Windows server: Moodle redirect loops

Windows server: Moodle redirect loops

by leith magon -
Number of replies: 3

Hi all, I'll list my config then describe my issue. It's doing my head in!

Server 2008 R2

IIS 7.5

PHP 5.3.5

MySQL 5.5

wwwroot - http://moodle.domain.com

LDAP Authentication on, SSO on. (works btw)

Forefront TMG Firewall. Web publishing rules for SSL & HTTP (seperate)

SSL Cert installed on IIS

The issue that I have is if you visit my moodle site it is loaded in http. Once you click login it redirects to the secure https logon. After you have logged in the page is STILL https until you click _any_ link on the site.

This has the unfortunate side-effect of dropping all style sheets etc as they are unsecure items.

Also - If I click edit profile I get this message from chrome

The webpage at http://moodle.domain.com/user/editadvanced.php?course=1&id=4 has resulted in too many redirects. Clearing your cookies for this site or allowing third-party cookies may fix the problem. If not, it is possibly a server configuration issue and not a problem with your computer.
This only happens externally. The site works perfectly internally.
Any help HUGELY appreciated. Will even consider paying...
Thanks
Average of ratings: -
In reply to leith magon

Re: Windows server: Moodle redirect loops

by Michael Mulvihill -

We have a similar (but not exactly the same) problem.

Our setup is the same as yours (other than using Microsoft SQL Server 2008 as the database).

If 'Use HTTPS for Login' is selected then http://www.oururl.com login link redirects https://www.oururl.com/login/index.php and users can log in.

The problem is that after logging in the Moodle site stays permenantly in secure mode i.e. https

This appears to be a problem with publishing Moodle on our Forefront TMG Firewall, as accessing the site on a machine that bypasses the Forefront TMG Firewall using a local hosts file solves this problem for this machine.

Hope you have found a solution - I will post here if we find one first.

All the best,

Michael Mulvihill

Average of ratings: -
In reply to Michael Mulvihill

Re: Windows server: Moodle redirect loops

by Michael Mulvihill -

Hi we have found a solution for our situation.

Details can be found here

http://forums.isaserver.org/m_2002059107/mpage_1/key_/tm.htm#2002059107

You need to add link translations for both http and https but point them to thmeselves.

http://yoursite.com  links to http://yoursite.com
and
https://yoursite.com links to https:/yoursite.com

Our site is now correctly switching from http -> https for logins and then back to http after sucessfully loggin in.

Hope htis helps,

Michael

Average of ratings: -
In reply to leith magon

Re: Windows server: Moodle redirect loops

by John Gifford -

I'm getting the same thing with our moodle 2.4.1 site. Internally it's fine, https login works and redirects properly no problem. Externally however the result is a too many redirects. I've tried the translation links, accordingly to the school network manager the links are in place, I can't verify that as I don't have access to the TMG server. But the problem remains. Just in the past couple of days https-ing the whole site cause a name error so it could be a problem with the certificate. We've just switched to a new certificate so it may be part of that is missing, but as I said internally it's all working correctly with he certificate chain correct.

I used Apache 2.4 and mysql 5.6 but I'm going to give IIS 7.5 a try as a test (I tried IIS 7 before now and the slash arguments failed abysmally, so none of the content could be shown, even with rewrite rules in place). If I can get it running on IIS 7.5 then the prospect of SSO is also very tempting, the number of students who claim they can't use moodle is significant (though I don't think they've tried since the upgrade to 2.4.1 last week).

This is particularly important as some of the school's subjects are being pressured to provide homework and Moodle will fill that gap nicely.

Average of ratings: -