We use a SAML session cookie to maintain SAML session state in support of the SAML protocol. Multiple tabs in the one browser instance will share the same cookie. Saved information for one SSO is overwritten by another SSO being initiated. This then results in a protocol exception.
We don't support simultaneous SSO's within the same browser and normally this isn't an issue in real-world scenarios. The limitation means that an SSO shouldn't be initiated until the previous SSO completes.
Regards ComponentSpace Development
|