[prev in list] [next in list] [prev in thread] [next in thread]
List: shibboleth-users
Subject: Re: Shibboleth SP & Okta IdP Redirect Looping
From: "Paul Carroll" <pcarroll () nfmail ! net>
Date: 2020-07-30 13:53:15
Message-ID: 20200730065315.E25B253F () m0117459 ! ppops ! net
[Download RAW message or body]
OK, thanks Peter and Scott. I looked at the page that describes debugging the \
looping but it was early on in the process. I will take another look since I know \
more about it now.
Peter, I resubmitted my issue using text. I thought I may have to resubmit. Please \
disregard the resubmitted issue.
Thanks,
Paul
--- cantor.2@osu.edu wrote:
From: "Cantor, Scott" <cantor.2@osu.edu>
To: Shib Users <users@shibboleth.net>
Subject: Re: Shibboleth SP & Okta IdP Redirect Looping
Date: Thu, 30 Jul 2020 13:35:35 +0000
Assuming the shibd log records a session being created and then immediately \
invalidated or destroyed, the syslog/native log stream will likely log why it's \
rejecting the sessions immediately after establishment; IP address instability \
perhaps.
As for how to debug it if there's no apparent issue other than cookies going \
missing...
1. Learn how the SP works and uses cookies at all steps by observing working \
transactions and reading the documentation that describes all the steps. [1] 2. Trace \
to identify where the cookie(s) go missing.
-- Scott
[1] https://wiki.shibboleth.net/confluence/display/CONCEPT/FlowsAndConfig
--
For Consortium Member technical support, see \
https://wiki.shibboleth.net/confluence/x/coFAAg To unsubscribe from this list send an \
email to users-unsubscribe@shibboleth.net
--
For Consortium Member technical support, see \
https://wiki.shibboleth.net/confluence/x/coFAAg To unsubscribe from this list send an \
email to users-unsubscribe@shibboleth.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic