Does the Web Application Proxy or AD FS have any separate controls for adjusting token lifetimes to a different value via WAP than directly at AD FS? I can see there's asession cookie for EdgeAccessCookie that WAP issues but this seems to be entirely undocumented at present. I've poked around inC:\Windows\ADFS\Config\microsoft.identityServer.proxyservice.exe.config (also undocumented as far as I can tell) but I'm not finding anything there either. We used to have some of these controls (sort of) with TMG/UAG. Are they totally gone now? With the AD FS Proxy this was less of an issue because it was only publishing AD FS but this is something that I'd hope to be able to control with a Reverse Proxy. Any ideas?
http://twitter.com/tristanwatkins http://tristanwatkins.com