Support » Plugin: Shibboleth » [Plugin: Shibboleth] Infinite Loop with IIS7

  • Resolved chalemic


    I’m setting up our WP 3.0 site and having trouble with configuring it to work with Shibboleth. I’ve added a rewrite using IIS7’s module that matches on ^Shibboleth\.sso/, takes no action, and stops processing. It successfully takes to the IdP for login and my Shibboleth logs show a completed transaction with properties set.

    After logging in I get an infinite loop of redirects:

    1. 1. POST Shibboleth.sso/SAML2/POST, 302 Moved to wp-login.php?action=shibboleth&redirect_to=%2Fwp-login.php
    2. 2. GET wp-login.php?action=shibboleth&redirect_to=%2Fwp-login.php Refreshes to Shibboleth.sso/Login?
    3. 3. GET Shibboleth.sso/Login?, 302 Moved to Shibboleth IdP

    I see that the refresh in step 2 is what’s causing the problem, but I don’t understand why wp-login.php?action=shibboleth&redirect_to=%2Fwp-login.php refreshes the way it does.

    Any ideas on which part of my configuration would cause this?


Viewing 3 replies - 1 through 3 (of 3 total)
  • Hi,
    I was getting the same symptom using apache.

    I changed line 130 in the file shibboleth.php to read:

    $session_headers = array(‘Shib_Session_ID’, ‘HTTP_SHIB_IDENTITY_PROVIDER’);

    instead of

    $session_headers = array

    That seemed to fix things for me.

    Upon further investigation Shibboleth doesn’t appear to be returning headers to WordPress. When I check the Session and transaction log everything appears fine, but I do see errors when I restart the service, isapi_shib_extension: socket call resulted in error (10054): Unknown error.

    The problem was in my configuration file; the loop is now gone (but I’m working on other problems.)

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘[Plugin: Shibboleth] Infinite Loop with IIS7’ is closed to new replies.