What does the error “redirect loop detected” / “omdirigeringsløkke oppdaget” mean?

The Feide login system shows this error if a user has been sent back and forth between the service they are logging into and the Feide login system many times in a short period of time.

After several round back and forth in a few seconds, Feide will display the “redirect loop detected” error message.

To troubleshoot this error, you need to investigate why the service is sending the user back to Feide for authentication just after receiving a authentication response from Feide. The authentication response received from Feide will not change in any meaningful way once the user is logged in, so there is no reason to send the user back.

Some suggestions:

  • Check if there is some problems with cookies or domain names on the service which causes the service to fail to create a session for the user when it receives the authentication response. It may be useful to look at the HTTP requests using the developer tools in your web browser. Check if there are any signs that the service sets cookies in one HTTP response that it does not receive in a later HTTP request.
  • Check the service logs to see if the service is rejecting the authentication response. This may have several causes, e.g.:
    • The user is not allowed access to the system.
    • The user is missing an attribute the service requires.

Basically, what is going on is:

  1. The user accesses the service.
  2. The service sends the user to the Feide login system for authentication.
  3. The user logs in using their username and password.
  4. Feide sends an authentication response to the service.
  5. The service sends the user to Feide for authentication.
  6. Feide sends an authentication response to the service. (The user is already authenticated here, so they are not asked for their username and password.)
  7. The service sends the user to Feide for authentication.
  8. Feide sends an authentication response to the service.
  9. The service sends the user to Feide for authentication.
  10. Feide sends an authentication response to the service.
  11. […]