTo%3Dhttp%253A%252F%252F192.168.0.2%252F%252Fver06%252Fapp.php

Set-Cookie

PHPSESSID=92688949c724d39e673eec73b0674de0; path=/; HttpOnly

192.168.0.15 is our sso server and 192.168.0.2 is the website which is requesting for sso.

Are we missing anything? also is there any client and server separation of sso modules for ease of use.

Also we are not getting log file generated. permissions verified on folder.

Enquirer: jit

||

Solution #1:

Check following parameters in the config.php file.

'baseurlpath' => 'http[s]://YOUR_DOMAIN/simplesaml/',
'session.cookie.domain' => '.YOUR_DOMAIN',
'session.cookie.secure' => true, // ACCORDING TO YOUR REQUIREMENT
'session.phpsession.savepath' => '/PATH/TO/STORE/SESSION', // MAKE SURE THIS PATH IS WRITABLE BY WEB/APP SERVER  
'session.phpsession.httponly' => true, // ACCORDING TO YOUR REQUIREMENT
Respondent: AnkitK

Solution #2:

I got the same problem and for me, the reason was in NGINX configurations.
The NGINX wasn’t listening to the /simplesaml and didn’t redirect it to the right file.

location ^~ /simplesaml {
    alias /var/www/html/vendor/simplesamlphp/simplesamlphp/www/;
    location ~ .php(/|$) {
        fastcgi_split_path_info ^(.+?.php)(/.*)$;
        fastcgi_param  PATH_INFO        $fastcgi_path_info;
        include fastcgi.conf;
        fastcgi_param QUERY_STRING $args;
        fastcgi_param SCRIPT_FILENAME $request_filename;
        fastcgi_pass php;
    }
}
Respondent: Mykola Veriga

The answers/resolutions are collected from stackoverflow, are licensed under cc by-sa 2.5 , cc by-sa 3.0 and cc by-sa 4.0 .

Most Popular

To Top
India and Pakistan’s steroid-soaked rhetoric over Kashmir will come back to haunt them both clenbuterol australia bossier man pleads guilty for leadership role in anabolic steriod distribution conspiracy