We are using ADFS to authenticate our sharepoint application and now the application get expires base on the TokenLifetime of ADFS. We want to set it as sliding expiration, such that it will not expire the session when a user is working on the page. How to set the sliding expiration for ADFS authentication ?
Add a comment |
2 Answers
ADFS: The TokenLifetime property can be set at the ADFS end using the command upon creation . Below is example is for 2 sec . Set this value to a high number ,so that the session never expires while working on page .
Add-ADFSRelyingPartyTrust -Name "abc" -Identifier "https://abc/_trust/" -WsFedEndpoint "https://abc/_trust/" -TokenLifetime 2 -SignatureAlgorithm http://www.w3.org/2000/09/xmldsig#rsa-sha1 STS: The STS config maintains the value of LogonTokenCacheExpirationWindow by default is 10min . $sts.LogonTokenCacheExpirationWindow
WindowsTokenLifetime - LogonTokenCacheExpirationWindow = Concept of Sliding Session Consider Eg - tokenlifetime(ADFS) = 30 min and logontokenexpirationwindow(EW) = 10 min , (TL)30-(EW)10 = 20 min the session expires . PS http://blogs.msdn.com/b/scicoria/archive/2011/06/10/sharepoint-2010-fba-and-sliding-sessions.aspx
You can read this post. It should point you to the right direction: http://msdn.microsoft.com/en-us/library/hh446526.aspx
