HI
shouldn't be related to Session Invalidation Timeout , if its happening post 1 minute
Since its happening every minute, then its important to know what is the session store in your env to store http session.
if its In memory, and there is more than one runtime jvm then it needs to be checked whether the request routes to another runtime jvm(when the wait is more than a minute)
------------------------------
Tushar
Tushar
------------------------------
Original Message:
Sent: Fri August 05, 2022 11:36 AM
From: Patrizio
Subject: FBTOIC106E - Invalid StateId, what's the lifetime?
Hello Everyone,
we have ISVA 10.0.2 and a problem with the duration of the State Id, sometimes error FBTOIC106E appears.
This happens if we take more than 60 seconds to complete a SAML+OIDC federation flow (we sometimes need even more time for various reasons).
By reading the documentation of the link below
Tuning runtime application parameters and tracing specifications
we set the "Session Invalidation Timeout" to 600 seconds, but the behavior remained unchanged;
we get error FBTOIC106E if we take more than a minute to complete the authentication flow.
How can we extend the life of the StateId?
Thanks
------------------------------
Patrizio
------------------------------