When trying to configure SLO for a Federation Partnership which works properly. The SLO has been configured as per the documentation (1)(2)(3)(4), and the following errors show up:
-- FWSTrace.log:
[06/15/2017][09:32:42][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Calling authorizeEx to invoke SAML2 assertion generator.]
[06/15/2017][09:32:42][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Request to policy server for generating saml2 assertion/artifact based on selected profile. [CHECKPOINT = SSOSAML2_GENERATEASSERTIONORARTIFACT_REQ]]
[06/15/2017][09:32:42][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Transient IP check: false]
[06/15/2017][09:32:45][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Result of authorizeEx call is: 1.]
[06/15/2017][09:32:45][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Received the assertion/artifact response based on profile selected. [CHECKPOINT = SSOSAML2_RECEIVEDASSERTION_RSP]]
[06/15/2017][09:32:45][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Not enforcing ForceAuthnTimeouts.]
[06/15/2017][09:32:45][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Received the following response from SAML2 assertion generator: SAML2Response=NO.]
[06/15/2017][09:32:45][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Transaction with ID: <Transaction ID> failed. Reason: FAILED_INVALID_RESPONSE_RETURNED]
[06/15/2017][09:32:45][2016][4212][<Transaction ID>][SSO.java][processAssertionGeneration][Denying request due to "NO" returned from SAML2 assertion generator.]
[06/15/2017][09:32:45][2016][4212][<Transaction ID>][ErrorRedirectionHandler.java][redirectToErrorPage][Sending HTTP Error 500 ]
-- Affwebservices.log:
[2016/4212][Thu Jun 15 2017 09:32:45][SSO.java][ERROR][sm-FedClient-02890] sm-FedClient-02890 (<Transaction ID>, FAILED_INVALID_RESPONSE_RETURNED, , , )
Policy Server R12.52 SP1
SLO requires Session Store and persistent realm.
Enabling the persistent flag in the realm where configuring SLO solves this issue.