public SAMLSSOReqValidationResponseDTO validateRequest(String authReq, String sessionId,
String rpSessionId, String authnMode) throws IdentityException {
XMLObject request = SAMLSSOUtil.unmarshall(SAMLSSOUtil.decode(authReq));
if (request instanceof AuthnRequest) {
AuthnRequestValidator authnRequestValidator = new AuthnRequestValidator((AuthnRequest)request);
SAMLSSOReqValidationResponseDTO validationResp = authnRequestValidator.validate();
validationResp.setAssertionString(authReq);
if (validationResp.isValid()) {
SSOSessionPersistenceManager sessionPersistenceManager = SSOSessionPersistenceManager.getPersistenceManager();
boolean isExistingSession = sessionPersistenceManager.isExistingSession(sessionId);
if(authnMode.equals(SAMLSSOConstants.AuthnModes.OPENID) && !isExistingSession){