I'm looking for some input on how to extend the ADFS session timeout in certain scenarios. Here's the scenario...
ADFS SSO timeout is set for 1 hour.
1. User is authenticates via ADFS and is logged into Application A
2. User is actively using Application A for 2 hours.
3. User accesses Application B and must now re-authenticate since the ADFS timeout has expired. Ideally, we would like the user to be SSOd into Application B.
Does anyone have a good solution to this problem to extend the ADFS session when a user is actively working with an application? Possibly have the application notify ADFS to extend the session. Maybe there is something in WS-Fed or SAML that could do this??? I know it's cookie based so the first thing that popped into my head was a hidden iframe but that feels hacky. I'm looking for a more standards based solution. If the answer is "No" because of security reasons that is acceptable.