When using statless firewall the application goes into infinte loop after sucessfull authentication.
The symptoms are similar to what is described here: https://github.com/lightSAML/SpBundle/issues/35
The loop looks like this:
GET lightsaml_sp.discovery
GET lightsaml_sp.login
POST lightsaml_sp.login_check
GET /some/route/needs/auth/ => An AuthenticationException was thrown; redirecting to authentication entry point. A Token was not found in the TokenStorage
I understand that the bundle is probably using the user session, to store the token, when SAML authentication response is received. User is then redirected to some default page, and the firewall finds the token in the storage.
What we would need is a way that would force Symfony the set the authentication cookie (phpsession) while redirecting to the default page.
Would there be a configuration option for LightSaml bundle?
When using statless firewall the application goes into infinte loop after sucessfull authentication. The symptoms are similar to what is described here: https://github.com/lightSAML/SpBundle/issues/35
The loop looks like this:
Our configuration looks like this:
I understand that the bundle is probably using the user session, to store the token, when SAML authentication response is received. User is then redirected to some default page, and the firewall finds the token in the storage.
What we would need is a way that would force Symfony the set the authentication cookie (phpsession) while redirecting to the default page.
Would there be a configuration option for LightSaml bundle?