Previous Topic: Updated Session Index Causes Single Logout to Fail (123496)Next Topic: Problem with Forced Authentication When User Identity Changes (125553)

Release NotesFederation Security Services Release NotesFixes in r12 SP3SessionNotOnOrAfter Parameter Could Not Be Modified (128759,109961)

SessionNotOnOrAfter Parameter Could Not Be Modified (128759,109961)

Symptom:

When the SiteMinder IdP generates an assertion, it included a parameter named SessionNotOnOrAfter in the Authentication statement of the assertion. This parameter was set to the assertion validity duration by default and it could not be customized or omitted from the assertion.

Solution:

The SessionNotOnOrAfter parameter can now be customized or left out of the assertion by configuring the SP Session Validity Duration setting in the FSS Administrative UI. The Federation Security Services Guide has detailed instructions.

STAR Issue: 19635319