Connection between SAML Security Token / Generic XML Security Token and Session Security Token RRS feed

  • Question

  • When we authenticate a user in FBA and generate a token, using SPSecurityContext.SecurityTokenForFormsAuthentication, it returns a SecurityToken which is of type GenericXmlSecurityToken (or SAML Security Token?). During Sliding Sessions, in some HTTP module, it keeps checking for the expiration window and accordingly generates a SessionSecurityToken. How is this token related to SecurityToken mentioned above? If there is no connection between the two, how can we get the actual (total) lifetime of the original token, since the SessionSecurityToken only maintains a different validity from the SecurityToken, which was generated at the time of user authentication.

    Is it possible to generate SessionSecurityToken from SAML Security Token and vice versa?

    Please help.


    • Edited by Venh Monday, October 5, 2015 4:21 AM
    Tuesday, September 29, 2015 7:30 AM