random redirect loop with F5 in place

The first redirect is from HTTP (hostname1) to HTTPS (hostname2) to HTTPS (hostname1). Redirect Rewrite option has been turned on and off in the name of testing. Neither option seems to matter.

The only profile applied is the default HTTP profile. It is applied to ALL VIPs.

Here's the entire process without the iRule: Enter URL for app server App server looks for an authenticated session. If not authenticated, app server redirects to single-sign on server. Single-sign on server authenticates and redirects back to app server. (Loop begins) App server immediately redirects session back to SSO server, but since session is authenticated on SSO, SSO redirects back to app server. It remains this way until you refresh the page, then magically, the app server loads a page for the authenticated session.

Thanks for all of your help.