Occasional NoSuchFlowExecutionException errors on IdP with Safari after longer inactivity
Cantor, Scott
cantor.2 at osu.edu
Tue May 22 10:21:56 EDT 2018
> The browser is redirected to the WebFlow URL with conversation id "e1s1".
> In the subsequent HTTP request, Safari seems to send another outdated
> JESESSIONID value, although it should send
> "DF4B324B1CDFD657D0EEE308599EBFCE". It seems to me that it didn't update
> the JSESSIONID cookie, but used one of several older values it knew.
That would certainly break it. Can't get much more fundamentally broken than that.
> Which could be the problem here? May it be related to Safari, Apache, Tomcat,
> Spring WebFlow or the IdP?
Presumably a browser bug unless the new cookie doesn't match the full specification of the old one in regard to path, domain, etc. If you only see it with Safari, and if it superficially seems to be failing to update the cookie, that's pretty definitive. Safari has a long history of bugs of all kinds when it comes to the kinds of interactions involved with SSO systems, so this is not surprising.
-- Scott
More information about the users
mailing list