Thank You Venga Venga
Since you have persistent session enabled (on Partnership), it means there is a Session Store and there is a SessionID (SMSession) which also gets stored in Session Store. Hence on an event where the SMSession is invalidate (i.e. via Timeouts or Logout); there are 2 places where the Session needs to be invalidated. One is the SMSession Cookie on the Browser, the other is the SMSession references stored in Session Store. The Policy Server is the only authority who has the onus of updation (refresh / reset / invalidate / logout) of SMSession in Session Store. Therefore SPS has to send the request to Policy Server for Session Validation, if Persistent Sessions is enabled.
As such I feel the message that you are seeing is a valid message i.e. "SMSession Cookie has been idled out, Persistent Session will be validated by Policy Server". I have a lurking suspicion that the SPS code may be running into a loop here, hence getting stuck. SPS is seeing 2 actions to be honored i.e. (a) Send Session to Policy Server (b) Issue a redirect to IdleTimeout URL defined as per ACO; may be it is unable to decipher which one to honor first.
Test - 1 :
Now I would suggest for testing purposes (if possible unless this is production, nevertheless you should have an UAT / Dev Env) disable the ACO Parameter. Then test the journey.
Test - 2 :
Disable Persistant Session. Enable ACO Parameter.
These 2 Tests would suggest if both setting work independent of each other; however when applied mutually, they are disjoint (They don't function together). You should be in a good position to raise a Support Ticket here, in time.
Regards
Hubert