Hi Experts,
We have two applications that are configured in OIF as IDP. Both the applications have different SP. The federation is working fine, but we are facing an issue while idle session timeout.
The idle session time out value at IDP is 120 minutes.
The idle session time out value is also 120 minutes at SP.
The situation is we open a portal and click on the IDP initiated application URL. The SAML response is sent and the application (SP) opens up in a different tab in same browser. Now, we keep the first tab (Portal) active for more than 120 minutes and keep the SP (application) tab idle for more than 120 minutes. On refresh of the SP (application), For One application, we are getting the SSO error even when on refresh of 1st application SAML request and SAML response has same InResponseID. For second application, on refresh the request is not at all comint to IDP to check the session (or no exchange of the SAML)
Does any one has any seen such kind of behaviour for idle session time out for IDP-initiated Web-Federation?
Thank You.
Shivam