3553247 - One user cannot log into WorkForce T&A via SSO, logs show "employee not found"

One or more users cannot log in to the system using SSO. When reviewing the server logs, a stack trace like the example below is found.
 

2014-04-08 11:22:07,829 com.workforcesoftware.ClientRequests.JspUtils.WActionBase INFO [http-bio-18306-exec-6] [] 9.4.0.2 Action complete: com.workforcesoftware.ClientRequests.Security.Jsp.LogonAction:login forwarding to /Security/Logon.jsp
2014-04-08 11:22:09,564 com.workforcesoftware.ClientRequests.JspUtils.WActionBase INFO [http-bio-18306-exec-17] [] 9.4.0.2 Action starting: com.workforcesoftware.ClientRequests.Security.Jsp.LogonAction:login, id=FD8E2EB13A103DB1B618E2E047444B4D app_user=null
2014-04-08 11:22:11,243 com.workforcesoftware.Security.auth.Authenticator ERROR [http-bio-18306-exec-17] [] 9.4.0.2 Employee not found for EXTERNAL_ID = <Sample User>
com.workforcesoftware.Exceptions.InternalApplicationException: This user: <Sample User> does not have an app_user record
    at com.workforcesoftware.Security.auth.Authenticator.postAuthenticate(Authenticator.java:445)
    at com.workforcesoftware.Security.auth.Authenticator.evaluateAuthenticationResults(Authenticator.java:420)
    at com.workforcesoftware.Security.auth.Authenticator.authenticateUsingAuthenticationMechanismPolicy(Authenticator.java:275)
    at com.workforcesoftware.Security.auth.Authenticator.authenticate(Authenticator.java:102)
    at com.workforcesoftware.ClientRequests.Security.LoginCommon.login(LoginCommon.java:242)
    at com.workforcesoftware.ClientRequests.Security.LoginCommon.doLogin(LoginCommon.java:139)
    at com.workforcesoftware.ClientRequests.Security.Jsp.LogonAction$LogonActionHandler.performLogin(LogonAction.java:97)
    at com.workforcesoftware.ClientRequests.Security.Jsp.LogonAction$LogonActionHandler.login(LogonAction.java:62)
    at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:597)
    at com.workforcesoftware.Jsp.Util.ActionHandler.doAction(ActionHandler.java:204)
    at com.workforcesoftware.ClientRequests.Security.Jsp.LogonActionBase.executeActionHandler(LogonActionBase.java:185)
    at com.workforcesoftware.ClientRequests.Security.Jsp.LogonActionBase.doAction(LogonActionBase.java:78)
    at com.workforcesoftware.ClientRequests.JspUtils.WActionBase.performNoSynchronize(WActionBase.java:612)
    at com.workforcesoftware.ClientRequests.JspUtils.WActionBase.handleNormalRequest(WActionBase.java:476)
    at com.workforcesoftware.ClientRequests.JspUtils.WActionBase.handleRequest(WActionBase.java:208)
    at com.workforcesoftware.ClientRequests.JspUtils.WActionBase.perform(WActionBase.java:144)
    at org.apache.struts.action.Action.execute(Action.java:420)
    at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
    at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
    at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
    at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:728)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at com.ezest.util.TargetToSystemFeatureFilter.doFilter(TargetToSystemFeatureFilter.java:108)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at com.workforcesoftware.ClientRequests.WFServletFilter$1.execute(WFServletFilter.java:59)
    at com.workforcesoftware.runtime.ResourceTracker.executeThenRelease(ResourceTracker.java:195)
    at com.workforcesoftware.runtime.ResourceTracker.executeOperationAndReleaseResources(ResourceTracker.java:112)
    at com.workforcesoftware.ClientRequests.WFServletFilter.doFilter(WFServletFilter.java:50)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at com.workforcesoftware.Security.CsrfTokenFilter.doFilter(CsrfTokenFilter.java:99)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408)
    at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1009)
    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)
    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)
    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)
    at java.lang.Thread.run(Thread.java:662)

SAP WorkForce Software Time and Attendance  (any version)customers using SSO 

Match Table, APP_USER , IDP, User Match Field , Employee , KBA , XX-PART-WFR-TAM , SAP Time and Attendance Management by Workforce Software , Problem