No session cookies created for OIDC
kwessel at illinois.edu
Fri Nov 1 17:32:13 EDT 2019
One of our developers on campus pointed out to me this afternoon that our IdP isn't generating the shib_idp_session or shib_idp_session_ss cookies for OIDC sessions. It's honoring them if they already exist from a SAML-based authentication, but it's not creating them. End result: single sign-on works if you access a SAML-based service before an OIDC-based one, but not the other way around.
I've been looking at settings for these profiles to try and figure out what might be causing this, but I can't find anything obvious. Anyone have any clues for me?
More information about the users