...
Another cause of looping is the use of the "secure" cookie attribute to limit cookie use to SSL-protected requests, which in the SP can be added with the cookieProps
property in the <Sessions>
<Sessions>
element (either manually or by using the setting "https"). This is a common (and highly advisable) change for any site intended to be SSL protected.
...