Switching to WIF SessionMode in ASP.NET

Posted by Your DisplayName here! on Least Privilege See other posts from Least Privilege or by Your DisplayName here!
Published on Wed, 02 Nov 2011 15:55:40 GMT Indexed on 2011/11/11 18:24 UTC
Read the original article Hit count: 245

Filed under:

IdentityModel

To make it short: to switch to SessionMode (cache to server) in ASP.NET, you need to handle an event and set a property. Sounds easy – but you need to set it in the right place.

The most popular blog post about this topic is from Vittorio. He advises to set IsSessionMode in WSFederationAuthenticationModule_SessionSecurityTokenCreated.

Now there were some open questions on forum, like this one. So I decided to try it myself – and indeed it didn’t work for me as well. So I digged a little deeper, and after some trial and error I found the right place (in global.asax):

void WSFederationAuthenticationModule_SecurityTokenValidated(

object sender, SecurityTokenValidatedEventArgs e)

{

    FederatedAuthentication.SessionAuthenticationModule.IsSessionMode
= true; 


}

Not sure if anything has changed since Vittorio’s post – but this worked for me.

While playing around, I also wrote a little diagnostics tool that allows you to look into the session cookie (for educational purposes). Will post that soon.

HTH

Related posts about IdentityModel

Identity Claims Encoding for SharePoint

as seen on Geeks with Blogs - Search for 'Geeks with Blogs'
Just to remind myself, the list of claim types and their encodings are listed here at the bottom. http://msdn.microsoft.com/en-us/library/gg481769.aspx Where for example: i:0#.w|contoso\scicoria ‘i’ = identity, could be ‘c’ for others # == SPClaimTypes.UserLogonName . == Microsoft.IdentityModel… >>> More
Thinktecture.IdentityModel: WIF Support for WCF REST Services and OData

as seen on Least Privilege - Search for 'Least Privilege'
The latest drop of Thinktecture.IdentityModel includes plumbing and support for WIF, claims and tokens for WCF REST services and Data Services (aka OData). Cibrax has an alternative implementation that uses the WCF Rest Starter Kit. His recent post reminded me that I should finally “document” that… >>> More
Thinktecture.IdentityModel: Comparing Strings without leaking Timinig Information

as seen on Least Privilege - Search for 'Least Privilege'
Paul Hill commented on a recent post where I was comparing HMACSHA256 signatures. In a nutshell his complaint was that I am leaking timing information while doing so – or in other words, my code returned faster with wrong (or partially wrong) signatures than with the correct signature. This can… >>> More
Thinktecture.IdentityModel: WRAP and SWT Support

as seen on Least Privilege - Search for 'Least Privilege'
The latest drop of Thinktecture.IdentityModel contains some helpers for the Web Resource Authorization Protocol (WRAP) and Simple Web Tokens (SWT). WRAP The WrapClient class is a helper to request SWT tokens via WRAP. It supports issuer/key, SWT and SAML input credentials, e.g.: var… >>> More
Azure - Microsoft.IdentityModel not found

as seen on Stack Overflow - Search for 'Stack Overflow'
Hi There, I'm working with a WCF service in Azure, which uses Windows Live ID authentication with the recent deviceid requirements. When I host my WCF service locally in the compute emulator, it works properly, but when I deploy the cloud service to Azure and call it the same way (from another project… >>> More

Developer IT