When trying to configure SLO for a Federation Partnership which works properly. The SLO has been configured as per the documentation (1)(2)(3)(4), and the following errors show up:
-- FWSTrace.log:
[06/15/2017][09:32:42][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Calling authorizeEx to invoke SAML2 assertion generator.]
[06/15/2017][09:32:42][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Request to policy server for generating saml2 assertion/artifact based on selected profile. [CHECKPOINT = SSOSAML2_GENERATEASSERTIONORARTIFACT_REQ]]
[06/15/2017][09:32:42][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Transient IP check: false]
[06/15/2017][09:32:45][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Result of authorizeEx call is: 1.]
[06/15/2017][09:32:45][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Received the assertion/artifact response based on profile selected. [CHECKPOINT = SSOSAML2_RECEIVEDASSERTION_RSP]]
[06/15/2017][09:32:45][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Not enforcing ForceAuthnTimeouts.]
[06/15/2017][09:32:45][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Received the following response from SAML2 assertion generator: SAML2Response=NO.]
[06/15/2017][09:32:45][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Transaction with ID: 4b16d281-58910273-7ab61828-d829e82a-461ba673-ac failed. Reason: FAILED_INVALID_RESPONSE_RETURNED]
[06/15/2017][09:32:45][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][SSO.java][processAssertionGeneration][Denying request due to "NO" returned from SAML2 assertion generator.]
[06/15/2017][09:32:45][2016][4212][4b16d281-58910273-7ab61828-d829e82a-461ba673-ac][ErrorRedirectionHandler.java][redirectToErrorPage][Sending HTTP Error 500 ]
-- Affwebservices.log:
[2016/4212][Thu Jun 15 2017 09:32:45][SSO.java][ERROR][sm-FedClient-02890] sm-FedClient-02890 (4b16d281-58910273-7ab61828-d829e82a-461ba673-ac, FAILED_INVALID_RESPONSE_RETURNED, , , )
Policy Server R12.52 SP1
SLO requires Session Store and persistent realm.
Enabling the persistent flag in the realm where configuring SLO solves this issue.