How to best handle situation where broker session has expired on server

[gurubobnz]

Hello,

I have noticed that if the broker doesn't interact with the server for some time the sessions there expire and are no longer valid. I then get the error "Invalid or expired bearer token". During this time the client still has sso_verify_myappname but not a sso_token_myappname cookie. Is this normal or have I broken something?

Assuming it is normal, the check to detect whether the broker is attached still returns true, which simply means that subsequent request calls to the broker all come back with the "Invalid or expired bearer token" message.

In this situation what is the best way to resolve this? If I remove the sso_verify_myappname cookie then the broker revalidates with the server and everything is good.

Thanks.

[gurubobnz]

It looks like the token cookie is valid for one hour from issue, and the verify cookie is valid for one day fro issue. I'll be looking into the renewal mechanism tomorrow so hopefully will have some news.