Users are being returned to the login page repeatedly, despite entering credentials which are known to be valid otherwise.

There are two main reasons why this might happen:

1. The user is authenticating, but is not listed correctly via the policy to be authorized for the target resource.

2. The SiteMinder authentication scheme being used, is hosted in a different cookie domain than the target application, and a cookie provider is not in use.

SiteMinder version: any

Review the SiteMinder policy to assure the user is configured to be authorized, and verify the authentication scheme utilizes a login page within the same cookie domain.