WIF Security Token Caching

Question

I have a site that is a relying party to our WIF-based custom STS. We recently implemented a Security Token Cache as described here: Azure/web-farm ready SecurityTokenCache

Answer 1

We see this exact error if you browse to a freshly started application, while your browser still holds a cookie from an earlier session. Since these cookies are session cookies, the fix is to close all browser windows and browse again to the application.

Our application is a 'normal' web application redirecting to AD FS using WIF without any special security token cache things, as far as I know. However, we do use 'session mode' for WIF cookies (see for example "Your FedAuth Cookies on a Diet: IsSessionMode=true"), which makes the WIF cookies a lot smaller.