Skip to main content
Mitratech Success Center

Client Support Center

Need help? Click a product group below to select your application and get access to knowledge articles, webinars, training content, and release notes or to contact our support team.

Authorized users - log in to create a ticket, view tickets status and check your success plan details.

 

TC How to stop looping in SSO

When users attempt to log into TeamConnect Application via SSO, they may encounter an infinite loop.  This is typically caused by the users not having an active user in TeamConnect.  This article shows how an administrator can address the infinite loop and warn users of the reason they cannot access TeamConnect.

Goal

Issue:  When authenticating into application, SSO instead loops infinitely.  Browser will throw an error indicating there is an infinite redirect loop occurring.

Cause: Loop occurs when a user does not have an active TeamConnect user account. 

Remediation: Naturally, the root cause must be addressed and user should be given an active user account.  The steps provided in this article will prevent the infinite loop from occurring and instead will provide a warning for the user.

Pre-Requisites

Administrator user who is familiar with the SAML implementation and files. The administrator is aware of the location of the BadCredential.htm file in their directory structure or should be able to locate it via a search on Documents object.  Lastly, the administrator needs a basic understanding of html and adding JavaScript to such files

First Step

Stopping SSO on the same domain

  1. Edit BadCredential.htm file
  2. Include the code block noted below in the file.
  3. Update code block specifics to match your organization's details.

<!-- Do not include <head> or <body> tags in this file. Content of this file is automatically included within a <body> element. -->
<SCRIPT LANGUAGE="JavaScript">
<!--
if (document.cookie.indexOf("CookieName=")>= 0) {
// They've been here before.
alert("Warning message Please note that you have been denied access to TeamConnect, because you do not have an active TeamConnect user account. Please contact  <Internal Helpdesk Email>");
}
 else {
 //set a new cookie
  document.cookie = 'CookieName=yes; Max-Age=20';
 //alert("this is your first time");
 window.location.href = "https://xxxxx.com:3200/saml/saml/login";
}
-->
</SCRIPT>
Please note that you have been denied access to TeamConnect, because you do not have an active TeamConnect user account. Please contact TC.LegalQueries@sc.com

Second Step

Stopping SSO on a different domain

  1. Edit BadCredential.htm file
  2. Include the code block noted below in the file.
  3. Update code block specifics to match your organization's details.

<!-- Do not include <head> or <body> tags in this file. Content of this file is automatically included within a <body> element. -->
<SCRIPT LANGUAGE="JavaScript">
<!--
if (document.cookie.indexOf("SCB=yes")>=0) {
// They've been here before.
 // alert(document.cookie);
 alert("Warning message Please note that you have been denied access to TeamConnect, because you do not have an active TeamConnect user account. Please contact  <Internal Helpdesk Email>");

window.location.href = "https://ssnss.net/welcome";

}
 else {
 //set a new cookie
  document.cookie = 'SCB=yes';
 //alert("this is your first time");
 window.location.href = "https://xxxxx.com:3200/saml/saml/login";
}
-->
</SCRIPT>

  • Was this article helpful?