SPs work and then they don't - Web Login Service - Stale Request

Jason B. Rappaport jasonrap at princeton.edu
Fri Jul 9 17:23:41 UTC 2021


Good afternoon.  I am working on configuring two Shibboleth IDP 4.1.2 hosts
behind a AWS ALB, their configuration is controlled via an Azure DevOps
pipeline.  We are using the Shib-cas-authn plugin to defer authentication to
CAS.  

 

When I restart the IDPs, authentication (CAS) and attribute resolution
(Shibboleth IDP) works great.  A few minutes later, in the same web browser
it stops working.  If I close the web browser and open it back up again, it
also fails immediately.  

 

Here is a snippet of the logs when it worked and then 9 seconds later when
it failed:

 

2021-07-09 10:26:16,461 - 10.21.0.37 - INFO [Shibboleth-Audit.SSO:283] -
10.21.0.37|2021-07-09T14:26:09.896165100Z|2021-07-09T14:26:16.461130700Z|tes
taccount|https://testservice/saml/metadata|_bbc
<https://testservice/saml/metadata|_bbc..|password|2021-07-09T14:24:37.583Z|
universityid,eduPersonPrimaryAffiliation,eduPersonPrincipalName,eduPersonSco
pedAffiliation,eduPersonAffiliation,surname|A...|transient|true|true|AES128-
GCM|Redirect|POST||Success||1fe670e15...>
..|password|2021-07-09T14:24:37.583Z|universityid,eduPersonPrimaryAffiliatio
n,eduPersonPrincipalName,eduPersonScopedAffiliation,eduPersonAffiliation,sur
name|A...|transient|true|true|AES128-GCM|Redirect|POST||Success||1fe670e15..
. (Windows NT 10.0; Win64; x64; rv:89.0) Gecko/20100101
Firefox/89.0|10.21.0.37
2021-07-09 10:26:25,025 - 10.21.0.37 - ERROR
[org.springframework.webflow.execution.repository.NoSuchFlowExecutionExcepti
on:91] -
org.springframework.webflow.execution.repository.NoSuchFlowExecutionExceptio
n: No flow execution could be found with key 'e1s1' -- perhaps this
executing flow has ended or expired? This could happen if your users are
relying on browser history (typically via the back button) that references
ended flows.
at
org.springframework.webflow.execution.repository.support.AbstractFlowExecuti
onRepository.getConversation(AbstractFlowExecutionRepository.java:172)
Caused by:
org.springframework.webflow.conversation.NoSuchConversationException: No
conversation could be found with id '1' -- perhaps this conversation has
ended?
at
org.springframework.webflow.conversation.impl.ConversationContainer.getConve
rsation(ConversationContainer.java:126)

 

Within the UI I get a Web Login Service - Stale Request.  

 

When it stops working, both SPs no longer work.  

 

Any suggestions?

 

Thanks, Jay 

 

________________________________

Jason Rappaport (he/him)

Identity and Access Management Analyst

Office of Information Technology

Email:   <mailto:jasonrap at princeton.edu> jasonrap at princeton.edu 

Office:  609-258-8464

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://shibboleth.net/pipermail/users/attachments/20210709/9376a5ae/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6666 bytes
Desc: not available
URL: <http://shibboleth.net/pipermail/users/attachments/20210709/9376a5ae/attachment.p7s>


More information about the users mailing list