Transient Federation Fails with Authentication Failed: /fed/idp/samlv20] Authentication request is expired. (Doc ID 1571894.1)

Last updated on SEPTEMBER 21, 2016

Applies to:

Oracle Identity Federation - Version 11.1.1.2.0 to 11.1.1.6.0 [Release 11g]
Information in this document applies to any platform.
Testing Transient Federation with
http://hostsp.example.com:7499/fed/user/testspsso

Fails with Authentication Failed:

IDP Error from OIF diagnostic logs show:

[2013-07-26T13:33:10.534+10:00] [wls_oif1] [WARNING] [FED-18048] [oracle.security.fed.sec.key.select.PKCS12Store] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'] [userIdX1zFw000jzwkno0003GB0005Ke,0:1] [APP: OIF#11.1.1.2.0] [URI: /fed/idp/samlv20] The certificate corresponding to the private key is expired: { fingerprint = fe9e21ee132859e65a61bb4d5f4177ba, notBefore = Thu Maer = Fri Mar 22 18:29:09 EST 2013, holder = CN=apcfmw1.au.oracle.com Signing Certificate, issuer = CN=apcfmw1.au.oracle.com Signing Certificate, serialNo = 1, sigAlgOID = 1.2.840.113549.1.1.4, key = { modulu6320542936769180746164771488381238948093888786374280543974199334950864406258511623095014415994661449042915576322079866617132159300927734247364254139065337419111093125237569497527505099479360219779845004008198000283276807484975134263311551983572179905153, exponent = 65537 }, extensions = {basicConstraintsExtension {oid = 2.5.29.19, critical = true, value = [ CA = true]}, keyUsageExtension {oid = 2.5.29.15, critiIGNATURE, NON REPUDIATION, KEY ENCIPHERMENT, DATA ENCIPHERMENT]}, subjectKeyIDExtension {oid = 2.5.29.14, critical = false, value = 81878a6b26df1a7646bd753005e886a2f774ddda} } }
[2013-07-26T13:33:11.677+10:00] [wls_oif1] [ERROR] [FED-15063] [oracle.security.fed.eventhandler.profiles.utils.CheckUtils] [tid: [ACTIVE].ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning): 004sa7D5X1zFw000jzwkno0003GB0005Ke,0:1] [APP: OIF#11.1.1.2.0] [URI: /fed/idp/samlv20] Authentication request is expired.
[oracle@apcfmw1 logs]$

Symptoms

 testspsso URL fails to login:

http://hostsp.example.com:7499/fed/user/testspsso

IDP Error from OIF diagnostic logs show:

 

Changes

 Transient federation setup.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms