locked
renewing an expired token? RRS feed

  • Question

  • I have an upcoming scenario where a SAML token will be acquired then the thread sleeps for a while then wakes back up after a variable amount of time.  Upon wake up, the SAML token may be expired and thus need to be renewed before calling out into any subsequent services.  Is there a good way in W.I.F. to handle this scenario?  Can I use an expired token as a credential to obtain a new token?

     

    thanks

     

    Thursday, June 10, 2010 4:33 PM

Answers

  • That's what (in theory) the "Renew" operation in WS-Trust is for. You can implement that by overriding the Renew method on SecurityTokenService. In practice Renew is rarely used or implemented. WIF gives you only the entry point - the rest is up to you. Token services like ADFS e.g. don't support it. In most cases calling Issue again instead of Renew has the same effect.
    Dominick Baier | thinktecture | http://www.leastprivilege.com
    • Marked as answer by scott_m Friday, June 11, 2010 1:15 PM
    • Marked as answer by scott_m Saturday, June 12, 2010 1:52 AM
    Friday, June 11, 2010 6:53 AM