Redirection looping between SP and IdP after authentication

There are a number possible reasons for this:

• SP is misconfigured such that the SP application doesn't retain its cookie (i.e. could be the effect of improper mod_proxy configuration such that tomcat creates new session on every visit
• SP has been configured to require X number of attributes and the IdP doesn't send the required attributes, while the application "automatically" redirect unauthenticated/error back to SP login
• wrong configuration of apache's ServerName^? + its port + not using UseCanonicalName^?
• misconfiguration of cookieProps in shibboleth.xml, the path must be / , if you're using SSL, make sure the scheme is https and cookieProps contain word secure
• finally, cookie is not properly set on the SP. This could be in shibboleth.xml configuration, apache config, mod_jk or mod_proxy config, load balancing, and even the application end (i.e. tomcat issuing new cookie/session every request as mentioned above)

Elimination is needed to find out which of the component fails. Try:

• deploy reflector application on apache and protects it, to see if it is ok
• deploy reflector application on tomcat and see if it's ok
• access these reflector application from http as well as https