AD FS - KB3003381 causes redirect loop on login

Similar Messages

• Cookieless session causes redirect loop when deployed to Azure Website

  I have a website that needs to use cookieless session. The website works fine locally and the session key gets passed into each request url as expected. However, when deployed to an Azure website, the website requests cause a redirect loop by reloading the
  url over and over again with new session keys each time. I've tried setting regenerateExpiredSessionId to false but that does not have any effect. The Azure Website works okay with UseCookies, but I need to use cookieless session for other technical reasons.
  What can be done to resolve this issue or get more insight into why it is happening?

  Hi,
  Disabling the affinity can be done in two ways:
  In your application
  In a site configuration
  Which one did you tried.
  Regards,
  Azam khan
  I'm unmarking this as an answer. In no way does this answer the original question. In my previous reply I stated that I used web.config setting to disable ARR Infinity cookie. This did not resolve my problem. Also, could you please take a minute to describe
  why you think disabling this feature would solve the problem? The original link you posted does not mention cookieless session or give any description of why that would be related to my problem.
  Thanks for trying to help, but unfortunately this has not solved the problem. If you have more details, please provide them.

• E-Business to Apex Authentication Problem - Redirection Loop?

  Hi Folks,
  I have a couple of EBS (11i) environments which successfully launch Apex Functions using the whitepaper delivered from Cabot Consulting (Extending Oracle Applications). I have created a new responsibility, menu and function on our live environment today which does exactly what the whitepaper suggests:
  1. Send a cookie to the browser with Username and a generated hash.
  2. Apex authentication checks for this cookie and if it does not exist, displays a login page.
  3. IF the cookie exists, it takes the username and validates the hash, redirecting then to Page 1 of my application.
  However, I have found that the first time the EBS function is clicked, Firefox throws a "Redirect Loop Error", Internet Explorer instead gives an unhelpful 404 error. If I click my back button to get back into Oracle Applications and click the function again, this time it works.
  I can't release this to my userbase if there is a chance of redirect issues!
  Has anyone had experience of this and is there a verified solution to resolve the issue? I am happy to post whichever code you wish.
  Many thanks,
  Pete

  Hi Scott,
  Your suggestion answered my question first time. My login page was not public for some reason!
  I've changed this now and kerching, my applications all work a breeze!
  Fantastic - so simple :-)
  Many thanks.
  Srini - thanks for the suggestion, I've read every bit of EBS integration I could find so this is a bit of an RTFM!
  P

• New Portal Redirect Loop

  Hi,
  When attempting to login to the new Azure portal (https://portal.azure.com), I end up getting stuck in an infinite redirect loop. I have tried clearing cache/cookies/local storage, tried using incognito-mode, and have tried using IE11, Chrome and Firefox. The
  problem appears in all browsers. I am able to login to the old portal (https://manage.windowsazure.com) without any problems.
  I was last able to successfully login to the new portal on Thursday, October 2, 2014. While in the new portal, I received a javascript alert saying that new updates had been applied to the portal. After I clicked "OK" on the alert, the redirect loop
  issue started.
  Does anyone have any suggestions on what else to try? I am using the new Azure Redis Cache and am unable to manage it without the new portal.
  Thank you.

  Hi RJ Regenold,
  I am glad to hear that the preview portal is working for you, this portal is a preview version, it will more
  stable later. I will close this thread, if you have any issue in future, welcome to our forum.
  Sorry for any inconvenience.
  Best Regards,
  Jambor
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Portal SRA 7.1 - Redirect Loop

  Hi,
  sometimes (approx. 50% of connections) get a 'Redirect Loop' when accessing gateway after sucessful login.
  Did anybody know how to solve this problem, please?
  Other info from logs:
  User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.0.8) Gecko/2009032713 Fedora/3.0.8-1.fc9 Firefox/3.0.8
  Keep-Alive: 300
  Connection: keep-alive
  The difference in the logs are:
  good connection in the: Gateway.toFromBrowser.0.0.log seems like:
  GET HTTP/1.0
  Allow: GET
  GET /portal/dt HTTP/1.0
  HTTP/1.0 200 OK
  Server: Sun-Java-System/Application-Server
  X-powered-by: Servlet/2.4
  redirect loop problem log Gateway.toFromBrowser.0.0.log seems:
  GET HTTP/1.0
  Allow: GET
  GET /portal/dt HTTP/1.0
  HTTP/1.0 302 Moved Temporarily
  Server: Redirector
  Location: https://dgw.company.sk/http://dportal2.company.sk/amserver/UI/Login?gw=dgw.company.sk&org=dc%3Dcompany%2Cdc%3Dsk&goto=http://dportal2.company.sk/portal/dt
  Content-Length: 292
  Content-Type: text/html/html
  Connection: Keep-Alive
  Keep-Alive: timeout=50,max=6
  GET /amserver/UI/Login?gw=dgw.company.sk&org=dc%3Dcompany%2Cdc%3Dsk&goto=http://dportal2.company.sk/portal/dt HTTP/1.0
  <message>Response sent back to Browser:
  HTTP/1.0 302 Moved Temporarily
  Server: Sun-Java-System/Application-Server
  Date: Wed, 15 Apr 2009 13:08:30 GMT
  Content-type: text/html
  X-powered-by: Servlet/2.4
  Cache-control: private
  Expires: 0
  X-dsameversion: 7.1 patch 126357-01
  Am_client_type: genericHTML
  Content-Length: 0
  Connection: Keep-Alive
  Keep-Alive: timeout=50,max=7
  Location: https://dgw.company.sk/http://dportal2.company.sk/portal/dt
  And again the same:
  GET /portal/dt HTTP/1.0
  HTTP/1.0 302 Moved Temporarily
  This continues 10 times both GET /portal/dt HTTP/1.0 and GET /amserver/UI/Login?gw=dgw.company.sk...
  and than firefox and IE failed with redirect loop.
  My configuration is:
  2 x AS 8.2 with AM 7.1, Portal and SRA Gateways in the two non-global zones. AM with session failover and Portals are both in their own domain1 (non-cluster, non-portlet failover) with SRA Gateways configured on the different virtual IP and aliases.
  JDK: 11866*-19
  JavaDB: 125246-03
  Cacao: 12389*-10
  MQ: 12506*-05
  AS: 124673-10
  PS: 124302-12

  You can also try adding the host you are trying to access to "URLs to which User Session Cookie is Forwarded" under Secure Remote Access --> Profiles in psconsole.

• PL/SQL Page hangs in a Redirect Loop, after access from xdbconfig.xml

  Hello
  My Problem:
  when i try to Access a PL/SQL Page, it seems that is in a redirect loop to himself.
  In the Log File from $ORACLE_HOME/network/log/listener.log comes mass Messages from connects like:
  26-FEB-2007 14:59:31 * http * (ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=45720)) * handoff * http * 0
  26-FEB-2007 14:59:31 * http * (ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=45721)) * handoff * http * 0
  26-FEB-2007 14:59:31 * http * (ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=45722)) * handoff * http * 0
  26-FEB-2007 14:59:31 * http * (ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=45723)) * handoff * http * 0
  26-FEB-2007 14:59:31 * http * (ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=45724)) * handoff * http * 0
  26-FEB-2007 14:59:31 * http * (ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=45725)) * handoff * http * 0
  26-FEB-2007 14:59:31 * http * (ADDRESS=(PROTOCOL=tcp)(HOST=127.0.0.1)(PORT=45726)) * handoff * http * 0
  think the Problem is in the Configuration from mod_plsql.
  When i try to access a PL/SQL Page through the Gateway, then it comes the same issue.
  I can reconstruct the Problem on a fesh installed Database XE on Windows XP and on Linux.
  After installation, i can Access the Login Page from APEX. The System works correct.
  After i try to get the URL "http://127.0.0.1:8080/xdbconfig.xml" i get a Browser Login.
  I typed in the System Account, then i can see the xdbconfig.xml.
  After that i can't access APEX or any other PL/SQL Page
  I can only access the XML DB Repository Directories.
  Can someone help?
  Thanks
  Jan Hoelscher

  I noticed the same issue with session info (after login in and then unlocking anonymous) still in the cookie or in memory (at least I think so).
  After restarting the browser windows (all windows of the same "brand") - problem has disappeared

• Redirecting user to login page after session expiry

  Hi,
  Default session expiry implementation in sap EP6.0 doesn't work properly. To overcome this, we have implemented one component where we check the idle time and throw the user back to the login page if the idle time has exceeded the session expiry period. This component has been added to desktop inner page as an iView. Following is the logic put in this component.
  IAuthentication ia = UMFactory.getAuthenticator();
  ia.logout(httpRequest, httpResponse);
  httpResponse.sendRedirect("/irj/portal");
  We are successfully getting the login page after session expiry. Issue is, our portal server is running on 11111 port. We cannot change this to 80 on unix because of unix limitations for the port number. So we have put one apache web server before our portal server. Apache web server is listening on port 80 and forwarding the request to our portal server.
  Now when user is redirected to the login page, url being shown in the browser is http://<host_name>:11111/irj/portal but I am expecting http://<host_name>/irj/portal (without port). I have tried putting the full url in sendRedirect() method but that too doesn't work.
  Any help is highly appreciated.
  Regards,
  Chandra

  Hi Chandra,
  Let the URL be relative in the sendRedirect i.e.
  httpResponse.sendRedirect("/irj/portal");
  However since you have a Reverse proxy in front, the response header for redirect will not contain the address of the reverse proxy in this case, your servername without port. You have to properly configure your reverse proxy so that the HTTP Headers are changed properly before sending the response to the users.
  Check this URL,
  http://httpd.apache.org/docs/1.3/mod/mod_proxy.html#proxypassreverse
  This gives you the details on configuring your apache.
  Hope this helps.
  Ankur
  P.S. If this helps please reward points.

• Web Auth Type: Customized(downloaded) Redirect URL after login not working.

           5508WLC as anchor controller with WLC1 and WLC2 with WCS. I have 2 public ssids set up to go directly to the internet.
  Everything is working as it should.  I downloaded the web auth bundle from Cisco and  will just use a disclaimer page and then if the user clicks on the accept button they will be redirected to our company web page, and then they can get out to the internet.
  I have edited the aup.html and login.html to say what I want it to.  I have 2 different login.html pages and bundle to a .tar file like the documentation says.  I download it via tftp to the controller and it is successful. The disclaimer page opens up when I connect and it looks as it should.  The problem is I cannot seem to get the accept button to work. It redirects to a web page but it is undefined. 
     I must be missing some setting somewhere, but I just can not seem to find it.  Is there any line I need to edit in the login.html files that will redirect the page.    The config on the Web Login Page  Redirect URL after login is http://www.mccg.org which is our home page.
  Any help will be appreciated.  I cannot seem to fine very good documentation, or I am just overlooking something.
  Thanks
  John   

  Your HTML code is wrong. Attach your code if your okay with it and I can check.
  Sent from Cisco Technical Support iPhone App

• Password Manager 4.6 and 4.7 causes CPU loop in tzres.dll

  T510 running Windows 7x64.  T510 is in a constant CPU loop with WMIPRVSE consuming the CPU as per Process Explorer.  Using Microsoft Sysinterals Process Monitor determine that the cause is constant calls to access tzres.dll.  Reboot in clean mode and one my one activate services and startup programs until the loop is observed.  It is only observed when Password Manager is started.  Do an uninstall of 4.7 and the problem goes away.  Start with 4.0 of Password Manager.  Each release from 4.0 to 4.5 work fine with no loop.  Installing 4.6 or 4.7 cause the loop.  All Lenovo drivers and programs are current.
  Any ideas?  Tom

  I'm testing a beta version of Password Manager which has solved the issue that I was experiencing.
  W520, i7-2820QM, BIOS 1.42, 1920x1080 FHD, 32 GB RAM, 2000M NVIDIA GPU, Samsung 850 Pro 1TB SSD, Crucial M550 mSata 512GB, WD 2TB USB 3.0, eSata Plextor PX-LB950UE BluRay
  W520, i7-2760QM, BIOS 1.42 1920x1080 FHD, 32 GB RAM, 1000M NVIDIA GPU, Crucial M500 480GB mSata SSD, Hitachi 500GB HDD, WD 2TB USB 3.0

• Cant download Flash trial, says redirect loop

  I want to try a trial of adobe flash but it will not let me even start downloading the software at all. It says redirect loop, i tried to dload on firefox and google chrome, internet explorer does not work on my comp. Also it told me to delete all my cookies from the list and i did but i get the same problem. please help.

  That happened once to me when downloading a trial.  I just tried it again after a few minutes and it worked.  In Firefox, clear al private data including saved sessions.  If it keeps up, email support.

• How to redirect user from login page to "Set Challenge question" page

  How to redirect user from login page to "Set Challenge question" page (NOT custom page) after 3 un successful password attempts?
  Meaning when user types wrong password 3 times they will be redirected to set Challenge question page. If user answers the challenge question then password reset page should be appeared other wise (after remaining 3 un successeful challenge question answers) account should be locked out.
  thanks for your help.

  hi sandeep
  Thanks for your answer. Let me ellaborate more on the requirement here.
  - Password Policy and Lost Password management are set up in the identity system
  - Configure login tries allowed= 5. Verify accout is lock out after 5 unsucessful login.
  This is what need to achieve.
  1) If a user attempts to login 3(not 5) times using an incorrect login credential he/she should be redirected to set challenge question (security question) page.
  2) Then if the user attempts (remaining) 2 times incorrect challenge answer then his/her account should be locked out.
  3) If he/she answers the challenge answer correctly then he/she should be redirected to password reset page.
  Is this possible?

• JSF Web Application - endless redirecting loop

  I've created a simple JSF WebApplication, just one page, one static text. When I deploy it to the bundled server, everything is OK. When I deploy it to a remote server, that I have access to (Sun Java System Application Server Enterprise Edition 8.1_02), and I browse to its URL (http://server:port//Webapplication), the browser shows me an error. IE just displays Page cannot be displayed error, Firefox tells me, that the app. ended up in a redirection loop.
  When I browse to /Webapplication/faces/Page1.jsp, everything is ok.
  What can be wrong?

  Hello
  We are looking at doing the same thing (iviews in Sharepoint)
  Any luck in solving the problem ?
  thank you
  Robin

• Muse mobile site has a redirect loop in my subdomain

  I have an existing site which I am working on redoing in Muse, but I wanted to get a mobile version up immediately. I got it working, tests out fine in preview and BC, but after uploading it to a subdomain (m.junebugjam.com) I keep getting a redirect loop with smartphone and tablets. Desktop views it fine, so I know it's something in whatever Adobe uses to detect mobile users. Currently, I just have .htaccess redirecting to BC, but I would prefer to be using my own domain (not too fond of the "Report Abuse" button.)
  Site is: www.junebugjam.com
  Sub is: m.junebugjam.com
  Thanks in advance for the assistance.
  -Scott

  So your desktop and mobile versions are on different hosts? If so you need to add the redirect script to your desktop page if on mobile and you need to direct it to the mobile domain. It looks to me like you have also created the mobile layout in the desktop view in Muse?

• Usage Meter Not Working in Chrome - Redirect Loop

  Using Google Chrome I'm unable to view my broadband usage. When I click the link in 'My BT' the link ends up as a massive URL and Chrome informs that it's hit a redirect loop.
  Works fine in Internet Explorer though.
  Just an FYI
  Chrome Version 32.0.1700.102 m

  Hi Ignitionnet and welcome.
  Are you getting any error messages? Can you give us a screen shot of the issue? Give us as much detail as possible and we’ll try and help.
  Cheers
  David
  BTCare Community Mod
  If we have asked you to email us with your details, please make sure you are logged in to the forum, otherwise you will not be able to see our ‘Contact Us’ link within our profiles.
  We are sorry but we are unable to deal with service/account queries via the private message(PM) function so please don't PM your account info, we need to deal with this via our email account :-)

• WCCP: Is dot1Q trunking needed on Router I/F to avoid redirection loop

  Hi everyone,
  I have a question how configure Router I/F to avoid redirection loop.
  I understand Router and WAE must not be attached to the same segment to avoid redirection loop as written in the Quick Configuration Guide.
  However the sample configuration in Quick Configuration Guide does not show necessity of whether VLAN trunking is needed or not on the Router port and Switch under following environment;
  Client
  |
  |
  Switch --- WAE
  |
  |
  Router
  |
  |
  WAN
  |
  |
  Router
  |
  |
  Switch --- WAE
  |
  |
  Server
  I think .1Q trunking is need to avoid redirection loop and it is a only way to achieve it in case of the router (core and/or edge) has just two interfaces.
  And if the router does not support .1Q trunking due to hardware limitation or software limitation, I need to get the router had more one dedicated interface to redirect WAE by adding additional network module/card if it can.
  I am afraid that if the router does not support .1Q trunking and router has up to two interfaces, I need to purchase/prepare another router to achieve it or not.
  Is my understanding correct ?
  Or are there any method to avoid redirection loop other than using .1Q trunk or adding interface that is remains just two interfaces ?
  Would you please let me know your assistance ?
  Best regards,

  Hello,
  Note that this requirement will be changing in the very near future. Please reach out to your account team or overlay specialists for more details.
  Best regards,
  Joel