Shibboleth SP appears to delete session immediately after creation

Simon Rees srees at highwirepress.com
Fri Jul 17 16:43:45 UTC 2020 

Hello

I'm investigating a problem with the Shibboleth SP v 3.0.4 where it 
appears to be deleting sessions immediately after they have been 
created. The relevant log messages are:

2020-07-17 15:05:49 DEBUG Shibboleth.SessionCache [6] [default]: 
creating new session
2020-07-17 15:05:49 DEBUG Shibboleth.SessionCache [6] [default]: storing 
new session...
2020-07-17 15:05:49 DEBUG XMLTooling.StorageService [6] [default]: 
inserted record (session) in context (_fdb55f30497ae4c6755ed809901bee38) 
with expiration (1595001949)
2020-07-17 15:05:49 DEBUG XMLTooling.StorageService [6] [default]: 
inserted record 
(AAdzZWNyZXQxeV5UlB81IFVUC48hFlj2D75exOMiQ96bAGF0MSBIYQf/23cS7eRriwTSIJwDL07FHJu5iInx9hULjaY0klNMFLXfsKy+YYMWVwuo5paLg9QzSk62yK9YeeGUtIwlSJdLpXXFn1wHl8hwkhEvl4AG) 
in context (NameID) with expiration (1595027149)
2020-07-17 15:05:49 DEBUG XMLTooling.StorageService [6] [default]: 
inserted record (_82440c98070175c4421cf403d26f89ec) in context 
(_fdb55f30497ae4c6755ed809901bee38) with expiration (1595001949)
2020-07-17 15:05:49 INFO Shibboleth.SessionCache [6] [default]: new 
session created: ID (_fdb55f30497ae4c6755ed809901bee38) IdP 
(https://idp2.test.semantico.net/idp/shibboleth) 
Protocol(urn:oasis:names:tc:SAML:2.0:protocol) Address (10.0.0.117)
2020-07-17 15:05:49 DEBUG XMLTooling.StorageService [6] [default]: 
deleted record 
(b92eeffdb1274e804eb2cbcf1240211c30594304bd3b5a9d4ea7223b1ef7dee3) in 
context (RelayState)
2020-07-17 15:05:49 DEBUG XMLTooling.StorageService [1] [default]: 
updated expiration of valid records in context 
(_fdb55f30497ae4c6755ed809901bee38) to (1595001949)
2020-07-17 15:05:49 INFO Shibboleth.SessionCache [1] [default]: removed 
session (_fdb55f30497ae4c6755ed809901bee38)

The Session config element is:

<Sessions lifetime="28800" timeout="3600" relayState="ss:mem"
                   checkAddress="false" handlerSSL="false" 
cookieProps="https">

The problem does not occur on all requests.

Does anyone have any thoughts about what might be causing this problem?

cheers, Simon Rees

More information about the users mailing list