Shibboleth Developers

[Patrik Schnellmann <>]

Scott Cantor wrote:
>> >> Well, that was all in the shibd.log before the session timeouts were
>> >> logged.
> >
> > Timeouts? That doesn't make much sense. Can you show me one?
Maybe I didn't properly name the records in the shibd.log. I referred to the
following entries:

/---
2007-09-24 17:00:12 INFO Shibboleth.SP.SessionCache [1]: new session created:
SessionID (_a98378afeac3ddfb0c7e31fbef0cb514) IdP
(urn:mace:switch.ch:aaitest:dukono.switch.ch) Address (130.59.102.27)
2007-09-24 17:13:27 INFO XMLTooling.StorageService : purged 4 expired
record(s) from storage
2007-09-24 17:25:21 INFO shibd.Listener [1]: detected socket closure, shutting
down worker thread
2007-09-24 17:28:28 INFO XMLTooling.StorageService : purged 3 expired
record(s) from storage
2007-09-24 18:13:30 INFO XMLTooling.StorageService : purged 3 expired
record(s) from storage
\---

> > That doesn't indicate anything but what I suggested...the cookie never 
> > comes
> > back in, and that's not a timeout.
I should rather call it session expiry, right?

>> >> 2007-09-24 17:00:12 DEBUG Shibboleth.SP.RequestMapper [2892] isapi_shib:
>> >> mapped https://teon.switch.ch:443/aai/ to default
>> >> 2007-09-24 17:00:12 DEBUG Shibboleth.SP.SessionInitiator.WAYF [2892]
>> >> isapi_shib: sending request to WAYF (https://wayf-
>> >> test.switch.ch/aaitest/WAYF)
> > Nothing in between those indicates that the session was non-existent,
> > meaning no cookie.
> >
> > I'd debug the browser traces and see what's happening with the session
> > cookie. If there's a bug, it's in the cookie handling/setting.
Using "HTTP live headers" on Firefox showed that the SP did not set the
cookie. Comparing shibd.log with a working Shib2 SP on Linux, the Windows SP's
shibd.log does not contain "shibd.Listener [2]: dispatching message
(find::Remoted::SessionCache)".

In shibboleth2.xml, there's a line for the "Remoted" SessionCache. Do I have
to change something there?

-- Patrik