When using sliding sessions in WIF with the session authentication module (SAM) and Thinktecture IdentityModel as described in brockallen's blog. The session security token issued and written to the cookie has it's "valid to" extended as required and the cookie is set accordingly.
But, the BootStrapToken serialized to the current claims Identity remains the old one, with the potentially expired token. This causes problems when trying to use the bootstrap context token for different reasons (among them could be Implementing “Poor Man”’s Delegation) .
What is the best way to update the bootstrap token with the new issued token?
The only way to get a fresh "bootstrap" token is to do a roundtrip to the actual issuer.