Invalid Session Participant

Question

Invalid Session Participant

jstephens7 opened this issue 6 years ago · 7 comments

The documentation provides us with what a session participant object should look like but does not provide information for when or where to store/create session participants.
This may just be my misunderstanding but could some documentation regarding how and when to create session participants be provided?

Answer 1 · 2018-08-06T15:07:13.000Z

I would think that this would be created internally upon a successful saml response creation, as it has all the information necessary then. Is there any reason session participants aren't created automatically?

Also, it appears session participants need to be instances of SessionParticipants prototype y'all have internally, but it's not exposed and I don't see any way to add to the list of session participants.

Answer 2 · 2018-08-06T17:24:52.000Z

Accidentally closed, apologies.

Answer 3 · 2018-08-07T13:44:33.000Z

Also, in considering how this apparently expects you to store the session participants externally, but removes some internally, how are we to know which session participants should still exist externally after they are removed?

Answer 4 · 2018-09-07T18:01:01.000Z

I'm also having issues with this. I have come to find out that the sessionParticipants object does not need to be an instance of that SessionParticipants prototype, but it does need to have the same signature. It's still not clear how the session stuff works from a SAML point of view (new to SAML), but I'm guessing that the session needs to be initialized on login? Again, I'm new to this, so I'm just reading through the code to figure out how it all works.

Answer 5 · 2018-09-09T12:44:01.000Z

Hey @ksmithut, I just saw your reply. I found out how to use this properly after viewing another npm which uses this one. Here is the main source file you need to look through: https://github.com/mcguinness/saml-idp/blob/master/app.js
I decided to store our session participants in mongo so I made our sessionId the object id from in mongo. I didn't realize at first glance we could just pull out the session participant object internally from this npm, but that's what we ended up doing. I can try to help if you have any more questions.

Answer 6 · 2018-09-11T12:18:59.000Z

Thanks :) That was super helpful. Going through this now and implementing it. Thanks!

Answer 7 · 2019-07-31T12:10:57.000Z

the implement

options.sessionParticipants.get(requestData.issuer, requestData.sessionIndex, requestData.nameId, function (err, session) {
  if (err) { return next(err); }
  if (!session && !options.destination) { return next(new Error('Invalid Session Participant')); }
// ...

In my case, i have no other participants,but this code assumes that there must be other participants