Pro-Tip: Setting FBA Timeout When Using Claims Based Auth in SP2010

12 November 2012

If you're using claims based authentication in SharePoint 2010 and wondering why your Forms Based Authentication claims aren't reading your web.config timeout="x" values, it turns out that this is because they're managed on a different level by the Secure Token Service.

The default timeout seems to be 10 hours (which seems a little excessive for most purposes) but you can change this easily via the SharePoint Powershell console:

$sts = Get-SPSecurityTokenServiceConfig
$sts.WindowsTokenLifetime = (New-TimeSpan -Minutes 20)
$sts.FormsTokenLifetime = (New-TimeSpan -Minutes 20)
$sts.Update()
iisreset

This works for both SharePoint Foundation and full SharePoint Server 2010 - thanks to this forum post for the information!

Tags: claims based authentication, FBA, Powershell, secure token service, SharePoint 2010

Add a Comment

No Comments