pdata not cleaned cause infinite redirect to header protected application
I have read a lot of issues about pdata here and did not find exactly the same behaviour, so I publish the issue. Sorry in advance if this is actually a duplicate... The closer I found was: #1778 (closed)
Concerned version
Version: %2.0.6
Platform: Apache
Summary
pdata not cleaned cause infinite redirect to header protected application.
Here is the workflow:
- access to a resource in header-protected application (the resource may not be present -> 404, or prohibited -> 403, or other... I am asking details about this point)
- redirection to portal happens with the initial URL stored in pdata cookie
- don't log in in the portal. Instead, load the main portal page: auth.example.com
- log into auth.example.com page
- redirection happens to initial resource
- future accesses to auth.example.com cause systematic redirection to initial resource, so it is impossible to access the portal page. (for example for disconnecting from portal)
For the moment, I can't reproduce this use case because I don't have the precise error at step 1. I'll give more details shortly.
Backends used
- authentication, userDB: LDAP
- configuration, session storage: file