Recently, I had to find a way to serialize SAML tokens received by my application so that they could be saved as a session variable and reused. This allowed the application, running behind a load balancer to not use cookies (and security context) or to have to re-request tokens from the STS. It did not appear […]