IBM Security Verify

 View Only
  • 1.  FBTOIC106E - Invalid StateId, what's the lifetime?

    Posted Fri August 05, 2022 11:36 AM
    Hello Everyone,

    we have ISVA 10.0.2 and a problem with the duration of the State Id, sometimes error FBTOIC106E appears.

    This happens if we take more than 60 seconds to complete a SAML+OIDC federation flow (we sometimes need even more time for various reasons).

    By reading the documentation of the link below


    Tuning runtime application parameters and tracing specifications 

    we set the "Session Invalidation Timeout" to 600 seconds, but the behavior remained unchanged;
    we get error FBTOIC106E if we take more than a minute to complete the authentication flow.

    How can we extend the life of the StateId?

    Thanks

    ------------------------------
    Patrizio
    ------------------------------


  • 2.  RE: FBTOIC106E - Invalid StateId, what's the lifetime?

    Posted Wed August 10, 2022 02:38 AM
    HI

    shouldn't be related to Session Invalidation Timeout , if its happening post 1 minute

     Since its happening every minute,  then its important to know what is the session store in your env to store http session.

    if its In memory, and there is more than one runtime jvm then it needs to be checked whether the request routes to another runtime jvm(when the wait is more than a minute)




    ------------------------------
    Tushar
    Tushar
    ------------------------------



  • 3.  RE: FBTOIC106E - Invalid StateId, what's the lifetime?

    Posted Wed August 10, 2022 11:44 AM
    Hi @Tushar Prasad,

    I need to carry out further checks but I believe you have hit the problem.

    thank you very much


    ------------------------------
    Patrizio
    ------------------------------