Possibilities to renew the Portal SSO ticket or modify the expiry time

Hi Everyone

We are having a problem with the portal SSO tickets expiring after a set period, currently this is set to 8 hours.

One of the scenarios where we are experiencing an issue is where the users logon with their X.509 certs via a CA siteminder server which is federated with the portal using SAML authentication.

Once the users are authenticated on the portal, depending on the url, they can then be redirected to the CRM servers interaction centre. The users logon to CRM using the portal SSO ticket and all subsequent activity in CRM is performed directly with CRM bi-passing the portal server

The issue we have is that many users work in CRM for longer than 8 hours by which time the portal SSO ticket is invalid. This then causes problems for the user at the end of the day when they are refused access to CRM incuring a loss of data at critical moments.

My question is

Is there a way to dynamically update the users SSO cookie with a new time stamp or create a new cookie (without logging in again 😊 ) so the users don't experience authentication issues towards CRM after the 8 hours.

Please don't suggest increasing the SSO lifetime, idealy due to security reasons we would like to reduce the lifetime of the SSO ticket.

All wild and crazy ideas accepted.

Regards

Colin