OIF 11gR1 HTTP Session State In Memory Replication Doesn't Work For SAML 1.1 Connections (Doc ID 1546011.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Identity Federation - Version 11.1.1.6.0 and later
Information in this document applies to any platform.

Goal

In the configuration of :
  2 OIF Cluster instances :wls_oif1,wls_oif2 and by using the 3rd party custom authentication with SAML1.1.

OIF do not generate  50%   of the HTTP session
(50% - depend on two node cluster)


There is the workflow :
1) Access the IDP initiated URL
2) Redirected (HTTP 302) to third party Access manager
3) After successful authentication, browser redirected to OIF custom auth engine.
4) Custom auth module validated the token and forwards to OIF URL for SAML generation with authenticated user ID.
5) At this point OIF didn’t generate SAML1.1 or throw any error. The browser was just idle with blank page

With the same architecture, same scenario the issue is not seen when SAML 2.0 is in use.
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms