I have the follow situation: TokenLifetime on ADFS STS for SharePoint setted for 10 hours and the LogonTokenCacheExpirationWindow on SharePoint setted to 1 minute.
But I see from time to time that after 2 hour user may be redirected to ADFS STS. We have NLB on our solution, may be SPTokenCache not adopted to work with NLB? The Affinity on the NLB Servers is set with single. We have users
randomly be redirected back to a login page. We make use of Persistent cookies.
- Sometimes the users end up in an authentication loop that causes ADFS to halt the request because of a perceived denial of service (DOS) attack, as the note states.
- If i look at a trace of the activity, i see SharePoint setting the fedauth cookie has an expired value, and start making the requests again to ADFS, which then, for reasons which are still unclear to me, either won’t issue you a non-expired cookie, or SharePoint looks at and transforms it to an expired cookie. That’s what kicks off that DOS cycle I described above.
I don't get it because i USE SINGLE AFFINITY WITH WINDOWS LOAD BALANCER! Please help :(
jtjscholten
![Alice In Chains – Sap – EP [iTunes Plus M4A]](http://is1-ssl.mzstatic.com/image/thumb/Music/47/35/c7/mzi.ljwsgbez.jpg/592x592bb.webp)
![Chad Lawson – Awakening: The Stillness Within (2026) [FLAC 24bit/48kHz]](http://imghd.xyz/images/2026/05/09/x5d03jw9bi367_600.jpg)
