OWA redirect loop on owa/auth/errorFE.aspx?httpCode=404

Follow
    Applies to:
  • SecureAuth Identity Platform
  • Legacy SecureAuth IdP
Deployment model:
  • Cloud
  • Hybrid
  • On Premises
  • Version Affected:  All

    Description:  

    After authenticating through an OWA realm, you encounter an error page that lands on FQDN/owa/auth/errorFE.aspx?httpCode=404 with the following:

     

    This page isn’t working. [FQDN] has redirected you too many times.
    Try clearing your cookies.
    ERR_TOO_MANY_REDIRECTS

     

    After clearing your cookies, authenticating into the realm works but any subsequent attempts will cause the error page to return.

     

     

    Cause:  

    If you run a SAML or Network trace via Dev Tools, check to see if the Request URL contains a trailing slash. You may see that the initial URL does not, whereas the redirect URL does indeed have a trailing slash.

     

     

    Resolution:  

    You will need to add a trailing slash per the following:

    1. Download and install URL Rewrite for IIS

    2. Open IIS, browse to Default Web Site, and select URL Rewrite

    3. Click Add Rule(s) under Actions

    4. Set the Name to Trailing Slash Fix

    5. Select Matches the Pattern from the Requested URL dropdown

    6. Set the Pattern to (.*[^/])$

    7. Expand the Conditions section

    8. Select Match Any from the Logical Grouping dropdown

    9. Click Add to include Condition 1

     Condition 1 Configuration Steps

    14. Click Add to include Condition 2

    NOTE: In some environments Condition 2 should not be used if it causes "too many redirects".

     Condition 2 Configuration Steps

    19. Expand the Action section

    20. Select Redirect from the Action Type dropdown

    21. Set the Redirect URL to {R:1}/

    22. Select Permanent (301) from the Redirect Type dropdown

    23. Click Apply in the upper right-hand corner, under Actions

    https://docs.classic.secureauth.com/pages/viewpage.action?pageId=44832465#expand-URLRewritesOptional

     

    SecureAuth Knowledge Base Articles provide information based on specific use cases and may not apply to all appliances or configurations. Be advised that these instructions could cause harm to the environment if not followed correctly or if they do not apply to the current use case.

    Customers are responsible for their own due diligence prior to utilizing this information and agree that SecureAuth is not liable for any issues caused by misconfiguration directly or indirectly related to SecureAuth products.

    0 out of 0 found this helpful

    Comments

    0 comments

    Please sign in to leave a comment.