Hello -
Are you using a mix of HTTP and HTTPS in the environment?
for example...
Let's say App1 with agent one redirects to a different agent functioning as a credential collector.
App1 is HTTP
the credential collector serving the authentication scheme is HTTPS.
If you have "usesecurecookies" = yes on the credential collector agent, then when the SMSESSION cookie is set, it's set with secure=true.
When that happens it not transited to on the non-secure transaction (HTTP) to App1.
Then the authentication process restarts; thus the loop.
Another possible cause is that the the user is "Authenticated" via the authentication scheme, but not Authorized by policy, thus a loop.
However, this is just two possible causes.
A review of the following would be required to indentify the actual cause.
- Fiddler Trace or similar.
- Agent Log
- SMPS Trace logs
I hope this helps.
-James
SSO Support