Hi All,
We are acting as IDP and we have maxTimeout setting of 6 hrs, and partner SP is having security setting of 2
Request flow: User logs in the system and do navigation on IDP side and then click on SP link to establish SSO with SP.
Issue: user logs in IDP navigate on the website and click on SP link after 3 hours. The SAML generates gives a timestamp of user logged in for the first time:
<ns2:AuthnStatement AuthnInstant="2016-08-24T16:28:23Z" (Time of authentication for the first time)
IssueInstant="2016-08-24T19:41:29Z" (Time when user click on SP link)
Version="2.0"
now because partner is having 2 hrs of security setting, they are considering this request as failed request.
Is there is a way in Siteminder we can send IssueInstant time as AuthnInstant time? This way the generated SAML will not fail on SP side. Or any other suggestion to handle this issue.
Thank you