...
Another cause of looping is the use of the "secure" cookie attribute to limit cookie use to SSL-protected requests, which in the SP can be added with the cookieProps property in the <Sessions><Sessions> element (either manually or by using the setting "https"). This is a common (and highly advisable) change for any site intended to be SSL protected.
...