Below is the article which is use case for us
Knowledge - ForgeRock BackStage.
from the KB can you please help us how we can implement the below part.
Timeout: Use the IdP initiated SSO to avoid the problem altogether as you cannot increase the cache indefinitely to capture all these instances. Alternatively you can write a custom IdP Adapter that would catch this scenario and, instead of returning an assertion, would interrupt the federation flow and redirect the user to a custom page. The custom page would explain there was an error, ask the user to try to log in again, and provide the link to the spSSOInit.jsp URL as shown in the first bullet.
For an example of IDP adapter script I recommend you to read this blog note 6 Steps to customise your SAML Flow with ForgeRock as Identity Provider | by Stéphane Orluc | Medium
It’ll give you a real life example how and when to use IDP Adapter script.
Hope it helps,
@stephane.orluc ,can you please give some guidance on the function preSendFailureResponse() .
Our use case is as below
Currently we are using AM as IDP and xyz app as SP.We have done a SAML federation between them. When the xyz app launch application page xyz.abc.com --the page will be redirect to FR AUth journey page with the saml fedrated login.If the user doesnt login for about 15 mins the page,it will give an error server error unexpected error due to login. Can you please suggest how to tackle the below scenrio 1)How we can provide a proper error message as invalid session message and asking them to redirect to applciation login URL just like redirect to the FR login page again. 2)how to configure the SAML error in this scenario.
3)how can we use the IDP adapter for this
@Saichandra I’m sorry, I never modified this function so far. I’ll recommend you to modify the response object to send for instance an HTTP 302 error code with a redirect to a proper error code.