No session cookies created for OIDC

Wessel, Keith kwessel at
Fri Nov 1 17:32:13 EDT 2019

Hi, all,

One of our developers on campus pointed out to me this afternoon that our IdP isn't generating the shib_idp_session or shib_idp_session_ss cookies for OIDC sessions. It's honoring them if they already exist from a SAML-based authentication, but it's not creating them. End result: single sign-on works if you access a SAML-based service before an OIDC-based one, but not the other way around.

I've been looking at settings for these profiles to try and figure out what might be causing this, but I can't find anything obvious. Anyone have any clues for me?


More information about the users mailing list