How to handle CryptographicException after long inactivity in ASP .NET MVC with Azure AD credentials?

Question

I'm using Azure Active Directory application which contains user data and credentials. I access ASP .NET MVC 5 application with this credentials using Microsoft.Azure.ActiveDirectory.GraphClient library. After long inactivity, about 20 minutes, and clicking some link I got plain Server Runtime Error and cannot refresh page and login again. Only clearing cookies works.

What I tried:

• handle this error with customErrors - doesn't seem to work
• catching it in:

protected void Application_Error(object sender, EventArgs e) { var error = Server.GetLastError(); var cryptoEx = error as CryptographicException; if (cryptoEx != null) { FederatedAuthentication.WSFederationAuthenticationModule.SignOut(); Server.ClearError(); HttpContext.Current.Response.Redirect("~/"); } }

as described here: Federated Authentication on Azure

• problem does not exist while I'm using debugger and local machine, only on production - does it depend on IIS config?
• may I change sessionTimeout of Azure AD cookies not to wait 20 minutes every time?
• should I use 'static' machine key - not generated every time by Azure AD?

Answer 1

I finally made a workaround: instead of handling this nasty exception I'm just keeping the session up with javascript scheduled requests which are invoking controller and setting some Session["Value"]

Answer 2

I also handled this by making sure my pages refresh every 30 minutes.

This can be done in HTML by adding the meta tag

<meta http-equiv="refresh" content="1800">

It can also be done via Javascript

setInterval(function() {
              window.location.reload();
            }, 180000);