[Chilli] Infinite redirect loop

Ryan Day ryan.day at cirrusworks.net
Thu Dec 1 05:52:41 UTC 2011 

During the initial authentication period RADIUS delivered a WISPr
redirect. Everything works as expected. However once the session times
out, the next time I try to access a webpage it looks like my uam page
is being replaced with that WISPr redirect page because instead of being
redirected to my UAM login page, I'm redirected to the WISPr login. But
I'm no longer authenticated, so that redirection leads to a loop.


I don't know if that description helps or not...


On 12/01/2011 12:45 AM, David Bird wrote:
> I'm confused.. did radius timeout or did it deliver the WISPr redirection URL? There are some changes in this regard pending in development... generally, a redirect loop means a redirect URL is not in the walled garden (which is bad).
>
> Ryan Day <ryan.day at cirrusworks.net> wrote:
>
>> I've seen a problem with some of my Coova installations where I get an
>> infinite redirect loop, typically after a RADIUS timeout and the user is
>> still making web requests. This happens if there is a WISPr Redirect URL
>> set and the user tries to log back in after the timeout. What seems to
>> be happening is the initial redirect to the UAM page (which is offsite)
>> is being replaced with the previously assigned WISPr Redirect URL. For
>> example when printing out my redirect url in the logs, it looks like:
>>
>> http://my.wispr.redirect.com/?loginurl=http%3a%2f%2my.uam.authentication.com%2fhotspotlogin.php
>>
>> Since my.wispr.redirect.com is not allowed yet in this session(radius
>> timeout has occured and I'm logged out), I am redirected again, and
>> again, and again. I should be redirected to
>> http://my.uam.authentication.com, but it looks like something is getting
>> crossed.
>>
>> I've had this problem across several versions (1.2.2, 1.2.5 and 1.2.8)
>> and I've been working on it with 1.2.8. After some experimentation, I've
>> made a change in redir.c on line ~4035(I've added extra debugging):
>>
>> -    char * base_url = (conn.s_params.flags & REQUIRE_REDIRECT &&
>> -                       conn.s_params.url[0]) ? (char
>> *)conn.s_params.url : redir->homepage;
>> +    char * base_url = redir->homepage;
>>
>>
>> This doesn't cause any redirection issues, and I can't simulate the
>> infinite redirection loop any more. However, I'm not very familiar with
>> the code so I'm not sure if this has any undesirable side effects that I
>> just haven't seen yet.
>>
>> Has anyone else seen this problem? What am I losing by change the
>> conditional when determining the base url?
>> _______________________________________________
>> Chilli mailing list
>> Chilli at coova.org
>> http://lists.coova.org/cgi-bin/mailman/listinfo/chilli

More information about the Chilli mailing list