Hello Everyone, I am running into a issue with my session store. Hope someone can help me.
I have a Federation partnership using a authentication URL which is protected by a persistent realm. Needed this for implementing SLO. I am able to SSO to the federation site from another application that uses persistent realms.
However, when a user logs into a non-persistent realm/application, and then the user logs into our federation partnership which uses persistent realm, request fails to login as the policy server is unable to write the session information to session store while completing SLO transaction. The error is because the authentication URL in federation partnership never kicks in as the existing session(non-persistent) is validated by SPS and Policy server, but Policy Server is not able to complete the transaction as session information can not be stored. It looks like its by design.
Is there a work around? or am I missing some configuraition?
[8019/4055206768][Mon May 08 2017 15:06:14][SmSessionServer.cpp:786][ERROR][sm-Server-06007] failed. Error code : 2
[8019/4055206768][Mon May 08 2017 15:06:14][IsAuthorized.cpp:70][ERROR][sm-Server-02740] SmSessionVariableProvider::SetSessionVariable() - SetVariable Failed for : StateSLO.SP.21-000efdcb-796f-190b-b5ed-90340a98a0fe
[8019/4055206768][Mon May 08 2017 15:06:14][AssertionGenerator.java][ERROR][sm-FedServer-00130] postProcess() returns fatal error. Can not save the SLO information into session stor
Appreciate any insight.