Federation SP initiated Failure due to SPID cookie being truncated

Document ID : KB000030069
Last Modified Date : 14/02/2018
Show Technical Document Details

Federation SP initiated transaction is failing due to SPID cookie being truncated. Some TOMCAT parameters need to be adjusted.

In the FWSTrace.log you will see:

[02/18/2015][07:26:58][1852][7368][ee1eae65-2c9be558-c441c824-e7b1b15a-dd6fbb87-c0][SSO.java][getSavedRequestDataUsingGuid][Found cookie:GUID in the request.]
[02/18/2015][07:26:58][1852][7368][ee1eae65-2c9be558-c441c824-e7b1b15a-dd6fbb87-c0][SSO.java][getSavedRequestDataUsingGuid][Cookie contents: 1]
[02/18/2015][07:26:58][1852][7368][ee1eae65-2c9be558-c441c824-e7b1b15a-dd6fbb87-c0][SSO.java][getSavedRequestDataUsingGuid][guid cookie present, but no guid in it.]

Checking the Fiddler traces associated we can see that the cookie GUID is truncated.

If you are using TOMCAT 7.0/6.0 you may want to check the following properties and see if it solves the problem.

org.apache.catalina.STRICT_SERVLET_COMPLIANCE=true
org.apache.tomcat.util.http.ServerCookie.ALLOW_EQUALS_IN_VALUE=true
org.apache.tomcat.util.http.ServerCookie.ALLOW_HTTP_SEPARATORS_IN_V0=true

References:

https://tomcat.apache.org/tomcat-6.0-doc/config/systemprops.html

https://tomcat.apache.org/tomcat-7.0-doc/config/systemprops.html

Ā