After upgrading from v1.16 to version v1.17 we have trouble with redirect loop when access to user role from scp role in same browser. We use kerberos auth over active directory domain with SSO. We use plugins LDAP Authentication and HTTP Passthru Authentication. In version before 1.17 there was not problem. After upgrade to version 1.17 we have to delete cookies in browser for issue resolve and switch to user role from scp role in same browser.
Please is there any solution without redirect loop and cookies deletion in new version?

Thank You very much.
Best regards, Ales

Please help us to help you by reading and following the posting guidelines located in this thread: Please read before requesting assistance. The more information you give us the better we will be able to assist you. Thank you.

Environment details? (if you can then see Admin panel -> Dashboard -> Information)

5 days later

Hello.

It seems that another configuration of OSTSESSID cookie can make better this trouble. Before two days I edited file bootstrap.php and I changed value of constant SESSION_TTL from one day to 30 minutes:

//define('SESSION_TTL', 86400);
define('SESSION_TTL', 1800);

From this time I am not ability to simulate this trouble.

Trouble is not caused by role switching from scp to user. Users report the trouble even if they are not using scp role (only user role).

I hope that this helps.

Thank You and best regards.

Write a Reply...