How to set the timeout properly when federating with the ADFS 2.0

Question

I am using ADFS 2.0 for quite some time and I understand how things work. I\'ve done dozen of custom RPs, custom STSes as well as using the ADFS as the relying STS.

Answer 1

As per comments above (joint effort with the OP) the Freshness property on the FederatedPassiveSignIn instance should be set to 0.

According to http://docs.oasis-open.org/wsfed/federation/v1.2/ws-federation.html this indicates for the IP/STS to re-prompt the user for authentication before it issues the token.