you cannot mix the WebAssist SecurityAssist behaviors and the DW Authenticate user behaviors, this will not work
you can create user levels in Security Assist by editing the Authenticate user server behavior on the login page. On the Session tab, add the user level column to the list of columns to be saved to sessions when the user logs in, then in the Access Rules manager, you can create access rules based on the user level session.
the redirect loop is happening because you are setting one page to redirect to another that has access rules applied to it, that access rule is sending to another protected page, and another, etc..