federation Single Logout Failing with ACS_FAILED_PROCESS_FAILURE

Document ID : KB000077015
Last Modified Date : 11/04/2018
Show Technical Document Details
We are setting-up a SAML 2.0 federation Partnership with an external IdP where CA SSO is acting as the SP. 

While configuring Single Logout, when we select SLO Binding (HTTP-Redirect and/or HTTP-Post) and activate the partnership, the authentication is broken and we get the below error:

The affwebservice.log shows a ACS_FAILED_PROCESS_FAILURE 
5912/3076][Thu Sep 07 2017 08:16:05][FWSBase.java][ERROR][sm-FedClient-00360] SAML Assertion based user authentication failed. () 
[5912/3076][Thu Sep 07 2017 08:16:05][AssertionConsumer.java][ERROR][sm-FedClient-02890] Transaction with ID: be5b4d91-557c5060-f01125a6-75de8b42-445cf089-1 failed. 


How can we resolve this?
CA SSO Version r12.52 SP2 CR01 on Windows 2012 R2 
CA Access Gateway r12.52-sp01-cr06 on Windows 2012 R2 
This issue has been fixed in Policy Server 12.52 SP1 CR9