SessionSecurityToken.ValidTo and TokenCacheItem.Expires mismatch
https://stackoverflow.com/questions/21332113
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
We're writing a custom SessionSecurityTokenCache so that our FedAuth cookies are valid across a webfarm with IsReferenceMode = true. We are also trying to enable sliding sessions, but it opens up a few questions around token expiration:
- In Global.asax, we are handling the SessionAuthenticationModule_SessionSecurityTokenReceived event to check the remaining time on the token and reissue it if it is due to expire (within 5 mins, for example). In here, when we check token.ValidTo, it does not equal the expiryTime of the TokenCacheItem that we retrieved from cache. Why? How is TokenCacheItem.Expires supposed to be used?
- In the AddOrUpdate method you're required to override, there's an expiryTime parameter; what is the intended use of this? Also asked here.
No correct solution
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
