I have a customer that uses ADFS to connect to my SAML server. Everything was working fine for months and then the customer told me they were getting signing errors. I had them re-load my metadata and I re-loaded theirs.
The signing issue went away but now when the customer uses the SP initiated link, they get challenged for creds and then end up in a loop bouncing between URLs on their side that look like this in a trace:
17 302HTTPS adfs.customerdomain.com/adfs/ls/auth/integrated/?SAMLRequest=<request here>
18 302HTTPSadfs.customerdomain.com/adfs/ls/?SAMLRequest=<request here>
Now, once the browser terminates the request attempt because of the loop, they can then hit the SP initiated link, and since they have already been challenged for creds, the system logs them right into my site with no isses.
Can anyone offer some advice as to what to look at to resolve this issue?
Thanks!