Issue:
When IDP and SP system time is not in sync you might see "Authentication request is expired" error message in OIF log messages. And you can notice "RequestDenied" status SAML message.
Error Message:
[2017-08-23T10:05:11.877-04:00] [oam_server1] [ERROR] [FED-15063] [oracle.security.fed.eventhandler.fed.profiles.utils.CheckUtils] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 8eeddbe1def2bc04:-43c8fb68:15df144d399:-8000-000000000106474c,0] [APP: oam_server#11.1.2.0.0] Authentication request is expired.
Cause:
When Identity Provider (OIF) and Service Provider servers system time is not in sync above error message appears.
Resolution:
Make sure both Service Provider and Identity Provider machines system time is in sync.
Thanks
Siva Pokuri.