ADFS Redirection Loop

[DoktorAerzt]

Hello together, im trying to get mellon and adfs work together but im stuck in an redirection loop.

I enabled MellonDiagnosticsEnable On and in the log it says that the cookietest is not found but the cookie get´s send to the server with the value cookietest.

entry mellon_diagnostics https://pastebin.com/BvHZfSLN entry saml_traver https://pastebin.com/nUnM6KjR global mellon_config => apache2

MellonCacheSize 100
MellonLockFile /var/run/mod_auth_mellon.lock
MellonPostTTL 900
MellonPostSize 1073741824
MellonPostCount 100
MellonPostDirectory "/var/cache/mod_auth_mellon_postdata"
MellonDiagnosticsFile /var/log/mellon_diagnostics
MellonDiagnosticsEnable On

director mellon_config => apache2

<Location /wws/sso_login/institut>
    MellonEnable "auth"
    Require valid-user
    AuthType "Mellon"
    MellonVariable "sympa"
    MellonSecureCookie On
    MellonCookieSameSite None

    MellonSPPrivateKeyFile /etc/apache2/mellon/urn_site.example.org.key
    MellonSPCertFile /etc/apache2/mellon/urn_site.example.org.cert
    MellonSPMetadataFile /etc/apache2/mellon/urn_site.example.org.xml
    MellonIdPMetadataFile /etc/apache2/mellon/FederationMetadata.xml
    MellonMergeEnvVars On ":"
    MellonEndpointPath /wws/sso_login/institut/endpoint
    MellonPostReplay on
</Location>

[dwydler]

I configured it for a few days in our network. We use Windows Server 2019, Build 1809 for AD FS. Follow this Guide: Configure SSO (Apache, Mellon, Active Directory) on Ubuntu 20.04 . So it worked for us.

[DoktorAerzt]

Thank you for your tipp.

I have now a working mellon configuration.

I think the problem was that i used as MellonEndpointPath the path where sympa is redirecting to for authentication.

So after i change MellonEndpointPath to /mellon it starts working.