Hi all, we are attempting to use session recovery across SP nodes without success and having a hard time finding any related info. Here is what we have in the shibboleth2.xml file related to this:
<DataSealer type="Static" key="KohVO7WQkf3I0w3ROCurjA==" />
<SessionCache type="StorageService" persistedAttributes="HTTP_EUA" />
And this is what we see in the SP logs on the node that did NOT create the session:
sp-native 2021-01-05 17:06:50 DEBUG Shibboleth.SessionCache [38] shib_check_user [default]: searching local cache for session (_b2ad5fbb9a887cda667e93cc6b2b1612)
sp-native 2021-01-05 17:06:50 DEBUG Shibboleth.SessionCache [38] shib_check_user [default]: session not found locally, remoting the search
sp-native 2021-01-05 17:06:50 DEBUG Shibboleth.Listener [38] shib_check_user [default]: sending message (find::StorageService::SessionCache)
sp-native 2021-01-05 17:06:50 DEBUG Shibboleth.Listener [38] shib_check_user [default]: send completed, reading response message
sp-native 2021-01-05 17:06:50 DEBUG Shibboleth.SessionCache [38] shib_check_user [default]: session not found in remote cache
sp-native 2021-01-05 17:06:50 DEBUG Shibboleth.SessionInitiator.SAML2 [38] shib_check_user [default]: attempting to initiate session using SAML 2.0 with provider (http://www.okta.com/exk4rynlzm0QpuLKZ297)
sp-native 2021-01-05 17:06:50 DEBUG Shibboleth.Listener [38] shib_check_user [default]: sending message (default/Login::run::SAML2SI)
sp-native 2021-01-05 17:06:50 DEBUG Shibboleth.Listener [38] shib_check_user [default]: send completed, reading response message
sp-native 2021-01-05 17:06:50 DEBUG XMLTooling.ParserPool : asked to resolve classpath:/schema/shibboleth-2.0-afp.xsd with baseURI /usr/share/xml/shibboleth/shibboleth-2.0-afp-mf-basic.xsd
Any pointers or help would be much appreciated. Generally all we need in the headers is the HTTP_EUA attribute at this point. And I am not sure if there is supposed to be another cookie (session recovery) but if so, it does not seem to
be created.
Cheers,
Tony Wise
Solution Architect
PMP, CSM, AWS Certified Cloud Practitioner
CGI Federal
12601 Fairlakes Circle Fairfax, VA 22033
Tel 703.227.7287 | Cell 703.851.6963
[hidden email] |
http://www.cgi.com
CONFIDENTIALITY NOTICE: Proprietary/Confidential Information belonging to CGI Group Inc. and its affiliates may be contained in this message. If you are not a recipient indicated
or intended in this message (or responsible for delivery of this message to such person), or you think for any reason that this message may have been addressed to you in error, you may not use or copy or deliver this message to anyone else. In such case, you
should destroy this message and are asked to notify the sender by reply email.
Please consider the environment before printing this email or its attachments.
Proprietary/confidential information belonging to CGI Federal Inc. or its affiliates may be contained in this message. If you are not a recipient indicated or intended in this message (or responsible for the delivery of this message to such person), or if you
think for any reason that this message may have been addressed to you in error, you may not use or copy or deliver this message to anyone else. In such case, you should destroy this message and are asked to notify the sender by reply email.
--
For Consortium Member technical support, see
https://wiki.shibboleth.net/confluence/x/coFAAgTo unsubscribe from this list send an email to
[hidden email]
Locked
