Optional Add-On Connector that provides your organization with the ability to use a third-party identity provider (such as ADFS, Ping, or other SAML 2.0 compliant providers) for a single sign-on authentication into your Contract Insight application.
SINGLE SIGN-ON (SSO) AUTHENTICATION
RESOLUTIONS
RESOLUTION: Redirect Loop During IDP-Initiated Logins
Reference #: 251212.360.18872
Some clients experienced an issue where opening CobbleStone in one browser and then in a second browser causing an endless redirect loop between two addresses. This occurred with IDP-initiated logins when the Single Sign-On (SSO) module attempted to validate cookies immediately after a successful login, resulting in repeated redirects.
We’ve implemented changes to prevent the SSO module from performing endless redirects:
- Removed the immediate cookie validation after login, leaving this step to the website. If validation fails, users will be redirected to the log out page, where they can click Login to reauthenticate.
- Updated the redirect process to ensure the full page loads before executing the redirect, improving stability.
- Enhanced log out to validate URLs before using them as navigation links, preventing confusion when returning to dashboards after login.
These updates stop the redirect loop and provide a more reliable login experience for users with IDP authentication, reducing frustration and improving system stability.