stackoom
  简体   繁体   中英

User logged in using ADFS auth is getting redirected to ADFS server after 30 minutes of idle time

 原文  2017-05-15 22:52:09       c#/ asp.net-mvc/ asp.net-mvc-4/ asp.net-web-api/ adfs

Question

Web application is using ADFS for authentication.After the successfull login of the application , I kept the application idle for about 30 minutes. Now when the user tries to go to a page , the application redirects to the ADFS portal and gets authenticated. I have set the persistenSessionLifeTime for 60 days.I could see the expiration time of FedAuth Tokens correctly in the chrome developer tools. Please find the configuration below. Why is it going after every 30 minutes ? I know some the Token issued by ADFS is getting expired. Could you please help me to solve this. 

    <system.identityModel>
    <identityConfiguration saveBootstrapContext="true">
      <claimsAuthenticationManager type="TruckDataWebAPI.Controllers.AuthenticationManager,TruckDataWebAPI" />
      <audienceUris>
        <add value="xxxxxxxxxxxxxxxx" />
      </audienceUris>
      <issuerNameRegistry type="System.IdentityModel.Tokens.ConfigurationBasedIssuerNameRegistry, System.IdentityModel, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089">
        <trustedIssuers>
          <add thumbprint="xxxxxxxxxxxxxxxxx" name="xxxxxxxxxxxxxxxxxxx" />
          <add thumbprint="xxxxxxxxxxxxxxxxxx" name="xxxxxxxxxxxxxxxxxxxxx"/>
        </trustedIssuers>
      </issuerNameRegistry>
    </identityConfiguration>
  </system.identityModel>
  <system.identityModel.services>
    <federationConfiguration>
      <wsFederation  passiveRedirectEnabled="false" issuer="xxxxxxxxxxxxxxxxx" persistentCookiesOnPassiveRedirects="true" realm="xxxxxxxxxxxxxxxx" reply="xxxxxxxxxxxxxxx" requireHttps="true"  />
      <cookieHandler  mode="Default" requireSsl="true" persistentSessionLifetime="60.0:0:0" />
    </federationConfiguration>
  </system.identityModel.services>

1 answers

solution1
 0 ACCPTED  2017-05-16 19:10:50

There are two tokens; the ADFS one and the RP (application) one.

You need to set both.

Also, ensure the ADFS value is smaller so that when the RP token times out, the ADFS will also so user will be asked to authenticate again.

Good overview here .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question C# ADFS SAML token with Windows Auth / Current logged in user CORS error on ajax getting redirected to ADFS STS server ADFS get all roles for a Logged in user Claim auth from ADFS Error getting security token from adfs server Login as different user using ADFS Authentication Using WIF & ADFS to retrieve claims about a user Losing USER information in ELMAH when using ADFS Active auth scenario. How to issue token on home/resource ADFS using token from partner/users ADFS C# web service - static member variable is becoming empty after 30 minutes of idle time
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM