Quantcast
Channel: Claims based access platform (CBA), code-named Geneva forum
Viewing all articles
Browse latest Browse all 2535

Token time-out through a federation chain.

$
0
0

I have a RP connected to ADFS and then the ADFS uses federation to go through a chain of R-STS to the IDP.

Just wondering what the rules around token time-out are?

If the RP token times out it will go back to ADFS for a new token. If the ADFS token time-out is less than the RP token time-out, then does ADFS pass this to the preceding one in the chain and that checks its token time-out and (if timed out) pass back upstream potentially all the way to the IDP?

If one of the upstream R-STS had not timed out, would it simply re-mint the token at that level? I assume that it would need to store the token information that it received from its upstream partner in order to do this? perhaps in a cookie? Problem is I can't see any sign of these?

WS-Fed is used all the way up.

I can't find any articles that define the correct behaviour hence the question.



Viewing all articles
Browse latest Browse all 2535

Latest Images

Trending Articles



Latest Images

<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>