IDP service LockTimeoutException and doesn't work until restart

By: Edgar Woolley user 14 Mar 2022 at 1:37 a.m. CDT

3 Responses
Edgar Woolley gravatar
Hello, Aleatory days (every week, two weeks) our users can't login using SAML IDP integration. All services are up and running: - CASA - OPENDJ - IDP - OXAUTH - IDENTITY But users can't login. The unique way is restarting IDP service: systemctl restart idp Then, all work fine again. We updated to DEBUG mode but not extended information about the issue, only this messages minutes before the IDP service doesn't work as expected: 2022-03-11 10:05:48,839 - 192.168.1.1 - DEBUG [net.shibboleth.idp.session.impl.UpdateSessionWithAuthenticationResult:222] - Profile Action UpdateSessionWithAuthenticationResult: Creating new session for principal edgar 2022-03-11 10:06:11,693 - 192.168.1.1 - ERROR [org.springframework.webflow.conversation.impl.LockTimeoutException:74] - org.springframework.webflow.conversation.impl.LockTimeoutException: Unable to acquire conversation lock after 30 seconds Please, let me know if you need additional information. Thank you Ed.
Gluu 4.2.3 Rhel 7.0
closed

Answers

By Mohib Zico staff 14 Mar 2022 at 2:04 a.m. CDT

Copy
Mohib Zico gravatar
Hi, [This](http://shibboleth.net/pipermail/users/2016-September/031628.html) looks similar issue...

By Edgar Woolley user 15 Mar 2022 at 11:52 a.m. CDT

Copy
Edgar Woolley gravatar
Hi Mohib, I followed your suggested similar issue and review our internal traffic because we have a similar infrastructure (F5 Load Balancer with Gluu and External LDAP authenticator). 1. I can see the first step is right. I mean, I can see traffic for LDAP validation between Gluu and my LDAP Server, and the user can access. 2. In this second step, in the moment when the user should receive the screen for 2FA, this screens not appears and the user can't login and gets screenshot picture link 3. Only restarting IDP service solves the problem. Anymore for investigate from our side you think?
Video or screenshot link

By Mohib Zico staff 28 Mar 2022 at 9:09 a.m. CDT

Copy
Mohib Zico gravatar
I went to download the link but... ``` { message: "failed to fetch skylink: [timed out after 30s; unable to create data source for skylink; failed to download baseSector; unable to download base sector; base sector download did not succeed; project timed out]" } ```

Post an answer