SP load balancing - recreating session error

Cantor, Scott cantor.2 at osu.edu
Wed Nov 30 15:04:25 GMT 2011

On 11/30/11 3:55 AM, "Tomas Sapak" <sapakt at ics.muni.cz> wrote:
>When SA goes back online, accessing shibboleth protected address leads
>to an error of "isapi_shib_extension: remoted message returned an error:
>Attempted to insert duplicate storage key.". My guess is that the
>following happens:

Your guess isn't correct. That error comes from bugs in the relay state
mechanism that are fixed for the next release.

>- therefore I'm transferred to IdP, credentials already provided, so I'm
>immediately transferred back to SA where shibd tries to save session
>which is already saved -> exception

It couldn't save a session that's "already" saved, it would be a new
session. That part is certainly true, but it doesn't cause an error.

>Are my assumptions right? I understand that the solution is hidden here
>but this would be the most extreme solution. Is there a way that this
>issue could be addressed directly in the Shibboleth SP package? Some
>config setting or just a small fix in shibd?

That page is about preventing the creation of new sessions on each server,
it has nothing to do with your bug.

-- Scott

More information about the users mailing list