-
1. Re: Issue with picketlink IDP in jboss eap 6.1.0 clustered environment
pradhap1125 Mar 14, 2017 1:13 AM (in response to pradhap1125)1 of 1 people found this helpfulDear All,
I found the issue,I forgot the add the following line "<sso cache-container="web" cache-name="sso" domain="example.com" reauthenticate="false"/>" in virtual server tag of domain.xml of jboss (you need to make the same change in standalone.xml if you are going in standalone mode) and now everything is working fine. If anyone have any queries please post it to me.
-
2. Re: Issue with picketlink IDP in jboss eap 6.1.0 clustered environment
oliviersaniez Mar 14, 2017 8:46 AM (in response to pradhap1125)Thanks for sharing this solution, I had the same problem
-
3. Re: Issue with picketlink IDP in jboss eap 6.1.0 clustered environment
pradhap1125 Mar 17, 2017 1:06 AM (in response to oliviersaniez)Hello Oliver,
By making the configuration change mentioned above the issue will get resolved but there is a problem with authentication cache of server. I found that when user clicks global logout from any of the SP, it will send a logout request to IDP and IDP will invalidate its session and authentication cache of server got cleared ,this is working fine as expected, but when session in IDP got time out ,authentication cache is not getting cleared and when an SP is requesting for a valid token IDP creates a new session and uses authentication cache stored in server and in turn redirects user to homepage of SP instead of login page of IDP.
Please check this condition by making session of IDP to get timed out and check whether it is redirecting to login page or not.
I'm trying to find a solution for this issue and do let me know if you can help me with this.