The lifespan of SharePoint WS Federation generated persistent cookie FedAuth is based on the value of the WS Federation Assertion Validity Time.
You must configure this validity time to match the sum of the following values:
Contract timeout specified in the contract configured for the SharePoint protected resource
SharePoint STS LogonTokenCacheExpirationWindow
For example, if the contract timeout is 60 minutes and SharePoint STS LogonTokenCacheExpirationWindow is 10 minutes, then set the WS Federation Assertion Validity Time to 70 minutes that is 4200 seconds.
To get the value of SharePoint STS LogonTokenCacheExpirationWindow, open SharePoint Management Shell and run the Get-SPSecurityTokenServiceConfig command.
To set the assertion validity for WS Federation, perform the following steps:
Go to Devices > Identity Servers > Edit > Options, and click New.
Configure the following property:
Property Type: WSFED ASSERTION VALIDITY
Property Value: Specify the assertion validity time in second.
Restart Tomcat by using the following command:
/etc/init.d/novell-idp restart
For the Docker deployment, perform the following steps:
Run the kubectl get pods command to view the Access Manager pods.
Go to the Identity Server pod by running the kubectl exec --namespace <name-of-the-namespace> -it pod/<name-of-the-identity-server-pod> -- sh command.
Run the /etc/init.d/novell-idp restart or systemctl restart novell-idp.service command.